Jump to: navigation, search

UI-less ZAProxy

Important
The ZAProxy requires JDK 1.7 or higher. If there are several Java installations and the system-wide Java is not Java 7+, you should explicitly specify the path to the required Java installation in the zap.bat (Windows) or zap.sh (Linux) file.

Start/Stop the Proxy

Start the Proxy

Navigate to your Co-browse Server installation directory and launch proxy.bat (on Windows) or proxy.sh (on Linux). The proxy starts in UI-less mode.

Stop the Proxy

To stop the ZAProxy, press CTRL+C.

Configure ZAProxy Host and Port

The proxy.bat/proxy.sh file starts the proxy using the default host name and port 15001. If the UI-based ZAP was never started on the host, the default host name is localhost. Otherwise, modify the host name and port using the ZAProxy UI.

If it is necessary to change the host name or port number the proxy uses to start, you must updated the proxy.bat/proxy.sh file correspondingly:

Examples:

  • zap.bat -daemon -host myfavoritehost.mydomain.com -port 15001
  • zap.bat -daemon -host 192.167.90.10 -port 15001

Update the Instrumentation Script

If your ZAProxy is running in UI-less mode, you can update the instrumentation snippet in the configuration file used by the plug-in to inject the web pages.

Start

  1. Open the file FilterMultiReplaceResponseBody.xml located in the <Co-browse Server installation>/tools/proxy/plugin folder.
  2. Update the instrumentation script.
  3. Save and close.
  4. Restart the Proxy.

End

Set up your Web Browser

To use the proxy you need to set up your Web Browser. See Set up your Web Browser

Resolving the protocol_version error

After configuring the proxy in your browser, you may encounter the following error on some HTTPS sites:

ZAP Error [javax.net.ssl.SSLException]: Received fatal alert: protocol_version

This error happens when a site only supports older versions of the TLS protocol. To fix this error you must override some of the default ZAP configuration by updating your proxy.bat/proxy.sh file:

zap.bat -daemon -port 15001 -config connection.securityProtocolsEnabled.protocol=TLSv1
Important
If you encounter this error on a site you want to instrument with Co-browse, update the corresponding clientTlsProtocols option to TLSv1

Feedback

Comment on this article:

blog comments powered by Disqus
This page was last modified on 2 March 2018, at 10:55.