Jump to: navigation, search

UI-based ZAProxy

Important
The ZAProxy requires JDK 1.7 or higher. If there are several Java installations and the system-wide Java is not Java 7+, you should explicitly specify the path to the required Java installation in the zap.bat (Windows) or zap.sh (Linux) file.

Start/Stop the Proxy

Start the Proxy

Navigate to your Co-browse Server installation directory and launch tools\zapproxy\zap.bat (on Windows) or tools\zapproxy\zap.sh (on Linux). The proxy starts and opens the UI, which you can use to configure proxy settings, update the instrumentation script, and test the security of your site.

GCB-StartProxy.png

Stop the Proxy

To stop the ZAProxy, simply close the UI window.

Configure ZAProxy Host and Port

Start

  1. Open Tools > Options > Local proxy.
    GCB-LocalProxy.png
  2. In the Local proxy panel, specify the host and port of this proxy. Do not use "localhost" or "127.0.0.1" for the host name.
  3. Note the values of the host and port — you will use these to Set up your Web Browser.
  4. If you changed the settings, restart the proxy.

End

Update the Instrumentation Script

ZAProxy includes the default Co-browse instrumentation script, which you can view by completing the steps below.

Start

  1. Open Tools > Filter.
  2. In the dialog that opens, click the small oval with the ellipses (...), located near the checked box for the "Replace HTTP response body..." item.
    GCB-ClickOval.png
  3. In the dialog that opens, select the line and click Edit.
    GCB-ClickEdit.png


    The Edit pattern dialog opens.
    GCB-EditPattern.png
  4. To save the changes, click OK on the current dialog and on the two parent dialogs.

End

Configure the URL Filter

To configure URLs that the proxy should ignore, use one of the following ways:

  • Select File > Session Properties. In the Session Properties dialog, select Exclude from proxy, double-click URL regexs and add your URL. Click OK.

    GCB-URLFilter1.png
  • In the Sites tab, right-click a site and select Exclude from > Proxy.

    GCB-URLFilter2.png

If you want the proxy to remember the excluded URLs beyond the current session, select File > Persist session... and select a file to save your session.

Set up your Web Browser

To use the proxy you need to set up your Web Browser. See ZAProxy#Set_up_your_Web_Browser

Resolving the protocol_version error

After configuring the proxy in your browser, you may encounter the following error on some HTTPS sites:

ZAP Error [javax.net.ssl.SSLException]: Received fatal alert: protocol_version

This error happens when a site only supports older versions of the TLS protocol. To fix this error:

  1. Open Tools > Options > Connection.
  2. Un-check all checkboxes except for TLS 1 in the Security Protocols section.
    GCB ZAP single tls protocol config.png
  3. Click OK and reload the web page.
Important
If you encounter this error on a site you want to instrument with Co-browse, update the corresponding clientTlsProtocols option to TLSv1

Feedback

Comment on this article:

blog comments powered by Disqus
This page was last modified on March 2, 2018, at 09:55.