We are troubleshooting some performance issues on a CRM Online instance.

The site has ADFS configured single sign on  and without fiddler running this works fine.

The site also has a proxy server to access the internet which users are authenticated against using their internal AD network credentials.

Once fiddler is turned on and capturing traffic the SSO to the online instance no longer works and users are presented with a series of ADFS login boxes to our internal ADFS urls - it seems like running fiddler interrupts the exchange of credentials that underpins SSO. Entering the user's domain credentials allows the user to view the CRM Online instance (they can enter domain\username and their password to proceed). Once entered the user is not prompted again for that session.

we have also seen occasional prompts for credentials from other random internet sites while fiddler is running - public websites that should not need authentication. It is unclear to me whether it is our internal proxy that is requesting the credentials but claiming that the website needs authentication - see attached screen cap. In this case, entering a user's network credentials to authenticate to the proxy allows access

 Are there any tips for :-

a) running fiddler on CRM Online instances (beyond decrypting the traffic so fiddler can see it)

b) running fiddler on applications that use federated SSO solutions

c) tuning Fiddler to not interrupt authentication traffic

Thanks

I use latest version of fiddler. but when every capturing the traffic either http or https, the WebView inspector doesn't work at all. it always displays the blank page although I have been decode the response

this is screenshoot: http://i.imgur.com/p0SgJDW.png

thanks

I am trying to use Fiddler 4.6.1.4 to determine the format of http control strings for an IP camera.

I need to be able to exercise various camera functions from its application which runs within a browser after entering its IP address.

The application will only run completely correct in IE.  When using any other browser, only part of its functionality is available and excludes functions I need to test.

The problem is, I have been able to successfully use Fiddler with Firefox or Opera for this purpose but not IE.  I am running Windows 7 and have tried IE11, IE10 and now regressed to IE9 and all have the same problem.  When the IP address is entered and the application starts to load, Fiddler captures all of the resulting traffic but when the application is done loading, the app controls will operate the camera but none are captured by Fiddler.  This does work correctly, with apparently the identical internet proxy settings, with, e.g., Opera (but with only the limited camera functions noted).  With any of these browsers, Fiddler does appear to automatically set the proxy settings as expected but only with IE does it not respond to commands sent.

I have tried everything I can find on the net and in your troubleshooting guidelines to no avail.  Please suggest how I can resolve this issue.

I was wondering whether there was either:

1. A complete, up-to-date list of all Fiddler session flags, or
2. A programmatic way to print all valid session flags in Fiddler itself.

Regarding 1: The online documentation contains a list of 30 session flags, which is less than half of the flags. Appendix C of the 2nd edition of Debugging With Fiddler (which I bought from GumRoad) contains a far more complete list of 67 flags, but also contains the following warning: "The list of supported flags grows with each update to Fiddler." The 2nd edition was released March 2015, and there have been a bunch of updates since then.

• Have any flags been added since March?

Regarding 2: This would be cool because it would reduce reliance on documentation (which tends to get out of date) or the book (which is infrequently published). Is there a way to do this?

On a related note, is there going to be a 3rd edition of Debugging With Fiddler? I was thinking of buying the 2nd edition paperback, but if there's a new one in the works I'd be inclined to buy it when it comes out.

On an unrelated note: I can't even describe how much I have enjoyed working with Fiddler! I was introduced to it about 6 months ago in a testing job, and I've continually been amazed at its sheer power and extensibility. You've created something absolutely beautiful, and I smile every time I use it. Your efforts in supporting the community (both here, and on StackOverflow) are monumental, and I hope Fiddler continues to blaze forward into the future!

ok, so some basic information to get out of the way:
I'm in a corporate office that uses Group Policy to set settings. I am also NOT an administrator on my machine. Fiddler is, however, running elevated (or at least, it says it is)

Prior to last week, I have had IE9 with Fiddler4 and been able to use fiddler without issue. The major change that has happened in the interim is that IE11 was pushed to my machine. as soon as that happened, I have been unable to use fiddler.
I've done some tracking down with our Services team, and we found that our Anti-Virus/Malware/Spyware software is blocking Fiddler from making changes to proxy settings. We were able to validate this by first noticing a entry in the log of the Security software, but also by disabling the Security software and then run fiddler and it worked. The funny thing is, there have been no changes to the policy of the Security on the machines. The only change has been to move from IE9 to IE11. 
 So, I guess my question is this: I realize that since they are different versions, Fiddler will interact differently with ie9 and ie11, but was it really that big of a change to how it interacts that now the Security will catch it? We are just trying to understand this so that we can make smart changes to policies that can allow us to use Fiddler, but not be a large security hole.

Thanks in advance.

