
I need to explore the traffic from one program.
The program makes something like a connection through the WebSockets.
Fiddler displays this:
Request Headers: `CONNECT 144.***:443 HTTP/1.0`
Response: `HTTP/1.0 200 Connection Established`
End empty body.
But httpanalyzer displays full information after that response, and that information continues flowing. Very likely like WebSockets (one connection and receive more answers).
And fiddler display zero traffic.
How can I explore such traffic through the fiddler?
Updade1: No websockets icon and websockets tab
1 Answer, 1 is accepted
Hello Serhio,
The Fiddler Classic support and visualizes WebSocket communication in a separate WebSocket tab (see the attached screenshot). So in case, the application is opening a WS, you should see it when the connection is opened, and then any ongoing communication will appear in the active WS session (while using the WebSocket tab to see the incoming and outgoing messages).
Regards,
Nick Iliev
Progress Telerik
Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.
Thank you for the provided SAZ archive. The problematic sessions are indeed using a protocol that looks similar to WebSocket but actually is something different. We are currently unable to identify the protocol, and this in case the Fiddler is not trying to decrypt the traffic but directly proceeding with the tunnel.
As faр as I see, the HttpAnalyzer is also not able to decrypt the content. It looks like this is an additional security layer applied by the application owners.