Last Updated: 27 Nov 2020 10:06 by ADMIN

When I go to File | Save | All Sessions it defaults to a directory (that is not where I want to store the debug information I collected).  

I store all problems I am working on in a different directory structure.  When I go to SAVE my debug session I would like to set the Default directory (structure) where I save all my other documentation for problems I am working on.  Having to "re-find" my documentation folder multiple times in 20 minutes of saving multiple debug sessions is tedious and non-productive.

I suggest a user preference that has these options:

Set default directory to: ..........   (It will always open to here when a SAVE is done)

Follow Last SAVE directory:  (Check box)     This will open whatever directory location you last did a SAVE to

User Fiddler's Default Location:  (Check box)     This is like a "Reset" to Fiddler's default location.



Last Updated: 18 Nov 2020 15:26 by Eric

When loading the SAZ file, the requests are ordered incrementally based on the order they were saved in.

For example, a Fiddler session was sorted by URL and then saved to SAZ. When the file is loaded, the requests are still sorted by URL but the original index numbers are lost and the requests are numbered incrementally as per this sort. This means that it is not possible to sort the session back to the original linear order by clicking on the index column (#) as it was possible to do before the save/load.

I've seen that the original index is saved in the Comments column. This is only a partial solution because:

1. When sorting by this column, a lexical sort is performed meaning the sessions would be numbered: 1,10,100,101,11,12..19,2,20,21 etc...
2. If the request had a comment associated with it, this overrides this feature and the original index number is lost.

Also, I know it's possible to sort by ClientDoneRequest as a good approximation but it obviously doesn't recreate the original order.

It would be beneficial to keep the original index numbers (even including the gaps between them) as there is information there that shouldn't be lost when saving.


As always thank you for your work on this wonderful product.







Last Updated: 16 Nov 2020 08:24 by ADMIN

This bug occurs in both Fiddler and Fiddler Everywhere so you may want to take a look.

The system I'm running on is Win7x64 with latest patches loaded.

Note that when Fiddler/Fiddler Everywhere is not loaded, I can access this website normally.

====== Message from Fiddler v5.0.20204.45441 for .NET v4.6.1 Built: 2020-11-03 ======
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 10:19:31.203
Connection: close

fiddler.network.https> HTTPS handshake to devblogs.microsoft.com (for #14) failed. System.Security.Authentication.AuthenticationException 呼叫 SSPI 失敗,請查看內部例外狀況。 < 接收到的訊息超出預期或格式不正確。

Win32 (SChannel) Native Error Code: 0x80090326

====== Message from Fiddler Everywhere 1.2.1 Built: Friday, November 6, 2020 ======
fiddler.network.https> HTTPS handshake to devblogs.microsoft.com (for #17) failed. System.Security.Authentication.AuthenticationException Authentication failed, see inner exception. < 接收到的訊息超出預期或格式不正確。

Win32 (SChannel) Native Error Code: 0x80090326
Won't Fix
Last Updated: 06 Nov 2020 17:51 by Eric



1. 在代码里Fiddler有什么方法可以把发送的请求信息记录到Composer History列表?(重点

2. 点击Excute按钮,是怎么把请求记录下来的?记录的请求保存在什么位置?


Won't Fix
Last Updated: 05 Nov 2020 07:03 by Adam
Created by: Adam
Comments: 4
Type: Bug Report
We downloaded Fiddler Classic from our site for evaluation, and when we try to distribute it via Google Drive (we are enterprise subscribers), we get a virus warning, and the download is not allowed.

I'm guessing this is a false positive, but want to verify that with you, and see if you know why it might be flagged as virus by Google's scanning service.

We are holding off distributing or evaluating the product for now, erring on the side of caution.


Adam Creighton
Studio Head, Enduring Games
Need More Info
Last Updated: 02 Nov 2020 13:02 by ADMIN


I'm testing a website that has a self signed SSL cert. I can navigate to this URL via an extra warning step on chrome (see attached screen shot).

However via Fiddler, I just get an error that "this site cannot be reached" and I can see it's dropped on the Fiddler side: I can see the tunnel CONNECT request, but no subsequent request.

I've enabled the option "Ignore server certificate errors (unsafe)" and restarted Fiddler, but the problem still persists.


As always, thank you for your work on this.



