Steps to reproduce:
Version: 5.0.20192.25091 (2019-06-04)
Platform: Windows 10 build 17134, .NET 4.7.1
Fiddler is great but the composer tab really needs some love. For example, it could do with text manipulation features from other applications - double click selects a chunk of text, but it doesn't appear to be aware of common symbols like : ? # " ' ; etc, instead it highlights up to the next space. If i were to do this in vs code or notepad++ it would be more intelligent about delimiters and highlight the portion before the : or inside the " ".
Pressing tab inside the editors moves to the next editor - this seems counter intuitive in this context as you'd expect the editor to insert a tab rather than move you to another field.
I've been using fiddler for years and this has always bugged me. I normally edit the request in another application and paste it in, but it'd be great if i could do some basic editing in fiddler itself. It shouldn't be full ide-mode, but a little bit of help would be appreciated.
Simple things that would make this much better:
It's incredibly an annoying prompt that occurs every. single. time. i open up fiddler.
Check for updates behind the scenes if an update exists and only let me know when an update exists
I have a connectivity issue when I run Fiddler (Progress Telerik Fiddler Web Debugger). I work behind a corporate proxy server and the server IP is changed every few hours. The change in IP is normally okay, but when I am running Fiddler with the 'Automatically Authenticate' option enabled, then Fiddler shows an error every time the proxy is changed; it shows a yellow error message suggesting "The system proxy was changed. Click to reenable capturing".
Clicking on the error in Fiddler works fine and it reconnects, but I find this frustrating because if i don't realise there was an error in fiddler and don't click it immediately then it affects my connectivity and some activities on my pc start to fail without me realising.
My suggestion is that you should let Fiddler auto-reconnect when this type of proxy change happens and when the 'Automatically Authenticate' option is enabled. I know it can't try to reconnect forever because it will cause an endless cycle for other people who have other types of proxy disconnects, but in my case it would be very helpful to let fiddler at least try once to auto reconnect (for me 1 retry is usually fine and Fiddler is able to connect to the new proxy address, but perhaps you can let the number of retries be a menu option so that users can set the number of retries that they want Fiddler to do after there was a proxy change or proxy error).
Thanks so much for your work, I really like Fiddler!
I hope you can bug fix this or add it as a feature, it will be very helpful!
Running into more and more issues where the end user are authenticating via a smartcard. If the issue is after the initial handshake then we may be able to turn on Fiddler after the authentication and everything is okay. If the issue is specifically to do with the authentication or authentication screens then we are stuck and have no tool to use to debug the issue, especially when it may involve multiple processes.
With appropriate new settings in the Fiddler Options, could the socket connection on a TLS send certificate challenge call the appropriate API to use the SmartCard reader as well as challenge for a pin/biometric instead of reading from a certificate.cer file?
My windows DPI scaling is set to 200%, as my resolutions to 2000x3000.
If I load fiddler normally, I see the following blurry text.
So i saw this bug report, https://feedback.telerik.com/fiddler/1361354-hope-the-fiddler-can-support-the-high-dpi-screen which suggested to load up fiddler with -dpiaware, and now some text is better, but most of the tabs and buttons are incorrect sizes in the composer. In my opinion its more usable with the blurry text. I also tried to change the Fiddler.exe.config - EnableWindowsFormsHighDpiAutoResizing from true to false, but the only affect this had was to change the size of the mouse cursor.
Any ideas on something else to try, or is this a limitation of Fiddler / .Net WinForms.
Fiddler's "Web Browsers" filter does not include msedge.exe as a web browser. This is the executable name of the new Chromium-based version of Edge that Microsoft is now working on.
This should be a one-line fix and very much appreciated by the many thousands of Fiddler+Edge users.
I find myself applying the same filters again and again on each launch of Fiddler (I mean the filters listed below the list of requests). I think it would be really great if you could allow the restoration of previously applied filters (e.g. by having a save/load filters option). Also, allowing to filter out by "Request Method" would be great too. Congratulations on this tool, by the way. It is really great. :)
I want to capture traffic from a Chrome Incognito window only.
When I click the 'pick target' button on the toolbar and point it at the Chrome window it picks up some particular process from chrome, but that does not seem to be the one from where network requests are sent from.
Looking at Chrome's Task Manager and comparing with what Fiddler shows, Fiddler is picking up the "Browser" process, while requests are coming from the "Utility: Network Service" process, thus the difference.
An acceptable solution for this would be if we could enter the process ID manually in the UI, instead of using the target picker.
Websocket monitoring is such a cool feature in fiddler. What i´m missing is the possibility to export all messages sent and received via the websocket.
In Wireshark i would associate that functionality with "Follow TCP stream".
The reason behind:
I want to search within the websocket communication for certain id´s patterns etc. This is currently not possible as every message is handled separately in fiddler.
What i would expect:
Beeing able to export selected or all messages in the WebSocket pane. (one could think of adding "received","sent" and a timestamp between the messages with a certain beginning to be able to filter those messages later.)
I would call the fact that:
- "Save" - "Selected Sessions" "as Text or ZIP" is only saving the websocket HTTP upgrade request together with the response but without the websockets payload
Or i am missing something. Comments welcome...
This is a copy of Fiddler's new Feedback Portal not working properly submitted to the Fiddler groups forum:
I have submitted probably a dozen or two bugs to the Fiddler Feedback portal https://fiddler.ideas.aha.io/ideas . Fiddler recently changed the feedback portal software and attempted to import all existing bugs. The import was not done properly. Every bug I reported the old links do not redirect to the imported reports. If I search for a report by title only arbitrary comments of the reports are included. There are no screenshots or attachments. Also I cannot login to the portal with my yahoo account, it says "Oh, no! Something's not right, but we're sorting it out." I was able to salvage some of what I reported from screenshots of the old site but I don't remember all of what I reported. Please retry the import so what users reported remains open for discussion and fixing. One particular bug is really a nuisance and hasn't been fixed when I have one session open raw in inspector and I click on another session I have to wait a long time. I don't remember what bug I filed over it but I know I filed something.
(Since the original post I have been able to login with my yahoo account. It does not show any bugs for my e-mail and they're still broken missing content and comments as "Imported User")
I would like a way to block all transfers made internally by Fiddler unrelated to what is being proxied because it disrupts my tests. I am using Fiddler in test cases where I need the data to be limited to what I'm sending through Fiddler. Every time Fiddler is started it makes one or more connections to fiddler2.com. For example http://fiddler2.com/Banners/BannerVersion.txt and also there's a survey connection sometimes as well. Those requests are redirected most of the time to a cloud server. I have to use various VM images to run some of the tests and I see it a lot in the packet captures. The update check I have blocked in the registry where I set BlockUpdateCheck to True. I could ignore fiddler2.com I suppose. Regardless I don't like it there is SSL traffic I can't account for or decrypt, and even if I could it would still be noise disrupting the data I need to check.
I found a preference fiddler.banners.showdefault and fiddler.telemetry.AskPermission but I'm not sure if they relate.
On a somewhat related point consider an option to disable telemetry, refer to Fiddler Script Editor disable internet access
My Fiddler log is usually filled with thousands of ClientHello warnings. It's a burden for me to read through the log with all those messages. For example:
23:42:42:4843 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:4863 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:4863 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:4863 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:4983 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:4983 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:5113 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance 23:42:42:5123 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
I discussed this with Eric Lawrence in the Fiddler Groups thread HTTPSLint> Warning: ClientHello record was xxx bytes long and he had a few suggestions: