This is a migrated thread and some comments may be shown as answers.

How to act as a proxy only for specific hosts

6 Answers 1302 Views
FiddlerCore
This is a migrated thread and some comments may be shown as answers.
Anuj
Top achievements
Rank 1
Anuj asked on 26 Mar 2015, 04:54 PM
Hi,

I have created a desktop app which uses fiddler core to modify requests on specific hosts.
I am using FiddlerCoreStartupFlags.Default
The problem I have facing is that it is acting as a proxy for requests going to all hosts.
I can ignore specific hosts using CONFIG.sHostsThatBypassFiddler but I want to do the other way round i.e. configure hosts which I care about.
I wanted to know if this is possible.

Thanks,
Anuj

6 Answers, 1 is accepted

Sort by
0
Eric Lawrence
Telerik team
answered on 26 Mar 2015, 05:42 PM
Hello, Anuj--

Are you trying to capture traffic from ALL applications, or just your OWN application? (If you only want to capture traffic from your own application, how are you issuing the network requests in that application? It would be best to not register as the system proxy if you only want your own traffic)

There are two ways to control, on a per-host basis, which requests go to a proxy:

 1. You can exempt hosts by adding them to the proxy bypass list. (That's what sHostsThatBypassFiddler controls.)

 2. You can control, on a per-request basis, whether a request goes to a proxy using a proxy-configuration script. You can configure Fiddler to use a proxy-configuration script, but this is somewhat complicated and there are implications to going this route if you use IE or any Windows components that utilize the Zones API (https://msdn.microsoft.com/en-us/library/bb250483(v=vs.85).aspx)

Regards,
Eric Lawrence
Telerik
 

See What's Next in App Development. Register for TelerikNEXT.

 
0
Anuj
Top achievements
Rank 1
answered on 26 Mar 2015, 06:00 PM
Hi Eris, thanks for the quick reply.
I am not capturing traffic for applications I own. I am capturing browser traffic and am only interested in specific hosts.
Option 1 is not very feasible since I will have exempt hosts one by one and I might not be aware of all hosts that are hit by folks using my app.

The reason why I wanted to ignore all traffic except certain hosts is that I see endless prompts on IE with intranet sites. I am decrypting ssl for only hosts that I am interested in so cannot apply the workaround mentioned here http://blogs.msdn.com/b/fiddler/archive/2011/09/04/fiddler-http-401-authentication-workaround-to-support-channel-binding-tokens-removing-endless-prompts.aspx

Since I am facing issues with only intranet sites, is there a way I can exempt all intranet traffic?

Thanks,
Anuj
0
Accepted
Eric Lawrence
Telerik team
answered on 26 Mar 2015, 07:30 PM
Proxy bypass lists support the special token <local> which matches any hostname that does not contain a dot; this is the most common way that a site is determined to be Intranet. So you could set your sHostsThatBypassFiddler value to "<local>;" to prevent having those sites' traffic run through Fiddler.

Regards,
Eric Lawrence
Telerik
 

See What's Next in App Development. Register for TelerikNEXT.

 
0
Anuj
Top achievements
Rank 1
answered on 27 Mar 2015, 11:52 PM
Thanks Eric, that solved my problem.
It would be good though to have an option to only act as a proxy for specific hosts. Right now, I check if the host is in the list that I am interested in, otherwise, I set oSession["x-no-decrypt"] = "do not care." It would be good if I don't even act as a proxy for the uninteresting hosts.
0
Eric Lawrence
Telerik team
answered on 30 Mar 2015, 03:57 PM
Hi, Anuj--

Yes, that option would be nice. All we need to do is convince all of the browsers and HTTP stacks that the existing proxy configuration script approach I mentioned below isn't good enough and get them to implement a new option for proxy configuration that does what you want. Unfortunately, that's not very feasible.

FWIW, instead of just setting x-no-decrypt, you should call oSession.Ignore() on Sessions you don't care about. This improves performance.

Regards,
Eric Lawrence
Telerik
 

See What's Next in App Development. Register for TelerikNEXT.

 
0
Anuj
Top achievements
Rank 1
answered on 30 Mar 2015, 11:06 PM
Thanks Eric!
Tags
FiddlerCore
Asked by
Anuj
Top achievements
Rank 1
Answers by
Eric Lawrence
Telerik team
Anuj
Top achievements
Rank 1
Share this question
or