Last Updated: 23 Oct 2020 13:03 by Mark DeMichele

I recently am having an issue with MS Teams while running fiddler.  MS Teams keeps giving disconnect errors. That's when I noticed that fiddler it proxying it's traffic even though I have filters set to "Show only the following Hosts", and teams.microsoft.com are not included in the hosts.  I also notice other items in my sessions list that are not in my list of hosts so what is going on?

I don't really want to post my list of hosts publicly.  If you need them, please let me know and maybe I can email them to someone.


Last Updated: 12 Oct 2020 05:24 by ADMIN

Fiddler’s “Auth” Inspector uses Encoding.Default() for decoding base64-encoded BASIC auth credentials. This was common practice at the time this was first written but is now obsolete. https://tools.ietf.org/html/rfc7617, written much later, demands UTF-8.

Chromium and Firefox encodes credentials using UTF-8.


Won't Fix
Last Updated: 08 Oct 2020 17:09 by Jason

Please consider refraining from (or at least making optional) the sorting of the JSON property keys when using the JSON tree viewer.  For code which sends out complex payloads, having the properties reordered makes it hard to compare the tree to the actual payload sent.  For example, we send startXXX and endXXX properties at the end of our payload, and when Fiddler moves "endXXX" to the top of the tree, debugging becomes a pain.  Please allow the payload to be tree-visualized as constructed.

Need More Info
Last Updated: 05 Oct 2020 05:22 by ADMIN
Created by: S
Comments: 1
Type: Bug Report

When using Fiddler, there seems to be some bugs around resizing the GUI/UI, namely the dividers between sections such as between packet list vs. inspectors panes. It seems that when Fiddler is maximized full-screen, the divider (while using "Wide" layout) is shifted all the way up high, just beneath the initial packet in the list (Fiddler's update check).

I've been able to adjust the UI by manually manipulating Fiddler's registry settings, but even then it still seems finicky -- sometimes they take, sometimes they don't.

v5.0.20202.18177 for .NET 4.6.1
Built: Tuesday, April 14, 2020

Last Updated: 05 Oct 2020 05:18 by ADMIN
Created by: Kostas
Comments: 26
Type: Feature Request
I find myself applying the same filters again and again on each launch of Fiddler (I mean the filters listed below the list of requests).

I think it would be really great if you could allow the restoration of previously applied filters (e.g. by having a save/load filters option).

Also, allowing to filter out by "Request Method" would be great too.

Congratulations on this tool, by the way.

It is really great. :)
Last Updated: 05 Oct 2020 04:51 by ADMIN

Hi everyone.


A screenshot of the error is provided, I think there are extra characters in the form, these should not appear, it seems to be caused by a decoding error. Note that the transfer method "transfer-encoding: chunked".


Last Updated: 28 Sep 2020 05:13 by ADMIN

If the user configures a list of sites inside Tools > Options > HTTPS > "Skip Decryption for hosts", this configuration list is ignored if the AutoResponder is enabled with the "Accept all connects" checkbox ticked.

This should be fixed because otherwise it's extremely difficult to figure out what's going wrong.


Incidentally, this behavior might be responsible for this issue: https://feedback.telerik.com/fiddler/1479071-fiddler-refusing-to-ignore-teams-microsoft-com-and-is-causing-my-ms-teams-app-on-windows-to-break

Last Updated: 02 Sep 2020 10:28 by ADMIN


I've the following request response:

    "proId": 98767975948505330

This is correctly displayed in the "Raw Tab", but when switching to the JSON tab, the displayed number is not correct.


Could you fix this ?


Under Review
Last Updated: 01 Sep 2020 09:53 by ADMIN
Created by: Isaac
Comments: 6
Type: Feature Request
Lots of development software has dark themes because it is less stress on your eyes and looks cool.
Last Updated: 26 Aug 2020 18:17 by Jeff

"Target Any Process" feature no longer working with Chrome. It used to work but no longer works specifically with Chrome. Still works with other processes. Capturing still works with Chrome as long as I am not using the "Target Any Process" feature.

Last Updated: 21 Aug 2020 15:00 by ADMIN
Created by: Casidy
Comments: 1
Type: Bug Report

I was using Fiddler, working with AutoResponder, and hit an object reference not set error. I didn't notice anything obvious not working after dismissing the error.

I don't have exact repro steps, but thought I would pass along the stack trace.


Uncaught Exception in Session #118
Fiddler has encountered an unexpected problem. If you believe this is a bug in Fiddler, please copy this message by hitting CTRL+C, and submit a bug report at http://www.telerik.com/forums/fiddler.

