proxymanapp / proxyman Goto Github PK

🐶 Brief

DevMate seems to be fit and potential candidate for replacement of Fabric. Let give it a try!

👑 Criteria

• Adopt free plan
• Integrate DevMate

🐶 Brief

If we enable the client, all domains of this client should be enabled SSL too, but it isn't 💥 .

Steps to reproduce

1. Enable SSL on particular clients on Source List
2. Install CA certificate if need
3. The client is enabled SSL => 💯
4. But, all their domains aren't 💥

👑 Criteria

• All its domains should be enabled SSL in a context menu if the main client is enabled.

🐶 Brief

The JSON reviewer is buggy and jump to top of content if the selected flow is reloading. Look at the GIF for further information:

Reproducible steps

1. Enable SSL for any particular domain
2. Open right-panel and see the content
3. For some reasons, the reviewer is jumped every-time the selected flow is change

👑 Criteria

• The Reviewer should be fixed regardless of changes.

GIF

🐶 Brief

It's essential to adopt CustomStringConvertible protocol to all models in ProxymanCore in oder to generate informative string during debugging phrase ⛑

👑 Criteria

• Adopt CustomStringConvertible too all Models
• Support basic info

🐶 Brief

It reveals that the current UIUX of main app is un-intuitive for new users.

1. The Start ProxyCore button doesn't allude that it could be turn on / off.
2. Add track button (bottom of Source List) is difficult to be discover in Playground mode.
3. Workspace and All sections doesn't seem to follow the standard guideline of macOS app.

👑 Criteria

• Add Play/Stop button like Xcode, and move the Green circle to somewhere
• Add Project name in to Status bar
• Redesign Source List like SnippetsLab
• ...

🐶 Brief

It's kind of frustrating when the naive user see the button

They aren't aware that it's the "Start" or "Stop" button.

We have to re-design it to make it more intuitive.

👑 Criteria

• Mimic the behavior of Start/ Stop button from Xcode
• Move the Green/Red status button to somewhere

🐶 Brief

• Those code layout in iPhone/Android/Sim guideline is broken

👑 Criteria

• Fix them 🥇

🐶 Brief

It's useful to support "Reset all" button in Debug Menu in order to to back to the original state easily.

👑 Criteria

• Clear all data in ~/.proxyman
• Remove all certificates

🐶 Brief

It's a critical feature to support global hotkey for common tasks.

👑 Criteria

• Cmd + K to open Tracking Screen

🐶 Brief

If we open Proxyman, Cmd+F doesn't recognize anymore regardless of active/inactive state of Proxyman.

If we press Cmd+F, the bottom Search Bar will become first responder. We should get rid of it 👍

Reproducible steps

1. Open Proxyman
2. Hide app or leave it
3. Open Safari or Xcode
4. Unable to press Cmd+F

👑 Criteria

• Only observe Hotkey when app is active
• Resign the observation when app is inactive mode.

🐶 Brief

If we fire the HTTPS request by using curl from terminal, our PIDScanner couldn't detect them. Consequently, the pid is -1, which is invalid.

Problem

After preliminary investigation, it turns our that

socketInfo.psi.soi_family == AF_SYSTEM && socketInfo.psi.soi_kind == SOCKINFO_KERN_CTL

the socketInfo from this pid is from system and kernel network. It seems that curl is using really low-level network library to do it.

👑 Criteria

• Able to detect it 💯

🐶 Brief

It's a core feature to enable SSL Proxying on entire Client or Domain on Source List.

👑 Criteria

• Introduce menu context on Source List
• Only enable SSL Proxying MenuItem if it's Client or Domain
• Refactor ProxymanGataway to fit with new requirement -> Able to Enable / Disable Client or Domain or specific flow.
• Close all alive-connections in Client, Domain, Flow.
• Tested: Able to enable SSLProxying on Client -> All Client's domains are intercepted
• Tested: Able to enable SSLProxying on Domain -> All requests, which are same domain, are intercepted

🐶 Brief

It's pretty frustrated when dealing with Document-based from Cocoa app because each Document is completely different App instance, so it's hard to manage the Proxyman Core.

