Thanks for FiddlerCore and the quick responses to questions on this forum.
I'm trying to intercept a webpage response, change some html, and have it display my change in the browser:

private void FiddlerApplication_BeforeResponse(Session oSession)

{

oSession.bBufferResponse = true;

oSession.utilDecodeResponse();

oSession.utilReplaceInResponse("TEXT-TO-REPLACE", "NEW-TEXT");

}

I should note that I'm using Windows 10, which I'm not sure if it makes any difference.  I know that the oSession's ResponseBody text is updated when I use this code, however it seems like it doesn't get passed on to the browser from this point.  Am I missing something?  I've even tried utilSetResponseBody(updatedBodyText), however this doesn't seem to update the returned page either.  Any thoughts or help would be greatly appreciated.

When running Fiddler with HTTPS decryption enabled, browsing to Google (and many other sites) results in a Firefox error page "This Connection is Untrusted", with the following error info:

"This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.​"

The Technical details say:

"www.google.com uses an invalid security certificate. The certificate is only valid for *.google.com (Error code: ssl_error_bad_cert_domain)"

I've already imported the Fiddler root cert into Firefox's CA store. The problem has only started occurring with recent Firefox versions.

Does anyone know how to resolve this?

Thanks,

    --- John.

I apologize if this question has been answered in another thread -- but I haven't seemed to find the answer yet.

I am attempting to write an app using FiddlerCore.  However, while my app is running, ​at least one Windows 10 app (News) does not respond.  By that I mean ​it tries to retrieve data ​but instead returns a "Service is Not Available" message.  The same thing happens if I try to use the standard Fiddler app. 

However as soon as I disable the Proxy server in Windows, all is well again.  So I'm assuming this has something to do with it, I'm just not sure how to go about fixing it.  Any help would be greatly appreciated.  Thanks!

Hello,

ClamAv finds the fidler installation (fidler4setup.exe) as a virus: ClamAV Win.Trojan.Kazy-2656

virus total link: https://www.virustotal.com/en/file/be33d6d0381c22355c0c6cab60aa518bd334e5bcca7107a829aeb784b56b1d97/analysis/

I've submitted the file as a false positive at http://www.clamav.net.

Regards,

arik@odi-x.com

Is it possible to use the command line to replay SAZ files with Fiddler? While I understand that you can specify a SAZ file to open with Fiddler from the command line, I am looking for something that will perform the following steps:

* Replay the SAZ file

* Exit with a reasonable return code

If this process could be run headless, that'd be even better. While this doesn't seem too much to ask, I haven't had much luck figuring it out myself. This will be part of a larger, automated process.

If I'm barking up the wrong tree, what is the recommended way to replay SAZ files in an automated fashion?

I am using fiddler as a proxy to an Xbox360 and I can't figure out why the certificates don't appear to be trusted.  This is the error I am getting and I have tried a few different solutions.

I have deployed the root certificate created by exporting the root certificate to the xbox360 itself and set another machine as the proxy.

Added fiddler root certificate to the Trusted Root Certificate Authorities on the proxy machine. 

When I run fiddler on the proxy machine I get a "tunnel to" with this exception.

12:55:47:1597 /Fiddler.CertMaker> Invoking makecert.exe with arguments: -pe -ss my -n "CN=*.sbx1.cdops.net, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com" -sky exchange -in DO_NOT_TRUST_FiddlerRoot -is my -eku 1.3.6.1.5.5.7.3.1 -cy end -a sha256 -m 132 -b 10/25/2014
12:55:47:3337 /Fiddler.CertMaker>8-CreateCert(*.sbx1.cdops.net) => (0).
12:55:47:3717 !SecureClientPipeDirect failed: System.IO.IOException Authentication failed because the remote party has closed the transport stream. for pipe (CN=*.sbx1.cdops.net, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com)

I did notice the root certificate is sha1 but the interception certificates are sha256.  Would that matter?  Our services webserver just needs to trust fiddler as a trusted authority right?  This used to work and we didn't have this certificate installed on the webserver previously so I'm leaning towards a configuration issue with my proxy machine.

I have also tried installing the certmaker plugin with the same error results.

Any help is appreciated,

John G.

Hi:
    Now there is a question that bothers me two weeks, to need your help. Please forgive me for writing English is not very good.
    My PC is win7 system, installed version is fiddler4, I was in company with the fiddler, the company's network is a LAN, my computer does not have Wireless network card,It is connected to the LAN via a network cable. My phone is iphone version 8.1.3, which is connected to the LAN via wifi.​
The PC can get Fiddler Echo Service and fiddler options in allow remote computers to connect already checked.But when I set the phone proxy, the mobile web not get Fiddler Echo Service.​

   I try to turn off the firewall, quit all my anti-virus software, also not run.Phone and PC can ping each other.So I do not know why, my phone can not connect to the computer
  Looking forward to your reply.

Tonight I was doing some development on a ASP.NET Web Forms app I'm writing at home. It was causing some problems and I wanted to see the HTTP traffic so I brought up Fiddler2 to give it a try. But the instant it came up it complained about something that it thinks I need to do on my Windows 10 machine. I don't know nor understand what it is, and since I was running out of time and needed to get on with other things, I closed the dialog box, did some more work on the app and tried to check it into to my repository on Visual Studio Online (VSO).

That's when things started to go badly for me. I couldn't check anything into VSO. VSO thought I wasn't event connected to it. It gave me an access error, something like "TF30063 Access denied". Now I'm trying to shut down my machine to go to bed, and I discovered that Fiddler was still up and running. I wasn't even aware that it was still up.

So my question is this, does Fiddler2 interfere with VSO? It certainly looks like it might, as I think this is more than just a coincidence that I was having this problem, I've never had this problem in the months that I've been using VSO and Fiddler2 was running in the background.

I am following along with a pluralsight tutorial on asp.net web.api. http://www.pluralsight.com/courses/one-aspdotnet-from-scratch

The instructor used fiddler to test the web.api outside of the browser using the compose window. I always receive 401 on my get call. So... I hit up the google magic which yielded various possible solutions. I have tried

1. selecting automatically authenticate from the options in fiddler

2. adding this to my web.config

<system.web>
    <authorization>
      <allow users="?" />
    </authorization>
  </system.web>

3. adding the following key to my registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\BackConnectionHostNames   value of localhost.fiddler

 None of these have worked.

What else can i try or what tool can i run to determine what is incorrect?

Dear Sir,

You must have heard of Wechat, do you know how to capture it's traffic when it sends or receives message etc., does it go with HTTP(S)?