Object reference not set to an instance of an object.

Type: System.NullReferenceException
Source: Fiddler
   at Fiddler.AutoResponder.(Session , ResponderRule ) in C:\Jenkins\Fiddler_Windows\workspace\FiddlerCore\FiddlerCore.Shared\Common\AutoResponder.cs:line 1787

   at Fiddler.AutoResponder.(Session ) in C:\Jenkins\Fiddler_Windows\workspace\FiddlerCore\FiddlerCore.Shared\Common\AutoResponder.cs:line 2026

   at Fiddler.Session.() in C:\Jenkins\Fiddler_Windows\workspace\FiddlerCore\FiddlerCore.Shared\Common\Core\Session.cs:line 5414

   at Fiddler.Session.‘() in C:\Jenkins\Fiddler_Windows\workspace\FiddlerCore\FiddlerCore.Shared\Common\Core\Session.cs:line 3628

   at Fiddler.Session.(Object ) in C:\Jenkins\Fiddler_Windows\workspace\FiddlerCore\FiddlerCore.Shared\Common\Core\Session.cs:line 3522

Fiddler v5.0.20202.18177 (x64 AMD64) [.NET 4.0.30319.42000 on Microsoft Windows NT 6.1.7601 Service Pack 1] 
Last Updated: 20 Aug 2020 19:09 by ADMIN
This seems to happen a non-trivial number of times, and it causes clients and scenarios to fail in surprising ways.
Last Updated: 20 Aug 2020 15:20 by Lutz

I couild highlight a row in the captured data and hit the context menu for Copy | Session and it would copy the data and present it in this type of format when pasted into notepad:


PUT https://xxx.xxx.xxx.xxx/service/core/v3/AssetPartitions/-1/DiscoveryJobs/29 HTTP/1.1

Accept-Language: en-US; q=1.0, en; q=0.9
X-SignalR-Id: f83b9717-2553-438f-b76c-4c3e70159a39
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjQyRjIzMDlCQzZGMkNFQzNBQzc1MTA3RUQyRTFCREE4NzEwQUI5MUIiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJRdkl3bThieXpzT3NkUkItMHVHOXFIRUt1UnMifQ.eyJBY3R1YWxVc2VySWQiOiIxIiwiQXV0aFRva2VuSWQiOiI2OTdlZDkzOC05YTY1LTQyZDctODI2MS04MGRiYzhkYTE1OWQiLCJyc3RzOnN0czpjbGFpbXM6dXNlcjp1c2VySWQiOiIxIiwidXBuIjoiU3VwZXIiLCJhdXRobWV0aG9kIjoibG9jYWw6cHdkIiwibmFtZWlkIjoiU3VwZXIiLCJuYmYiOjE1ODc0OTI1MzMsImV4cCI6MTU4NzU3ODkzMywiaWF0IjoxNTg3NDkyNTMzLCJpc3MiOiJ1cm46dG9rZW5hdXRoZW50aWNhdGlvbnByb3ZpZGVyOlNBRkVHVUFSRF9BUFBMSUFOQ0UifQ.Leqmwi7cbogsB_XYv9DpJ2SCgCtkl7WsY8Y6pXjfHVSm1P9-82ayeNK_J9rmQUdqZrWjmCeK4DxiyifKAzpgCJm5y0XgUX02jJ5RiD_i8EWOT6ywyxgRRKLefm36jHsWVavLpidJMo4QyOEUGX1OHw0-Cgv2kJyESwkNYLgVQB34WEGMSe2Sh1kVkQrVl-WwcmlckL7yw5rPaofje5lEXrbGMHbNTfBAuei08DVf49DBjV7FGZWRMpvB3mIpWqAZylTXu2DNcfol2ZuVYG1PmTY7pENZGzO98gT7c08Q6wqbZF1846F47oZ2wZXrcYRHkNO8nJ6N7JUN8koGMQ2P6g

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 1872
Content-Type: application/json; charset=utf-8
Content-Language: en-US
Vary: Origin
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Content-Security-Policy: object-src 'none'; img-src 'self' data:; font-src 'self'
Referrer-Policy: same-origin
X-Cluster-Role: primary
X-TokenLifetimeRemaining: 1433
Date: Tue, 21 Apr 2020 18:16:29 GMT

