http-server with self-signed certs and enabling support in Chrome

To test loading a site locally with http-server you need to generate self-signed certs:

openssl req -newkey rsa:2048 -new -nodes -x509 -days 365 -keyout key.pem -out cert.pem

Now start up http-server using the new cert:

http-server -S -C cert.pem -o .

If you attempt to browse https://localhost:8080 though, Chrome will block self-signed certs by default. To allow self-signed certs, enter in your Chrome address bar:


And then enable the highlighted setting:

Fiddler – monitor HTTP requests from your browser

Fiddler is invaluable for monitoring HTTP requests from your browser. If you’re investigating HTTP header usage and the effort on caching static content, Fiddler is definitely the way to go, since using the Developer Tools in IE, Chrome or FireBug in Firefox don’t always give you an accurate picture of the actual outgoing HTTP requests. IE is the worst… its developer tool shows HTTP requests going out even though the files are being retrieved from cache. If you really want to see what’s going on then you need something like Fiddler.

To review requests against a server running locally (against localhost), there’s a number of tips in the docs here, but the simplest approach seems to be to use your own IP address (actual address, not instead of localhost or any of the other approaches listed on this page. It works without any other changes.

Extracting cookies using Javascript

Cookies in the current page can be extract using Javascript using ‘document.cookies’ which returns a ‘;’ separated String of all the current cookie values.

You can parse the values with some script like this:

function getCookie(name) {
    var result = '';
    var cookies = document.cookie.split(';');
    for ( var i = 0; i < cookies.length; i++) {
        var cookie = cookies[i].split('=');
        if (cookie[0].replace(/^s+|s+$/g, '') == name)
            result = cookie[1];
    return result;