Fiddler classic can't resolve https for nature websites

3 Answers 177 Views

Fiddler Classic

3 Answers, 1 is accepted

answered on 17 May 2024, 07:29 AM

Hello Chen,

It appears that there is additional server logic that rejects the request after the CONNECT Tunnel session. This is most likely caused by a server configuration that rejects connections made under specific conditions. It could be that it does not like the used TLS version, a specific encryption cipher, the user agent HTTP header value, or a combination of several factors. As additional logic, once these conditions are not met, the server returns a 403 error.

That said, the specified domain supports HTTP/2 and TLS 1.3, which are not currently supported in Fiddler Classic. You can try the Fiddler Everywhere application, which recently added support for both technologies, and the page will be captured as expected.

Regards,
Nick Iliev
Progress Telerik

Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.

answered on 17 May 2024, 08:01 AM

After try fiddler everywhere it works。The reason is that nature access uses http2, but fiddler classic doesn't support http2, I don't know when fiddler classic will support http2 and tlp1.3? We have also considered turning to fiddler everywhere, but it doesn't support fiddlerscript, there are a lot of functions that we need to implement on top of script. There are a lot of features that we need to implement in script that we can't seem to implement in fiddler everywhere.

Nick Iliev

commented on 17 May 2024, 09:31 AM

Hey Chen,

I cannot provide specific information on when or if we will support HTTP/2 and TLS 1.3 in Fiddler Classic as the team is currently focused on delivering new features and functionalities in Fiddler Everywhere. While FiddlerScript is not yet an option in Fiddler Everywhere (the team is currently researching the possibility of integrating it in Fiddler Everywhere), almost anything you can do programmatically is available as matching conditions and actions in the Rules tab (some useful resources here and here). Please let us know if you have a specific case that you cannot achieve using the Rules functionality in Fiddler Everywhere - this will help us identify your needs and implement even more value in Fiddler Everywhere.

answered on 17 May 2024, 02:09 PM

Thank you for your reply!
In fiddler script, I have implemented these functions:

automatically saving responsebody as a PDF file,

writing relevant information about user access to a specific URL into the SQL Server database,

resending data packets to achieve user information queries, and so on.

I have researched Fiddler Everywhere, but I am unable to implement these functions.

Also, I have an idea. Since Fiddler classic does not support HTP2, can I use Fiddler Everywhere as the upstream proxy of Fiddler classic and convert access from HTP1.1 to access from HTP2 in Fiddler Everywhere?

Nick Iliev

commented on 21 May 2024, 06:14 AM

Hey Chang,

Thank you for providing additional information about your FiddlerScript use cases. We will consider them while evaluating options to include similar scripting functionality in Fiddler Everywhere.

The option to chain the Fiddler Everywhere and Fiddler Classic proxies will not resolve the issue. This is because the connection between the server and the proxy will still go through HTTP/1.1 and TLS 1.2, and either one or a combination of both is causing the server to deny the connection. You can easily confirm this by starting both Fiddler Classic (with capturing off) and Fiddler Everywhere with "System Proxy" capturing mode on and the gateway set to Fiddler Classic (http=127.0.0.1:8888;https=127.0.0.1:8888) - you will notice that the session in Fiddler Everywhere has a request that goes through HTTP/2, but then when the connection reaches Fiddler Classic the negotiated protocol will be HTTP/1.1.