Under Review
Last Updated: 18 Jan 2020 02:28 by Hein
Created by: Isaac
Comments: 4
Type: Feature Request
19
Lots of development software has dark themes because it is less stress on your eyes and looks cool.
Pending Review
Last Updated: 06 Jan 2020 16:21 by Eric

Fiddler UI mnuSessionContext "Inspect in New Window",which method of fiddler call?

I didn't find the corresponding call method in the fiddlecore document.

Please @Eric

Pending Review
Last Updated: 16 Dec 2019 19:51 by Eric

 

 

 

(Some blocking rules are not shown)

 

When I use the "filter now" function, it does not filter properly.

It goes like this:

Prior to this, I used the "Filters" feature, but there was always a link that was not blocked.(this url: https://watson.telemetry.microsoft.com/Telemetry.Request  )

With the "Filters" function turned on, I used the "Filter now" function several times to block this link, but the result was only blocked at that time, and then came out again.

Now I turn off the "Filters" function, and then use "Filter now" to block that link. As a result, the blocking rule is not displayed in the lower left corner. Other blocking rules can be displayed normally.

 

 

Approved
Last Updated: 10 Dec 2019 07:27 by ADMIN

When HTTPS decryption is enabled in Fiddler, Fiddler parses the ClientHello and ServerHello HTTPS messages to determine the supported ciphers and other information, including TLS Extensions.

Unfortunately, Fiddler's HTTPSMessages parsers have a bug whereby if the extensions are larger than the available data on the stream/pipe, reading of the extensions is skipped and misleading text suggesting that no extensions were sent is shown in the Inspectors. For instance, the current version of Chrome Canary sends ~1308 bytes of TLS extensions in the ClientHello, but only 908 bytes are available at the time that the message is read. Fiddler claims that the ClientHello contained no extensions. 

Instead of performing a single .Read() call and ignoring the result if the size is less than expected, Fiddler should continue to read the stream until the promised number of bytes have been read.

 

[This issue is similar to https://crbug.com/1028602#c2, although the implementation is obviously unrelated).

Won't Fix
Last Updated: 09 Dec 2019 15:11 by ADMIN
Created by: Girish
Comments: 1
Type: Bug Report
0

I am getting the following crash when trying to install Fiddler, please advise : 

 

 mono Fiddler.exe

WARNING: The Carbon driver has not been ported to 64bits, and very few parts of Windows.Forms will work properly, or at all

 

=================================================================

Native Crash Reporting

=================================================================

Got a SIGSEGV while executing native code. This usually indicates

a fatal error in the mono runtime or one of the native libraries 

used by your application.

=================================================================

 

=================================================================

Native stacktrace:

=================================================================

(No frames) 

 

 

=================================================================

Telemetry Dumper:

=================================================================

Pkilling 0x7000085df000 from 0x11617bdc0

Pkilling 0x7000088e8000 from 0x11617bdc0

Entering thread summarizer pause from 0x11617bdc0

Finished thread summarizer pause from 0x11617bdc0.

 

Waiting for dumping threads to resume

 

=================================================================

External Debugger Dump:

=================================================================

(lldb) command source -s 0 '/tmp/mono-gdb-commands.95325'

Executing commands in '/tmp/mono-gdb-commands.95325'.

(lldb) process attach --pid 95325

error: attach failed: Error 1

 

=================================================================

Basic Fault Address Reporting

=================================================================

Memory around native instruction pointer (0x7fff5ce3a565):0x7fff5ce3a555  53 50 48 89 fb 48 8b 05 af 51 f3 31 48 8b 48 18  SPH..H...Q.1H.H.

0x7fff5ce3a565  48 89 4f 18 48 8b 48 10 48 89 4f 10 48 8b 08 48  H.O.H.H.H.O.H..H

0x7fff5ce3a575  8b 40 08 48 89 47 08 48 89 0f 89 f7 48 89 de e8  .@.H.G.H....H...