Time to consider dropping it out and adopt new Tab View.

👑 Criteria

• Consider....

🐶 Brief

It's too risk to ask the user to install Root Certificate at the first time open Proxyman.
We have to consider couple alternative approaches in order to avoid this sensitive action.

👑 Criteria

• Go forward to the app
• Don't need to install Root CA anymore, until they actually have to enable the SSL Proxying
• Improve the flow of the Proxyman

🐶 Brief

Proxyman should be able to install CA to iOS Simulator like Proxyman 0.8.1 does.

👑 Criteria

• Able to install CA to iOS Simulator
• Able to sniff and intercept data from iOS Simulator

🐶 Brief

Proxyman is unable to intercept HTTPS after re-installing new Proxyman Certificate.

Reproduce steps

1. Install Certificate and Intercept any https request successfully
2. Don't close app, then opening the Keychain and delete Proxyman CA certificate
3. Back to Proxyman, the app present the error status -> Correct behavior at #334
4. Install new certificate
5. Reload the https request
6. Still get error 💥 until restarting the app and try again -> work

Problem

It reveals that CertificateService is still remaining the CertificateIdentity list in memory and disk, so the next time we try intercepting the https request with new Proxyman CA Certificate, it won't work since the chain certificate doesn't match.

👑 Criteria

• Able to intercept immediately after re-installing the certificate without restarting the app
• Delete all Leaf certificates in memory and disk after installing new certificate.

Description

It's vital to ship the nightly build whenever we merge the PR to master or feature branch.

Acceptance Criteria

• Fastlane is capable of archiving the build on CI/CD
• Upload to Github Release page

🐶 Brief

It's crucial to remove those temporary files after generating new Root Certificate.

👑 Criteria

• Delete all temporary file, except the root file.

🐶 Brief

If the request is CONNECT and keep-alive, and it is closed (the main App exit), Proxyman doesn't update it.

Charles does it correctly. So it's time to improve our Proxyman Core 📦

Steps to reproduce

1. Open Proxyman and don't install any Certificate and SSL Enable
2. Open Artify fire any request
3. See the request in Proxyman, which is CONNECT and keep-alive
4. Exit Artify
5. This flow doesn't complete 💥 (Charles closes it)

👑 Criteria

• Proxyman Core should close the keep-alive request when it's done

🐶 Brief

If we enable the client, all domains of this client should be enabled SSL too, but it isn't 💥 .

Steps to reproduce

1. Enable SSL on particular clients on Source List
2. Install CA certificate if need
3. The client is enabled SSL => 💯
4. But, all their domains aren't 💥

👑 Criteria

• All its domains should be enabled SSL in a context menu if the main client is enabled.

🐶 Brief

It's better to bring the most usage copy func to the Menu Context .

👑 Criteria

• Support "Copy by cURL" in the default menu context

🐶 Brief

Proxyman is now capable of intercepting HTTP/HTTPS request from iOS Simulator. So it's essential to categorize all request into a new section.

👑 Criteria

• Identify the source, if it's from iOS Simulator => New catalog
• Support icon for the app on iOS Simulator

🐶 Brief

The ID Count doesn't reset after closing and opening new project.

Step to replicate

1. Open any project
2. Play around the app to increase the ID
3. Close and open another project
4. The ID still increase from last ID (not 0)

👑 Criteria

• The ID count should be reset and start with 0.

Acceptance Criteria

• Before establishing Proxyman Core, Proxyman app should check the availability of default port (9090)
• Switch to new port if need
• Point Wifi Proxy in System to new port

🐶 Brief

It's critical to use stable OpenSSL library on the app rather than using the built-in version on macOS.

👑 Criteria

• Integrate stable openSSL library to app
• Generate Root CA and leaf CA successfully
• Certificate system works as usual.

