I'm logging A HUGE amount of sessions as part of some troubleshooting and fiddler is becoming very slow to respond (in some cases unusable) as a result. My thinking of working around this was to get Fiddler to save the sessions to a file every x sessions then clear the list.

My FiddlerScript looks like this (this should save every 100 sessions to a file, though when it works I will increase this number):

//---------------------BEGIN FIDDLERSCRIPT EXCERPT---------------------
var numberOfLoggedSessions: int = 0;
var savedArchivesCount: int = 0;

class Handlers
{
...
    static function OnDone(oSession: Session) {
        if (numberOfLoggedSessions > 98) {
            FiddlerApplication.UI.actSelectAll();
            numberOfLoggedSessions = 0;
            var sessionsToSave: Session[] = FiddlerApplication.UI.GetSelectedSessions();
            savedArchivesCount ++;
            FiddlerApplication.UI.actSaveSessionsToZip("C:\\Users\\storage\\Desktop\\" + savedArchivesCount + ".saz");
            FiddlerApplication.UI.actRemoveSelectedSessions();
        } else {
            numberOfLoggedSessions ++;
        }
    }
...
}
//---------------------END FIDDLERSCRIPT EXCERPT---------------------

When I test it, it seems to work, so I leave it for a bit and eventually come back and see an error message that I don't understand:

There was a problem with your FiddlerScript.

Number of selected items does not match actual selected items.
  at
System.Windows.Forms.ListView.SelectedListViewItemCollection.get_SelectedItemArray()
  at
System.Windows.Forms.ListView.SelectedListViewItemCollection.CopyTo(Array dest, Int32 index)
  at Fiddler.frmViewer.WeakStoreWebSessionsBeforeDelete(Object oLVIC)
  at Fiddler.frmViewer.actRemoveSelectedSessions()
  at Fiddler.ScriptNamespace.Handlers.OnDone(Session oSession)
  at Fiddler.FiddlerScript.DoSessionCompleted(Session oSession)

Do you have any ideas what's going wrong?

Hi,

I have two websites, 1.com and 2.com, running as virtual hosts on the same IP address.  Both sites are SSL, so the SSL extension Server Name Indication (SNI) is used to indicate which host a connection is requesting.  The test instances for these sites are set up with the same names as production but on a different IP address.  To access the test sites without hacking my hosts file I use fiddler with a customized CustomRules.js to override the host the requests are sent to.

static function OnBeforeRequest(oSession: Session)
{
  if (oSession.HostnameIs("1.com") ) {
    oSession.bypassGateway = true;
    oSession["x-overrideHost"] = "10.0.0.1:" + oSession.port;

  }
  if (oSession.HostnameIs("2.com") && oSession.uriContains("/blah/"))  {
    oSession.bypassGateway = true;
    oSession["x-overrideHost"] = "10.0.0.1:" + oSession.port;
  }



This works perfectly when I enable one or the other redirection at a time.  However, there is a page on 1.com which contains iframes which loads content from both sites and when I enable both redirects I get continuous "400 Bad Response" errors in the iframes for content from 2.com and the web server logs the error "Hostname 1.com provided via SNI and hostname 2.com provided via HTTP are different"

If I remove the test << && oSession.uriContains("/blah/" >> from the fiddler script, content loads most of the time from 2.com, but there are still sporadic 400 bad response errors.

Can anybody help please?

thanx
Simon

Hello,

There is the very helpful Utilities.TrimBeforeLast() function in Fiddler script. However, I really need to perform a Utilities.TrimAFTERLast(StringVar, "}") to remove the extra characters after a JSON object i've captured. Is there any way I could produce this equivalent result with fiddlerscript?

Thanks
Kevin J

   var bodyString = oSession.GetResponseBodyAsString();
if (oSession.oResponse.MIMEType.Contains("html")) {
var regex = /jimmy/;
if (regex.test(bodyString)) {

oSession.oRequest.FailSession (404, "Blocked", "Fiddler blocked product service request");
}
}

Basically, How do I tell Regex to find the string jimmy present in body, if found, then block the page?

Thank you

I'm using WCF binary in a Silverlight app. Since latest updates Fiddler interferes with WCF binary traffic and corrupts it. Seems to happen only when "Decode" is enabled in Fiddler.
I'm on Windows 8.1.