0x7fff5ce3a585  52 e1 fb ff 48 89 d8 48 83 c4 08 5b 5d c3 55 48  R...H..H...[].UH

 

=================================================================

Managed Stacktrace:

=================================================================

  at <unknown> <0xffffffff>

  at System.Windows.Forms.XplatUICarbon:CGDisplayBounds <0x000bc>

  at System.Windows.Forms.XplatUICarbon:get_WorkingArea <0x00072>

  at System.Windows.Forms.XplatUICarbon:get_VirtualScreen <0x00043>

  at System.Windows.Forms.XplatUI:get_VirtualScreen <0x00048>

  at System.Windows.Forms.Screen:.cctor <0x0017a>

  at System.Object:runtime_invoke_void <0x000a5>

  at <unknown> <0xffffffff>

  at System.Windows.Forms.Form:get_CreateParams <0x0062a>

  at System.Windows.Forms.Control:CreateHandle <0x0009e>

  at System.Windows.Forms.Form:CreateHandle <0x00052>

  at System.Windows.Forms.Control:CreateControl <0x000c6>

  at System.Windows.Forms.Control:SetVisibleCore <0x00112>

  at System.Windows.Forms.Form:SetVisibleCore <0x0024a>

  at System.Windows.Forms.Control:set_Visible <0x00052>

  at System.Windows.Forms.Control:Show <0x00042>

  at System.Windows.Forms.Control:Show <0x000a2>

  at Fiddler.frmViewer:‹• <0x0028a>

  at Fiddler.frmViewer:‡• <0x000d2>

  at <Module>:runtime_invoke_void_object <0x000b0>

=================================================================

zsh: abort      mono Fiddler.exe


Approved
Last Updated: 09 Dec 2019 10:41 by ADMIN

As it stands today, the "Show only traffic from" combobox in the Filters tab will show the process name, its process ID and its window title, if one is available.

However, command line applications, like dotnet.exe do not show any additional information, which can make it harder to distinguish them when there are multiple instances running.

At that point one needs to open task manager to find the process with the expected command line and figure out its process ID.

 

If the drop down were to show the process full command line, it would eliminate this extra step.

 

Thanks

 

Declined
Last Updated: 09 Dec 2019 08:51 by ADMIN
Created by: Morten
Comments: 3
Type: Feature Request
0

Hi,

I'm using the feature to right-click on requests and show or hide them heavily. It would be very nice to have this functionality from the QuickExec. Especially a ShowOnly by URL would be very nice. When using Fiddler for debugging the process ID may change frequently so that is not a good basis for filtering. On the other hand a modern development machine makes so many requests - if you have a few browser tabs open - that selecting hide for all is very inconvenient.

Approved
Last Updated: 03 Dec 2019 21:23 by Wojciech Rajchel
Created by: Wojciech Rajchel
Comments: 2
Type: Bug Report
1

Describe the bug
After following the steps in the Capture All IIS Traffic on the Web Server Forum Post Fiddler goes into an endless loop.

image

To Reproduce
Steps to reproduce the behavior:

  1. Disable the firewall on the IIS Web Server

  2. Edit machine.config proxy settings to point to 127.0.0.1:8888

    <system.net>
        <defaultProxy>
            <proxy autoDetect="false" bypassonlocal="false" proxyaddress="http://127.0.0.1:8888" usesystemdefault="false" />
        </defaultProxy>
    </system.net>
  3. Set the WinHTTP Proxy Settings to point to 127.0.0.1:8888
    netsh winhttp set proxy 127.0.0.1:8888

  4. Change the IIS Site Bindings to an alternate Port. In this example, it is 8080
    IIS Bindings

  5. In Fiddler, execute !listen 80 in QuickExec
    Fiddler QuickExec

  6. Add Custom Rule to Forward Requests Received to WinHTTP Port. In this case, 8080

    static function OnBeforeRequest(oSession: Session) {
        
        // ...Code removed for brevity...
        if(oSession.host == "[INSERT_HOST_NAME_HERE].com:80")
        {
            oSession.host = "[INSERT_HOST_NAME_HERE].com:8080"  /// This is the Fiddler Port
        }
        
        // ...Code removed for brevity...    
    }

Expected behavior
Fiddler should capture all traffic to and from the web server. This configuration should configure Fiddler as both the normal proxy and reverse proxy simultaneously.

Desktop (please complete the following information):

  • OS: Windows Server 2012 R2
  • Browser: Any
  • Version: Any
Pending Review
Last Updated: 03 Dec 2019 18:59 by Eric
Created by: Ekaterina
Comments: 1
Type: Feature Request
1

Greetings!

For now very popular technology in rest is graphQL

We use it in our project

Could you please add graphQl in Fiddler?

