[Project_owners] capturing HTTP traffic

Jan Wrobel wrobel at blues.ath.cx
Sat Jun 17 23:40:16 EDT 2006


Hi,

I am new here, so I want to say hello to all of you.
I am working on Firekeeper - a new Firefox extension which goal is to
detect some well known browser-based attacks. More informations about 
this project is here: http://blues.ath.cx/firekeeper

I am looking now for a good way to capture HTTP traffic in Firefox. 
Here's what I managed to do so far:

I created a code that replaces Mozilla HTTP protocol handler with my
version of it. It is available here:
http://blues.ath.cx/firekeeper/resources/http_tracer.html
This new version passes all calls to the original handler but first,
it is able to examine these calls. In this way it traces creation of
HTTP channel and finally it captures data transfered through this
channel. This solution has following drawbacks:

1) I had to implement every call that HTTP protocol handler and HTTP
channel implements. Implementation of most calls is just a single line
that passes call to the original handler. Besides being long and ugly,
there can also be problems with portability of this solution between
different versions of Firefox. I had to implement some unfrozen
interfaces that may change in a future.

2) This solution does not work with sites that are using Java Script
XMLHttpRequest object to send requests to a server. I think that this
problem is caused by some security policy that allows Java Script from
a site to access original HTTP protocol handler but there is no policy
that allows access to my version of it. Is there any way around it?

I asked for help on mozilla.dev.tech.network but without any answer,
but maybe someone of you knows a better solution?

Cheers,
Jan Wrobel




More information about the Project_owners mailing list