Pending Review
Last Updated: 23 Apr 2019 15:22 by Eric

Reformatter.cs, around line 880, needs to support the new JavaScript feature of allowing underscores as (ignorable) digit separators. Otherwise, the parser treats _ as the end of the numeric value which breaks reformatting.

 

See http://2ality.com/2018/02/numeric-separators.html

Pending Review
Last Updated: 19 Apr 2019 06:37 by Chee Wee
Created by: Chee Wee
Comments: 0
Type: Feature Request
1
Provide ability to autoscroll the WebSocket view when new WebSocket messages are added to the view.
Pending Review
Last Updated: 19 Apr 2019 06:36 by Chee Wee
Created by: Chee Wee
Comments: 0
Type: Feature Request
1
Provide ability to filter out ping/pongs in WebSocket view
Pending Review
Last Updated: 11 Apr 2019 13:02 by ADMIN

This is a copy of Fiddler's new Feedback Portal not working properly submitted to the Fiddler groups forum:

I have submitted probably a dozen or two bugs to the Fiddler Feedback portal https://fiddler.ideas.aha.io/ideas . Fiddler recently changed the feedback portal software and attempted to import all existing bugs. The import was not done properly. Every bug I reported the old links do not redirect to the imported reports. If I search for a report by title only arbitrary comments of the reports are included. There are no screenshots or attachments. Also I cannot login to the portal with my yahoo account, it says "Oh, no! Something's not right, but we're sorting it out." I was able to salvage some of what I reported from screenshots of the old site but I don't remember all of what I reported. Please retry the import so what users reported remains open for discussion and fixing. One particular bug is really a nuisance and hasn't been fixed when I have one session open raw in inspector and I click on another session I have to wait a long time. I don't remember what bug I filed over it but I know I filed something.

(Since the original post I have been able to login with my yahoo account. It does not show any bugs for my e-mail and they're still broken missing content and comments as "Imported User")

 

Approved
Last Updated: 11 Apr 2019 12:58 by ADMIN

I would like a way to block all transfers made internally by Fiddler unrelated to what is being proxied because it disrupts my tests. I am using Fiddler in test cases where I need the data to be limited to what I'm sending through Fiddler. Every time Fiddler is started it makes one or more connections to fiddler2.com. For example http://fiddler2.com/Banners/BannerVersion.txt and also there's a survey connection sometimes as well. Those requests are redirected most of the time to a cloud server. I have to use various VM images to run some of the tests and I see it a lot in the packet captures. The update check I have blocked in the registry where I set BlockUpdateCheck to True. I could ignore fiddler2.com I suppose. Regardless I don't like it there is SSL traffic I can't account for or decrypt, and even if I could it would still be noise disrupting the data I need to check.

I found a preference fiddler.banners.showdefault and fiddler.telemetry.AskPermission but I'm not sure if they relate.

On a somewhat related point consider an option to disable telemetry, refer to Fiddler Script Editor disable internet access

Approved
Last Updated: 11 Apr 2019 12:45 by ADMIN

My Fiddler log is usually filled with thousands of ClientHello warnings. It's a burden for me to read through the log with all those messages. For example:


23:42:42:4843 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:4863 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:4863 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:4863 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:4983 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:4983 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:5113 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:42:42:5123 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance

 

I discussed this with Eric Lawrence in the Fiddler Groups thread HTTPSLint> Warning: ClientHello record was xxx bytes long and he had a few suggestions:

  1. Stop logging these entirely, or maybe log them only when the handshake is between 255 and 512 bytes (https://cs.chromium.org/chromium/src/third_party/boringssl/src/ssl/ssl_test.cc?l=1082&rcl=9f0e7cb314ae64234b928fd379381ae9760a9a5f). I think today the warning in Fiddler is simply >255 bytes. But we should probably get rid of this logging entirely, as the buggy server appliances are probably out of the market at this point. Although maybe show a warning at >767 bytes as a) that's huge, and b) we found that there's a server called Gatling that fails on handshakes that big.
  2. Extend the existing interfaces related to Log handling to allow an extension to "eat" messages so that they don't end up in the log.
  3. Extend the Log tab to make use of that new interface to have an "Ignore regex match" box.

 

Pending Review
Last Updated: 27 Mar 2019 13:20 by ADMIN


Since I installed Fiddler on my machine, I am not able to connect to Team Foundation Server in Visual Studio (Version: 2013 Professional) if Fiddler is not running. I need to start the Fiddler first in order to connect to Team Foundation Server. I have tried various options that I found online. I even uninstalled Fiddler but still no luck.

Thanks in advance.

 

PS: I was not finding any other medium through which I should have communicated this, So, I've chosen to report it as a bug.

Pending Review
Last Updated: 26 Mar 2019 12:56 by ADMIN
Created by: Ravindhranad
Comments: 1
Type: Bug Report
0
I have Windows UWP app called HP Smart downloaded from Microsoft Store. When I enabled HP Smart application using Win Config menu and later I have enabled HTTPS traffic. After that I have started HP Smart application. But I see traffic from app as tunnel.. but app is not receiving any responses from the servers. I have exported the capture, please help me to fix this issue. Please notice packet no.2, I am not able to get any response. But if I stop fiddler then HP Smart App is able to communicate and get the data response for this request.
Pending Review
Last Updated: 22 Mar 2019 21:47 by Eric
Pending Review
Last Updated: 18 Mar 2019 15:45 by Alex
Created by: Alex
Comments: 0
Type: Bug Report
0

make windows have 2 languages for keyboard, e.g. en-us, and ru-ru; 

make key shortcut to switch langs: alt+shift as usual;

select current lang: eng

run fiddler until it accumulates some traces;

select one of the trace records, click on request panel, click on response panel, notice: lang has switched to RU now.

Pending Review
Last Updated: 11 Mar 2019 20:25 by Eric

"Target Any Process" feature no longer working with Chrome. It used to work but no longer works specifically with Chrome. Still works with other processes. Capturing still works with Chrome as long as I am not using the "Target Any Process" feature.

Approved
Last Updated: 11 Mar 2019 13:18 by ADMIN
Currently by listening to FiddlerApplication.OnWebSocketMessage it's possible to modify the incoming & outgoing messages but it's not possible to send independent direct messages in or out.

Adding the ability to send direct messages will give more freedom on injecting custom messages in both directions, repeating server response messages etc.
Currently if you need to inject an outgoing message you need to wait for the client to generate a message and only then intercept, modify and forward it. Sometimes the client may wait longer times to respond and a direct message mechanism would be quite useful to generate quicker responses.

From: How to send a new web socket message instead of modifying an existing one?
 (https://groups.google.com/forum/#!topic/httpfiddler/CC5XxiWfpuI) Related to: Add properties to WebSocket object (https://fiddler.ideas.aha.io/ideas/FID-I-146)
Pending Review
Last Updated: 25 Feb 2019 23:34 by Eric

The HTTP2 protocol has specific requirements about the characters that are valid in header names. If a server attempts to use one of these over a HTTP2 connection, the client will complain of a ERR_SPDY_PROTOCOL_ERROR.

This is particularly problematic because the problem will magically "disappear" when Fiddler is in use because Fiddler doesn't support HTTP2, and thus the problem characters are silently allowed by the browser using HTTP/1.1. https://twitter.com/ericlaw/status/1100175636595965957

Therefore, Fiddler's HTTP Protocol Violation feature should warn if a HTTPS response contains an illegal character in a HTTP header name or value.

