FiddlerCore iOS Proxy Authentication Challenge

4 posts, 0 answers
  1. Trees
    Trees avatar
    4 posts
    Member since:
    Jun 2018

    Posted 04 Dec 2018 Link to this post

    Hello,

    I host remote FiddlerCore instance for remote debugging/etc. Obviously this is a bad idea, but I am trying to lockdown my instance from unauthorized users as an open proxy.

     

    Ideally it would be through firewall/iptables, but since ip changes it is not very useful to me.

     

    I would like to add proxy authentication, but iOS does not send "proxy-authorization"/"proxy-authentication" header, instead a proxy authentication challenge must be presented.

    Is this possible with FiddlerCore? Any other tips for locking down this instance?

  2. Simeon
    Admin
    Simeon avatar
    234 posts

    Posted 12 Dec 2018 Link to this post

    Hello Trees,

    Here is a blogpost which explains how to turn on proxy Basic Authentication in Fiddler.

    In FiddlerCore you could achieve this with two lines of code:
    FiddlerApplication.Prefs.SetBoolPref("fiddler.ui.ephemeral.rules.requireproxyauth", true);
    FiddlerApplication.Prefs.SetStringPref("fiddler.proxy.creds", "bXlVc2VyOm15UGFzc2NvZGU=");
    Where "bXlVc2VyOm15UGFzc2NvZGU=" is myUser:myPasscode base64 encoded.

    Regards,
    Simeon
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. Trees
    Trees avatar
    4 posts
    Member since:
    Jun 2018

    Posted 12 Dec 2018 in reply to Simeon Link to this post

    Simeon said:Hello Trees,

    Here is a blogpost which explains how to turn on proxy Basic Authentication in Fiddler.

    In FiddlerCore you could achieve this with two lines of code:
    FiddlerApplication.Prefs.SetBoolPref("fiddler.ui.ephemeral.rules.requireproxyauth", true);
    FiddlerApplication.Prefs.SetStringPref("fiddler.proxy.creds", "bXlVc2VyOm15UGFzc2NvZGU=");
    Where "bXlVc2VyOm15UGFzc2NvZGU=" is myUser:myPasscode base64 encoded.

    Regards,
    Simeon
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items

    This doesn't seem to work in FiddlerCore. The connections go through even with no credentials supplied.

     

  4. Simeon
    Admin
    Simeon avatar
    234 posts

    Posted 13 Dec 2018 Link to this post

    Hi Trees,

    Thank you very much for pointing this out. Now I see that indeed this feature is not enabled in FiddlerCore. I have just tracked an issue in our backlog to enable it in a future version.

    For the time being, you can use Fiddler for proxy authentication.

    Regards,
    Simeon
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Back to Top