zaproxy: Show a more informative message on read timeouts through the proxy
When connecting to https://webchat.freenode.net/ through ZAP (whatever random nickname will do)
And being idle for few minute (being in a channel is not even needed)
Then some requests (that look like heartbeats) will timeout with 504 error
And the response of the request will be
ZAP Error [java.net.SocketTimeoutException]: Read timed out
Stack Trace:
java.net.SocketTimeoutException: Read timed out
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:170)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:930)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
at java.io.BufferedInputStream.read(BufferedInputStream.java:265)
at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78)
at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106)
at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413)
at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source)
at org.apache.commons.httpclient.HttpMethodBase.readResponse(Unknown Source)
at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source)
at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source)
at org.parosproxy.paros.network.HttpSender.send(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(Unknown Source)
at org.parosproxy.paros.core.proxy.ProxyThread.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
Which will lead to an alert box saying “Error: connection closed after several requests failed.” Whereas sending a message will always succeed. Although I couldn’t find the difference between the heartbeat requests and the message requests (except the message of course)
Related to #2399
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Comments: 17 (11 by maintainers)
Or something like: “Failed to connect to site: https:///www.example.com within 20 secs, check to see if the site is available and if so consider adjusting ZAP’s default time out in the Connection options panel.”
As you quoted in the original report:
If we could separately catch SocketTimeoutException for proxied traffic (vs. Active scan or spider), we could supress the stack trace and add something like:
A SocketTimeoutException occurred, consider adjusting ZAP's default time out in the Connection options panel.(Or something like that?)