FiddlerCore SetNoDecryptList

5 posts, 0 answers
  1. Alex
    Alex avatar
    3 posts
    Member since:
    Jan 2016

    Posted 29 Jan Link to this post

    It's Fiddler.CONFIG.SetNoDecryptstring(string)

    There's not much documentation on this feature but I assume it's supposed to let specific HTTPS traffic through without attempting to open it up. If that is in fact what is does then it's exactly what I need. However, it doesn't actually seem to be working as intended. I booted up the .NET4 sample project and made no modifications other than adding one domain to the "SetNoDecryptList" but when I go to the domain I still get a "questionable certificate" type error.

     Any thoughts?

  2. Alex
    Alex avatar
    3 posts
    Member since:
    Jan 2016

    Posted 29 Jan in reply to Alex Link to this post

    Sorry that should say "Fiddler.CONFIG.SetNoDecryptList(string sNewList)"
  3. EricLaw
    EricLaw avatar
    67 posts
    Member since:
    Oct 2012

    Posted 30 Jan in reply to Alex Link to this post

    What string did you pass in? It should match the style of value inside Fiddler's Tools > Fiddler Options > HTTPS > Skip decryption for...

     Note: You can also just set oSession["X-No-Decrypt"] = "whatever" inside the BeforeRequest handler for the CONNECT tunnel.

  4. Alex
    Alex avatar
    3 posts
    Member since:
    Jan 2016

    Posted 01 Feb in reply to EricLaw Link to this post

    I just passed in "www.mydomain.com" basically. Is there a specific format as to what's supposed to be passed into that or the oSession["X-No-Decrypt"] syntax?
  5. EricLaw
    EricLaw avatar
    67 posts
    Member since:
    Oct 2012

    Posted 04 Feb in reply to Alex Link to this post

    Please share your code and the exact URL you're navigating. You should be able to specify a single domain, or multiple domains delimited by semicolons; leading wildcards are also supported.

    Fiddler only cares if the X-No-Decrypt flag exists; any value at all will disable decryption for that tunnel.

Back to Top