CHARLES: OVERVIEW OF BUILT-IN TRAFFIC PROXYING TOOLS FOR MOBILE TESTING Текст научной статьи по специальности «Строительство и архитектура»

i Надоели баннеры? Вы всегда можете отключить рекламу.
Ключевые слова

Аннотация научной статьи по строительству и архитектуре, автор научной работы — Osina M.A.

The article provides an overview of the built-in tools for proxying traffic in mobile testing using Charles. The article also covers situations and problems that inevitably arise in testing engineers' daily routine, which can be solved by using the appropriate tools. This article is especially useful for professionals - practicing test engineers involved in testing mobile applications on iOS and Android.

i Надоели баннеры? Вы всегда можете отключить рекламу.
iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.
i Надоели баннеры? Вы всегда можете отключить рекламу.




УДК 004.42

Osina M.A.

National Research University Higher School of Economics

(Moscow, Russia)


Abstract: the article provides an overview of the built-in tools for proxying traffic in mobile testing using Charles. The article also covers situations and problems that inevitably arise in testing engineers' daily routine, which can be solved by using the appropriate tools. This article is especially useful for professionals - practicing test engineers involved in testing mobile applications on iOS and Android.

Keywords: Charles, mobile testing, software testing, manual testing, proxying.

Nowadays there are a lot of technology solutions that allow proxying traffic for mobile testing. The most popular ones among technical specialists are Charles, Fiddler, Proxyman and others. However, there is not much research on the capabilities of these programs in the scientific community, which is why practicing test engineers cannot fully utilize the capabilities provided by programs for proxying HTTP and SSL / HTTPS traffic. One of the most popular programs on the market, Charles, provides ample functionalities for sniffing incoming and outgoing traffic on the device, as well as debugging.

The relevance of this article lies in the fact that there is almost no available information about the capabilities of Charles for mobile testing of applications on iOS and Android platforms in the scientific literature. The official website of the program [1] contains nothing but short text explanations about the purpose of the tools while

there are no practical explanations, instructions and screenshots [2, p. 120-122]. In this article, I would like to highlight the current features of Charles presented in the latest version at the time of the publication of this article. This study will help both beginners and experienced specialists in the field of mobile testing to test the product for compliance with the requirements in the most effective and least time-consuming way.

Charles indeed provides many tools to use. To begin with, let's review those that allow to replace data - a request or a response.

Using the Rewrite tool, you can define sets of rules that will change the selected requests and responses from the Match section to those specified from the Replace section. When creating a rule, the following types of rewrite are available: Add Header, Modify Header, Remove Header, Host, Path, URL, Add Query Param, Modify Query Param, Remove Query Param, Response Status, Body.

Let's see an example where such a feature can be useful to a specialist in the field of mobile testing. We have a certain screen of the application where we want to check that all elements are displayed correctly on the screen. Assuming that the user cannot change the playlist title manually (pic. 1), we need to rewrite data for testing.


Test playlist

Masha Osina > updated 5 minutes ago

# Edit

Pic. 1. Elements on the screen before using Rewrite tool

In Charles menu, open the Tools - Rewrite section. On Rewrite Settings screen, Enable Rewrite and add a new rule with type Body. On this screen, we need to check

that the long title is truncated and displayed correctly on the screen. In Match section, in Value field we replace the parameter "name":"Test playlist" to a new test parameter "name":"Very very long name on test playlist on the screeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeen" in Replace section (pic. 2). Now we need to save and enable this rule.

Pic. 2. Adding new Rewrite rule

Now we need to do a pull to refresh on a mobile device or reopen the required screen. The "name" parameter now comes with a new test value, and it is possible to check that elements on the screen are displayed correctly. A comparison of the results before and after replacing with Rewrite is displayed below (pic. 3). A new title with a large number of characters is displayed correctly, so the task of the test engineer is completed.





Masha Osina > updated 5 minutes ago

Test playlist

Very very long name on test playlist on the screeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee...

Masha Osina > updated 7 minutes ago

# Edit

# Edit

Pic. 3. Elements on the screen before and after applying Rewrite tool

Map Remote and Map Local are the two tools that allow us to do the same thing but in different ways. The purpose of these tools is to map the desired server response on the go, while Map Remote (pic. 4) takes the response from another server (this is convenient if a server response is provided for testing on the test domain). This response replaces the actual server response, so it is possible to mock the behavior that is being tested and to verify that the client behavior is correct.

• Edit Mapping j

Map From

Protocol: https v

Host: example.com

Port: 8888

Path: example_path

Query: example_query

Map To

Protocol: https v

Host: substitute-example.com


Path: substitute_example_path

Query: substitute_example_query

Preserve host in header fields

To map from a path and its subdirectories you must end the path with a To map an entire host leave the path blank.

Cancel OK

Pic. 4. Example of setting Map Remote

At the same time Map Local (pic. 5) allows us to take a replacement response from a locally stored file. The result of using it will be the same - the response of the server, where the client sends requests, will be replaced with a local file, so it is possible to test the new behavior on the client.

Pic. 5. Example of setting Map Local

To make sure that Map Local or Map Remote settings are enabled or disabled, we need to open the Tools tab in the menu bar and pay attention to whether the corresponding menu items are checked. When work with replacement data is completed, it is necessary to turn off the settings so that real server responses are being received from the corresponding endpoint.

