There are several ways to debug and analyze web applications. The first approach is to use network sniffers like wireshark. The problem with sniffers is that they are not so easy to use, and by default they capture all the network traffic. If the interest is only HTTP streams, it is required to add filters to remove all the information not relevant. Another drawback of sniffer, is that they are useless if the interest is the capture of a HTTPS stream: The sniffer captures the network stream but in crypt ed format. So it is useless. In such situation, a debugging proxy is a more relevant tool: They capture directly the HTTP streams and display directly the captured data without any filtering. Moreover most of them are able to decode HTTPS streams. I use the 3 debugging proxy below:

• WebScarab:  "WebScarab is a framework for analyzing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab."
• Burp Proxy: "Burp proxy is an interactive HTTP/S proxy server for attacking and debugging web-enabled applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions." Burp Proxy is also written in Java.
• Fiddler: "Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language."