Telerik blogs

A new feature-packed Fiddler Everywhere release is available for you to try out, and it brings long-awaited functionalities, support for capturing modern frameworks’ traffic and performance improvements.

With the Fiddler Everywhere 4.2 version from Progress Telerik, you can enjoy our new Rules Grouping functionality for an easier and more organized workflow. You can also find new ways for capturing traffic, as well as expanded protocols support such as gRPC and TLS 1.3 connection. Learn more about those and other new Fiddler Everywhere goodies in this blog post.

Rules Grouping

This feature was highly requested in the past year, and we took some time to design it properly and make sure it covers the most important scenarios. The Rules tab is transformed to incorporate a tree-like feature that allows the creation of rules and groups. You can add those from the respective buttons in the upper part of the tab or from the three dots on the right of each row. Notice that you can also create subgroups and add another level of depth if your use case requires it.

The feature also supports a drag-and-drop functionality through which you can easily organize your rules into groups and reorder items. The UI gives a clear indication about the structure of your rules setup. The rules will continue to execute from top to bottom as they previously behaved.

User adds rules into group tree structure so that they execute in the correct order, in this case changing a picture

Putting rules into groups allows you to apply actions in bulk such as enabling and disabling a whole group instead of each rule individually or executing a whole group of rules on already captured traffic. You can also delete or rearrange items in bulk.

The Rules Grouping is meant to provide a better organization of rules and easy customization that will boost your productivity and testing workflow. As always, we are open to hearing your feedback and how we can further improve the Rules!

Capture gRPC

In Fiddler Everywhere, we are adding support for another protocol that steps on the HTTP/2 framing. With the 4.2 version, you can capture gRPC traffic (in beta) and troubleshoot applications that use this framework out of the box with Fiddler Everywhere. The gRPC traffic will be visualized in the Live Traffic with a similar icon as for WebSocket communications.

Analyze the handshake and the exchanged messages in the Inspectors and find gRPC specific information in the Trailers tab in the Response Body. You can also inspect the HEX representation of the Protobuf messages exchanged between the client and the server from the respective tab in the Inspectors.

When properly configured as a proxy, Fiddler Everywhere supports the following types of gRPC capturing:

  • No streaming
  • Server streaming
  • Client streaming
  • Bi-directional streaming

To be able to capture gRPC traffic, make sure you have enabled the HTTP/2 capturing from Settings > Connections menu. Find more on the new functionality in our gRPC support documentation article.

Fiddler Everywhere - gRPC

TLS 1.3 Support

Another new functionality that we introduced with the 4.2 version is the support for TLS 1.3 encryption protocol. So far, the available protocol versions in Fiddler Everywhere were SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2, and with the latest release, the application will use the highest supported version, which is now TLS 1.3. This means that while establishing a connection between the client and Fiddler Everywhere, the app will select TLS 1.3 if the client supports it. Similarly, Fiddler will send TLS 1.3 in the list of suggested versions when negotiating the connection with the server. This will allow the server to select and use TLS 1.3 if it supports this protocol.

You will see indications for the highest TLS 1.3 used on multiple places in Fiddler Everywhere:

  • Live Traffic – a new column will appear that gives info about the protocol version
  • Inspectors – a TLS 1.3 chip with necessary information
  • Overview – you’ll find details about the used TLS/SSL version for the selected session

Fiddler Everywhere - TLS 1.3 Support

Capture Traffic Through Terminal

Fiddler Everywhere now provides one more alternative way to capture HTTPS traffic without trusting the Fiddler Root Certificate. In addition to the Browser option that gives that opportunity, we now added the functionality to start a Terminal process that will proxy all requests from cURL and Node.js apps to the Fiddler Everywhere application. In the future, we are looking to extend these capabilities with automatic capturing of applications written in other languages and frameworks.

With the Terminal option we enable you to capture traffic from other locally run applications. The terminals we support are the following:

  • On Windows – Command Prompt, Windows PowerShell and PowerShell
  • On macOS – Terminal application
  • On Linux – GNOME terminal, Konsole, Xterm and X-terminal-emulator

Fiddler Everywhere - Open Terminal

Create Custom Columns

This is another feature that has been highly requested, and it is now available in Fiddler Everywhere. As the name suggests, this option allows you to add custom-made columns to the live traffic grid that might contain useful information for you to analyze as part of the debugging process. The type of columns can be set based on Request and Response Headers criteria. You have two ways to do so:

  • Use existing sessions headers – From the Request/Response Headers sections right-click on the headers that you’d want to take out as a separate column.
  • Create a new column from scratch – From the Columns dropdown, choose the Add Custom Column button and fill in the relevant information such as Request or Response as a Source, Header Name and Column Title.

The new column will be added at the end of the grid with a focus on it. If you wish to reorder it, you can do so from the Columns menu.

Fiddler Everywhere - Create Custom Column

Performance and Security Improvements

We are constantly working to improve the overall usage with Fiddler Everywhere in addition to adding new functionalities. With the latest release, we introduced improvements such as smoother scrolling experience, improved HEX inspector performance, less memory usage, and updates to the .NET, Angular, Electron and Kendo UI versions we use to get their latest performance and security fixes.

Some other security functionalities we have added are related to server certificates information. Such data is now available for saved/shared sessions as well and showcases the status of the certificate at the time of capturing the requests.

In addition, we implemented a Fiddler-specific page when trying to open a website with an invalid certificate while Fiddler is running. The page informs you that the connection is insecure and gives you the option to ignore server errors for specific domains that you trust. This way you’ll not be blocked by Fiddler, but you’ll also not be exposed to other invalid certificates.

Try It Out!

With a lot of great new features in Fiddler Everywhere, you’ll want to make sure you try them right away! Access the added functionalities by opening the application to start the automatic update. You can also get the latest version from our Fiddler Everywhere download page.

Keep sharing your feedback and feature suggestions in our Fiddler Everywhere Forum or through the in-product feedback form. Your insights are valuable for shaping our roadmap and expanding the Fiddler functionalities!


Simona Yaneva
About the Author

Simona Yaneva

Simona Yaneva is a part of the Product Management team for the Telerik Fiddler Family of products—Fiddler Everywhere, Fiddler Classic, Fiddler Jam, FiddlerCap and FiddlerCore. She is interested in the variety of areas of work that Product Management covers and the processes that make a product or technology successful and most valuable to users. In her free time, Simona enjoys good food, music and dancing.

Related Posts

Comments

Comments are disabled in preview mode.