Start/Stop the Proxy
Start the Proxy
Navigate to your Co-browse Server installation directory and launch tools\zapproxy\zap.bat (on Windows) or tools\zapproxy\zap.sh (on Linux). The proxy starts and opens the UI, which you can use to configure proxy settings, update the instrumentation script, and test the security of your site.
Stop the Proxy
To stop the ZAProxy, simply close the UI window.
Configure ZAProxy Host and Port
- Open Tools > Options > Local proxy.
- In the Local proxy panel, specify the host and port of this proxy. Do not use "localhost" or "127.0.0.1" for the host name.
- Note the values of the host and port — you will use these to Set up your Web Browser.
- If you changed the settings, restart the proxy.
Update the Instrumentation Script
ZAProxy includes the default Co-browse instrumentation script, which you can view by completing the steps below.
- Open Tools > Filter.
- In the dialog that opens, click the small oval with the ellipses (...), located near the checked box for the "Replace HTTP response body..." item.
- In the dialog that opens, select the line and click Edit.
The Edit pattern dialog opens.
- To save the changes, click OK on the current dialog and on the two parent dialogs.
Configure the URL Filter
To configure URLs that the proxy should ignore, use one of the following ways:
- Select File > Session Properties. In the Session Properties dialog, select Exclude from proxy, double-click URL regexs and add your URL. Click OK.
- In the Sites tab, right-click a site and select Exclude from > Proxy.
If you want the proxy to remember the excluded URLs beyond the current session, select File > Persist session... and select a file to save your session.
Set up your Web Browser
To use the proxy you need to set up your Web Browser. See ZAProxy#Set_up_your_Web_Browser
Resolving the protocol_version error
After configuring the proxy in your browser, you may encounter the following error on some HTTPS sites:
ZAP Error [javax.net.ssl.SSLException]: Received fatal alert: protocol_version
This error happens when a site only supports older versions of the TLS protocol. To fix this error:
- Open Tools > Options > Connection.
- Un-check all checkboxes except for TLS 1 in the Security Protocols section.
- Click OK and reload the web page.