Comments on: Charles v2.6.1 released http://xk72.com/blog/2006/12/02/charles-v261-released/ Two specialist fields: weaponry and space medicine. An interesting combination, don't you think? Wed, 07 Jan 2009 20:55:38 +0000 http://wordpress.org/?v=2.7 hourly 1 By: Carl http://xk72.com/blog/2006/12/02/charles-v261-released/comment-page-1/#comment-295 Carl Mon, 18 Dec 2006 01:10:33 +0000 http://xk72.com/blog/2006/12/02/charles-v261-released/#comment-295 Yup, indeed. Thanks for your answers (and reactivity). Carl Yup, indeed.

Thanks for your answers (and reactivity).
Carl

]]> By: Karl http://xk72.com/blog/2006/12/02/charles-v261-released/comment-page-1/#comment-294 Karl Mon, 18 Dec 2006 00:58:58 +0000 http://xk72.com/blog/2006/12/02/charles-v261-released/#comment-294 Ah I see. You're right, there isn't a way to hide the data. Even if you weren't using Charles you could still use a packet capture tool such as Ethereal to see what is being transmitted on the network at a lower level. The only solution is to hide the payload of your requests by encrypting them... that's a whole other issue of course! Ah I see. You’re right, there isn’t a way to hide the data. Even if you weren’t using Charles you could still use a packet capture tool such as Ethereal to see what is being transmitted on the network at a lower level.

The only solution is to hide the payload of your requests by encrypting them… that’s a whole other issue of course!

]]> By: Carl http://xk72.com/blog/2006/12/02/charles-v261-released/comment-page-1/#comment-293 Carl Mon, 18 Dec 2006 00:27:29 +0000 http://xk72.com/blog/2006/12/02/charles-v261-released/#comment-293 Karl, thanks for your answer. Actually, I was thinking about a server side mecanism. Indeed, Charles is very powerfull for web site analysis, and the side effect is that it can also be used (by hackers or whatever) to analyze the information exchanged between the client and the server. So, I was wondering whether there was a way to "hide" some http (get or post) requests, but on the server side. Intuitively, I would say no, as data are anyway transfered ... Do confirm ? Do you have in mind a workaround ? Thanks, Carl Karl, thanks for your answer.

Actually, I was thinking about a server side mecanism.
Indeed, Charles is very powerfull for web site analysis, and the side effect is that it can also be used (by hackers or whatever) to analyze the information exchanged between the client and the server.

So, I was wondering whether there was a way to “hide” some http (get or post) requests, but on the server side.

Intuitively, I would say no, as data are anyway transfered …

Do confirm ? Do you have in mind a workaround ?
Thanks,
Carl

]]> By: Karl http://xk72.com/blog/2006/12/02/charles-v261-released/comment-page-1/#comment-292 Karl Sun, 17 Dec 2006 21:56:53 +0000 http://xk72.com/blog/2006/12/02/charles-v261-released/#comment-292 Hi Carl, You can prevent Charles from saving content using the Ignore domains in the Recording Settings (Proxy menu). That doesn't prevent Charles from seeing the request for other tools such as Rewrite for HTTP headers, however. All of the tools have lists of domain names on which you can selectively use/not use the tool. So for the No Caching tool I suggest only listing domains that you specifically don't want to cache, rather than listing only the exceptions. Please let me know if this doesn't fit what you're trying to do! Kind regards, Karl Hi Carl,

You can prevent Charles from saving content using the Ignore domains in the Recording Settings (Proxy menu). That doesn’t prevent Charles from seeing the request for other tools such as Rewrite for HTTP headers, however.

All of the tools have lists of domain names on which you can selectively use/not use the tool. So for the No Caching tool I suggest only listing domains that you specifically don’t want to cache, rather than listing only the exceptions. Please let me know if this doesn’t fit what you’re trying to do!

Kind regards,
Karl

]]> By: Carl http://xk72.com/blog/2006/12/02/charles-v261-released/comment-page-1/#comment-291 Carl Sun, 17 Dec 2006 21:50:30 +0000 http://xk72.com/blog/2006/12/02/charles-v261-released/#comment-291 Hi, Very interesting software, but I was wondering if there was anyway to prevent Charles form seing (and saving) some content. Indeed, Charles bypasses any anti caching implementation (using HTTP headers) which in some cases, may not be desired. Thanks for you response, Cheers, Carl Hi,

Very interesting software, but I was wondering if there was anyway to prevent Charles form seing (and saving) some content.
Indeed, Charles bypasses any anti caching implementation (using HTTP headers) which in some cases, may not be desired.

Thanks for you response,
Cheers,
Carl

]]>