Roku Developer Program

Developers and content creators—a complete solution for growing an audience directly.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 8

Re: Roku device charles set up

Prajwal! It's Tim! We got this working on OSX.


Note: This was tested with OS X 10.10 Yosemite
1) Connect a Cat 5 ethernet cable to your Roku and your Mac's ethernet port (I used the thunderbolt adapter)
2) Go to System Preferences -> Sharing -> Internet Sharing
3) Under "Share your connection from: ", select your WiFi. Then under "To computers using: ", select Thunderbolt Ethernet.
5) Start up Charles and take note of the HTTP Proxy port set under Proxy Settings, by default its 8888. Make sure "Enable transparent HTTP Proxying" is checked.
6) To route all traffic to the Charles proxy, we need to set the following Port Forwarding rule in the OS X terminal:
echo "
rdr pass inet proto tcp from any to any port http -> 127.0.0.1 port 8888
rdr pass inet proto tcp from any to any port https -> 127.0.0.1 port 8888
rdr pass inet proto udp from any to any port http -> 127.0.0.1 port 8888
rdr pass inet proto udp from any to any port https -> 127.0.0.1 port 8888
" | sudo pfctl -ef -
After hitting enter it will prompt you to enter your machine password
7) Connect the Roku to WIred (Ethernet) in the Network settings, and you should get a prompt to accept a connection in Charles once an internet request is made on the device
8-) Note the Roku IP so you can debug using telnet
0 Kudos
Highlighted

Re: Roku device charles set up

Has anyone figured out how to replicate this in Windows? Beating my head on the wall at this point...

Thanks
0 Kudos
Highlighted
Level 7

Re: Roku device charles set up

"tim_beynart" wrote:
Prajwal! It's Tim! We got this working on OSX.


Note: This was tested with OS X 10.10 Yosemite
1) Connect a Cat 5 ethernet cable to your Roku and your Mac's ethernet port (I used the thunderbolt adapter)
2) Go to System Preferences -> Sharing -> Internet Sharing
3) Under "Share your connection from: ", select your WiFi. Then under "To computers using: ", select Thunderbolt Ethernet.
5) Start up Charles and take note of the HTTP Proxy port set under Proxy Settings, by default its 8888. Make sure "Enable transparent HTTP Proxying" is checked.
6) To route all traffic to the Charles proxy, we need to set the following Port Forwarding rule in the OS X terminal:
echo "
rdr pass inet proto tcp from any to any port http -> 127.0.0.1 port 8888
rdr pass inet proto tcp from any to any port https -> 127.0.0.1 port 8888
rdr pass inet proto udp from any to any port http -> 127.0.0.1 port 8888
rdr pass inet proto udp from any to any port https -> 127.0.0.1 port 8888
" | sudo pfctl -ef -
After hitting enter it will prompt you to enter your machine password
7) Connect the Roku to WIred (Ethernet) in the Network settings, and you should get a prompt to accept a connection in Charles once an internet request is made on the device
8-) Note the Roku IP so you can debug using telnet


This method worked for me and I see the http call without any error in charles but https calls does not work. Roku does not have option to install the charles certificate in Roku device. Do you have any input for https:// calls
0 Kudos
Highlighted
Level 8

Re: Roku device charles set up

This method worked for me and I see the http call without any error in charles but https calls does not work. Roku does not have option to install the charles certificate in Roku device. Do you have any input for https:// calls


we are trying to work out https, apparently you have to install the cert using Brightscript and forward all traffic to Charles. I'll post once we get it to work.
0 Kudos
Highlighted
Level 8

Re: Roku device charles set up

I had no luck getting https to work with Charles. I have the iptable rules set up in a DDWRT router and route all traffic to the ip hosting Charles.  I have the Charles cert in my app and point to it using "setCertificatesFile" for each instance of roUrlTransfer. But the secure traffic just shows up as blank lines with "invalid first character" errors.
I am out of my depth here, if anyone has figured out how to capture https then please let us know!
0 Kudos
Highlighted
Level 7

Re: Roku device charles set up

+1 on this topic guys. Any help wrt getting https calls to show in Charles is much appreciated.

Here is what our test setup looks like-
- A mac with ethernet in connected and wifi sharing enabled.
- Charles proxy running on the mac.
- A roku device connected to the mac's hotspot.
- Following rules added to NAT table so that traffic is redirected to Charles:
rdr on bridge100 inet proto tcp from 192.168.2.0/24 to any port = 80 -> 127.0.0.1 port 8888
rdr on bridge100 inet proto tcp from 192.168.2.0/24 to any port = 443 -> 127.0.0.1 port 8888

If the app does not have the Charles certificate, the https calls just fail. So we have to comment out the entry for redirecting port 443 traffic.

I am wondering how can we install the Charles certificate on the Roku device itself (like on iOS/Android), so that any app using https on that roku will trust the certificate and we can see its traffic in Charles. 
0 Kudos
Highlighted
Level 8

Re: Roku device charles set up

I have not gotten this to work for HTTPS at all. I tried every way to install a Charles cert I could think of, as did multiple other people here at work.
Wireshark is an option to at least see the HTTPS requests happening (not decrypted), but it it hideous to work with. Charles is part of our workflow for all other devices and platforms, I really wish Roku would add the ability to define a proxy like iOS and Android.
We reached out to Roku for assistance and are waiting for some guidance. 
0 Kudos
Highlighted
Level 7

Re: Roku device charles set up

+1.  Anything from Roku on this?
0 Kudos
Highlighted
Level 8

Re: Roku device charles set up

I'm 99% sure that you cannot do this.
The entire purpose of HTTPS is to prevent this.
Tyler Smith
0 Kudos
Highlighted
Level 8

Re: Roku device charles set up

Care to explain why? You can easily set up MITM with Charles on desktop. I am not a networking guru, so I would love a simple explanation of why this is impossible on a Roku.
0 Kudos