The next settings that are useful for a test engineer are Block List and Allow List. Their purpose is easy to explain with the help of each other - if we set some endpoints in the Block List, requests to the corresponding endpoints will not pass, while with the same endpoints in the Allow List will only be allowed. This is a useful tool for a test engineer as it allows us to evaluate the behavior of a mobile application in case of a failure of certain backend services on which the client depends. Various corner cases and even application crashes are identified with the help of this tool.

One of the other test engineers' favorite features is Breakpoint Settings - this tool allows us to set the locations where Charles will stop sending a request or receiving a response and allows us to edit the request or response on the fly. Based on the given task, this tool can be much more flexible and convenient than Rewrite - in Rewrite we need to preset what needs to be rewritten and replaced; breakpoints, on the other hand,

make it possible to edit the request and response on the fly, getting the result of such manipulations right away.

Another essential tool for a test engineer is Compose. Thanks to it, it is possible to edit a request which was already sent to the server, send it again and get a new response from the server. Let's imagine the situation - UI functionality on the client is not fully implemented, so there is no way to send any kind of request from the client, so we have to send a replacement request through Charles. If an incorrect request was initially made and an unexpected response was received, instead of resending the same request again, we can simply edit the previously sent one and get the correct response [3]. Such fixed requests have a pencil icon in the list of requests.

A useful tool for mobile applications testing in Charles is Repeat. It allows us to send the same request again. A similar tool is Advanced Repeat. With its help we can set a certain number of times to send the required request to the server (pic. 6).

Code Meth... Host Path

♦ 200 CONNE.. . apL23andme.com

200 CONNE.. . ssl.google-analytics.com

♦ 200 CONNE.. . mobile-collector, newrelic, cor # # Advanced Repeat

♦ 200 CONNE.. . api.23andme.com

-f- 200 CONNE.. . api.23andme.com Repeat 1 request.

♦ 200 CONNE,. . api.23andme.com

Iterations: 100

■f 200 CONNE.. . api.23andme.com

■f 200 CONNE-- , api. 23andme.com Concurrency: 1

200 CONNE.. . ttam-live-article-images-us-v

200 GET ocsp.r2m01.amazontrust.corn Q Show results in new Session :IY5fo701C

200 CONNE.. . ttam-live-article-images-us-v

Repeat delay (ms): o Use ranges

Filter: Cancel |

Pic. 6. Example of setting Advanced Repeat

This may be helpful in the case when it is necessary to test the flood control in the application. For example, after sending the same request 10 times, we can see a similar screen in the application (pic. 7). This ensures that such type of frequent requests to the backend will be filtered to prevent DDoS attacks or unauthorized use of the API (for example, by bots).


Please confirm that you and not a robot are sending requests

We're sorry, but it looks like requests sent from your device are automated. Why might this happen?

I'm not a robot

Press to continue

Yandex SmartCaptcha • Privacy Notice

if you have any problems, please use the feedback form

Pic. 7. Example of captcha after reaching flood control limit

Finally, another important tool for a test engineer on iOS and Android is Throttling. We can configure its settings in the section Proxy — Throttle Settings. The following parameters settings are available: Bandwidth (kbps), Utilisation (%), Round-trip latency (ms), MTU (bytes), Reliability (%), Stability (%), Unstable quality range (%). There are also ready presets to mock 56 kbps Modem, 256 kbps ISDN/DSL, 512 kbps ISDN/DSL, 2 Mbps ADSL, 8 Mbps ADSL2, 16 Mbps ADSL2+, 32 Mbps VDSL, 32 Mbps Fibre, 100 Mbps Fibre, 3G, 4G (pic. 8).

Pic. 8. Example of setting Throttling preset

We will need this tool to simulate a specific network connection or check test cases with no connection on a mobile device. For example, to make sure that the UI skeleton of the application is displayed with a bad connection, and if there is no network, a placeholder appears to inform about a network error as a result.

In conclusion we can state that Charles provides a wide range of functionalities for industry professionals and experts in testing applications on Android and iOS. The functionality of this program provides tools for sniffing and analyzing the traffic, replacing requests and responses, resending required requests and mocking a specific network connection, which is essential when solving practical problems and performing functional testing of the application. These professional solutions make the work of beginners and experienced mobile testers much easier and more efficient.


1. How to tame Charles Proxy? Habr.com [Electronic resource]: Access mode: https://habr.com/ru/companies/youla/articles/527648/ (date of access 15.06.2023).


3. Welcome. Charles Web Debugging Proxy Application [Electronic resource]: Access mode: https://www.charlesproxy.com/documentation/ (date of access 15.06.2023).

Осина М.А.


Национальный исследовательский университет «Высшая школа экономики» (г. Москва, Россия)


Аннотация: в статье приводится обзор встроенных инструментов для проксирования трафика при тестировании мобильных приложений в программе Charles. Также в статье приводятся ситуации и проблемы, неизбежно возникающие в процессе работы инженеров по тестированию, которые возможно решить путем использования соответствующих инструментов. Данная статья особо полезна в первую очередь профессионалам - практикующим инженерам по тестированию, занимающимся тестированием мобильных приложений на операционных системах iOS и Android.

Ключевые слова: Чарльз, мобильное тестирование, тестирование программного обеспечения, ручное тестирование, проксирование.

i Надоели баннеры? Вы всегда можете отключить рекламу.