How to debug HTTP(s) traffic on Android
You can create as many proxy configurations as you want. When you want to enable one, simply tap on the currently connected network, enable the proxy and select the configuration you need. To disable the proxy, tap on the connection and disable it.
Simple, as it should be. Need I to say more? How about no root privileges required
What about HTTPS?
I mentioned earlier that mitmproxy supports HTTPS interception. This is extremely handy when you need to debug some production API calls without switching endpoint, for instance. However, due to how HTTPS works, we need to install a custom SSL certificate that allows mitmproxy to decrypt the traffic.
While this may sound like a lot of work, it’s a really simple procedure. By following this guide from the official mitmproxy website, you should be good to go in virtually no time. Be sure to add an extra parameter when launching mitmproxy, so that it looks like this:
$ mitmproxy -a IP_ADDR -p PORT —-no-upstream-cert
There’s a catch, unfortunately. Android saves the SSL certificates in an encrypted form, using the unlock information set by the user. What this means is that, before you can install any SSL certificate, you will be prompted to set a way of unlocking the device, either by a PIN code, a password, a pattern, and so on.
This is not a big deal if you’re working on a development phone, but it may be an inconvenience if you use your personal device. On a personal note, with Lollipop’s Smart Lock feature, no one should go without a locked phone. You need to stay safe!
3G/4G connections
This one is a bit harder. There is no system setting that is able to set a proxy for 3G/4G connections. BUT! You still can use your nifty hotspot feature! What you need is:
- a device with a 3G/4G connection
- the development device
- your laptop
Real simple: 1) activate the hotspot feature on the first device, 2) connect both the dev phone and the laptop to the hotspot, 3) run mitmproxy on the IP address assigned by the hotspot (typically 192.168.43.xxx) and 4) use Proxy Settings to set the proxy on the dev device.
Not the easiest, but still, could be worse!
Conclusion
I tried two other proxies so far, but mitmproxy manages to beat the crap out of each one of them. Charles is probably the closest one in terms of features, flexibility and OS support, but it is not free and it is not open-source. Fiddler, on the other hand, comes short in availability, since it’s Windows-only.
The mitmproxy + Proxy Settings combination has saved me quite a lot of time and headaches, so I hope it will do some good to you too.
Feel free to tell me what you think and if you have a better solution! ☺