I'm using Angular + BreezeJS to talk to an ASP.NET WebAPI which supports http batch requests. When Fiddler is not capturing traffic, my batched requests complete, i.e. if I look at the XmlHttpRequests readystate I can see they change to a value of 4. When Fiddler is capturing traffic, the readystate never goes beyond 3 and so the responses aren't processed. Any help would be greatly appreciated

 Here's the request:

POST http://localhost:63885/api/batch HTTP/1.1
X-Breeze: true
X-Requested-With: XMLHttpRequest
Accept: multipart/mixed
Content-Type: multipart/mixed;boundary=batch_4e3c-3e36-31c2
Referer: http://localhost:63885/confirm-profile
Accept-Language: en-ZA,en;q=0.5
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Content-Length: 1584
Host: localhost:63885
Connection: Keep-Alive
Pragma: no-cache


--batch_4e3c-3e36-31c2
Content-Type: multipart/mixed; boundary=changeset_1c4c-ba7e-a1a6

--changeset_1c4c-ba7e-a1a6
Content-Type: application/http
Content-Transfer-Encoding: binary

POST http://localhost:63885/api/users HTTP/1.1
Content-ID: 1
X-Breeze: true
Accept: application/json;q=0.5, */*;q=0.1
Content-Type: application/json

{"Id":"10b2c6f7-78b9-49c1-8d34-e74c83ebe74c","LastSession":null,"IsSiteAdministrator":false,"Anonymous":false,"ArrowSetId":null,"Category":null,"ContactNumber":"**********","CurrentUserProductId":null,"DateOfBirth":null,"Email":"paul@*********","EmailDayOfWeek":null,"EmailFrequency":"1","EmailStart":null,"ExpiryDate":null,"ForceMix":false,"Gender":null,"HasAcceptedDisclaimer":false,"HasAcceptedTerms":false,"HasTabletAccess":false,"HideLeaderboard":false,"HideReports":false,"IconSetId":null,"IsApproved":false,"LanguageCode":null,"LastActivation":null,"LastEmailDate":null,"LocationId":null,"LogoId":null,"LowPerformance":false,"MaximumLevel":0,"MaximumTrainingTime":null,"Name":"REBMBBMGBDJM","OverrideTeamEmailSettings":false,"ParentId":null,"Password":"***********","ReportType":null,"SendAssessmentEmail":false,"SendExpiryEmail":false,"SportId":null,"Surname":"MEBMBBMGBDJM","TeamId":null,"TimeZoneId":null,"TimeZoneOffset":0,"TrainingFrequency":null,"TrainingSettingsOverrideTeam":false,"TrainingTime":0,"Username":"1011051370","CreatedById":null,"DateCreated":null,"DateDeleted":null,"DateModified":null,"DeletedById":null,"ModifiedById":null,"IsDeleted":false}
--changeset_1c4c-ba7e-a1a6--

--batch_4e3c-3e36-31c2--

And the response

  HTTP/1.1 202 Accepted
Cache-Control: no-cache
Pragma: no-cache
Content-Type: multipart/mixed; boundary=batchresponse_ff4247ba-0255-4278-bef1-13581b91ca5a
Expires: -1
Server: Microsoft-IIS/10.0
DataServiceVersion: 3.0
X-SourceFiles: =?UTF-8?B?QzpcUHJvamVjdHNcZXllZ3ltLXZpdGFsaXR5XFNvbHV0aW9uc1xFeWVHeW0uV2ViLk12Y1xhcGlcYmF0Y2g=?=
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Date: Wed, 02 Dec 2015 14:34:08 GMT
Transfer-Encoding: chunked

7f7
--batchresponse_ff4247ba-0255-4278-bef1-13581b91ca5a
Content-Type: multipart/mixed; boundary=changesetresponse_d7c9deab-73ce-4df0-991a-ea8baad0a9dd

--changesetresponse_d7c9deab-73ce-4df0-991a-ea8baad0a9dd
Content-Type: application/http
Content-Transfer-Encoding: binary

HTTP/1.1 201 Created
Location: http://localhost:63885/api/users/10b2c6f7-78b9-49c1-8d34-e74c83ebe74c
Content-ID: 1
Content-Type: application/json; charset=utf-8

