How can i intercept third-party https request call, block it from going out and send my own response? Is it possible to do?

Question

I can log all outgoing api calls to third parties that happen via sdk functions, but I need to prevent them from going out and provide my own custom answer instead. I know there are services like Nock that I could utilise, but they aren't appropriate for my needs. Alternatively, if someone can explain how Nock intercepts all outgoing requests and replaces them with the dummy response we've provided if the api matches the pattern defined, that would be great.

Answer 1

The only foolproof mechanism would be to set up a proxy as a separate process that all outbound connections go through by hooking into the OS. This could either be done on your existing server or as part of your network gateway infrastructure (e.g. at the network level). This is something similar to what network sniffing apps like Ethereal or Wireshark do.

Otherwise, you can attempt to patch various entry points in the nodejs libraries such as http.get() and http.request() (and the https counterparts) to intercept the various ways that the 3rd party library could use the nodejs library to make an outbound connection from our app (this is what Nock does). This would not be entirely foolproof because a third party library could use their own native code module that bypasses the built-in nodejs library to do its own networking, but it would be the usual way that third party code makes outbound http requests.

This http interceptor also wouldn't cover other types of TCP or UDP connections unless you also tried to intercept them through their library interfaces.

You can look at this fairly low level library node-request-interceptor for a start on doing http intercepting.