Remove Request Header from saved trace

2 posts, 0 answers
  1. Sean
    Sean avatar
    2 posts
    Member since:
    Apr 2012

    Posted 11 Oct Link to this post

    Hi, 

    For scenarios where we have vendors or customers that may want to share fiddler traces, is there a command or process we can have them put a fiddler trace through that would rip out all MSISAuth and MSISAuth1 header values (which will contain oAuth Access tokens)?

     

    I'm aware of the ability to remove the headers during capture, but the scenario I'm looking to work on is where we already have a trace and want to be sure we're removing headers that carry access tokens in the request data and it isn't just one or two requests (let's say hundreds) otherwise I would just delete the header value manually. 

     

    Thanks!

  2. Simeon
    Admin
    Simeon avatar
    11 posts

    Posted 17 Oct Link to this post

    Hi,

    By Fiddler traces I suppose that you mean Fiddler's Session Archive Zip (SAZ) files. If this is the case, please note that these files are simply zip files that are constructed in a particular way that Fiddler understands. You could rename the .SAZ file to .ZIP and use the Windows Explorer to see what is the inner structure of the SAZ archive. Basically, for each session x there are 3 files in the "raw" directory of the archive: x_c.txt, x_s.txt and x_m.xml, where x is the id of the session. x_c.txt is the client request, x_s.txt is the server response and x_m.xml is some metadata about session x.

    You could write a script or a small program, which opens the archive for modification, iterates through all x_c.txt and x_s.txt files and replaces all lines in the headers part which begin with ^(Set-)?Cookie: MSIS(\w*)=(\.)*$  with just ^\1Cookie: MSIS\2=

    I hope that this information is helpful to you.

    Regards,
    Simeon
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Back to Top