I use Charles proxies (under OS X 10.9.3, Mavericks) to change the Origin header so that the API (in development) connects to receiving requests from the development environment.
I managed to make this work a simple rewrite rule, and everything worked until today.
The current problem is that the browser does not connect to the proxy (configured by Charles). In the Failure field in the request, it says: "The request was not made. Perhaps the SSL certificate was rejected" and below in the "Notes" field: "Perhaps you need to configure the browser to trust Charles CA SSL certificate" ..
I have done this already and it worked perfectly. Since then, I have not changed anything in Charles's configuration. That I tried to make it work:
- Uninstall and reinstall the Charles certificate .
- Try the same in the following browsers: Chrome Canary, Chrome stable, Safari, and Firefox.
- Use an HTTP proxy server instead of an extended SOCKS proxy server.
I also made sure that the Charles certificate is always trusted regardless of the default value:
access to the key chain http://f.cl.ly/items/2G1n1q212U1J0a022R1i/Screen%20Shot%202014-05-19%20at%2017.26.57.png
Not sure if this is the key to the solution, but when I go to the api directly with Charles turned on, I see the following:
The API is indeed hosted on the Windows Azure platform, but I donβt understand why the Charles certificate (since Charles acts as a person in the middle, showing his certificate in the browser) is issued in *. azurewebsites.com, not the actual host.
, (, api.example.com) , *.example.com.
- , , .
.
. Origin ( , /):
GET/xxx HTTP/1.1
: api.example.com
: keep-alive
Cache-Control: max-age = 0
Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, image/webp,/; q = 0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, , Gecko) Chrome/35.0.1916.114 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-: en-US, en; q = 0.8, hu; q = 0.6
:...
: https://acceptable.host.com
:
HTTP/1.1 400 Bad Request
Content-Length 46
Content-Type/json; = UTF-8
Microsoft-IIS/8.0
X-Powered-By ASP.NET
Set-Cookie ARRAffinity = ; Path =/; Domain = api.example.com
, 21 2014 07:58:02 GMT