Frida HTTP Module
raw JSON → 3.0.0 verified Thu Apr 23 auth: no javascript
Frida-http is a module designed to provide Node.js-compatible `http` and `https` client functionality within Frida's GumJS runtime environment. Version 3.0.0 is the current stable release, tightly integrated into the broader Frida ecosystem, with its release cadence generally aligning with major Frida framework updates. This module is primarily used by `frida-compile` to enable the use of standard Node.js HTTP client patterns within injected Frida agents, allowing developers to make network requests from the context of the target process. It differentiates itself by enabling network communication in an environment (Frida's instrumented process) where direct Node.js `http` APIs would otherwise be unavailable, serving as a critical component for dynamic analysis and reverse engineering tasks requiring outbound network communication from the target process.
Common errors
error Error: Module not found: 'frida-http' ↓
cause The Frida agent script was not correctly bundled or compiled to include the `frida-http` module before injection into the target process.
fix
Use
frida-compile to bundle your agent script. Ensure frida-http is specified as a dependency in your agent's package.json (if applicable) or explicitly included in the frida-compile input files, and compile with ES Module target. error TypeError: require is not a function ↓
cause Attempting to use CommonJS `require()` syntax for `frida-http` in a Frida agent that is expecting ES Modules (which is the default for modern Frida and `frida-compile`).
fix
Update your agent script to use ES Module
import syntax: import { http } from 'frida-http';. Ensure your frida-compile configuration supports ES Modules output. error HTTP request error: getaddrinfo EAI_AGAIN example.com ↓
cause The target process or device where the Frida agent is running failed to resolve the domain name (DNS issue) for the requested URL.
fix
Check the network connectivity and DNS resolution capabilities of the target device/process. Ensure the device has internet access and correct DNS settings. For emulators, verify host-side DNS forwarding.
error HTTP request error: unable to verify the first certificate ↓
cause The target process's trust store does not contain a valid certificate authority (CA) to verify the SSL/TLS certificate of the HTTPS server being contacted.
fix
This typically occurs when intercepting HTTPS traffic with a proxy. Install your proxy's CA certificate into the target device's trust store. For Android, this often involves rooting the device and moving the certificate to
/system/etc/security/cacerts/. Warnings
breaking With Frida 17.0.0, runtime bridges like `frida-http` are no longer implicitly bundled within Frida's GumJS runtime. Agents relying on these modules must now be explicitly compiled using `frida-compile` (or similar bundler) to include these dependencies, and should use ES Module (ESM) syntax. This requires adjusting agent build processes. ↓
fix Ensure your Frida agent compilation process (e.g., with `frida-compile`) is updated to explicitly bundle `frida-http` and other runtime bridges. Use ES Module `import` syntax in your agent scripts.
gotcha Network requests initiated via `frida-http` execute within the network context of the *target process*, not the host machine where your Frida client (Node.js/Python) is running. This means any host-level network configurations (proxies, VPNs, custom DNS, system-wide CA certificates) will not automatically apply to requests made by the injected agent. ↓
fix To proxy traffic or trust custom certificates, you must configure the target application's network settings, install certificates within the target device's trust store, or use Frida's APIs to hook network functions directly for custom proxying/certificate handling within the injected process.
gotcha When developing Frida agents with TypeScript, ensuring that `frida-http` is correctly bundled and transpiled for the target environment can be challenging. Incorrect `tsconfig.json` settings or an outdated `frida-compile` setup can lead to module resolution failures or syntax errors in the injected script. ↓
fix Verify `frida-compile` is installed and up-to-date. Configure your `tsconfig.json` to output ES Modules and ensure `frida-http` is listed in your agent's dependencies if using a bundler, or included in the `frida-compile` command's input files.
Install
npm install frida-http yarn add frida-http pnpm add frida-http Imports
- http wrong
const http = require('frida-http');correctimport { http } from 'frida-http'; - https wrong
const https = require('frida-https');correctimport { https } from 'frida-https'; - IncomingMessage
import { IncomingMessage } from 'frida-http';
Quickstart
import { http, IncomingMessage, ClientRequest } from 'frida-http';
import { https } from 'frida-https'; // Assuming frida-https also exists for SSL/TLS
rpc.exports = {
/**
* Makes an HTTP or HTTPS GET request from the injected Frida agent.
* The response body (truncated) and status are sent back to the host.
* @param {string} url The URL to fetch.
* @param {boolean} useHttps Whether to use HTTPS (requires frida-https).
*/
fetchUrl(url: string, useHttps: boolean = false): void {
const client = useHttps ? https : http;
const req: ClientRequest = client.get(url, (res: IncomingMessage) => {
let data = '';
res.setEncoding('utf8');
res.on('data', (chunk: string) => {
data += chunk;
});
res.on('end', () => {
const truncatedBody = data.length > 200 ? data.substring(0, 200) + '...' : data;
send({
type: 'response',
url: url,
statusCode: res.statusCode,
headers: res.headers,
body: truncatedBody,
});
});
});
req.on('error', (e: Error) => {
send({
type: 'error',
url: url,
message: e.message,
});
});
req.end();
console.log(`[Frida Agent] Attempted to fetch: ${url}`);
},
};
console.log('[Frida Agent] Frida-HTTP agent initialized. Call rpc.exports.fetchUrl(url, useHttps) from host.');