trace http session

Question

In a developement environement (where often the browser and the http server are on the same machine) i want to study the exact detail of authentication schemas. So i need to trace down every http request/response.

I've tried WireShark, that is very promising. But actually on windows machines there is a problem in sniffing the traffic on loopback interface.
Then i've tried a browser plugin, HttpFox 0.8.10 of Firefox 12. It is good in showing requests and responses, but in the specific case of authentication, it doesn't correctly show the "double hop" authentication, it "collapses" the first request (the Unauthorized status code) with the next, successful one.
Then i've tried to work with the logs of httpd, that is my actual server, but it is required a not trivial effort to create a log that contains all the request such as headers (the authorization header).So it doesn't seem a good "debug" technique.

Are there other possibilities?

@nhahtdh, it's very nice, but debugs HTML, not http session. or am i missing something? — AgostinoX, May 27 '12 at 15:53
You can enable Net tab to see traffic in and out. Turn on Persist if you want to keep the log across navigation. — nhahtdh, May 27 '12 at 16:07

score 0 · Accepted Answer · edited May 23 '17 at 12:11

0

Go with Wireshark. The answer to this question will address the loopback issue. Wireshark is the best because it really understands the formatting of everything related to HTTP (so long as you are not using HTTPS).

edited May 23 '17 at 12:11

Community

1
1

answered May 27 '12 at 16:03

Francis Upton IV

19,322
3
53
57

trace http session

1 Answers1