{"LastSession":null,"IsSiteAdministrator":false,"Anonymous":false,"ArrowSet":null,"ArrowSetId":null,"Assessments":[],"Category":null,"Children":[],"ContactNumber":"********","CurrentUserProduct":null,"CurrentUserProductId":null,"DateOfBirth":null,"Email":"paul@**********","EmailDayOfWeek":null,"EmailFrequency":1,"EmailStart":0,"ExpiryDate":null,"ForceMix":false,"Gender":0,"HasAcceptedDisclaimer":false,"HasAcceptedTerms":false,"HasTabletAccess":false,"HideLeaderboard":false,"HideReports":false,"IconSet":null,"IconSetId":null,"IsApproved":false,"LanguageCode":null,"LastActivation":"2015-12-02T14:34:08.000Z","LastEmailDate":null,"Location":null,"LocationId":null,"Logo":null,"LogoId":null,"LowPerformance":false,"MaximumLevel":0,"MaximumTrainingTime":null,"Name":"REBMBBMGBDJM","OverrideTeamEmailSettings":false,"Parent":null,"ParentId":null,"Password":"**********","Products":[],"ReportType":0,"Roles":[],"Scores":[],"SendAssessmentEmail":false,"SendExpiryEmail":false,"Sport":null,"SportId":null,"Surname":"MEBMBBMGBDJM","Team":null,"TeamId":null,"TimeZoneId":null,"TimeZoneOffset":0.0,"TrainingFrequency":0,"TrainingSettingsOverrideTeam":false,"TrainingTime":0,"Username":"1011051370","CreatedById":"00000000-0000-0000-0000-000000000000","DateCreated":"2015-12-02T14:34:08.000Z","DateDeleted":null,"DateModified":null,"DeletedById":null,"ModifiedById":null,"IsDeleted":false,"Id":"10b2c6f7-78b9-49c1-8d34-e74c83ebe74c","Links":[],"__metadata":{"type":"User"}}
--changesetresponse_d7c9deab-73ce-4df0-991a-ea8baad0a9dd--
--batchresponse_ff4247ba-0255-4278-bef1-13581b91ca5a--

0

I am trying to capture sockets traffic between two programs on my PC. We use port 2600.

Can fiddler do this?

When running fiddler (default parameters) it does not show any traffic.

Hello,

 first of all, thanks a lot for this great advantage piece of software :-)

 I am a little bit stucked with my problem, so maybe I've missed something.

A project, i am currently working on - running "locally" in a VirtualBox, bridged network. (PHP / Yii Framework) When I load a page, there are access times around 550ms - 2,5s. This does not really depends on a keep alive or a new connection. Page generation time is mostly around 200ms.

Now when I start Fiddler, the first page load after that is around 20-40ms more than page generation time and all next loads as fast as the first - not much more than 300ms. I can wait 2 minutes and load a new page, and I get the same results.

That is really awesome, but I don't think, I can convince my customers to install Fiddler :-))

I have read a lot about that problem - the keep alive problem is excluded (I also disabled the options in Fiddler) Firebug marks it as "waiting time" without more info, when Fiddler is unactive.

Any advices?

Hello ,

Some sites has hidden codes/values when you can't see the source of the site but when you inspect element in the browser , you can see the hidden values.

with view source and fiddlers responce

 ....   <form class="login-form _____" action="https://members.test.com/login" id="login" onsubmit="return false" method="post" novalidate><input type="hidden" class="____" name="____"> <input type="hidden" name="action" value="https://members.test.com/login"><div class="block-box"><div class="block-box-title">  .......

with inspect element

....   <form class="login-form _____" action="https://members.test.com/login" id="login" onsubmit="return false" method="post" novalidate><input type="hidden" class="____" name="____" value="0793a815cf2b218d2a9217aa3b22f3bc 03d5f2a1f35cac4fc0d000b68d58df36 04e1da572fc15fedbf66059f9d0cc2ab 086ce652e11ca02b877f1d29eda9eb2d 04cf455b651e7c0339e905c60eb41450 005be02ab052d6d03dd3eb363be925ac 0852cfee122194294aaa2e75edc7105b 070ee6fb00c94d6e0ce04c928f3e3c5f 01ab8df0fa4145efc2a8ac2ade92e36c 0972785c4d1a1edd70967260be90f2ff"> <input type="hidden" name="action" value="https://members.test.com/login"><div class="block-box"><div class="block-box-title">  .......

so , when you do inspect element in any browser you got value="0793a815cf2b218d2a9217aa3b22f3bc 03d5f2a1f35cac4fc0d000b68d58df36 04e1da572fc15fedbf66059f9d0cc2ab 086ce652e11ca02b877f1d29eda9eb2d 04cf455b651e7c0339e905c60eb41450 005be02ab052d6d03dd3eb363be925ac 0852cfee122194294aaa2e75edc7105b 070ee6fb00c94d6e0ce04c928f3e3c5f 01ab8df0fa4145efc2a8ac2ade92e36c 0972785c4d1a1edd70967260be90f2ff 

Is it possible to see this in fiddler ?

I use Fiddler to redirect the browser to local resources to test my library components before I push them up to github.  This works really great using localhost while working in webstorm.  

If I want to work without internet though (e.g. on a plane), the redirect fails.  I get net::ERR_TUNNEL_CONNECTION_FAILED errors in the browser for resources that I would normally redirect to local versions.  

 I thought that Fiddler would intercept these requests and just respond with the local resource, but the browser is trying to GET from the remote resource.  

Why is this and how can I fix it?