Hello, the only way I can get HTTPS to work is when I have my browser setting to include our company's enterprise (forward) proxy, so that when Fiddler starts, that enterprise proxy is next in line. If I instead have the browser set as "No proxy" before starting Fiddler, then an HTTPS connection will fail with a 502 once Fiddler is started.
Using WireShark to do a network trace, I can see why things are failing:
1) Once Fiddler is started, the browser has a proxy (Fiddler), and so it starts a CONNECT handshake when doing HTTPS.
2) Fiddler *forwards* the CONNECT to the web server, as if the web server were instead itself a proxy. Because the web server is not listening on port 80 (which CONNECT uses), this fails with a 502.
It seems like when there was no proxy before Fiddler started, it should "swallow" all CONNECTs and not forward them to the target web servers.
What am I missing here?
Thanks, Steve
3 Answers, 1 is accepted
This certainly *should* work like you expect. Can you provide some more information?
What Fiddler version are you using (Help > About) exactly?
Does Fiddler have HTTPS decryption enabled?
Can you type about:network and hit Enter in the black QuickExec box below Fiddler's Web Sessions list, then copy the output from the Log tab into your response?
If you can email me the Wireshark capture (Help > Send Feedback) that may help too.
Regards,
Eric Lawrence
Telerik
Rank 1
Thanks for the reply Eric.
Version:
Fiddler Web Debugger (v2.6.1.4)
Built: Friday, October 30, 2015
32-bit x86, VM: 36.0mb, WS: 47.0mb
.NET 2.0.50727.5485 WinNT 6.1.7601 SP1
Yes, "Capture HTTPS CONNECTs", and "Decrypt HTTPS traffic" checked.
Here is the about:network. And looking at it, and then googling the obvious bit about the Chrome GPO and the Script= http://www-proxy-pac.lmig.com/proxy.pac, I think I can anticipate what you'll say my problem is: it looks like my company (sometime in the last year) set up a GPO that is essentially hardcoding Chrome's proxy settings. Which is kind of funny, because I'm testing using FireFox, but there are some behaviors here that appear like the "no proxy" in FireFox is being ignored (in at least one respect).
Thanks, Steve
-= Fiddler Event Log =-
See http://fiddler2.com/r/?FiddlerLog for details.
13:21:15:4568 Fiddler Running...
13:21:15:4608 !WARNING Fiddler has detected that Chrome GPO specifies proxy configuration 'system'.
13:23:19:1822 -- NetworkInterfaces --
Loopback Pseudo-Interface 1 'Software Loopback Interface 1' Type: Loopback @ 1,073,741,824/sec. Status: UP
VirtualBox Host-Only Network 'VirtualBox Host-Only Ethernet Adapter' Type: Ethernet @ 100,000,000/sec. Status: UP
Local Area Connection 'Intel(R) 82577LM Gigabit Network Connection' Type: Ethernet @ 1,000,000,000/sec. Status: UP
Wireless Network Connection 2 'Microsoft Virtual WiFi Miniport Adapter' Type: Wireless80211 @ 450,000,000/sec. Status: DOWN
Wireless Network Connection 'Intel(R) Centrino(R) Ultimate-N 6300 AGN' Type: Wireless80211 @ 450,000,000/sec. Status: DOWN
Total bytes received (IPv4): 304,785,140
Local Addresses:
10.115.138.136
192.168.56.1
::1
RAS reports 1 Connectoids
-= WinINET settings for 'DefaultLAN' =-
HTTP=
HTTPS=
FTP=
SOCKS=
Script= http://www-proxy-pac.lmig.com/proxy.pac
Bypass= <-loopback>
ProxyType: 1
The contents of the http://www-proxy-pac.lmig.com/proxy.pac file determine what, if any, upstream proxy Fiddler sends its requests to. You should be able to pull down that file (e.g. using Fiddler's Composer) to have a look at it and see if there's anything obviously amiss.
If you're confident that you don't need to use any upstream proxy, you can configure Fiddler to ignore it entirely using Tools > Fiddler Options > Gateway > No Proxy.
If you'd like me to have a look at your proxy script privately, please feel free to send it to me using Help > Send Feedback.
Regards,
Eric Lawrence
Telerik