Tamper a session by setting breakpoints that can be automatic (after/before every request or response) or custom ones – insert breakpoints only when certain conditions are met. You can also use the quick exec box to create simple breakpoints for whenever a certain URL is hit. Fiddler then pauses the processing of the session and permits manual alteration of the request and the response. You can also choose the response that will be automatically returned.
Traffic rewriting may also be performed automatically by script or extensions running inside Fiddler. This feature proves useful for security testing, as well as for general functionality testing, because all code paths can be exercised.
With Fiddler web debugger you can manually build and send HTTP, HTTPS, and FTP requests. Alternatively, you can choose to clone a session from the web sessions list to the composer tab by using drag and drop. Clicking the Execute button sends the request to the server. Fiddler exposes various options for you to create your own request – by writing a raw request from scratch; by constructing a parsed request; issue sequential requests or build a file upload request.
Fiddler’s Auto responder is an advanced feature which enables you to have the web debugging proxy respond on behalf of the web server –very useful functionality if you are trying to determine whether or not a client can handle correctly the server response. The Auto responder permits you to create rules that will automatically trigger a response to requests, by returning a previously-captured response without hitting the server.
Fiddler is not limited to simply observing network traffic—this web debugging proxy got its name from its ability to “fiddle” with outbound requests and inbound responses. Web session tampering allows users to experiment with and investigate the traffic that flows between the server and their app in an attempt to improve the latter’s overall performance and reliability. Fiddler offers various approaches to session tampering like setting breakpoints, rewriting requests and responses, mimicking the original network traffic, and more.
The quick exec box allows you to complete a command quickly, so rather than using the menus, you can explicitly specify a command here. For example, you can use it to create simple breakpoints for whenever a certain URL is hit – it’s a quick and easy way to have a task accomplished.
Copyright © 2002-2014 Telerik. All rights reserved.
Powered by Telerik Sitefinity CMS