Hello,
I am very new to this program, I was wondering if it were at all possible for fiddler to only monitor traffic of ONE application only.
So that the fiddler only monitors one particular program/excutable, and everything else does NOT go through the proxy?
I tried to use OnBeforeRequest function: listed here - https://docs.telerik.com/fiddler/configure-fiddler/tasks/decrypthttps#skip-traffic-decryption-for-an-application but its still going though the proxy, the proxy is just chosing not to decrypt it, I basically want all to blacklist everything and whitelist X application to go through fiddler, and decrypt the HTTPS.
1 Answer, 1 is accepted
Hello Zach Davey,
By default, Fiddler is set as a system proxy and will act as a MITM proxy, meaning it will capture all the traffic through the OS system proxy. That includes the traffic from applications that are using the system proxy.
The above said you could stop using Fiddler as a system proxy (disable Capturing) and set the Fiddle proxy to be explicitly used by the wanted program only. For example, in Firefox, that can be done via Options > Connection Settings > Manual Proxy Configuration (instead of the default Use System Proxy) and setting the Fiddler IP and port.
Alternatively, you can visually show/hide traffic only from a specific process. That can be achieved through the process filter called Any Process (drag the icon to a particular process to show only traffic generated from that process) or by applying your custom logic from FiddlerScript (suggested solution here).
Regards,
Nick Iliev
Progress Telerik
Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.
Rank 1
Hi thanks for the answer.
So does F12 stop windows from using Fiddler as the system wide proxy?
And the issue I have is the application I have does not have any way to connect to it via a proxy.
Do you know of any software which will allow me to specify each program to use said proxy? I found proxifier but not sure of alternatives and what would be safe and trusted.
My issue is I want to decrypt the HTTPS of only one application, and not have my entire system go through it (I see I can limit this to only non browsers but that doesnt really help me too much), I want to just do it from a saftey standpoint, so that ONLY the program I want will be compramised in terms of HTTPS decryption.
Hopefully that makes sense and you could add some insight?
PS. It would be very cool if the devs could add this as a feature :)
That said, you also have the option to skip a process from being decrypted. That can be achieved through FiddlerScript and the exposed events, as shown in this documentation article. In your case, that would mean explicitly remove the decryption for any application that you wouldn't like to see decrypted.
Rank 1
Hello,
Thanks for the reply. In the code fir fiddlerscript do I replace "outlook" with the process window title? Im not sure how to implement the code could you give and example? Thank you.
You should know the process name or at least a crucial part of it and use it with some of the build-in methods (for example, in the sample code the method StartsWith). You could see the process name while using the X-PROCESSINFO flag (in FiddlerScript) or by directly seeing the actual process name within the Windows OS taskbar.
The documentation example is pretty much self-explanatory but you could refer to the documentation to learn more about the Session object and the OnBeforeRequest event.
An example on using X-PROCESSNAME with the OnBeforeRequest event.