FAQ’s

Can I anonymously download content through the proxy?

No. Although upstream requests will be requested from proxies IP addresses, an X-Forwarded-For header with requesters IP address is appended to every upstream request.

How does it compare to Fiddler, Charles or mitmproxy?

debugProxy is basically a hosted version of one of these. Using any one of these tools you can do almost everything you can do with debugProxy and a lot more.

As it is a hosted servive debugProxy doesn't require installing any software. The user interface runs in the browser and any device on the Internet can connect to the proxy.

Are there any limits to how many requests can be made?

Yes. To try to ensure the servers are not overloaded various rate limits are enforced. Initially the proxy will respond with:

429 Too Many Requests

If higher rate limites are reached, the proxy server will start simply dropping connections.

I keep getting authentication dialogs on iOS

iOS 10 and above prompt for both HTTP and HTTPS credentials, even if you add them when setting up the proxy. The username and password is the same for both; the username and password generated when you create a session (not your email address and password used to sign into debugProxy.com!). iOS will likely continue to prompting unless the root certificate is installed and trusted.

Unfortunatly HTTPS tunneling through a proxy with credentials doesn't work correctly on iOS 9 and earlier version.

Is my traffic through the debugProxy stored forever on the debugProxy servers

Request and respones data is currently only stored for 20 minutes before it is permanently removed, we would like to increase this but currently only have limited storage. Some system logging data is stored for a bit longer but it only contains limited information about the requests themselves.

I'm getting errors downloading HTTPS traffic

Most probably you need to trust the debugProxy root certificate.

Do you intend on charging for the debugProxy?

Ideally we would like to provide a rate-lmited free tier and add a paid tier for users who want to proxy more requests, use additional features, or simply want to support the service.

Can I connect to service in my private network

No, the proxy can only connect to addresses it can reach.

Can I connect to a site with basic authentication?

Yes, to proxy will send almost all headers requested including the Authorization header.

It doesn’t forward the Proxy-Authorization header and it adds a header X-Forwarded-For header.

Can I proxy HTTPS traffic from apps that implement certificate pinning?

No, certificate pinning prevents to use of the debugProxy root certificate. It may be possible to patch the app to accept the debugProxy certificate, but that is not described here.

The proxy is dropping connections from our company IP address

There is IP based rate limiting in place, so if you have multiple clients on the network using the proxy your IP address may be temporarily blocked. If this is happening, please contact us by email and we may be able to white-list your IP address.

Does it support HTTP/2?

Yes, but only over HTTPS.

Does intercepting HTTPS work in Android Nougat?

Since Android Nougat apps don't use non-system root certificate by default. If you want to intercept the traffic for your own apps you can enable using user root certificates. You can read about this decision here.

If you have root access to the phone it is also possible to install the debugProxy root certificate as a system root certificate. See this blog post for details.

My Android phone says my connections may be monitored after I install the certificate.

This is a great feature! Yes, when the certificate is installed debugProxy can monitor your traffic. It is advised that you uninstall the certificate when you are not using the proxy.

Can debugProxy be used to spy on someone

debugProxy is intended to be used to debug HTTP(S) traffic from your own devices, the service is not provided for spying on anyone but yourself and maybe other consenting users.

We are concerned that debugProxy isn't miss used. Fortunatly setting up a proxy and root certificate generally requires a passcode or root access.

Additionally we implemented a feature where proxy sessions become inactive after a period of inactivity and must be manually re-activated in the dashboard. Unfortunatly this saftey feature is rather annoying for regular users whose sessions timeout while getting a coffee.

How do I contact debugProxy

Email us at debugproxy@tarnbarford.net.