You can't really do that. When you set x-no-decrypt
, you're creating a blind tunnel whose octets are encrypted in both direction. You can't look at encrypted octets and know what they represent.
you could try to guess
when the request is done based on timing, and when the response is done based on timing, but this would be, at best, a guess.
It would probably be simpler to just have your client talk to a server you control, and configure the server to drop the connection after the first request.
Alternatively, you could configure your client application to look for Fiddler's root certificate; respond to the first request with Fiddler and let the second request go through to the real server and see whether the client complains about the "wrong" certificate.
Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.