Skip to content

Conditional breakpoint rules — match by headers, status, body, not just URL #269

Description

@phaser

Description

Shmoxy's breakpoint rules only match on method + URL substring. Users cannot set breakpoints based on headers, body content, status codes, or other request/response attributes.

What Competitors Offer

Burp Suite — Intercept rules support matching on: URL, host, method, request headers, request body, response headers, response body, status code, MIME type, file extension. Rules combine with AND/OR logic.

Charles Proxy — Breakpoints support host, path, and query matching. Also supports response breakpoints (not just request).

OWASP ZAP — Breakpoint conditions on URL, method, and custom criteria via scripts.

Current State in Shmoxy

Suggested Approach

  1. Extend BreakpointRule with additional match criteria: header name/value, body content pattern, content-type
  2. Add a condition builder UI (not just method + URL fields)
  3. Support AND composition of criteria (all must match)
  4. Keep the simple "break on this URL" shortcut for quick use

Priority

Medium — The current simple matching covers common cases, but power users need more precise control to avoid breaking on every request to a busy host.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions