3 Answers, 1 is accepted
Hello Chen,
It appears that there is additional server logic that rejects the request after the CONNECT Tunnel session. This is most likely caused by a server configuration that rejects connections made under specific conditions. It could be that it does not like the used TLS version, a specific encryption cipher, the user agent HTTP header value, or a combination of several factors. As additional logic, once these conditions are not met, the server returns a 403 error.
That said, the specified domain supports HTTP/2 and TLS 1.3, which are not currently supported in Fiddler Classic. You can try the Fiddler Everywhere application, which recently added support for both technologies, and the page will be captured as expected.
Regards,
Nick Iliev
Progress Telerik
Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.
Rank 2
Bronze
Iron
Iron
Hey Chen,
I cannot provide specific information on when or if we will support HTTP/2 and TLS 1.3 in Fiddler Classic as the team is currently focused on delivering new features and functionalities in Fiddler Everywhere. While FiddlerScript is not yet an option in Fiddler Everywhere (the team is currently researching the possibility of integrating it in Fiddler Everywhere), almost anything you can do programmatically is available as matching conditions and actions in the Rules tab (some useful resources here and here). Please let us know if you have a specific case that you cannot achieve using the Rules functionality in Fiddler Everywhere - this will help us identify your needs and implement even more value in Fiddler Everywhere.
Rank 2
Bronze
Iron
Iron
Thank you for your reply!
In fiddler script, I have implemented these functions:
automatically saving responsebody as a PDF file,
writing relevant information about user access to a specific URL into the SQL Server database,
resending data packets to achieve user information queries, and so on.
I have researched Fiddler Everywhere, but I am unable to implement these functions.
Also, I have an idea. Since Fiddler classic does not support HTP2, can I use Fiddler Everywhere as the upstream proxy of Fiddler classic and convert access from HTP1.1 to access from HTP2 in Fiddler Everywhere?
Hey Chang,
Thank you for providing additional information about your FiddlerScript use cases. We will consider them while evaluating options to include similar scripting functionality in Fiddler Everywhere.
The option to chain the Fiddler Everywhere and Fiddler Classic proxies will not resolve the issue. This is because the connection between the server and the proxy will still go through HTTP/1.1 and TLS 1.2, and either one or a combination of both is causing the server to deny the connection. You can easily confirm this by starting both Fiddler Classic (with capturing off) and Fiddler Everywhere with "System Proxy" capturing mode on and the gateway set to Fiddler Classic (http=127.0.0.1:8888;https=127.0.0.1:8888) - you will notice that the session in Fiddler Everywhere has a request that goes through HTTP/2, but then when the connection reaches Fiddler Classic the negotiated protocol will be HTTP/1.1.