Thx

Pending Review
Last Updated: 27 Nov 2019 08:15 by ADMIN
Hello! I have the latest version of the feedler, and the "Show only traffic from" function does not work in it. It happens that it intercepts the traffic of some tabs, but almost always not.
Completed
Last Updated: 20 Nov 2019 11:54 by ADMIN
Created by: Eric
Comments: 0
Type: Feature Request
5
Ensure that traffic from the Brave web browser is properly categorized by the traffic filtering system in the status bar.
Declined
Last Updated: 18 Nov 2019 15:14 by ADMIN

Hi guys. 

I investigate responses from . And Fiddler is tool for this.

But now I need  logs from Fiddler for 2-5 days and compare responses.

Fiddler grabs a lot of memory during 1 day and may cause my PC out of memory.

Request:

Automate autosaving saz files 4 hours with time-date in saz name, clear capture dialog and do it in the loop each next 4 hours.

 

Declined
Last Updated: 18 Nov 2019 08:37 by ADMIN

I'm using Fiddler [Oct-03-19] v5.0.20194.41348 on Windows 7 Enterprise. There's no way to disable the 'Get Started' panel on startup. 'Show on startup' is not checked but it still shows. Also it doesn't look very good. Also it downloads javascript and other stuff via http unencrypted from fiddler.com, and I'd like to stop that.

 

Approved
Last Updated: 15 Nov 2019 12:50 by ADMIN
Created by: Stephan
Comments: 3
Type: Feature Request
113
HTTP/2 has been a standard since mid-2015.   All major browsers support it,  but adoption is slow because there no good debugging tools.    I want to take advantage of pipelining, server push, etc that comes with HTTP/2 which makes it easier to adopt packages like gRPC.    Having a good debugging story (both capture as well as insertion / modification) would make this more possible
Declined
Last Updated: 15 Nov 2019 07:55 by ADMIN

I want to capture traffic from a Chrome Incognito window only.

When I click the 'pick target' button on the toolbar and point it at the Chrome window it picks up some particular process from chrome, but that does not seem to be the one from where network requests are sent from.

Looking at Chrome's Task Manager and comparing with what Fiddler shows, Fiddler is picking up the "Browser" process, while requests are coming from the "Utility: Network Service" process, thus the difference.

An acceptable solution for this would be if we could enter the process ID manually in the UI, instead of using the target picker.

 

Thanks

 

Declined
Last Updated: 15 Nov 2019 07:43 by ADMIN

Fiddler is a great tool & Composer an excellent feature of it.  I frequently have to reboot my dev. PC  for various reasons (actually it crashes a lot) and loosing my Composer URL history is a painful consequence.  Could the URL history be retained between invocations?  I use a set of about a dozen different endpoints frequentl, so a history size of 12-20 would likely be enough.

It would be even better if the last used request header and/or body and/or type (POST/GET/..) and/or Protocol (HTTP/1.1 etc.) for each URL could also be saved but perhaps that is asking too much.

 Bless you for making this tool. 

Declined
Last Updated: 15 Nov 2019 07:41 by ADMIN

Hello Sir , 

            I've discovered the security bug which is Bypassing UAC in Fiddler Software . any reward or acknowledgement in bug report program ? 

thanks,

Sai Wynn Myat. (@404death)

        
Declined
Last Updated: 15 Nov 2019 07:32 by ADMIN

It would be great to have an option in the textWizard to convert an epoch date to a human-readable date.

Like: 1530417600 to "GMT: Tuesday 13 August 2019 08:32:48"

 

It would be great to have 2 options:

- convert epoch time to human readable time (GMT timezone)

- convert epoch time to human readable time (Local timezone)

 

Thanks for creating one of the most useful tools ever!

Approved
Last Updated: 15 Nov 2019 07:24 by ADMIN
Created by: Jonny
Comments: 1
Type: Feature Request
2

Hi!

Is there any way to disable underlining of URL in Raw Inspector tab? It is very annoying when you try to copy part of the request but in fact open the link in the browser instead.

Declined
Last Updated: 15 Nov 2019 06:26 by wu
As subject means,oSession["x-OverrideGateway"] does not work with https sessions.Ive searched google and docs of fiddler.none of them can solve this,and i've tried such as oSession["x-OverrideGateway"] = "https=127.0.0.1:8080",but it just causes errors.By setting oSession["x-OverrideGateway"] = "127.0.0.1:8080",all http session works fine,but https session will just bypass this setting and go through directly.how can i deal with it?thx for your reply.
1 2 3 4 5 6