Hello,

I've managed to get my inspector extensions working. It's been handy for me, and it may be handy for other people.

Are there standards for posting an extension on the Fiddler website?

Dear FiddlerCore people:

I would like to capture the Http POST stream to the server to extract the FORM and Cookie data.

I would like to only have a proxy for the current proc. This code sets the proxy for all the browsers, and

breaks the internet on using browsers while I'm working on this. I'm only interested in one particular

windows browser call. I can capture the cookies from the forms browser  but not the FORM in the

header. So I have to capture the call data with Fiddler. Once I have the data from the client prepared for the server,

I want to CANCEL the call and abort the forms browser call and do using the cookies and FORMS data.

the web request and response?

I'm only interested in the request and I will edit the request and send web request with the environment

of the forms browser.

My problem is that the website code spawns a new browser outside the thread I control in the form web browser.

I want to intercept the call and either edit it so it does not spawn a new client or send the request in webRequest and webResponse.

I'm looking at the oS data structure and starting to see what it contains. 

 What is the best way to edit this and cancel the current request in the session?

          Fiddler.URLMonInterop . SetProxyInProcess ( "127.0.0.1:8888" , "<-loopback>" );
            Fiddler . FiddlerApplication . Startup ( 8888 , false , false );
            //Fiddler . FiddlerApplication . Startup ( 0 , FiddlerCoreStartupFlags . Default );

             Fiddler . FiddlerApplication . BeforeRequest += delegate ( Fiddler . Session oS )
                {
                Debug . WriteLine ( "Before request for:\t" + oS . fullUrl );
                Debug . WriteLine ( String . Format ( "{0}:{1} >>{2}<<" , oS . id , oS . PathAndQuery, oS.RequestHeaders, oS.RequestMethod ,oS.RequestBody.ToString() ) );
                string code;
                List<Fiddler.Session> oAllSessions = new List<Fiddler . Session> ( );
                oS . bBufferResponse = true;
                Monitor . Enter ( oAllSessions );
                oAllSessions . Add ( oS );
                Monitor . Exit ( oAllSessions );
                };

Hey guys,

Bit stumped on this one - Just today HTTPS decryption has stopped working properly.

 To Be precise, if it is enabled, no data appears to be proxied to/from Fiddler. In Chrome/IE/Firefox, the session just hangs waiting for a response which never comes.

If I disable HTTPS decryption, everything works as expected.

I have double checked the certificate and reinstalled it (though if it were a problem I would expect the browser to tell me anyway!), I have reinstalled Fiddler and tried using a different PC (across the network, still via my local copy of Fiddler).

Has anyone seen this? I'm not sure where I should go from here!

 Cheers,

Michael

English 不懂得
FiddlerCore4 证书无效 如何解决
       if (!Fiddler.CertMaker.rootCertExists())
       {
           if (!Fiddler.CertMaker.createRootCert())
           {
               throw new Exception("Unable to create cert for FiddlerCore.");
           }
       }
       if (!Fiddler.CertMaker.rootCertIsTrusted())
       {
           if (!Fiddler.CertMaker.trustRootCert())
           {
               throw new Exception("Unable to install FiddlerCore's cert.");
           }
       }

 Invalid certificate

Hi guys:

I am trying to capture the javascript files that used an aspx webpage. 

By default, I only get the images, css and html.

 What could I try to download the js files.

 If I save the complete rendered page using IE, the javascript files are downloaded.

 Thanks in advanced

 David

 Hello,

 I couldn't find a security contact at telerik so opening a new threat here. Sorry if it's already discussed or resolved.

As I bloged at http://blog.jpcert.or.jp/2015/05/fiddler-cores-insecure-default-flag-may-lead-to-open-proxy-issue.html

The the expected behaviour of FiddlerCoreStartupFlags.Default seems to be different from what it should be because AllowRemoteClients is false under the default configuration of the stand alone Fiddler application. Because setting the flag to 'Default' is recommended in the developer manual, many developer could use the flag without understanding the possibility of 'Open Proxy' issue.

It would be nice if FiddlerCoreStartupFlags.Default is changed so that AllowRemoteClients is toggled off by default.

Thanks,

Masaki

Hello, 

I'm looking to use Fiddler in an unattended system and need to configure AutosSve to start automatically. Looking at the default options there's no ability to do this through the GUI. I assume this is something that will need to be configured through a JS script. Unfortunately I've not been able to find any documentation that outlines the correct Methods/Calls to use for creating the script. Can anyone help me with finding the resources to accomplish the autosave on by default. 

Thanks

I can see traffic from Chrome and Firefox just fine, but I get nothing from IE.

It was previously working, a month or so ago, on IE10. I've tried re-installing Fiddler and IE10 (not at the same time).

It worked while I was on IE8 but I don't want to use IE8.

It didn't work on IE9, 10, or 11 today.

I've tried starting Fiddler as admin / elevated.

When I load the URI http://ipv4.fiddler:8888/ in firefox I see "Fiddler Echo Service..."

When I load the same URI in IE I get "this page can not be displayed..."

I can get it to work briefly by manually setting winINET proxy to 127.0.0.1:8888, (and when this setting is in place http://ipv4.fiddler:8888/ works too) but if I touch the "capture" button in Fiddler at all (as if to enable or disable, either way) it stops capturing and doesn't restart until I manually re-enter the winINET proxy setting.

This would be semi-OK but I need to chain to another upstream local proxy and as soon as I enable this Fiddler stops capturing again. I should note I use the same setup with the two proxy apps on another machine with no problem.

 I'm guessing *something* installed on this machine is preventing Fiddler from editing my winINET proxy setting, but I don't know what it could be. AFAIK I have all the same software on the other machine which is working nicely. Can you maybe suggest how I could go about tracking down the offending bit of software, if there is one?

thanks,

Jeff

Hello, wondering this post is appropriate here. if its not please feel free to delete it.

I was using fiddler to find out the HTTP packets sent by Google Chrome. Just wondering if anyone has done this and knows the information inside the cookies that chrome stores? Does anyone know if I could get the device ID that chrome has assigned to my PC?

Thanks a lot!

I am trying to use Fiddler to decrypt and analyze https traffic on my computer, following the instructions here (http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/DecryptHTTPS).

When I choose "Decrypt HTTPS traffic," Fiddler prompts me to install the root certificate, and I do.  I also export the certificate to install in Firefox.

After installation, Firefox trusts the certificate, but Chrome & Internet Explorer do not trust it, and block all navigation.  When I open the windows certificate manager (certmgr.msc), the Fiddler certificate does not appear in the Trusted Root Authority store, even after I try to manually import it.

 Any tips?

Benj