Nowadays, applications are accessible on multiple platforms—desktop PCs, tablets, smartphones, etc. While inspecting and analyzing HTTPS traffic and web app performance from a desktop is an easy task, that wasn’t so much the case for mobile traffic.
Until now! With Fiddler Everywhere, you can capture, debug, inspect and even modify your mobile traffic with ease in a few simple steps!
More and more products are providing cross-platform support for their web applications. The Android OS has approximately 40% of the global market share across all operating systems on all platforms (https://gs.statcounter.com/os-market-share). Ignoring how your application works on a mobile device is no longer an option!
You might ask, but why do I need Fiddler Everywhere as a proxy? Here are three reasons right off the bat:
There are many more real-life use cases. Some other possible scenarios where Fiddler Everywhere will lend a helping hand:
Before diving into some real use-case demonstrations, we need to configure your Android device to see and trust the Fiddler Everywhere proxy.
Almost all modern mobile applications and all mobile browsers use encryption to exchange data online, and, usually, we are talking about TLS protocol and HTTPS traffic. The proxy and its certificate authority need proper configuration, which differs depending on the operating system type and version.
Step 1: Install Fiddler Everywhere and enable HTTPS capturing (https://docs.telerik.com/fiddler-everywhere/installation-and-update/installation-procedure#getting-started-guides)
Step 2: Enable “Allow remote computers to connect” option (https://docs.telerik.com/fiddler-everywhere/traffic/configure-android#configuring-fiddler-everywhere )
Step 3: Set the Fiddler Everywhere proxy and trust certificate on the Android device/emulator (https://docs.telerik.com/fiddler-everywhere/traffic/configure-android#configuring-the-android-device )
Voila! You are ready to start capturing the HTTPS traffic from your mobile browser.
The most powerful features of Fiddler Everywhere are the ability to visualize the Live Traffic captured traffic in a handy format within the Inspectors tab, to show analytical and statistical data as a summary in the Overview tab, and to modify requests and responses through the Rules tab (mocking server and user behavior).
We will use Fiddler Everywhere’s own documentation page to make an introductory demonstration. Let’s open the documentation landing page and see what happens while Live Traffic actively captures inbound and outbound traffic. The captured traffic will look like the image below (note that, for clarity, we’ve used URL column filtering based on the term “telerik.com”).
Immediately, a few things become apparent:
The columns provide structured session information about returned status code, used HTTP method (GET, POST, etc.), size in bytes, used HTTP version, remote IP address, time stamps, content type and multiple other fields. Each captured session contains a lot of helpful information that we can use straight away and has built-in immediate actions that we can apply through the context menu (marking, filtering, sharing, replays, adding a new rule, etc.).
Through the Overview tab, we can select multiple sessions of interest and analyze their statistical data to find possible deviations or bottlenecks in the user experience. The good thing here is that we can quickly test real-life behavior on different mobile devices and see how our web application acts in different environments (like slower hardware, network delays, testing unavailability of some resources, etc.).
It’s worth noticing that the Overview tab will adapt its UI when a single session is selected. This way, we can examine the specific HTTP requests and responses of any session.
The traffic inspections naturally continue through the Inspectors tab. Double-click on a single session to let Fiddler Everywhere load the most appropriate Inspector, or use single-click to preserve the last loaded Inspector type. The latter is beneficial when you need to investigate specific data like the Headers of multiple sessions, and you want to prevent loading the default Inspector type.
The Inspectors are the backbone of Fiddler Everywhere. Each session consists of a request and response inspector, and each inspector has multiple UI types that we can use to extract valuable information.
Some basic examples:
We can use the Rules tab to create a rule that intentionally breaks the web font request to visualize what would happen with our site if the preferred font does not load. Do you remember the large web font icons request we observed in our initial capturing? Why not test what would happen if we explicitly applied a rule that breaks it (QA engineers celebrating in the background)?
So far, the use case was depicting a scenario where we were testing a web page accessible through a mobile browser (or any other type of browser). You might wonder if Fiddler Everywhere is suitable for testing your HTTPS request sent directly from an API within your Android application?
Yes, you can use Fiddler Everywhere to capture, inspect and debug any HTTPS traffic from an Android application in development. The last part is essential—the Android applications are configured to reject any user-installed certificate authorities by default. That means that you can capture HTTPS traffic from an Android application explicitly configured (by the app’s developers) to trust user-installed CA.
Learn more about using a real device or an Android virtual device of your choice and configure your application to trust the Fiddler Everywhere root certificate.
Fiddler Everywhere is a modern tool built on solid foundations (Fiddler Classic was first published in 2003). The tool constantly grows and adds features like cloud collections, rules builder, extended collaboration, multiple export and import formats, multiple inspectors, statistical information, HTTP/2 support, WebSocket support, support for mobile devices, native support for Windows, macOS and Linux, and many more.
The mobile story for both Android and iOS (did I mention that we do support iOS capturing?!) is strong. It provides an excellent opportunity to improve your team’s development and testing abilities against the rapidly evolving mobile application market.
Do you need more context, have specific technical questions or request a demo? Please do not hesitate to contact us!
Nikolay Iliev is a senior technical support engineer and, as such, is a part of the Fiddler family. He joined the support team in 2016 and has been striving to deliver customer satisfaction ever since. Nick usually rests with a console game or a sci-fi book.