CertPal

There are times when you work with SSL traffic. Your website might be protected with a certificate so that traffic between you and the client is secure. At times like this, being a developer is troublesome. Browser cache settings need to be analyzed by looking at the HTTP headers. Encoding / Content type may need to be analyzed to ensure that a particular page is displayed correctly. These things cannot be looked into if the traffic is secure. There are situations under which the environment is secure but you must still sniff the data. So how do you manage this ?

Tools like Charles (A debugging proxy) help you do this. Charles allows you to proxy to a secure connection over a protocol like HTTPS and still read the traffic. So how does it do this ? Lets have a look.

Your environment probably has a self signed certificate like the one issued below, using keytool.

I chanced upon a post a while back about how a switch statement should be replaced with the strategy pattern. If you have not had a chance to go through it, please do. The post is not very long.  I found myself disagreeing very strongly with the author of the post and I was surprised to find that people thought this was a good idea.

The gist of the post was that using the Strategy pattern was better than using switch statements to determine which logic to execute. Here is why I think the idea used there was bad

1. The introduction of the Strategy pattern, in the example, introduces three new classes. So for every case in a switch statement, we should go about replacing the corresponding code with a new class ? This could easily lead to an explosion in the number of classes.