Hello,

In FiddlerScript I am setting x-no-decrypt, and I want to kill the connection after a single request has been sent and its response received.  The app that I'm proxying traffic for will then reconnect to re-establish its connection, and, this time round, I don't want to set x-no-decrypt.

How do I do this?

The background is that I'm security auditing an app where the code looks like this:

// connect to HTTPS server
// GET /hello
// check the HTTPS certificate of the server and if it isn't this hard-coded one then throw an exception
// POST /login?username=foo&password=bar

I suspect, and want to demonstrably prove, that the networking library that the app is using will try to be helpful and reconnect the HTTPS connection if it is dropped after the response from the GET is successfully received and before the POST is made.  This essentially means that the server certificate check against a hard-coded one is useless, and I want to prove this using Fiddler.

Thanks!

David

I have been using Fiddler to tract redirects/404 and other HTTP
status codes by inputting URL to the composer.

It is very manual and repetitive task when checking multiple
URLs, so I wonder does anybody know how to perform bulk URL check? Is there a
way to import/export URL lists?

Thanks!
Regards,
Galina

I can use the following info in the 'Parsed' tab with success, however it fails using the 'Raw' tab.
[Error:]
    sRequest did not represent a valid HTTP request
    Parameter name: sRequest

[Info used in 'Raw' tab:]
GET http://localhost:49589/api/values HTTP/1.1
User-Agent: Fiddler
Host: localhost:49589
Authorization: Bearer zurCykiDBNfxe_0lARMLJ1Pv1-nA7uig-wQ7rKr3EM5Pj6Wlw9HGS4r23PaKBrhWj5tDcIjt-T44rfGUJbzN_isKdjvdVHDCnpa4vuLf-E_WaMMKXObBGG6wz6CoQuph7cwzeKARIczua1dEdUpbBchmX33vKDoINCYJj2125DG0F9KdVp8Iv0XQkbXYLFBT4IU7YJT9grXfMBu9KWQc_utSlSd8hPbq7yxlu6JAI6y8DVL0b6m7k1QhUK7WB5aWaHJGUp6xy-hAmPydiUrsb1bQROaC4ZWJXpB8IDjF2WxOcPaMHDjBwezHVrE2VbLkNaV37MndwhgweCMFEzo6fmNhCHrWfS6bqtEB_ApLwvTm7ygovvDJVHvqC8tHeNFjbgLnqStZRQ8WSSLmfBbPjNOAOCNqp9RqrXkEQ6y1WwsqdqNG4thme1ZNuzhCDZuuew3tq2eAgba25iqZB4fptGXmZANKtC4yUEybqrpNT9A

After successfully having written some script-code for custom columns and a custom tab, I have two questions:
1. Is there a way to format colums right-aligned, or, even better: comma-aligned?
Example code:

2. How can I get the monospaced font in my custom tab (and get it back in the "Statistics" tab)?
After opening Fiddler the font in my custom tab is a proportional font. When I save my CustomRules.js the font changes to a monospaced font. As long as I don't know better I need the monospaced font for formatting the text I want to show in the tab. Maybe it has to do with my "Statistics" tab, where I have no monospaced font anymore (and therefore no properly aligned colums in the text). It would be nice to have the monospaced font immediately after the program start.

Feedback/wishlist:
- Timestamp columns and "Overall_Elapsed" don't use my local decimal separator (comma in Germany). The same in the "Statistics" tab. (In the "Statistics" tab under "Estimated Worldwide Performance" the values are shown with commas.) Copying columns and inserting in Excel requires properly formatted text.
- "Body" column ist formatted right-aligned (nice) and with (my local) group separator (nice), but the "Request" column ist left-aligned with no group separator
- During writing a function I usually write something, press ctrl-s and have a look at the result, change the function, press ctrl-s and so on. It would be nice, if the tab in front (my custom tab I write the function for) could stay in front to see the result immediately without the need for another mouse click.

Hello,

I created an extension and my last problem is that I cannot differentiate between a new session and a Session which the user clicks on.
When I click on a Session, my extension receives an AutoTamper event, and there I would like to differentiate if it was a new session, or just the user clicked on this. I only want my extension to react to new sessions.

Is it possible to check if its a new session easier than creating arrays containing all the sessions and checking them if they were already sent once? 

Thanks,
Zsombor Fuszenecker