Skip to main content

Capturing Exchanges with Proxy

API Parrot includes a powerful proxy feature that allows you to capture HTTP exchanges.

How It Works

In a collection, click the Capture Requests button to open the capture dialog. From here you can:

  • Toggle the listening state of the proxy, note that the proxy will only capture requests when it is listening.
  • Launch a chromium-based browser that is configured to use the proxy. Google Chrome is the default browser for this feature
  • View the proxy URL and the CA certificate fingerprint.

When the proxy is listening, all HTTP exchanges that pass the filer criteria (see below) will be captured and added to the collection.

note

On macOS, existing instances of the browser should be closed before launching the browser from API Parrot.

Filter Criteria

To avoid capturing unnecessary exchanges, requests being captured are filtered based on the following criteria:

  • The request extension. For example, in the request to the URL https://example.com/users.json, the extension is .json. For the request to the URL https://example.com/api/v1/users, the extension is blank.
  • The response content type, specified in the Content-Type header.

For a exchange to be captured, the extension must match at least one of the regular expressions specified in Settings > Capture > Whitelisted Content Types and the content type must match at least one of the regular expressions specified in Settings > Capture > Whitelisted Extensions. If the exchange does not match any of the regular expressions, it will not be captured. The software comes with a default set of regular expressions for common content types and extensions, however, you can customize these to suit your needs.

The thought behind this is that you can capture only the exchanges that you are interested in, for example, .css files probably don't contain any useful information about how the API works, so you can exclude them from being captured, saving resources and making the collection easier to navigate.

Configuring the Browser

The browser that is launched by API Parrot is a chromium-based browser that is configured to use the proxy. You can customize the browser by modifying the Settings > Capture > Launch Browser Commands settings. Here you should specify the terminal command that should be used to launch the browser. The arguments will automatically be added after the command specified here.

The arguments that will be added are:

  • --incognito: (if incognito mode is launched) Open the browser in incognito mode.
  • --proxy-server: The proxy server URL.
  • --ignore-certificate-errors: Ignore certificate errors.
  • --user-data-dir: The user data directory for the browser, this is added to avoid conflicts with other instances of the browser.
  • --no-first-run: Skip the first run experience.
  • --no-default-browser-check: Skip the default browser check.
  • --test-type: Set the test type to avoid warnings.
note

The --user-data-dir argument is added to avoid conflicts with other instances of the browser. (It does not seem to work on macOS, which is why existing instances of the browser should be closed before launching the browser from API Parrot.)