HTTP Toolbox

As Web Developers, we need to know how to work with HTTP from every angle. I gave a 2-hour tutorial at PHP UK that included some of my most trusted tools - but it was sold out and a bunch of people asked me if there was video (there wasn't, tutorials make little sense when videoed). Instead, I thought I'd try to set out a self-study version of the workshop (I rarely teach these days so I'm unlikely to deliver it anywhere else).

There's a slide deck, some exercises and a sample repo on GitHub ... let's dive in! Continue reading

Install CharlesProxy CA Certificate on Android

I use Charles Proxy extensively for debugging all kinds of applications, and lately I've been using it more with mobile devices. One of the killer features of Charles is its ability to intercept SSL traffic. This is hard - and rightly so, it should be difficult to inspect SSL traffic!

Charles handles this by using the server's SSL certificate for the connection from Charles to the remote server, and then using Charles' own SSL certificate for the "last mile" back to your browser or device. This means that the connection will be flagged as insecure; Charles' certificates aren't trusted by your browser or device - but we can easily change that. Continue reading

Using Charles To Debug PHP SOAP

I used this trick to solve a particularly sticky problem last week, so I thought I'd share. I had a 3rd party SOAP service (except it was actually a .NET WCF service, which is almost SOAP but not quite) which didn't behave in accordance with the way its documentation said it would. PHP's SoapClient has the ability to enable tracing and give information about the request/response headers/body, which is useful, but I needed to store the outputs and also rewrite a particular request header during the course of debugging this. Enter: Charles Proxy. Continue reading