Browserstack live video not mirrored when WSS Agent enabled
Article ID: 420726
Updated On:
Products
Issue/Introduction
Users accessing internet services via Cloud SWG using WSS Agents successfully, after authenticating via a Microsoft Entra SAML Identity Provider.
A number of developers, running WSS Agent on macOS devices, use BrowserStack to develop and test mobile apps across many real browsers, operating systems, and devices.
When launching tests for applications, the video recording highlighted in red below never completes.
Disabling SSL interception for this domain, or enabling a protocol detection bypass does not address the issue.
When disabling the WSS Agent, all works fine.
Environment
macOS 14/15.
WSS Agent 9.8.1.
Cause
macOS issue with network extensions and loopback interfaces.
Resolution
Upgrade macOS to 15.7.2+ with WSS Agent 9.8.3+.
Additional Information
When troubleshooting, the HAR file showed most requests with valid status responses but many requests destined to bs-local.com reported "net::ERR_CONNECTION_REFUSED" errors.
Developer tools console log confirmed that, when the application failed, connections to bs-local.com all failed.
Pinging bs-local.com returned the loopback interface, which was bypassed from WSS Agent and sent directly.
WSS Agent PCAPs on public (non tunneled) interface confirmed requests were going out loopback interface but the application was resetting it.
macOS system logs were reporting the fact that the new TCP flows being passed in were rejected, as shown below:
provider rejected new flow TCP com.google.Chrome[{length = 20, bytes = xxxxxxxxxxxx}] remote: 127.0.0.1:#### interface lo0
Apple channels have many reports of rejected flows with loopback destined applications on hosts with network extensions. The latest macOS update addressed this one.
Feedback
