A Zaproxy script template for rewriting proxied HTTP requests.
Rewriting proxied requests is useful when debugging and developing web services and you cannot control which server the client is connecting to (but you can control the client HTTP proxy settings). This is not unlikely when diagnosing issues with web services being consumed by third-party mobile applications.
See Debugging SSL on Both iOS Devices and Simulators with Man-in-the-middle Proxies for help getting started using Zaproxy to debug HTTP traffic from a mobile device.
See the Zaproxy Scripts wiki page for more general information on Zaproxy script extensions.
This script has been tested with Zaproxy version 2.2.2.
GPL v3.
Copy proxy-rewrite.js into the $ZAP_HOME/scripts/proxy
directory.
Create a new script from the "scripts" tab. Choose type "proxy" and template
"proxy-rewrite.js". Open the new script in the "script console" tab. Define your
rewrite rules by editing the REWRITE_RULES
variable. How to create rewrite
rules is described in the template comments.
You must explicitly enable the script before it will be executed. Note, any errors in the script will automatically disable it when executed.