[{"DiscoveredDate":"2020-04-21T17:20:10.228Z","AccountName":"BobAdmin","AccountDomainName":null,"AccountId":10,"AssetName":"PAM-QA-WIN2019","AssetId":23,"AssetPartitionId":1,"AssetPartitionName":"Import","SshKeyProfileId":1,"SshKeyProfileName":"Import SSH Key Profile","SshKeyDiscoveryScheduleId":15,"SshKeyDiscoveryScheduleName":"Import SSH Key Discovery","PublicKey":"AAAAB3NzaC1yc2EAAAADAQABAAABAQCjJh0+dkm7SMIzhCVPaZTxu0pQA9uhScH26GSxDb5ddoYigi9dlq45/4zal230Nk4o3IQmbP7hLikKTCr2Y3GRUZJEJ8IdQe9zXtGnm+N2iczbmg9kGPcb6j3pMcfxrjZlcOFOXgRaz1tnJXdaSLuM4kI45+sJjtdJ9e/nDdX1HgWVyo0U3CO7q/k/srI1+KaetKW58iCIK6zZnoW8jUhmyXdxA/UkkOwUCdK7kQwOn6kBV7pRgErS1nWmd4RZ7UNi0iSpZdrg6yL7mngLfzS7ee4iZ2Hp3WUY8s1aYhPkDJcJl6uEbxy2NpwLvbUgCWcbJCUPRQUKAdheR7uJuTfF","Comment":"bross@prod@Q3LJ2RQ2","Fingerprint":"4D7280929A77CAD8C0EF03099AF90F4F","KeyType":"Rsa","Options":null,"KeyLength":2048,"AccountStatus":"Managed","IsIgnored":false,"IsManaged":true},{"DiscoveredDate":"2020-04-21T17:20:09.686Z","AccountName":"BobAdmin","AccountDomainName":null,"AccountId":10,"AssetName":"PAM-QA-WIN2019","AssetId":23,"AssetPartitionId":1,"AssetPartitionName":"Import","SshKeyProfileId":1,"SshKeyProfileName":"Import SSH Key Profile","SshKeyDiscoveryScheduleId":15,"SshKeyDiscoveryScheduleName":"Import SSH Key Discovery","PublicKey":"AAAAB3NzaC1yc2EAAAADAQABAAABAQDP1WLHVC8mq6ICGre8OUPi5FQMYxomTGlSgnVqIvIUHLNI8PPH0xpkOpfhlZASzu7WtHWX37LDvEcUqW0gYb0eYww56IeERHui5yuJ7ocJnXETO33W+n0pnYjZuyqxEjSa8P14O6smg5z6bxm+/StItb8GyL1kBdQdoVeVMfWUSUO/2qyvmK22QOS8df2Gl+MWcBvsoU6rrtTq5N9FlS05zFsQJGUt/MrV3qHhKUqviFEZ1sl5ziisRknWInCb+YTkq7a5HFSbSAjxHZDjwPJ92gTWs+W/n6GsSY9Xjnjx+rFfpD1bSD4JnjwJ2QUsbTLPutJ0CpLFdOUJbgzsQY1N","Comment":"Safeguard_Windows_SSH","Fingerprint":"850585DBE61DE4F2D638EC3DE66CCE83","KeyType":"Rsa","Options":null,"KeyLength":2048,"AccountStatus":"Managed","IsIgnored":false,"IsManaged":false}]


Now all I get is the URL...

Last Updated: 12 Aug 2020 08:36 by ADMIN

Most extensions and inspectors need to access the decompressed/unchunked body bytes to perform their function, requiring them to have an understanding of how to get those decoded bytes. To simplify this, add UnencodedRequestBody and UnencodedResponseBody properties to Session that return a byte[], for example:


         public byte[] UnencodedResponse() {
            if (!_HasResponseBody() || !Utilities.HasHeaders(oResponse)) return Utilities.emptyByteArray;

            if (oResponse.headers.ExistsAny(new[] { "Content-Encoding", "Transfer-Encoding" }))
                arrResponse = Utilities.Dupe(mySession.responseBodyBytes);
                Utilities.utilDecodeHTTPBody(mySession.ResponseHeaders, ref arrResponse);
                arrResponse = mySession.responseBodyBytes;


GetRequestBodyAsString and GetResponseBodyAsString can then be refactored to call these byte[] properties.

1 2 3 4 5 6