[GH-ISSUE #1861] Capability to switch off ssl proxying of device requests #1855

Closed
opened 2026-03-03 19:54:58 +03:00 by kerem · 2 comments
Owner

Originally created by @novitae on GitHub (Nov 29, 2023).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1861

Description

Right now, the proxy works by reading the requests of external devices that gets connected to the proxy via the IP and the Proxyman's port of the Mac, and it also captures every requests the Mac itself does.

Why this feature/change is important?

However, capturing every requests of the Mac is sometimes (a lot of the time for me) very annoying, mainly because it slows down the proxy, and you can't turn off ssl proxying on the Mac itself. So if you want to decrypt every requests of your phone and you do * in ssl proxying list, your phone's traffic gets decrypted, and your Mac also does. And when you are doing heavy R&D, need to load a lot of pages in safari, and do whatever other things, the requests are accumulating very very very fast. I don't want to have to switch Safari or whatever app to the ssl proxying exclude list each time I need or don't need it, it would be a huge waste of time.

So I think the best would be to display the local Mac as a device, as a phone gets displayed "192.168.1.xx", and be able to turn off ssl proxying for certain device. I think there are other solutions that would do the job, but this is the one that came to my mind. The goal would not be to implement this or that solution, but to be able to use Proxyman as a proxy that is able to not record all of the mac's traffic automatically.

I switched to burp pro, which is way more expensive, because of this. I think Proxyman is one of the only proxy that does that, I don't really understand why ... I now use Proxyman only for easy tasks now because its UI is way more intuitive and pleasant to use than burp. I think implementing this "simple" thing would be a major strength.

Originally created by @novitae on GitHub (Nov 29, 2023). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1861 ## Description Right now, the proxy works by reading the requests of external devices that gets connected to the proxy via the IP and the Proxyman's port of the Mac, and it also captures every requests the Mac itself does. ## Why this feature/change is important? However, capturing every requests of the Mac is sometimes (a lot of the time for me) very annoying, mainly because it slows down the proxy, and you can't turn off ssl proxying on the Mac itself. So if you want to decrypt every requests of your phone and you do `*` in ssl proxying list, your phone's traffic gets decrypted, and your Mac also does. And when you are doing heavy R&D, need to load a lot of pages in safari, and do whatever other things, the requests are accumulating very very very fast. I don't want to have to switch Safari or whatever app to the ssl proxying exclude list each time I need or don't need it, it would be a huge waste of time. So I think the best would be to display the local Mac as a device, as a phone gets displayed "192.168.1.xx", and be able to turn off ssl proxying for certain device. I think there are other solutions that would do the job, but this is the one that came to my mind. The goal would not be to implement this or that solution, but to be able to use Proxyman as a proxy that is able to not record all of the mac's traffic automatically. I switched to burp pro, which is way more expensive, because of this. I think Proxyman is one of the only proxy that does that, I don't really understand why ... I now use Proxyman only for easy tasks now because its UI is way more intuitive and pleasant to use than burp. I think implementing this "simple" thing would be a major strength.
kerem 2026-03-03 19:54:58 +03:00
Author
Owner

@NghiaTranUIT commented on GitHub (Nov 30, 2023):

mainly because it slows down the proxy, and you can't turn off ssl proxying on the Mac itself.

You can simply do it by visiting the Tools menu -> Proxy Settings -> Uncheck the Overridden macOS System. -> Proxyman won't capture any traffic from your macOS Device.

So if you want to decrypt every requests of your phone and you do * in ssl proxying list, your phone's traffic gets decrypted, and your Mac also does

I highly recommend not using *, because as you mention it decrypts all HTTPS traffic and can slow your Mac. To fix it, follow my first answer and remove the * and use particular domains.

<!-- gh-comment-id:1832969961 --> @NghiaTranUIT commented on GitHub (Nov 30, 2023): > mainly because it slows down the proxy, and you can't turn off ssl proxying on the Mac itself. You can simply do it by visiting the Tools menu -> Proxy Settings -> Uncheck the Overridden macOS System. -> Proxyman won't capture any traffic from your macOS Device. > So if you want to decrypt every requests of your phone and you do * in ssl proxying list, your phone's traffic gets decrypted, and your Mac also does I highly recommend not using `*`, because as you mention it decrypts all HTTPS traffic and can slow your Mac. To fix it, follow my first answer and remove the `*` and use particular domains.
Author
Owner

@NghiaTranUIT commented on GitHub (Nov 30, 2023):

I read your comment again. Thanks for your feedback 👍

Here is your desire:

  • Want to skip the macOS traffic
  • Use * to decrypt all traffic from your iPhone.

Solution

  1. Tools menu -> Proxy Settings -> Uncheck the Overridden macOS System
  2. (If you'd like to disable it at launch, just go to Setting -> Uncheck the Auto Override the system proxy at launch)
  3. Keep using the * on the SSL Proxying List
  4. Done
<!-- gh-comment-id:1832972717 --> @NghiaTranUIT commented on GitHub (Nov 30, 2023): I read your comment again. Thanks for your feedback 👍 Here is your desire: - Want to skip the macOS traffic - Use `*` to decrypt all traffic from your iPhone. ### Solution 1. Tools menu -> Proxy Settings -> Uncheck the Overridden macOS System 2. (If you'd like to disable it at launch, just go to Setting -> Uncheck the Auto Override the system proxy at launch) 3. Keep using the `*` on the SSL Proxying List 4. Done ✅
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Proxyman#1855
No description provided.