🚀 Requestly is now SOC 2 Compliant! Ensuring top-notch security and privacy for your data.
Product
Solutions
Pricing
Resources
Docs
Sign Up
Insights
Product Updates
Use Cases
Announcements
Case Studies

How to Inspect & Modify HTTP Traffic from Android Apps

Siddhant Varma
November 7, 2024
4MIN READ
Modern app development has made it quintessential for front-end developers to be equipped with tools that help them develop, test, and ship their apps quickly. In this article, let’s see how you can use Requestly to Capture & Modify Android traffic
Inspect network traffic for android

Most Android apps use HTTP to get data, load content, and communicate with servers. By capturing and changing these network requests, you can see how apps work, fix issues, and even control their behavior.

Requestly is a popular, open-source tool for developers that helps them capture and modify traffic from browsers, Android apps, iOS apps, and more. It allows developers to troubleshoot, test, and alter API requests and responses seamlessly.

In this blog post, I’ll show you how to use Requestly to capture network traffic and modify API responses in Android apps. We’ll start with some basic setup steps and then move on to a detailed, step-by-step guide.

Setup

To connect your Android device with the Requestly desktop app, follow these steps

  1. First, Install the desktop app from
here

Other Browser Extensions

Desktop Clients

  1. Once installed, open the Requestly desktop app and click on Connect apps
  2. Then, choose the Mobile apps and browsers section.
  3. Then, choose the Android External Device option and click on Setup Instructions

Now that we have completed the basic setup, let’s move on to the steps for setting up Android Device.

Step 1: Set up Proxy

Let’s first configure a manual proxy for our WiFi on our Android Device with the below steps 👇

  1. Open your WiFi settings and go to the currently selected WiFi.
  2. On the top right, you should see an option to edit the settings. Click on the edit icon.
  3. Next, you should see a list of settings for your current WiFi. We want to set a manual proxy for this WiFi, so select the “Manual” option under the “Proxy” option.
  4. Add the Host and Port as suggested by the Android Setup guide on your Requestly app.

Here’s the step-by-step demonstration on an Android device 👉

If you’ve done the above steps correctly and configured a proxy successfully, you should see the following page when you visit the URL http://amiusing.requestly.io/ (Please note HTTP and not HTTPs here) on your device.

amiusing1-mobile - Capture & Modify Android traffic
amiusing2-mobile -Capture & Modify Android traffic

Now that you’ve installed a proxy on your device, and you can listen to HTTP(s) traffic, let’s add a certificate on your device so that you can also listen to HTTPs traffic.

Step 2 : Download certificate

  • Open Incognito window in your browser
  • Go to http://requestly.io/ssl (⚠️ Use http here, not https)
  • This will download RQProxyCA.pem.cert

Step 3 : Trust Certificate

  • Open Trusted Certificate Settings by navigating to Settings -> Security -> Encryption & Credentials -> Install a Certificate -> CA Certificate.
  • To install this certificate, select 
  • Install Anyway and select the certificate RQProxyCA.pem.cert.
  • To verify Certificate trust settings are now active, go to Trusted Credentials -> UserRQProxyCA should be present here. Alternately, you may simply begin submitting requests and watch as they are logged in the Requestly Network Tab.
    install certificate - Network Requests in Flutter

    Step 4 : SSL Pinning​

    Make sure to remove these in production builds

    Add these configs to your app codebase for it to work

    1. Add res/xml/network_security_config.xml
    				
					<network-security-config>
  <debug-overrides>
    <trust-anchors>
      <certificates src="user"></certificates>
      <certificates src="system"></certificates>
    </trust-anchors>
  </debug-overrides>

  <base-config cleartexttrafficpermitted="true">
    <trust-anchors>
      <certificates src="system"></certificates>
      <certificates src="user"></certificates>
    </trust-anchors>
  </base-config>
</network-security-config>
    1. Add to AndroidManifest.xml
    				
					<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
    <application android:networksecurityconfig="@xml/network_security_config" ...>
    ...
    </application>
</manifest>

    Capturing Traffic from Android app

    In this section, I will show you how to capture traffic from the open-source app Pokedex, which you can find on GitHub. Capturing traffic allows you to see how the app communicates with its servers, helping you understand its API calls and responses.

    Here are the simple steps to get started with this process:

    Step 1 : Launch the App

    Launch - Capture & Modify Android traffic
    android-demo-before - Capture & Modify Android traffic

    Step 2 : Interacting with the App

    Perform actions within the app (e.g., navigating through different pages) to trigger API calls.

    Step 3 : Check Requestly App

    Go to Requestly app, where you’ll see the traffic being captured by the app.

    • All API calls made by the app to its servers will be displayed.
    • You can view specific API calls, inspect their responses, headers, and even modify them.
    capturing-traffic-android - Capture & Modify Android traffic

    Modifying API Responses in Android app

    To modify API responses, first, right-click on the API request you want to modify in Requestly and choose Modify Response Body.

    modify-response-android

    In the Static Data section, locate the property you want to edit. For example, if you want to change the “Name,” find that part in the response. You can then change the “Name” to anything you like (e.g., “Testing“).

    modify-response-android-rule

    After you save the changes, go back to the app, and you’ll immediately see the new information.
    This lets you test how the app works with the updated data.

    android-demo-before - Capture & Modify Android traffic
    android-demo-after

    Conclusion

    Android development can be challenging without knowing what’s going behind the scenes, I hope you have better visibility on your apps with Requestly. Control over the network requests and feature to modify them gives you even more power, you can easily simulate edge cases like delays in requests, error responses, modified response or request body & modified query parameters etc. You can even connect your apps to a different environment(like staging or dev) without making any changes to your code.

    Siddhant Varma
    Siddhant is a technology-agnostic engineer passionate about creating utility-rich and user-friendly software. I love sharing my learning about new tools, frameworks and technologies with the developer community.

    Contents​

    Subscribe for latest updates​

    Share this article

    Related posts

    Our journey to finding Product-Market Fit
    Sachin Jain
    December 5, 2024
    How Blockthrough uses Requestly to seamlessly test their JS on publisher websites
    Sagar Soni
    December 4, 2024
    The Best Open Source API Mocking Tool for developers (With examples)
    Anmol Baranwal
    December 2, 2024