Sometimes it might be useful to log each and every URL that is accessed through your Mozilla Firefox web browser. It might be for security, auditing or other reasons that you want to log accessed URLs. I developed the HTTP Request Logger add-on in order to track and discover a malicious web page that triggered the CVE-2010-4452 vulnerability in Oracle Java through a specially crafted applet tag and a respective Java applet class. You can download and install the add-on from here: HTTP Request Logger. You can also view the project on GitHub: prekageo/http-request-logger.
The add-on implements a JavaScript XPCOM component. This component is registered in chrome.manifest. The component registers an observer for http-on-modify-request topics. The observer’s callback function is called when a new HTTP request is ready to be sent. The function appends into a simple text file located on the user’s desktop a line consisting of the referrer, HTTP method and URL of the HTTP request.
Prekageo's Blog 
August 9, 2011 at 5:47 pm |
nice work, still it needs more attention !
as there is a lot of data it should be separated between time intervals, for example log between 17.00 and 18.00 then new chapter for the period between 18.00 and 19.00 etc. calendar view with dates perhaps?
also choosing options where to save the log file would be nice, its not always good to have it on a desktop
keep improving it!
A. Magno
August 22, 2011 at 9:09 pm |
How does it work? I installed it and after restarting FF I can only DISABLE or REMOVE this extension.
How do you turn ON and OFF logging? Where do you enter the filename to save the logs to? Is there a default filename predefined?
I am using Linux (OpenSuse 11.4) with Firefox 5.0.
Thanks and greetings from Kosovo š
August 23, 2011 at 5:52 am |
A new file should appear on your desktop. This file contains the log of your HTTP requests. Right now, it does not have a feature to turn the logging on and off. The filename is hardcoded inside the code.
September 11, 2012 at 4:33 pm
well, that’s a big downside…
September 11, 2012 at 5:28 pm
The project is open source (https://github.com/prekageo/http-request-logger). Feel free to modify it as you wish.
November 16, 2011 at 10:55 pm |
Hi,
I’m on Windows 7 with FF 8, and nothing is written to my desktop. Any idea ?
Thx š
November 17, 2011 at 8:55 am |
I just checked with Windows XP SP3 and FF 8. It works. Could it be a security issue on Windows 7? You can download Process Monitor (http://technet.microsoft.com/en-us/sysinternals/bb896645), run it, then run Firefox and search the ProcMon logs for the filename http-request-log.txt.
November 17, 2011 at 5:37 pm |
That’s it, I see “FAST IO DISALLOWED” on win 7. but no problem on xp.
Also, would be awesome to have the posted fields when there is a POST request done ;).
December 3, 2011 at 1:31 am |
Needs configuration options, like choosing where to save the log file. I’d rather not have my employees covering up their web surfing by deleting the file.
January 29, 2012 at 11:53 am |
I couldn’t find the file where it’s supposed to write the log. I’m using Firefox on Linux.
But really, how is that you don’t mention were the file is saved, how is that you expected people to know? I want to insult you but, hey I know, you do it for free. So thanks anyway.
January 29, 2012 at 12:52 pm |
Please read the last paragraph of the post. This is a toy project. It is mostly oriented for developers and not end users. Thanks for your interest anyhow.
February 10, 2012 at 9:13 pm |
Hi,
can’t find the file either. The reason appears it’s failing to load. The error log shows:
Warning: Warning: Ignoring unrecognized chrome manifest instruction.
Source File: file:///home/[REDACTED]/extensions/http-request-logger@prekageo/chrome.manifest
Line: 1
Source File: file:///home/[REDACTED]/extensions/http-request-logger@prekageo/chrome.manifest
Line: 2
Source File: file:///home/[REDACTED]/extensions/http-request-logger@prekageo/chrome.manifest
Line: 3
Failed to load XPCOM component: /home/[REDACTED]/extensions/http-request-logger@prekageo/components/httpRequestLogger.js
No other errors for this extension. The file has three lines and appears correct, with contents:
component {c4a9bb50-b9b2-11e0-a4dd-0800200c9a66} components/httpRequestLogger.js
contract @prekageo/HttpRequestLogger;1 {c4a9bb50-b9b2-11e0-a4dd-0800200c9a66}
category profile-after-change HttpRequestLogger @prekageo/HttpRequestLogger;1
Firefox 3 though, but it’s within the allowed installed versions in the rdf.
February 11, 2012 at 11:47 am |
Thanks for bringing this issue into my attention. This add-on is purely for development purposes and apparently it is not compatible with Firefox 3. Feel free to manipulate it as you’d like. You can also send me a patch.
March 21, 2012 at 5:50 pm |
Nice toy… btw.: I can confirm it works with FF 11.0 on Win7 Ultimate x86.
May 24, 2012 at 7:48 pm |
you can get it to work if you update the supported FF version in install.rdf. Very nice utility as it shows exactly how to intercept network traffic and even log it. Nice work!
August 15, 2012 at 12:26 pm |
Logging both POST data and headers would also be great. Is this project open source and would you accept patches?
August 15, 2012 at 3:21 pm |
Hi Dennis! The project is open source. I’ve just created a GitHub repository (https://github.com/prekageo/http-request-logger). You can, also, propose a license for this addon, if you’d like.
December 14, 2012 at 7:18 pm |
where is the log file on mac os ???????
December 14, 2012 at 8:32 pm |
On your desktop? Otherwise check your home folder. If that doesn’t work, search for a file named http-request-log.txt.
September 13, 2013 at 4:31 pm |
[…] https://shiftlock.wordpress.com/2011/07/30/http-request-logger-add-on-for-mozilla-firefox/ […]
November 2, 2014 at 2:07 am |
good ext. but why enable/disable logging need to restart browser ? that sucks dude.
June 1, 2015 at 4:49 pm |
Do you know if there is a way to only log the links or bookmarks the user clicked and the URLs the user entered? (thereby omitting the ‘includes’ that belong to a page, such as css/js/png files or html pages referenced from the first page loaded)
November 15, 2015 at 10:50 am |
Really good tool for discovering domains to add to cookie and useragent blocker exception whitelists. Many thanks amigo š
December 14, 2015 at 1:27 am |
Good evening, I think this add-on is very useful, but I would like to set a modification in the code to customize the log file directory. Can you suggest me why using the command-line jpm tool, and pasting the code (https://addons.mozilla.org/it/firefox/files/browse/127691/file/components/httpRequestLogger.js#top) of the js component in the retouched source of the addon, it results installed on Firefox, but does not work? (i.e. the log file does not appear on the Desktop — in the preliminar test, I have left unchanged your code)
December 14, 2015 at 7:07 am |
I am not familiar with the jpm tool. I’ve developed the addon using the old conventional way of writing Firefox addons.
December 14, 2015 at 9:17 am
Hi prekageo, what is the conventional way? Have you used some additional components to JS code (eg. C/C++ libraries etc.)?
December 14, 2015 at 9:22 am
Download the XPI, unzip, modify, zip and use.
July 2, 2016 at 2:15 am |
Interesting tool, even to a nube like me! I use it with Win10 + Palemoon 26(FF). When I first viewed your log using notepad all was black and unseparated- not cool, then after finishing the clean install I installed Editpad lite. Now each line is separate, urls are click-able links! My primary use is similar to nerys hughes, in avast EP – tools it has ‘SiteBlocking’. A little help here: Occasionally a site will re-direct to a page that loudly states a Virus has been download( not an AV response)- scares the sh*t out of me when it happens!!!
If any of you learned people could help on this please add a note below my entry, if that’s OK? THANKS!
October 25, 2016 at 3:36 am |
The file is http-request-log.txt on the Desktop.