Having an issue maybe I just need some ideas how to check.. have this mobile app that gets pushed a notification somehow to pull requests from a service (api), I have configured a fiddler proxy as the only means for the device having the app to reach the internet. When a notification comes so the app can reach for info I don't see any evidence of this on fiddler session logs, is there any way of seeing this somewhere without having to use more tools like wireshark? reason is https decryption seems little more complex there. Next issue is once the app reaches for info and send the request (the app does the request multiple times over a period of time to get the most updated info while waiting for user's action), and I'm tampering the response making sure I use "oSession.bBufferResponse = true;" in the "OnPeekAtResponseHeaders" for that method so response is not streamed to the client first then changing the response in the "OnBeforeResponse" method but it seems by visual observations the modified response doesn't get passed to the client until the 2nd or 3rd request, sometime you can observe the response displayed in the client is the unmodified one even though in the logs I can see I successfully tampered all the responses for all the requests. I'm looking for ideas on how to realize if I'm doing something wrong.
Thanks for whoever can give me a hand.
3 Answers, 1 is accepted
I understand that you have two issues with debugging your app traffic.
Firstly, you could enable Fiddler troubleshooting from the Help\Troubleshoot... menu. This will show all sessions in Fiddler. The ones which should be filtered will have strickethrough.
The first issue is that you do not capture the push notification from the service to your app. If the troubleshooting does not help, what protocol the notification is send over? Is it a WebSocket, secured WebSocket or something else? If it is secured, you have to configure the https decryption.
The second issue is that Fiddler is not always tampering the response before it is send to the client. Could you, please, elaborate on how you tamper the response. Sharing some code will be best.
Regards,
Simeon
Progress Telerik
Rank 2
Iron
Hi Simeon,
Thank you for taking the time to go thru my question and giving some advice. By now I have progressed slightly to the point where I'm 99.99% sure the responses are being tampered correctly so the second issue is no longer an issue I'd said :-). With that said, it seems the push notification contains enough information to make the UI of the app to behave in certain way and only when there is enough time for the app to actually request an update to the back end service and give me the chance to tamper the response is when it behaves the way I expect. This is an iOS app the one I'm having issues with and I'm not exactly sure if the information is coming as part of a formal APN on using a WebSocket (not my app and have no access to the developer), therefore I was expecting Fiddler to show me something but it seems like it doesn't? I have enabled the troubleshooting but nothing extra shows (nothing relevant I must say), I had also made sure of not filtering anything and capturing with an unmodified fiddler script to make sure is not my actual changes to the script what is causing issues.
Not sure if that is enough information but I think the key questions are:
1. Is Fiddler going to capture and show incoming push notifications at all? Maybe it is not and I need to resort to WireShark better.
2. If it is a incoming web socket stream same question as #1?
Thanks again and best regards!
Congrats on solving the tampering.
1. Is Fiddler going to capture and show incoming push notifications at all? Maybe it is not and I need to resort to WireShark better.
2. If it is a incoming web socket stream same question as #1?
The WebSocket protocol upgrade is always initiated by the client. The upgrade could be done from the HTTP or HTTPS protocol.
With that said, if you are not seeing the notification in Fiddler, assuming the HTTP and HTTPS proxy settings of the app are properly set to point to Fiddler, most probably the app is using a different protocol for the notifications.
Regards,
Simeon
Progress Telerik