ezProxy issue displaying page with Angular application

[AndreasDamen]

I've been using the EZProxy with success. But now that i am testing an angular application all i get on my blablabla.ezxss domain is as follows:

...snip...
<html>
<body>
<!--StartFragment-->
<body>
--
  | <bootstrap></bootstrap>
  | <div class="preloader">
  | <div class="preloader-progress">
  | <div class="preloader-progress-bar">
  | <div class="preloader-progress-bar-value"></div>
  | </div>
  | </div>
  | </div>
  | <script type="text/javascript" src="/configuration/spa.js"></script>
  |  
  | <noscript>Please enable JavaScript to continue using this application.</noscript>
  | <link rel="modulepreload" href="chunk-NBWWZHEZ.js"><

<!--EndFragment-->
</body>
</html><body>
        <bootstrap></bootstrap>
        <div class="preloader">
            <div class="preloader-progress">
                <div class="preloader-progress-bar">
                    <div class="preloader-progress-bar-value"></div>
                </div>
            </div>
        </div>
        <script type="text/javascript" src="[/configuration/spa.js](http://blablabla.ezxss/configuration/spa.js)"></script>

        <noscript>Please enable JavaScript to continue using this application.</noscript>
    <link rel="modulepreload" href="[chunk-NBWWZHEZ.js](http://blablabla.ezxss/chunk-NBWWZHEZ.js)"><
...snip...

The favicon and page title load correctly in the top of the tab which tells me it's still working for the most part.

[AndreasDamen]

It seems like some js files are loaded and others return the following:
No response received from client with client ID "blablabla".

When i try to open the files they do load, so it seems like there is some kind of delay, and the files are not loaded in time. Which files are loaded and which are not is also different each request.

[ssl]

Are you using Pass origin requests through proxy or not? And what are the results when you do the opposite?

About files probably not being loaded on time and dropping might be a bug that can be fixed, but I've not seen it before. Any more details you could share about it?

Also would like to add that the way the persistent mode works, pages that are mostly build out of javascript and have a lot of components loading or managing forms, buttons etc. tend to break when using the persistent mode. There are just too many edge-cases that arise with these webapps.

[AndreasDamen]

i was using Pass origin requests through proxy. After trying without it the issue still persists. I cant share much as im testing for a customer.

As you can see some of the js files load and some do not. Which ones load and which do not is different each time.

Here you can see the js file did not load:

However when i open it it has loaded:

To me this suggests that the file is not available before an attempt is made to load it.

[ssl]

I cant share much as im testing for a customer.

I understand.

Are you currently using the session of a customer or do you have a session yourself that you can inject the persistent proxy on?

Reason I'm asking is I'm curious if the 'infected browser' is receiving the URLs to fetch from ezXSS at all, and something goes wrong fetching or delivering them (on time), or the ezProxy fails to request those URLs from infected browser.

It can also be a (a)sync issue. If so I'm sure it can be fixed. Please debug and share as much as you find possible, and I will look at the code to fix it :)

[AndreasDamen]

I have a session myself that I can inject the persistent proxy on.

Infected browser: does show requests when i try to access the blablabla.ezxss domain over the ezproxy (all seem successful, i highlighted one per example):

The highlighted js file does not load correctly through the proxy site, even tough it seemes ok from the victims point of view:

Once again if i navigate to the js file that failed it seems to be accessible:

[ssl]

Ok, so the infected browser is requesting the file. Is it also sending the content over via the websocket?

And, are the responses you getting actually 0 B or is the content 'No response received from client with client ID ...' like you said previously?