This is a migrated thread and some comments may be shown as answers.

502 errors on http tunnel connection to 443

4 Answers 1506 Views
Fiddler Classic
This is a migrated thread and some comments may be shown as answers.
Evan Paul
Top achievements
Rank 1
Evan Paul asked on 12 Feb 2015, 03:32 AM
Eric - I have used Fiddler as an everyday part of my job for about 5 years now. I am proficient with it. Rarely need to use rule editor - but have done some. 

Ok, so I have to capture many different websites with Fiddler. Many of them are SSL sites. And I don't think I have ever had this issue.
When I go to the site https://www.ote.gr/web/guest (its in Greece) it's not very fast and takes a while to load, but with fiddler it is taking longer and I wonder if it is somehow creating the 502's I am seeing. If you go to the site and see how it loads, then use the latest Fiddler (as of today Feb 11 2014 ver v4.4.9.9) you should see the same thing. I tried an old 2.4 fiddler on a different network and different machine too just to see.. no difference. Many of the connections will be ok.. but then you get a bunch of 502s on http to ssl tunnels... then... you'll see that the page doesn't render properly.

But.. if you were to go to say capture https://www.bankofamerica.com no problem.

I tried the:
 static function OnBeforeRequest(oSession: Session) {
if (oSession.HTTPMethodIs("CONNECT") && oSession.HostnameIs("www.ote.com")) 

  oSession["x-OverrideSslProtocols"] = "ssl3"; 
  FiddlerApplication.Log.LogString("Legacy compat applied for inbound request to BuggySite.com"); 
}

As you can guess, it didn't help. So I am here looking for a hand. Let me know if you need anything else to help me with this.

I tried attaching a saz with the 502s for your review but the forum tool wouldn't let me. Maybe too large. I did give you a snap shot of the page render with and without fiddler runnning.

My hope is you can tell me some timeout parameter to change so that it won't time out or a way to speed up the tunnel connections in case their server infrastructure is what is deciding it's taking too long and drops the connection. Let me know and thanks.

4 Answers, 1 is accepted

Sort by
0
Eric Lawrence
Telerik team
answered on 12 Feb 2015, 04:35 PM
Hi, Evan--

You can send me files using Help > Send Feedback inside Fiddler. I'm particularly interested in looking at the timings of the requests and failures, as well as the body of the HTTP/502 responses that Fiddler is showing. The SAZ file you send me will also include what version of Fiddler you're using, an interesting question.

The site in question does not require SSL3 for use. (If it did, your script below wouldn't work because you're checking that the hostname is www.ote.COM but you need to check for www.ote.GR.)

Regards,
Eric Lawrence
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
0
Evan Paul
Top achievements
Rank 1
answered on 23 Feb 2015, 04:34 PM
Hey all who read this post... Eric and I dialogued in email. He helped me find a solution. Basically it appears this site's web server or load balancer, or something in their web hosting infrastructure is somehow blocking or delaying the connection to a point where it times out. So, we get a bunch of 502s on https connectsion "http to 443 tunnel". So, Eric introduced me to an autoresponder feature in Fiddler called "*ReplyWithTunnel". 
So I created an autoresponder rule which says if request matches "method:CONNECT www.ote.com" then do what... do this.. "*ReplyWithTunnel". It worked.. now the connections don't assume they are failing and we get the content. This may not work for all issues like this, because in this case, we are getting the static content after we trick the connection failure... some sites may not let you have that content with that issue. But in our case it works!! Thanks Eric!

 Screenshot of the autoresponder and what it does attached.



0
Evan Paul
Top achievements
Rank 1
answered on 23 Feb 2015, 04:43 PM
I want to clear something up for those who may read this.. I mistakenly put www.ote.COM, but the site is www.ote.GR 
I am telling you this so you don't think you had to switch the domain suffix. the .COM was just a typo.
0
Evan Paul
Top achievements
Rank 1
answered on 03 Mar 2015, 04:06 AM
To all who read this post.. when I used Chrome (thanks to a friend's input) the issue with 502s in the captured ceased. So, Chrome works MSIE not so much... with this particular site. Not sure why.. Maybe Eric has an idea.
Tags
Fiddler Classic
Asked by
Evan Paul
Top achievements
Rank 1
Answers by
Eric Lawrence
Telerik team
Evan Paul
Top achievements
Rank 1
Share this question
or