Hello,
I have two questions regarding Fiddler Classic, and I would appreciate your help.
1) Cloudflare blocking error
When I try to load either of the two websites below through Fiddler Classic, I receive the following Cloudflare error message: "Sorry, you have been blocked." Please see the screen shot attached.
https://www.gurufocus.com
https://et3arraf.com
Both websites load fine when Fiddler is not active. Over time, I’ve encountered the same issue with several other sites as well — the two above are just recent examples. It seems this error has become more frequent lately.
Do you know why this happens? Is there any way to bypass or prevent this issue?
2) TLS 1.3 support in Fiddler Classic
Could you please provide an update regarding the implementation of TLS 1.3 in Fiddler Classic? Is it still under development, or has the upgrade been officially discontinued?
No recent news here: https://feedback.telerik.com/fiddler/1584209-support-tls-1-3-now-that-net-framework-does
Please note that I’d consider switching to Fiddler Everywhere, but I’m currently relying on a large script that only works with the Classic version, since scripting isn’t yet supported in Everywhere.
Thank you in advance!
Best regards,
Alex
1 Answer, 1 is accepted
Hello Alex,
Cloudflare is a service that employs multiple techniques to detect and block traffic, including TLS fingerprinting, which verifies whether the client is the one the service expected based on certain details within the TLS handshake (like ClientHello). Another noticeable thing is that both targeted endpoints use TLS 1.3, which could also be pointing to yet another reason why Cloudflare does not allow the connection.
That said, the Fiddler Classic application is no longer under active development, as stated on the official product page - so TLS 1.3 support or any other features won't appear in Fiddler Classic. The team is currently working with a priority on Fiddler Everywhere, Fiddler Everywhere Reporter, and FiddlerCore, and all three of these products are officially supporting TLS 1.3 and HTTP/2. The targeted pages (gurufocus and et3arraf) are loading as expected while testing with Fiddler Everywhere and are not triggering the Cloudflare block.
Regarding the scripting abilities in Fiddler Everywhere, the team is already actively researching the options to add scripting to the application. We added this feature as a high-priority feature in our roadmap. I will let you know as soon as Fiddler Everywhere provides scripting.
Regards,
Nick Iliev
Progress Telerik
Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.
Rank 1
Iron
Iron