I'm using Fiddler to analyze an Android app. It communicates with the server through HTTPS, Fiddler has no problems to decrypt the traffc when using its root certificate.But the authentification of the app works using OAuth on a Cloudflare server and it seems to detect Fiddler's root certificate (the MITM).

I need to deactivate Capture HTTPS CONNECTs to make it work - it's not enough to deactivate Decrypt HTTPS traffic.

I wrote a small FiddlerScript, but it also doesn't work, since it deactives the decrypting only, not the capturing. Is there a hack for this?

 

This only occures on some Android apps. Sometime seem to have a weaker setting in Cloudflare and let the Fiddler root certificate pass through.

Is there a way to batch/bulk select sessions that are waiting on breakpoints -- whether request or response -- and then do a bulk "resume" on all of them? Currently, as far as I can see, you have to manually click the resume on each individual session, which can quickly snowball if there are a number of requests to process.

I'm sure I must be overlooking this ability, however, so any help would be much appreciated!

Thanks,

Fiddler works well with many apps on my PC except one that gives me the following message (image attached).

I tried fixiing the errors by clearing and re-installing certificates many times. It doesn't seem to work. If I click yes to the pop-up (in the image I attached), the app internet functionnalities stop working.

 

Did any of you had something similar? How could I fix this?

 

Can we add all the new incoming requests to auto responder automatically?

Is there a keyboard shortcut to scroll the session list to the currently selected/open session you're working on?

This would be very useful to not have to scroll the session list manually looking for the highlighted session you're on, particularly if you've lost track of whether you're above or below that session as you jump around investigating surrounding/later/earlier sessions for context.

Thanks!

I look fiddlercore demo ,there some code I don't understand , why when FiddlerApplication.Startup after , and also CreateProxyEndpoint ?

 

I test it ,if don't CreateProxyEndpoint ,the fiddler can still work

Hello, I'm a new user.

I've been using the hostname replacement using fiddler.

I was trying to update my Qt installation but the maintenance tool was defaulting downloads from slow mirrors. I was changing the hostname to faster mirrors.
The hostname replacement was working and the download speeds are improved (task manager shows Fiddler maxing the download speeds).

The problem is fiddler keeps spamming the link (see first attached picture) and even if one of them finishes downloading, it says that the session was aborted so the qt maintenance tool doesn't get the requested file and it gets stuck in a loop.

This only happens when it's downloading a big file. Small files (<10MB) gets confirmed to be downloaded in the qt maintenance tool.

I think it is because since the smaller files downloads right away, it gets registered as a response on the qt maintenance tool before it requests for another but since the bigger files are slower to download, the tool doesn't get a response right away so it spams requests, when the earlier requests finish downloading, the tool doesn't accept it. So the result is Fiddler keeps spamming requests even if the earlier request finish downloading.

How do I fix this?

Hi,

I'm running Fiddler for .Net 4.6.1 v5.0.20202.18177

In the Fiddler options dialog I have "Caputre HTTPS CONNECTs", and "Decrypt HTTPS traffic" enabled"

I have Postman installed on the same machine, with Fiddler set as its proxy. I make a https call to a cloud web service from Postman. I see a session row in Fiddler with a Host of "Tunnel to" that hits the URL of the web service.

If I select Help\Troubleshoot from Fiddler then it also shows the "real" session with the request and response payloads. If I right-click the "real" (filtered) session and select "Comment" then the following is displayed, repeated many times:

"Hidden due to FTS>Path"

I'm trying to prevent this "real" session being filtered. I've checked the filters at the bottom left of the Fiddler screen and none of them match. I don't have the filters tab enabled. 

How can I prevent my "real" session from being filtered?

Thanks,

Rob.

 

I updated fiddler to 5.0.20202.18177 and I constantly get 504 errors when hitting known working end points now. In the previous versions I did not. I also have a number of unit tests that hit these end points and they work every time I run them. So I know the server is working.

Any help or a method to roll back my version of fiddler would be great!