{"id":13582780,"url":"https://github.com/lightbody/browsermob-proxy","last_synced_at":"2025-10-07T01:31:06.978Z","repository":{"id":41322271,"uuid":"2316977","full_name":"lightbody/browsermob-proxy","owner":"lightbody","description":"A free utility to help web developers watch and manipulate network traffic from their AJAX applications.","archived":false,"fork":true,"pushed_at":"2024-05-30T13:46:36.000Z","size":25980,"stargazers_count":2208,"open_issues_count":239,"forks_count":670,"subscribers_count":135,"default_branch":"master","last_synced_at":"2025-09-05T11:57:01.189Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://bmp.lightbody.net","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"webmetrics/browsermob-proxy","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lightbody.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2011-09-02T23:07:54.000Z","updated_at":"2025-08-19T23:31:33.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/lightbody/browsermob-proxy","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/lightbody/browsermob-proxy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lightbody%2Fbrowsermob-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lightbody%2Fbrowsermob-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lightbody%2Fbrowsermob-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lightbody%2Fbrowsermob-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lightbody","download_url":"https://codeload.github.com/lightbody/browsermob-proxy/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lightbody%2Fbrowsermob-proxy/sbom","scorecard":{"id":589111,"data":{"date":"2025-08-11","repo":{"name":"github.com/lightbody/browsermob-proxy","commit":"679d90d3059087d985d62e48124183dd50f2724e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.9,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":1,"reason":"Found 2/14 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":["Info: Possibly incomplete results: error parsing shell code: invalid parameter name: browsermob-dist/src/main/scripts/browsermob-proxy:0"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact browsermob-proxy-2.1.4 not signed: https://api.github.com/repos/lightbody/browsermob-proxy/releases/5015489","Warn: release artifact browsermob-proxy-2.1.3 not signed: https://api.github.com/repos/lightbody/browsermob-proxy/releases/4889173","Warn: release artifact browsermob-proxy-2.1.2 not signed: https://api.github.com/repos/lightbody/browsermob-proxy/releases/3725715","Warn: release artifact browsermob-proxy-2.1.1 not signed: https://api.github.com/repos/lightbody/browsermob-proxy/releases/3329818","Warn: release artifact browsermob-proxy-2.1.0 not signed: https://api.github.com/repos/lightbody/browsermob-proxy/releases/3230533","Warn: release artifact browsermob-proxy-2.1.4 does not have provenance: https://api.github.com/repos/lightbody/browsermob-proxy/releases/5015489","Warn: release artifact browsermob-proxy-2.1.3 does not have provenance: https://api.github.com/repos/lightbody/browsermob-proxy/releases/4889173","Warn: release artifact browsermob-proxy-2.1.2 does not have provenance: https://api.github.com/repos/lightbody/browsermob-proxy/releases/3725715","Warn: release artifact browsermob-proxy-2.1.1 does not have provenance: https://api.github.com/repos/lightbody/browsermob-proxy/releases/3329818","Warn: release artifact browsermob-proxy-2.1.0 does not have provenance: https://api.github.com/repos/lightbody/browsermob-proxy/releases/3230533"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'","Warn: branch protection not enabled for branch '2.0'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 27 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":2,"reason":"8 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-4cx2-fc23-5wg6","Warn: Project is vulnerable to: GHSA-4446-656p-f54g","Warn: Project is vulnerable to: GHSA-6xx3-rg99-gc3p","Warn: Project is vulnerable to: GHSA-72m5-fvvv-55m6","Warn: Project is vulnerable to: GHSA-8xfc-gm6g-vgpv","Warn: Project is vulnerable to: GHSA-hr8g-6v94-x4m9","Warn: Project is vulnerable to: GHSA-v435-xc8x-wvr9","Warn: Project is vulnerable to: GHSA-wjxj-5m7g-mg7q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T21:22:32.928Z","repository_id":41322271,"created_at":"2025-08-20T21:22:32.928Z","updated_at":"2025-08-20T21:22:32.928Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273804368,"owners_count":25171556,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T15:03:01.347Z","updated_at":"2025-10-07T01:31:06.501Z","avatar_url":"https://github.com/lightbody.png","language":"Java","funding_links":[],"categories":["Java","网络编程","Cool x-ray tools to Debug, Test or Investigate software and apps"],"sub_categories":[],"readme":"# BrowserMob Proxy\n\nBrowserMob Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a [HAR file](http://www.softwareishard.com/blog/har-12-spec/).\nBMP works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests.\n\nThe latest version of BrowserMob Proxy is 2.1.5, powered by [LittleProxy](https://github.com/adamfisk/LittleProxy).\n\nIf you're running BrowserMob Proxy within a Java application or Selenium test, get started with [Embedded Mode](#getting-started-embedded-mode). If you want to run BMP from the\ncommand line as a standalone proxy, start with [Standalone](#getting-started-standalone).\n\n### Getting started: Embedded Mode\nTo use BrowserMob Proxy in your tests or application, add the `browsermob-core` dependency to your pom:\n```xml\n    \u003cdependency\u003e\n        \u003cgroupId\u003enet.lightbody.bmp\u003c/groupId\u003e\n        \u003cartifactId\u003ebrowsermob-core\u003c/artifactId\u003e\n        \u003cversion\u003e2.1.5\u003c/version\u003e\n        \u003cscope\u003etest\u003c/scope\u003e\n    \u003c/dependency\u003e\n```\n\nStart the proxy:\n```java\n    BrowserMobProxy proxy = new BrowserMobProxyServer();\n    proxy.start(0);\n    int port = proxy.getPort(); // get the JVM-assigned port\n    // Selenium or HTTP client configuration goes here\n```\n\nThen configure your HTTP client to use a proxy running at the specified port.\n\n**Using with Selenium?** See the [Using with Selenium](#using-with-selenium) section.\n\n### Getting started: Standalone\nTo run in standalone mode from the command line, first download the latest release from the [releases page](https://github.com/lightbody/browsermob-proxy/releases), or [build the latest from source](#building-the-latest-from-source).\n\nStart the REST API:\n```sh\n    ./browsermob-proxy -port 8080\n```\n\nThen create a proxy server instance:\n```sh\n    curl -X POST http://localhost:8080/proxy\n    {\"port\":8081}\n```\n\nThe \"port\" is the port of the newly-created proxy instance, so configure your HTTP client or web browser to use a proxy on the returned port.\nFor more information on the features available in the REST API, see [the REST API documentation](#rest-api).\n\n## Changes since 2.0.0\n\nThe new [BrowserMobProxyServer class](browsermob-core/src/main/java/net/lightbody/bmp/BrowserMobProxyServer.java) has replaced the legacy ProxyServer implementation. The legacy implementation is no longer actively supported; all new code should use `BrowserMobProxyServer`. We highly recommend that existing code migrate to the new implementation.\n\nThe most important changes from 2.0 are:\n\n- [Separate REST API and Embedded Mode modules](#embedded-mode). Include only the functionality you need.\n- [New BrowserMobProxy interface](browsermob-core/src/main/java/net/lightbody/bmp/BrowserMobProxy.java). The new interface will completely replace the legacy 2.0 ProxyServer contract in version 3.0 and higher.\n- [LittleProxy support](#littleproxy-support). More stable and more powerful than the legacy Jetty back-end.\n\n### New BrowserMobProxy API\n\nBrowserMob Proxy 2.1 includes a [new BrowserMobProxy interface](browsermob-core/src/main/java/net/lightbody/bmp/BrowserMobProxy.java) to interact with BrowserMob Proxy programmatically. The new interface defines the functionality that BrowserMob Proxy will support in future releases (including 3.0+). To ease migration, both the legacy (Jetty-based) ProxyServer class and the new, LittleProxy-powered BrowserMobProxy class support the new BrowserMobProxy interface.\n\nWe _highly_ recommend migrating existing code to the BrowserMobProxy interface using the `BrowserMobProxyServer` class.\n\n### Using the LittleProxy implementation with 2.0.0 code\n\nThe legacy interface, implicitly defined by the ProxyServer class, has been extracted into `net.lightbody.bmp.proxy.LegacyProxyServer` and is now officially deprecated. The new LittleProxy-based implementation will implement LegacyProxyServer for all 2.1.x releases. This means you can switch to the LittleProxy-powered implementation with minimal change to existing code ([with the exception of interceptors](#http-request-manipulation)):\n\n```java\n    // With the Jetty-based 2.0.0 release, BMP was created like this:\n    ProxyServer proxyServer = new ProxyServer();\n    proxyServer.start();\n    // [...]\n\n    // To use the LittleProxy-powered 2.1.5 release, simply change to\n    // the LegacyProxyServer interface and the adapter for the new\n    // LittleProxy-based implementation:\n    LegacyProxyServer proxyServer = new BrowserMobProxyServerLegacyAdapter();\n    proxyServer.start();\n    // Almost all deprecated 2.0.0 methods are supported by the\n    // new BrowserMobProxyServerLegacyAdapter implementation, so in most cases,\n    // no further code changes are necessary\n```\n\nLegacyProxyServer will not be supported after 3.0 is released, so we recommend migrating to the `BrowserMobProxy` interface as soon as possible. The new interface provides additional functionality and is compatible with both the legacy Jetty-based ProxyServer implementation [(with some exceptions)](new-interface-compatibility.md) and the new LittleProxy implementation.\n\nIf you must continue using the legacy Jetty-based implementation, include the `browsermob-core-legacy` artifact instead of `browsermob-core`.\n\n## Features and Usage\n\nThe proxy is programmatically controlled via a REST interface or by being embedded directly inside Java-based programs and unit tests. It captures performance data in the [HAR format](http://groups.google.com/group/http-archive-specification). In addition it can actually control HTTP traffic, such as:\n\n - blacklisting and whitelisting certain URL patterns\n - simulating various bandwidth and latency\n - remapping DNS lookups\n - flushing DNS caching\n - controlling DNS and request timeouts\n - automatic BASIC authorization\n\n### REST API\n\n**New in 2.1:** LittleProxy is the default implementation of the REST API. You may specify `--use-littleproxy false` to disable LittleProxy in favor of the legacy Jetty 5-based implementation.\n\nTo get started, first start the proxy by running `browsermob-proxy` or `browsermob-proxy.bat` in the bin directory:\n\n    $ sh browsermob-proxy -port 8080\n    INFO 05/31 03:12:48 o.b.p.Main           - Starting up...\n    2011-05-30 20:12:49.517:INFO::jetty-7.3.0.v20110203\n    2011-05-30 20:12:49.689:INFO::started o.e.j.s.ServletContextHandler{/,null}\n    2011-05-30 20:12:49.820:INFO::Started SelectChannelConnector@0.0.0.0:8080\n\nOnce started, there won't be an actual proxy running until you create a new proxy. You can do this by POSTing to /proxy:\n\n    [~]$ curl -X POST http://localhost:8080/proxy\n    {\"port\":8081}\n\nor optionally specify your own port:\n\n    [~]$ curl -X POST -d 'port=8089' http://localhost:8080/proxy\n    {\"port\":8089}\n\nor if running BrowserMob Proxy in a multi-homed environment, specify a desired bind address (default is `0.0.0.0`):\n\n    [~]$ curl -X POST -d 'bindAddress=192.168.1.222' http://localhost:8080/proxy\n    {\"port\":8086}\n\nOnce that is done, a new proxy will be available on the port returned. All you have to do is point a browser to that proxy on that port and you should be able to browse the internet. The following additional APIs will then be available:\n\nDescription |  HTTP method | Request path | Request parameters\n--- | :---: | :---: | ---\nGet a list of ports attached to `ProxyServer` instances managed by `ProxyManager` | GET | */proxy* ||\nCreates a new proxy to run requests off of | POST | */proxy* | \u003cp\u003e*port* - Integer, The specific port to start the proxy service on. Optional, default is generated and returned in response.\u003c/p\u003e\u003cp\u003e*proxyUsername* - String, The username to use to authenticate with the chained proxy. Optional, default to null.\u003c/p\u003e\u003cp\u003e*proxyPassword* - String, The password to use to authenticate with the chained proxy. Optional, default to null.\u003c/p\u003e\u003cp\u003e*bindAddress* - String, If running BrowserMob Proxy in a multi-homed environment, specify a desired bind address. Optional, default to \"0.0.0.0\".\u003c/p\u003e\u003cp\u003e*serverBindAddress* - String, If running BrowserMob Proxy in a multi-homed environment, specify a desired server bind address. Optional, default to \"0.0.0.0\".\u003c/p\u003e\u003cp\u003e*useEcc* - Boolean. True, Uses Elliptic Curve Cryptography for certificate impersonation. Optional, default to \"false\".\u003c/p\u003e\u003cp\u003e*trustAllServers* - Boolean. True, Disables verification of all upstream servers' SSL certificates. All upstream servers will be trusted, even if they do not present valid certificates signed by certification authorities in the JDK's trust store. Optional, default to \"false\".\u003c/p\u003e| \n\u003ca name=\"harcreate\"\u003eCreates a new HAR\u003c/a\u003e attached to the proxy and returns the HAR content if there was a previous HAR. *[port]* in request path it is port where your proxy was started | PUT |*/proxy/[port]/har* |\u003cp\u003e*captureHeaders* - Boolean, capture headers or not. Optional, default to \"false\".\u003c/p\u003e\u003cp\u003e*captureCookies* - Boolean, capture cookies or not. Optional, default to \"false\".\u003c/p\u003e\u003cp\u003e*captureContent* - Boolean, capture content bodies or not. Optional, default to \"false\".\u003c/p\u003e\u003cp\u003e*captureBinaryContent* - Boolean, capture binary content or not. Optional, default to \"false\".\u003c/p\u003e\u003cp\u003e*initialPageRef* - The string name of The first page ref that should be used in the HAR. Optional, default to \"Page 1\".\u003c/p\u003e\u003cp\u003e*initialPageTitle* - The title of first HAR page. Optional, default to *initialPageRef*.\u003c/p\u003e\nStarts a new page on the existing HAR. *[port]* in request path it is port where your proxy was started | PUT | */proxy/[port]/har/pageRef* |\u003cp\u003e*pageRef* - The string name of the first page ref that should be used in the HAR. Optional, default to \"Page N\" where N is the next page number.\u003c/p\u003e\u003cp\u003e*pageTitle* - The title of new HAR page. Optional, default to `pageRef`.\u003c/p\u003e\nShuts down the proxy and closes the port. *[port]* in request path it is port where your proxy was started | DELETE | */proxy/[port]* ||\nReturns the JSON/HAR content representing all the HTTP traffic passed through the proxy (provided you have already created the HAR with [this method](#harcreate)) | GET | */proxy/[port]/har* ||\nDisplays whitelisted items | GET | */proxy/[port]/whitelist* ||\nSets a list of URL patterns to whitelist | PUT | */proxy/[port]/whitelist* |\u003cp\u003e*regex* - A comma separated list of regular expressions.\u003c/p\u003e\u003cp\u003e*status* - The HTTP status code to return for URLs that do not match the whitelist.\u003c/p\u003e|\nClears all URL patterns from the whitelist  | DELETE | */proxy/[port]/whitelist* ||\nDisplays blacklisted items | GET | */proxy/[port]/blacklist* ||\nSet a URL to blacklist | PUT | */proxy/[port]/blacklist* |\u003cp\u003e*regex* - The blacklist regular expression.\u003c/p\u003e\u003cp\u003e*status* - The HTTP status code to return for URLs that are blacklisted.\u003c/p\u003e\u003cp\u003e*method* - The regular expression for matching HTTP method (GET, POST, PUT, etc). Optional, by default processing all HTTP method.\u003c/p\u003e|\nClears all URL patterns from the blacklist | DELETE | */proxy/[port]/blacklist* ||\nLimit the bandwidth through the proxy on the *[port]* | PUT | */proxy/[port]/limit* |\u003cp\u003e*downstreamKbps* - Sets the downstream bandwidth limit in kbps. Optional.\u003c/p\u003e\u003cp\u003e*upstreamKbps* - Sets the upstream bandwidth limit kbps. Optional, by default unlimited.\u003c/p\u003e\u003cp\u003e*downstreamMaxKB* - Specifies how many kilobytes in total the client is allowed to download through the proxy. Optional, by default unlimited.\u003c/p\u003e\u003cp\u003e*upstreamMaxKB* - Specifies how many kilobytes in total the client is allowed to upload through the proxy. Optional, by default unlimited.\u003c/p\u003e\u003cp\u003e*latency* - Add the given latency to each HTTP request. Optional, by default all requests are invoked without latency.\u003c/p\u003e\u003cp\u003e*enable* - A boolean that enable bandwidth limiter. Optional, by default to \"false\", but setting any of the properties above will implicitly enable throttling\u003c/p\u003e\u003cp\u003e*payloadPercentage* - Specifying what percentage of data sent is payload, e.g. use this to take into account overhead due to tcp/ip. Optional.\u003c/p\u003e\u003cp\u003e*maxBitsPerSecond* - The max bits per seconds you want this instance of StreamManager to respect. Optional.\u003c/p\u003e\nDisplays the amount of data remaining to be uploaded/downloaded until the limit is reached | GET | */proxy/[port]/limit* ||\nSet and override HTTP Request headers | POST | */proxy/[port]/headers* | Payload data should be **JSON** encoded set of headers. Where key is a header name (such as \"User-Agent\") and  value is a value of HTTP header to setup (such as \"BrowserMob-Agent\"). Example: `{\"User-Agent\": \"BrowserMob-Agent\"}`|\nOverrides normal DNS lookups and remaps the given hosts with the associated IP address | POST | */proxy/[port]/hosts* | Payload data should be **JSON** encoded set of hosts. Where key is a host name (such as \"example.com\") and value is a IP address which associatied with host hame (such as \"1.2.3.4\"'). Example: `{\"example.com\": \"1.2.3.4\"}`|\nSets automatic basic authentication for the specified domain | POST | */proxy/[port]/auth/basic/[domain]* | Payload data should be **JSON** encoded username and password name/value pairs. Example: `{\"username\": \"myUsername\", \"password\": \"myPassword\"}`|\nWait till all request are being made | PUT | */proxy/[port]/wait* |\u003cp\u003e*quietPeriodInMs* - Wait till all request are being made. Optional.\u003c/p\u003e\u003cp\u003e*timeoutInMs* - Sets quiet period in milliseconds. Optional.\u003c/p\u003e|\nHandles different proxy timeouts | PUT | *proxy/[port]/timeout* |\u003cp\u003ePayload data should be **JSON** encoded set of parameters. Where key is a parameters name (such as \"connectionTimeout\") and  value is a value of parameter to setup (such as \"500\")\u003c/p\u003e\u003cp\u003e*requestTimeout* - Request timeout in milliseconds. A timeout value of -1 is interpreted as infinite timeout. Optional, default to \"-1\".\u003c/p\u003e\u003cp\u003e*readTimeout* - Read timeout in milliseconds. Which is the timeout for waiting for data or, put differently, a maximum period inactivity between two consecutive data packets). A timeout value of zero is interpreted as an infinite timeout. Optional, default to \"60000\".\u003c/p\u003e\u003cp\u003e*connectionTimeout* - Determines the timeout in milliseconds until a connection is established. A timeout value of zero is interpreted as an infinite timeout. Optional, default to \"60000\".\u003c/p\u003e\u003cp\u003e*dnsCacheTimeout* - Sets the maximum length of time that records will be stored in this Cache. A nonpositive value disables this feature (that is, sets no limit). Optional, default to \"0\".\u003c/p\u003eExample: `{\"connectionTimeout\" : \"500\", \"readTimeout\" : \"200\"}`|\nRedirecting URL's | PUT | */proxy/[port]/rewrite* |\u003cp\u003e*matchRegex* - A matching URL regular expression.\u003c/p\u003e\u003cp\u003e*replace* - replacement URL.\u003c/p\u003e|\nRemoves all URL redirection rules currently in effect | DELETE | */proxy/[port]/rewrite* ||\nSetting the retry count | PUT | */proxy/[port]/retry* |\u003cp\u003e*retrycount* - The number of times a method will be retried.\u003c/p\u003e|\nEmpties the DNS cache | DELETE | */proxy/[port]/dns/cache* ||\n| [REST API interceptors with LittleProxy](#interceptorsRESTapiLP) |||\n|Describe your own request interception | POST | */proxy/[port]/filter/request* | A string which determinates interceptor rules. See more [here](#interceptorsRESTapiLPRequestFilter) |\n|Describe your own response interception | POST | */proxy/[port]/filter/response* | A string which determinates interceptor rules. See more [here](#interceptorsRESTapiLPResponseFilter) |\n| [REST API with Legacy interceptors](#interceptorsRESTapiLegacy) ||||\n|Describe your own request interception | POST | */proxy/[port]/interceptor/request* | A string which determinates interceptor rules. See more [here](#interceptorsRESTapiLegacy) |\n|Describe your own response interception | POST | */proxy/[port]/interceptor/response* | A string which determinates interceptor rules. See more [here](#interceptorsRESTapiLegacy) |\n\nFor example, once you've started the proxy you can create a new HAR to start recording data like so:\n\n    [~]$ curl -X PUT -d 'initialPageRef=Foo' http://localhost:8080/proxy/8081/har\n\nNow when traffic goes through port 9091 it will be attached to a page reference named \"Foo\". Consult the HAR specification for more info on what a \"pageRef\" is. You can also start a new pageRef like so:\n\n    [~]$ curl -X PUT -d 'pageRef=Bar' http://localhost:8080/proxy/8081/har/pageRef\n\nThat will ensure no more HTTP requests get attached to the old pageRef (Foo) and start getting attached to the new pageRef (Bar). After creating the HAR, you can get its content at any time like so:\n\n    [~]$ curl http://localhost:8080/proxy/8081/har\n\nSometimes you will want to route requests through an upstream proxy server. In this case specify your proxy server by adding the httpProxy parameter to your create proxy request:\n\n    [~]$ curl -X POST http://localhost:8080/proxy?httpProxy=yourproxyserver.com:8080\n    {\"port\":8081}\n\nAlternatively, you can specify the upstream proxy config for all proxies created using the standard JVM [system properties for HTTP proxies](http://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html).