Skip to content

5. How to manipulate responses

Jump to bottom
Tamás Kőhegyi edited this page Dec 30, 2020 · 7 revisions

Main access and manipulation methods of the responses

By implementing the Response Interceptor, via its process method we will have access to the actual response. The response is available via the org.rockhill.mitm.proxy.http.MitmJavaProxyHttpResponse class. Let's assume that the response will be available via the response variable:

public void process(final MitmJavaProxyHttpResponse response) {
        //here you may work with the "response"
    }

Main manipulation methods are the followings:

Detect if Response is volatile or not

Response volatility (if the responses can be altered or not) shall be declared in advance. The general approach is determined via Proxy settings, but can be overwritten latest during the process of the request. This means, when the response arrives, it is already defined if it can be altered (volatile) or not (not volatile). This method call will let you know the truth:

boolean isResponseVolatile = response.isResponseVolatile();

If it is true, you may alter the response, but if it is false, you just can investigate the message but cannot alter it (even if you try, it won't work).

Header access

Header[] allHeaders;
if (response.getRawResponse() != null) {
    allheaders = response.getRawResponse().getAllHeaders();  //to get all response headers
    }

Header header = response.getHeader(String headerKey); //get response header with the specified key

Header[] headers = response.getRequestHeaders(); //to get all request headers - of course this cannot be altered in response

response.getRawResponse().addHeader(String headerKey, String headerValue); //adds a new or updates an existing response header
Response.getRawResponse().removeHeader(Header header); //removes the specified response header

Content-Type

Get:

String contentType = response.getContentType()

Status Code

Get:

int status = response.getStatus();

Set:

response.getRawResponse().setStatusCode(int statusCode); //set the response status code

Body access

The message body will be accessible as a String, this way:

String body = response.getBody();

Of course, if the request is encoded (like gzip), you need to decode it too.

Body manipulation

The response body can be manipulated too. You must (well) prepare the response as byte[], then use the following approach to update the response:

        byte[] newBody = //prepare your new body
        if (newBody != null) {
            try {
                response.setAnswer(newBody);
                response.getRawResponse().setEntity(new ByteArrayEntity(newBody));
            } catch (IOException e) {
                //ups, were unable to set new response correctly ...
            }
        }

Get Message ID

Every request-response pair has a unique ID generated by the Proxy. With this information the requests can be connected to right responses easily. To get the Response ID, call this method: String messageId = response.getEntry().getMessageId()

Next Step

After accessing and manipulating the request & response, you are ready for a much complex solution...

Clone this wiki locally