Legal characters for names: abcdefghijklmnopqrstuvwxyz0123456789!#$%&'*+-.^_`|~

Legal characters for values '\t', '  ', 0x21 to 0x7E, and 0x80 to 0xFF.

https://tools.ietf.org/html/rfc7540#section-10.3


			
Under Review
Last Updated: 20 Feb 2019 23:45 by Roberto
Created by: Imported User
Comments: 1
Type: Feature Request
2
Once I had gotten Fiddler to run (had to tell Mono to run in 32 bit mode) and I had re-created the settings.txt file, I received this error when trying to capture traffic:

Fiddler/FiddlerAttach.applescript:7:87: execution error: /bin/sh: USB,127.0.0.1,8888,on,127.0.0.1,8888,on,0,0,off,0,0,off: command not found (127)
Pending Review
Last Updated: 20 Feb 2019 10:42 by ADMIN

This only occurs when double-clicking a SAZ file from Explorer when Fiddler isn't open.

v5.0.20182.28034 for .NET 4.6.1

---------------------------
Script Failure
---------------------------
Failed to load script.
 Microsoft.JScript.JScriptException: Type mismatch

   at Microsoft.JScript.Convert.CoerceT(Object value, Type t, Boolean explicitOK)

   at Fiddler.ScriptNamespace._Startup.Startup()

   at Microsoft.JScript.Vsa.BaseVsaEngine.Run()
Microsoft.JScript.JScriptException: Type mismatch

   at Microsoft.JScript.Convert.CoerceT(Object value, Type t, Boolean explicitOK)

   at Fiddler.ScriptNamespace._Startup.Startup()

   at Microsoft.JScript.Vsa.BaseVsaEngine.Run()   at Microsoft.JScript.Vsa.BaseVsaEngine.Run()

   at Fiddler.FiddlerScript._LoadScript(String sScriptFilename, Boolean bPlaySounds) in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Application\Scripting\Scripting.cs:line 315

   at Fiddler.ScriptBase.LoadRulesScript(Boolean bPlaySounds) in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Application\Scripting\ScriptBase.cs:line 198
---------------------------
OK   
---------------------------

 

This reproduces even when the FiddlerScript is basically empty, like so:

import Fiddler;

class Handlers
{

}

 

 

Sadly, because Fiddler's code has been obfuscated, it's difficult to see what caused this regression.

Completed
Last Updated: 19 Feb 2019 11:49 by Ian
Created by: Imported User
Comments: 5
Type: Feature Request
9
My Surface is work on 150% DPI , The App looks unclear.

THX
Pending Review
Last Updated: 13 Feb 2019 23:29 by Fergal
Response headers added from Fiddler-script (in reverse-proxy setup) are not sent to client. Even though the session shows them as sent. However, if I set a bpafter for that particular url it works! I Don't need to do anything else, just set the bpafter ang type 'g' to let it go. The client then see the response header.
Pending Review
Last Updated: 13 Feb 2019 21:19 by Eric
Created by: Qiu
Comments: 1
Type: Feature Request
0

Request a lighweight proxy forwarder like combination between Proxifier + AppContainer Loopback Excemption Utility in 1 desktop app. Since Fiddler is too heavy in CPU usage and Proxifier cannot forward any proxy to UWP desktop app (any apps from Windows Store).... no need extra feature but just a proxy forwarder like Proxifier + AppContainer Loopback Excemption Utility that works in any Desktop software environtment like OpenVPN adapter. Thanks.

Pending Review
Last Updated: 13 Feb 2019 21:17 by Eric
Created by: greg
Comments: 1
Type: Feature Request
0

The Tools -> HOSTS is a great feature, especially for situations that prevent local admin rights.  I find it difficult to know that the redirection is functioning when looking at the capture log.  It would be nice if something visual would standout to help draw attention that this rule was applied.

Thank you!

Pending Review
Last Updated: 08 Feb 2019 16:51 by Eric
Created by: Dave
Comments: 5
Type: Feature Request
1

It would be really great to be able to view requests and responses as a formatted json string.  Currently, you can show JSON, which uses some tree format, and you can show raw, which is just a flat hard to use string.

It would also be great to be able to format json inside the request composer so it can be easy to modify.

1 2 3 4 5 6