\nNote that you can still override the default upstream proxy via the POST payload, but if you omit the payload the JVM\nsystem properties will be used to specify the upstream proxy.\n\n### Command-line Arguments\n\n - -port \\\u003cport\\\u003e\n  - Port on which the API listens. Default value is 8080.\n - -address \u003caddress\u003e\n  - Address to which the API is bound. Default value is 0.0.0.0.\n - -proxyPortRange \\\u003cfrom\\\u003e-\\\u003cto\\\u003e\n  - Range of ports reserved for proxies. Only applies if *port* parameter is not supplied in the POST request. Default values are \\\u003cport\\\u003e+1 to \\\u003cport\\\u003e+500+1.\n - -ttl \\\u003cseconds\\\u003e\n  - Proxy will be automatically deleted after a specified time period. Off by default.\n\n### Embedded Mode\n\n**New in 2.1:** New Embedded Mode module\n\n**New in 2.1:** New [BrowserMobProxy interface](#new-browsermobproxy-api) for Embedded Mode\n\nBrowserMob Proxy 2.1 separates the Embedded Mode and REST API into two modules. If you only need Embedded Mode functionality, add the `browsermob-core` artifact as a dependency. The REST API artifact is `browsermob-rest`.\n\nIf you're using Java and Selenium, the easiest way to get started is to embed the project directly in your test. First, you'll need to make sure that all the dependencies are imported in to the project. You can find them in the *lib* directory. Or, if you're using Maven, you can add this to your pom:\n```xml\n    \u003cdependency\u003e\n        \u003cgroupId\u003enet.lightbody.bmp\u003c/groupId\u003e\n        \u003cartifactId\u003ebrowsermob-core\u003c/artifactId\u003e\n        \u003cversion\u003e2.1.5\u003c/version\u003e\n        \u003cscope\u003etest\u003c/scope\u003e\n    \u003c/dependency\u003e\n```\n\nOnce done, you can start a proxy using `net.lightbody.bmp.BrowserMobProxy`:\n```java\n    BrowserMobProxy proxy = new BrowserMobProxyServer();\n    proxy.start(0);\n    // get the JVM-assigned port and get to work!\n    int port = proxy.getPort();\n    //...\n```\n\nConsult the Javadocs on the `net.lightbody.bmp.BrowserMobProxy` class for the full API.\n\n### Using With Selenium\n\n**Selenium 3 users**: Due to a [geckodriver issue](https://github.com/mozilla/geckodriver/issues/97), Firefox 51 and lower do not properly support proxies with WebDriver's DesiredCapabilities. See [this answer](http://stackoverflow.com/a/41373808/4256475) for a suitable work-around.\n\nBrowserMob Proxy makes it easy to use a proxy in Selenium tests:\n```java\n    // start the proxy\n    BrowserMobProxy proxy = new BrowserMobProxyServer();\n    proxy.start(0);\n\n    // get the Selenium proxy object\n    Proxy seleniumProxy = ClientUtil.createSeleniumProxy(proxy);\n\n    // configure it as a desired capability\n    DesiredCapabilities capabilities = new DesiredCapabilities();\n    capabilities.setCapability(CapabilityType.PROXY, seleniumProxy);\n\n    // start the browser up\n    WebDriver driver = new FirefoxDriver(capabilities);\n\n    // enable more detailed HAR capture, if desired (see CaptureType for the complete list)\n    proxy.enableHarCaptureTypes(CaptureType.REQUEST_CONTENT, CaptureType.RESPONSE_CONTENT);\n\n    // create a new HAR with the label \"yahoo.com\"\n    proxy.newHar(\"yahoo.com\");\n\n    // open yahoo.com\n    driver.get(\"http://yahoo.com\");\n\n    // get the HAR data\n    Har har = proxy.getHar();\n```\n\n**Note**: If you're running running tests on a Selenium grid, you will need to customize the Selenium Proxy object\ncreated by `createSeleniumProxy()` to point to the hostname of the machine that your test is running on. You can also run a standalone\nBrowserMob Proxy instance on a separate machine and configure the Selenium Proxy object to use that proxy.\n\n### HTTP Request Manipulation\n\n**HTTP request manipulation has changed in 2.1.0+ with LittleProxy.** The LittleProxy-based interceptors are easier to use and more reliable. The legacy ProxyServer implementation **will not** support the new interceptor methods.