CONNECT tunnel receives TLS/HTTP data but session is missing from UI #2576
Description
Description
When using Android Emulator with an HTTP proxy, Proxyman fails to display some domains in the capture UI that are visible in tools like Charles, despite Proxyman receiving and forwarding the traffic.
Running the same Proxyman version inside a macOS VM on the same host makes the missing domains appear, with no changes to the emulator, app, or traffic — only the proxy IP changes.
This points to a host-macOS–specific session attribution / promotion issue rather than a proxy, emulator, or network problem.
Steps to Reproduce
Host macOS
- Proxyman:
10.0.2.2:9090 - Charles:
10.0.2.2:8888
macOS VM on same host
- Proxyman:
10.211.55.13:9090 - Charles:
10.211.55.13:8888
Reproduction script
APP_ID=jp.co.omron.healthcare.omron_connect
for port in "9090" "8888"; do
for ip in "10.0.2.2" "10.211.55.13"; do
adb shell settings put global http_proxy "${ip}:${port}"
adb shell am force-stop "${APP_ID}"
adb shell pm clear --cache-only "${APP_ID}"
adb shell monkey -p "${APP_ID}" -c android.intent.category.LAUNCHER 1
adb shell sleep 20
done
donePacket-level verification
Proxyman does receive and forward the traffic, confirmed via tcpdump on the proxy port:
sudo tcpdump -i lo0 -n -s0 -A \
'tcp port 9090 and (((tcp[tcpflags] & (tcp-syn|tcp-fin|tcp-rst)) == 0))'Example output for a domain missing in Proxyman UI
06:10:58.252291 IP 127.0.0.1.58423 > 127.0.0.1.9090: Flags [P.], seq 0:493, ack 1, win 6380, options [nop,nop,TS val 2131942056 ecr 1392914627], length 493
E..!..@[email protected]#....Hi..............
....S.0.GET http://data-sg.omronconnect.com/ HTTP/1.1
Host: data-sg.omronconnect.com
Proxy-Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
06:10:58.252325 IP 127.0.0.1.9090 > 127.0.0.1.58423: Flags [.], ack 493, win 6373, options [nop,nop,TS val 1392914639 ecr 2131942056], length 0
E..4..@.@...........#..7i......5.....(.....
S.0.....
06:10:58.848713 IP 127.0.0.1.9090 > 127.0.0.1.58423: Flags [P.], seq 1:352, ack 493, win 6373, options [nop,nop,TS val 1392915235 ecr 2131942056], length 351
E.....@.@...........#..7i......5...........
S.3#....HTTP/1.1 403 Forbidden
This shows:
- The request reaches Proxyman
- Proxyman forwards it and returns a response
- TCP/TLS flow is healthy
- No corresponding session appears in Proxyman UI on host macOS
Expected behavior
Any CONNECT or HTTP tunnel that Proxyman accepts and forwards (with active data flow) should appear in the capture UI, as it does in Charles and in Proxyman when run inside a macOS VM.
Actual behavior
Some domains (e.g. data-sg.omronconnect.com) are missing from Proxyman UI on host macOS, despite confirmed traffic on the proxy socket.
Environment
- VM vs host difference isolates the issue to host macOS behavior
- Proxyman Version 6.3.0 (60300) | macOS: Version 15.7.3 (Build 24G419)
- Android emulator version 36.3.10.0 (build_id 14472402) (CL:N/A)
Image: Google APIs ARM 64 v8a System Image | system-images/android-33/google_apis/arm64-v8a
Screenshots
-
charles vs proxyman (host):
-
charles vs proxyman (vm):
