Hi,

I use Fiddler Classic as a proxy between client and server. I tried to replace the entire response body for a request.

static function OnBeforeResponse(oSession: Session) {
...
var body = '<?xml version="1.0" encoding="UTF-8"?><Test/>';
oSession.ResponseBody = System.Text.Encoding.UTF8.GetBytes(body);
oSession.oResponse['Content-Length'] = body.Length;
oSession.utilSetResponseBody(body);
...
}

Within a .net application when the CheckCertificateRevocationList is set SSL connections can no longer be made while fiddler is running.

An example:

ServicePointManager.CheckCertificateRevocationList = true;

WebRequest request = WebRequest.Create("https://www.google.com");

var response = await request.GetResponseAsync();

This fails with

The remote certificate is invalid according to the validation procedure.

If I register a validation callback (ServicePointManager.ServerCertificateValidationCallback) too  see what is going on I see

SSLPolicyErrors = RemoteCertificateChainErrors

When looking at the X509Chain I see "The revocation function was unable to check revocation for the certificate.\r\n"

Some other threads on stack overflow indicated this may be due to no revocation list being attached to the fiddler root certificates.

So I was wondering if anyone was able to get fiddler to work with the CheckCertificateRevocationList= true.  I know I can disable it but that would not be good for security. I also could in the handler allow fiddler certificates, but I was hoping there was a way to generate the fiddler certificates in a way that worked with that setting.

https://vimeo.com/758966052

Pleas take a look at video above here.

I compare between fiddler classic and echo mirage and i want to know why fiddler can't capture it? and how to fix this. (fiddler classic can capture http(s) normally)

I can capture traffic, decrypt HTTPs from web browsers and other applications with Fiddler just fine.

But with this app, Fiddler doesn't see anything. Tried options like adding protocols,  checking ignore cert errors, even tried tried turning off HTTPS decryption. No difference, just nothing.

With Wireshark. I can see the SSL/TCP traffic.

Here's the app link (You can register for free with junk email to login via app)

https://tinyurl.com/4yd3e94r

Please help

Question

I want auto close tabs.

I'm every times doing this steps.

1. Launch Fiddler Classic
2. Close these tabs(Click mouse middle button to close)

• Fiddler Orchestra Beta
• Log
• Timeline
• Get Started
• Statistics
• Auto Responder

3. Start using Fiddler Classic

I'm tired.
I'm doing this about 1 year ago.

So, I want auto close tabs.

It is possible?
How can i do it?

Thank you.

Environment

• Windows 11 64bit
• Fiddler Classic: v5.0.20211.51073 for .NET 4.6.1

For example:

In the session, Host is 'www.aaa.com', URL is '/bbb/ccc?ddd'

I want to save this www.aaa.com/bbb/ccc?ddd to a local txt file,  so I run to fiddler script/ onBeforeResponse part,  save oSession.fullUrl to a local file.

But what I get is 'www.aaa.com:443'. I wonder how to save what I need with script, now it seems to omit the URL part and add '443' instead.

Hello, how can I configure Fiddler Classic, so that only one URL appears? since two identical URLs appear to me, but I only want one to appear, how can I configure it?, thanks.

Hi,

When anyone try to download fiddler classic and access this page: https://www.telerik.com/download/fiddler you force the user to enter email address.

This is not UE GDPR compliance

HI:

I'm try to use fiddler as reverse proxy ,and i Write a FiddlerScript Rule like this

if (oSession.host.toLowerCase() == "192.168.5.201:8889") oSession.host = "pubs.acs.org";

then i try access https://192.168.5.201:8889 , I get this:

 i know this is because cloudflare detective it as a ddos attack.

Does it possible to solve this problem?