\n\n#### 2.1.0+ (LittleProxy) interceptors\n\nThere are four new methods to support request and response interception in LittleProxy:\n\n  - `addRequestFilter`\n  - `addResponseFilter`\n  - `addFirstHttpFilterFactory`\n  - `addLastHttpFilterFactory`\n\nFor most use cases, including inspecting and modifying requests/responses, `addRequestFilter` and `addResponseFilter` will be sufficient. The request and response filters are easy to use:\n```java\n    proxy.addRequestFilter(new RequestFilter() {\n            @Override\n            public HttpResponse filterRequest(HttpRequest request, HttpMessageContents contents, HttpMessageInfo messageInfo) {\n                if (messageInfo.getOriginalUri().endsWith(\"/some-endpoint-to-intercept\")) {\n                    // retrieve the existing message contents as a String or, for binary contents, as a byte[]\n                    String messageContents = contents.getTextContents();\n\n                    // do some manipulation of the contents\n                    String newContents = messageContents.replaceAll(\"original-string\", \"my-modified-string\");\n                    //[...]\n\n                    // replace the existing content by calling setTextContents() or setBinaryContents()\n                    contents.setTextContents(newContents);\n                }\n\n                // in the request filter, you can return an HttpResponse object to \"short-circuit\" the request\n                return null;\n            }\n        });\n\n        // responses are equally as simple:\n        proxy.addResponseFilter(new ResponseFilter() {\n            @Override\n            public void filterResponse(HttpResponse response, HttpMessageContents contents, HttpMessageInfo messageInfo) {\n                if (/*...some filtering criteria...*/) {\n                    contents.setTextContents(\"This message body will appear in all responses!\");\n                }\n            }\n        });\n```\n\nWith Java 8, the syntax is even more concise:\n```java\n        proxy.addResponseFilter((response, contents, messageInfo) -\u003e {\n            if (/*...some filtering criteria...*/) {\n                contents.setTextContents(\"This message body will appear in all responses!\");\n            }\n        });\n```\n\nSee the javadoc for the `RequestFilter` and `ResponseFilter` classes for more information.\n\nFor fine-grained control over the request and response lifecycle, you can add \"filter factories\" directly using `addFirstHttpFilterFactory` and `addLastHttpFilterFactory` (see the examples in the InterceptorTest unit tests).\n\n#### \u003ca name=\"interceptorsRESTapiLP\"\u003eREST API interceptors with LittleProxy\u003c/a\u003e\n\nWhen running the REST API with LittleProxy enabled, you cannot use the legacy `/:port/interceptor/` endpoints. Instead, POST the javascript payload to the new `/:port/filter/request` and `/:port/filter/response` endpoints.\n\n##### \u003ca name=\"interceptorsRESTapiLPRequestFilter\"\u003eRequest filters\u003c/a\u003e\n\nJavascript request filters have access to the variables `request` (type `io.netty.handler.codec.http.HttpRequest`), `contents` (type `net.lightbody.bmp.util.HttpMessageContents`), and `messageInfo` (type `net.lightbody.bmp.util.HttpMessageInfo`). `messageInfo` contains additional information about the message, including whether the message is sent over HTTP or HTTPS, as well as the original request received from the client before any changes made by previous filters. If the javascript returns an object of type `io.netty.handler.codec.http.HttpResponse`, the HTTP request will \"short-circuit\" and return the response immediately.\n\n**Example: Modify User-Agent header**\n\n```sh\ncurl -i -X POST -H 'Content-Type: text/plain' -d \"request.headers().remove('User-Agent'); request.headers().add('User-Agent', 'My-Custom-User-Agent-String 1.0');\" http://localhost:8080/proxy/8081/filter/request\n```\n\n##### \u003ca name=\"interceptorsRESTapiLPResponseFilter\"\u003eResponse filters\u003c/a\u003e\n\nJavascript response filters have access to the variables `response` (type `io.netty.handler.codec.http.HttpResponse`), `contents` (type `net.lightbody.bmp.util.HttpMessageContents`), and `messageInfo` (type `net.lightbody.bmp.util.HttpMessageInfo`). As in the request filter, `messageInfo` contains additional information about the message.