Hello,
I've been using Fiddler for a few months now and have recently started going through the OWASP Security Shepherd testing challenges.
In one of the challenges - Session Management Challenge One - one has to fiddle with the header, change something to get a string returned which shows success for this challenge. The problem I'm seeing is that Fiddler does not let this response through but TamperData does. I eliminated other factors like browser, etc and it seems to be a Fiddler issue and I'd like to understand why that is.
Once the POST request is sent, Fiddler returns response with a length of 0. TamperData returns a response with a length of 713. I attached screenshots for both and and have the session from Fiddler if that is needed.
If someone could let me know if there's anything that I'm doing wrong to prevent Fiddler from returning that response, please do let me know. On that point, there are NO filters and no rules set up in Fiddler.
Thanks for your help in advance!