Being the very noobie I am with https, how is it that Fiddler can decrypt what is in the headers? Does that imply that any "man in the middle" could decrypt those? Is it REQUIRED that I encrypt what is in the Header content? Or, if it is https, everything is encrypted including the headers?
1 Answer, 1 is accepted
0
Tsviatko Yovtchev
Telerik team
answered on 20 Feb 2017, 04:53 PM
Hi,
Fiddler does just that - man in the middle. Once you put Fiddler generated certificate in your Trusted Root store Fiddler can impersonate any website you visit. Any other party that has a certificate in your Trusted Root could do the same.
Regards,
Tsviatko Yovtchev
Telerik by Progress
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Explore the
Telerik Feedback Portal
and vote to affect the priority of the items