🐶 Brief

SourceListViewController is becoming more clumsy than ever due to duplication in NSOutlineViewDataSource, NSOutlineViewDelegate

We need some way to overcome it. Maybe introduce some common interface, then it could be interchangeable.

👑 Criteria

• SourceListViewController has no duplications
• Elegant and look better

🐶 Brief

The JSON reviewer is buggy and jump to top of content if the selected flow is reloading. Look at the GIF for further information:

Reproducible steps

1. Enable SSL for any particular domain
2. Open right-panel and see the content
3. For some reasons, the reviewer is jumped every-time the selected flow is change

👑 Criteria

• The Reviewer should be fixed regardless of changes.

GIF

🐶 Brief

Proxyman doesn't render the failed domain, which is under invalid SSL certificate.

📦 Steps to replicate

1. Install CA and enable any HTTPS domain
2. Make sure this domain can be intercepted successfully
3. Delete Proxyman CA certificate in Keychain
4. Back to app, and make the request again
5. Then, the new request is failed, code 999, invalid SSL, but the app doesn't render properly 💥

👑 Criteria

• Proxyman should detect and render appropriately

🐶 Brief

We are unable to copy the headers or cookies on Flow Detail.

👑 Criteria

• Able to copy the content of Header / Cookie

🐶 Brief

We discover that there is the pretty elegant implementation for Badge on macOS.

We can inspired and adopt it for Proxyman.

https://github.com/Perspx/PXSourceList/blob/master/PXSourceList/PXSourceListBadgeView.h

👑 Criteria

• Replace old badge with new one
• Double check Dark mode compatible

Which Proxyman version are you using?

Version 1.2 (1200)

What OS Version are you using? (Ex. mac 10.13)

macOS 10.14

Steps to reproduce this issue

1. Download Toggl (https://github.com/toggl/toggldesktop/)
2. Login to Nghia Tran account
3. There are certain requests, which were 400 Bad Request from server
4. No record in proxyman. But Charles does

Screenshots (optional)

Description

• After upgrading the ProxymanCore, the SSL Proxying for Remote Device doesn't work properly.

Acceptance Criteria

• Proxyman serves local server. It's proxyman.ssl
• Able to install CA to iPhone
• Able to proxy and SSL Proxying

🐶 Brief

It drives me nut when the number. of warnings are becoming overwhelming. It's critical to wipe them out 🤠

👑 Criteria

• Wipe out all warnings in the project

🐶 Brief

After #3, Proxyman is capable of installing CA to remote device. It's time to intercept iPhone's request and render appropriately on the app.

👑 Criteria

• Able to categorize remote request from iPhone/Android
• Group remote requests by domain
• Support new Remote Catalog

🐶 Brief

It's vital to support Sourcery in order to generate useful extensions automatically.

The acquisition of Sourcery can benefit in many programming aspects.

• Implement Equatable's implementation automatically for all variables.
• Implement CustomStringConvertible automatically (#15)
• Diminish the rate of error-prone coding.
• Reduce stress if we introduce new variable and forget adding this property to Equatable.

👑 Criteria

• Integrate Sourcery properly.
• Implement appropriate templates for generating code for Equatable and CustomStringConvertible
• Execute Sourcery in build-time

🐶 Brief

It's critical to track down what client/domain that we're adding to whitelist and SSL enable.

Thus, we can edit (delete, remove) and be fully aware what's going.

👑 Criteria

• Add "Advance" section in Edit Project in Workspace screen
• Show list of Whitelist and SSL
• Able to remove / add
• Add to Main Menu
• Able to delete client/domain in Tracked list in left-panel from right-click Menu

🐶 Brief

Proxyman doesn't enable SSL automatically after installing CA

How to reproduce

1. Fresh install (No certificate)
2. Track any app and select any specific https request for testing
3. Select and enable SSL on Right-panel
4. Proxyman show CA Certificate screen -> Install OK
5. But, it doesn't enable SSL => WE have to do it manually.

