Since being introduced to POSTMAN a few years back it’s become one of the main tools I use in my day to day testing and it’s a cracking piece of kit for testing with a lot of great features to boot. For those unfamiliar with POSTMAN it’s an app for Chrome that allows you to create HTTP requests for Web and API testing as well as save requests into collections for future use.
Recently POSTMAN has been extended to include a proxy that will save a copy of each request you make in your browser, when enabled, and is extremely useful for various tasks such as rapidly creating collections of requests and modeling a web application.
However, when I first started to use the proxy I found it a bit tricky to setup due to some security restrictions in Chrome that POSTMAN has to work around. I didn’t find much help on Google or StackOverflow so after a bit of fiddling and complaining I managed to get it working and I thought it would be good to put together a blog post on how to setup the POSTMAN proxy.
Before we start it’s worth saying that POSTMAN is a Chrome application so you will need the Chrome browser installed. If you don’t use Chrome browser there are other tools similar to POSTMAN available (I’m a big fan of BurpSuite, something I may blog on another time).
Install POSTMAN
So if you haven’t already got POSTMAN installed, head over to the POSTMAN site or download it directly from the Google Store. Once installed head over to your Apps page and load up POSTMAN.
Install Interceptor
As I previously mentioned, Chrome has security restrictions in place that limit POSTMAN ability to create requests with custom headers and Cookies (or at least that’s my take on it). So there is an extension for POSTMAN to workaround these restrictions which is an app in it’s own right called Interceptor. We want to install Interceptor which you can grab from the POSTMAN site or again download directly from Google Store.
Once installed you should see an icon that looks like the one below in the top right corner of the browser which indicates Interceptor is installed
Enable Interceptor
With Interceptor installed, click on the traffic light icon to see a popup with a switch set to off. Click on it to turn Interceptor on and you will see a ‘Filter request’ textbox and ‘Last 10 requests’ label appear. There will be no requests yet as we still have to connect POSTMAN to Interceptor.
Connect POSTMAN to Interceptor
Head to POSTMAN and locate the highlighted icon shown below in the top toolbar and click on it
You will see two options. The first is a toggle for Interceptor, click on that to connect POSTMAN to Interceptor. The second is for the proxy and clicking on that will open a popup with proxy settings. We don’t need to change any of the settings for now so simply click on ‘Connect’. If everything has gone to plan the popup will indicate the proxy is setup!
Using the POSTMAN proxy
Now, with everything setup you can open a new Tab in Chrome, navigate to a site and see requests appear in the History tab of POSTMAN as well in the ‘Last 10 requests’ list of the Interceptor app. If you only want a specific domain to be fed through into the POSTMAN proxy you can update the wildcard ‘Filter requests’ setting within Interceptor. For example if you only wanted Wikipedia requests you could update it to ‘en.wikipedia.org’.
And there you have it, POSTMAN proxy setup. Enjoy and feel free to get in touch with me at @mwtestconsult if you’re having any difficulties.