Hi, 

For scenarios where we have vendors or customers that may want to share fiddler traces, is there a command or process we can have them put a fiddler trace through that would rip out all MSISAuth and MSISAuth1 header values (which will contain oAuth Access tokens)?

 

I'm aware of the ability to remove the headers during capture, but the scenario I'm looking to work on is where we already have a trace and want to be sure we're removing headers that carry access tokens in the request data and it isn't just one or two requests (let's say hundreds) otherwise I would just delete the header value manually. 

 

Thanks!

Hi,

By Fiddler traces I suppose that you mean Fiddler's Session Archive Zip (SAZ) files. If this is the case, please note that these files are simply zip files that are constructed in a particular way that Fiddler understands. You could rename the .SAZ file to .ZIP and use the Windows Explorer to see what is the inner structure of the SAZ archive. Basically, for each session x there are 3 files in the "raw" directory of the archive: x_c.txt, x_s.txt and x_m.xml, where x is the id of the session. x_c.txt is the client request, x_s.txt is the server response and x_m.xml is some metadata about session x.

You could write a script or a small program, which opens the archive for modification, iterates through all x_c.txt and x_s.txt files and replaces all lines in the headers part which begin with ^(Set-)?Cookie: MSIS(\w*)=(\.)*$  with just ^\1Cookie: MSIS\2=

I hope that this information is helpful to you.

Regards,
Simeon
Progress Telerik