👑 Criteria

• Enable SSL on this domain after installing CA (if user open on right-panel)

🐶 Brief

👑 Criteria

🐶 Brief

There are certain issues when enabling SSL on Menu Context.

👑 Criteria

• Enable SSL is OK in Flow Menu Context
• Enable entire client is OK

🐶 Brief

It's really difficult to discover which app/domain/flow is enabled SSL.

Thus, It's more intuitive when the Client or Domain or Flow has the 🔒in someway, to determine that it's intercepted.

👑 Criteria

• Find out the way to present the lock in app

🐶 Brief

Proxyman doesn't select the first App/Domain at the first time it opens.

Steps to replicate

1. Open any projects
2. Wait to see new app / domain records
3. The Source List doesn't select any row by default -> so, the Flow list is empty.

👑 Criteria

• It should select the first one, in order to see the flow list.

🐶 Brief

There are certain shortcomings that we are not satisfied.

1. Ask Root Password at the first time open app => Should be avoid, as #8
2. The flood of apps in SourceList => Find an alternative approach to select specific app/domain we wanna track

Ultimately, Proxyman should only track specific apps, which the user would like to track, rather than tracking all apps.

👑 Criteria

• Should ask Root Password in Install Certificate screen anymore
• Go forward to the app immediately
• Don't tracking app/domain in Source List by default
• Able to select and search the domain (history) or app (existing in app) or enter new domain -> And track them
• Have option : All Domain and App
• Ask for install CA when the user actually enable SSL Proxying feature.

Which Proxyman version are you using?

Proxyman 1.0.2 (1020)

What OS Version are you using?

Mac 10.13.6

Steps to reproduce this issue

1. Open the app
2. Tap "Clear"

One more highlight: upon subsequent launch of the app, I cannot access internet anymore

Which Proxyman version are you using? (Ex. Proxyman 0.5 (200))

0.4.1 pre-alpha

Steps to reproduce this issue

just run it

So does it support 10.11?

Bug 1

Safe guard couldn't detect when the certificate is removed, which had installed from old Proxyman version.

👑 Acceptance Criteria

• If the certificate was installed from Old version, we should update the key in AppConfiguration.

Bug 2

Error icon (removed certificate), but we don't track any clients/domains. Thus, It makes no scene to warning user.

👑 Acceptance Criteria

• If we don't track any clients/domains, we don't need to warning user if the certificate was removed.

🐶 Brief

Repeat flow doesn't appear into tracked client/domain

Reproducible steps

1. Enable SSL for any flows in specific tracked client. Ex: We track Artify, and enable api.artify.app
2. Make sure we're able to see the content
3. Repeat it
4. The repeated flow doesn't appear in this Artify app (but it appears in All domain)

👑 Criteria

• It should be appear in Artify

🐶 Brief

It's vital feature to support Workspace in Proxyman App.

👑 Criteria

• Design Workspace screen
• List all available workspace
• Able to save SSL List and Tracking List to individual workspace
• Capable of saving / opening the workspace

🐶 Brief

There is minor improvements should be done after #13

👑 Criteria

• Close alive connections after starting to track specific Domain / App
• Improve layout UI

🐶 Brief

it's the root of problem when causing many UX frustration if the Certificate is deleted or invalid 💥

It's critical to support the Safe-Guard in order to detect automatically and present the appropriate actions.

👑 Criteria

• Detect deleted / invalid certificate in KeyChain
• Show warning and which clients / domains are affected.
• NO -> Don't generate CA, but clear the SSL List
• YES -> Generate CA -> make sure everything is okay 💯

🐶 Brief

The order of Flows is dis-order.

Reproducible steps

1. Open Proxyman
2. Select Safari in ALL section
3. Reload couple pages in in Safari
4. The Flow appears, but sometime, I doesn't respect the order of ID

👑 Criteria

• The order should always be respected.