Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Debugging HTTP

Debugging HTTP

ZendCon session on using various tools to observe and diagnose issues in HTTP connection between applications (the original also included screencasts)

Lorna Mitchell

October 28, 2014
Tweet

More Decks by Lorna Mitchell

Other Decks in Technology

Transcript

  1. Debugging HTTP Lorna Mitchell, ZendCon 2014

  2. 6 Stages of Debugging

  3. Denial That can't happen.

  4. Frustration That doesn't happen on my machine.

  5. Disbelief That shouldn't happen.

  6. Testing Why does that happen?

  7. Gotcha Oh, I see.

  8. Relief How did that ever work?

  9. Fault-Finding HTTP ... is just like fault-finding elsewhere in a

    web project Seeing the problem is usually harder than fixing it
  10. Tools

  11. Developer Tools Get to know the tools in your browser.

    Demo: My favourite browser tool
  12. Curl Curl (or cURL) is command-line multitool for HTTP http://curl.haxx.se/

  13. Lornajane's Curl Cheat Sheet -X [verb] The verb to use

    for this request -H "[Header: value]" A header to send. Repeat as needed -d [value] Either the whole body data as a string, a filename, or a key/value pair -s The "silent" switch, to hide curl's progress meter when piping the output to something else -c [filename] Where to store any incoming cookies for future use -b [filename] Cookies to send with the request -v to show headers for both request and response
  14. Meet Curl Demo: I'd like to introduce you to curl

  15. Python's JSON Library A python tool, handily available via CLI

    [some json] | python -mjson.tool http://docs.python.org/2/library/json.html
  16. Wireshark Copies traffic from your network card to allow you

    to view it • Observe without changing • Can capture on a server, inspect later • Or tunnel the data over SSH (http://lrnja.net/1gEMLiE) • Save and load sessions https://www.wireshark.org/
  17. Debugging Across Layers

  18. Debugging Across Layers Demo: why doesn't this work? ... oh.

  19. Charles Proxy Multi-platform Web Debugging Proxy http://www.charlesproxy.com/ • Observe requests

    • Firefox plugin • Change requests • Use Charles as a network proxy • Repeat/save requests (detailed article: http://lrnja.net/ZuiDYJ)
  20. Charles Proxy Demo: Charles Proxy on web and mobile

  21. Debugging SSL Charles can perform a man-in-the-middle attack

  22. Debugging SSL You need to authorise the "attack"

  23. Make Debugging Your Super Power

  24. Other Excellent Tools • httpie https://github.com/jkbr/httpie • Fiddler http://www.telerik.com/fiddler •

    Postman (Chrome) http://getpostman.com/ • RESTClient (Firefox) http://restclient.net/ • mitmproxy http://mitmproxy.org/ • jq http://stedolan.github.io/jq/ • hurl.it http://www.hurl.it/
  25. Questions? Feedback (please?) https://m.joind.in/talk/1d5ee Contact: http://lornajane.net - @lornajane