\n\n**Example: Modify response body**\n\n```sh\ncurl -i -X POST -H 'Content-Type: text/plain' -d \"contents.setTextContents('\u003chtml\u003e\u003cbody\u003eResponse successfully intercepted\u003c/body\u003e\u003c/html\u003e');\" http://localhost:8080/proxy/8081/filter/response\n```\n\n#### Legacy interceptors\n\nIf you are using the legacy ProxyServer implementation, you can manipulate the requests like so:\n```java\n    BrowserMobProxy server = new ProxyServer();\n    ((LegacyProxyServer)server).addRequestInterceptor(new RequestInterceptor() {\n        @Override\n        public void process(BrowserMobHttpRequest request, Har har) {\n            request.getMethod().removeHeaders(\"User-Agent\");\n            request.getMethod().addHeader(\"User-Agent\", \"Bananabot/1.0\");\n        }\n    });\n```\n\u003ca name=\"interceptorsRESTapiLegacy\"\u003e\u003c/a\u003eYou can also POST a JavaScript payload to `/:port/interceptor/request` and `/:port/interceptor/response` using the REST interface. The functions will have a `request`/`response` variable, respectively, and a `har` variable (which may be null if a HAR isn't set up yet). The JavaScript code will be run by [Rhino](https://github.com/mozilla/rhino) and have access to the same Java API in the example above:\n\n    [~]$ curl -X POST -H 'Content-Type: text/plain' -d 'request.getMethod().removeHeaders(\"User-Agent\");' http://localhost:8080/proxy/8081/interceptor/request\n\nConsult the Java API docs for more info.\n\n### SSL Support\n\n**BrowserMob Proxy 2.1.0+ now supports full MITM:** For most users, MITM will work out-of-the-box with default settings. Install the [ca-certificate-rsa.cer](/browsermob-core/src/main/resources/sslSupport/ca-certificate-rsa.cer) file in your browser or HTTP client to avoid untrusted certificate warnings. Generally, it is safer to generate your own private key, rather than using the .cer files distributed with BrowserMob Proxy. See the [README file in the `mitm` module](/mitm/README.md) for instructions on generating or using your own root certificate and private key with MITM.\n\n**Legacy Jetty-based ProxyServer support for MITM:** The legacy `ProxyServer` implementation uses the same `ca-certificate-rsa.cer` root certificate as the default BrowserMobProxyServer implementation. The previous cybervillainsCA.cer certificate has been removed.\n\n**Note: DO NOT** permanently install the .cer files distributed with BrowserMob Proxy in users' browsers. They should be used for testing only and must not be used with general web browsing.\n\nIf you're doing testing with Selenium, you'll want to make sure that the browser profile that gets set up by Selenium not only has the proxy configured, but also has the CA installed. Unfortunately, there is no API for doing this in Selenium; it must be done manually for each browser and environment.\n\n### NodeJS Support\n\nNodeJS bindings for browswermob-proxy are available [here](https://github.com/zzo/browsermob-node).  Built-in support for [Selenium](http://seleniumhq.org) or use [CapserJS-on-PhantomJS](http://casperjs.org) or anything else to drive traffic for HAR generation.\n\n### Logging\n\nWhen running in stand-alone mode, the proxy loads the default logging configuration from the conf/bmp-logging.yaml file. To increase/decrease the logging level, change the logging entry for net.lightbody.bmp.\n\n### DNS Resolution\n\nThe BrowserMobProxyServer implementation uses native DNS resolution by default, but supports custom DNS resolution and advanced DNS manipulation. See the [ClientUtil](browsermob-proxy/browsermob-core/src/main/java/net/lightbody/bmp/client/ClientUtil.java) class for information on DNS manipulation using the dnsjava resolver.\n\n## Building the latest from source\n\nYou'll need maven (`brew install maven` if you're on OS X):\n\n    [~]$ mvn -DskipTests\n\nYou'll find the standalone BrowserMob Proxy distributable zip at `browsermob-dist/target/browsermob-proxy-2.1.5-SNAPSHOT-bin.zip`. Unzip the contents and run the `browsermob-proxy` or `browsermob-proxy.bat` files in the `bin` directory.\n\nWhen you build the latest code from source, you'll have access to the latest snapshot release. To use the SNAPSHOT version in your code, modify the version in your pom:\n```xml\n    \u003cdependency\u003e\n        \u003cgroupId\u003enet.lightbody.bmp\u003c/groupId\u003e\n        \u003cartifactId\u003ebrowsermob-core\u003c/artifactId\u003e\n        \u003cversion\u003e2.1.6-SNAPSHOT\u003c/version\u003e\n        \u003cscope\u003etest\u003c/scope\u003e\n    \u003c/dependency\u003e\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flightbody%2Fbrowsermob-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flightbody%2Fbrowsermob-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flightbody%2Fbrowsermob-proxy/lists"}