I'm unable to connect to "gateway.icloud.com" when Fiddler is open and decrypting HTTPS traffic.

This is Fiddler Everywhere 0.10.0 on macOS 10.15.5.

To reproduce:

Open Fiddler and make sure it's decrypting HTTPS traffic.

Open any browser and go to https://gateway.icloud.com/

Expected result: Page loads (it's blank. This is normal.)

What actually happens: fiddler.network.https> HTTPS handshake to gateway.icloud.com (for #820) failed. System.Security.Authentication.AuthenticationException The remote certificate is invalid according to the validation procedure.

Same thing happens on https://configuration.apple.com/

Currently, Fiddler Everywhere just hard-fails on any invalid SSL certificate. More annoyingly, it doesn't explain why the certificate is invalid.

Fiddler Everywhere should:

1. Allow overriding a certificate error (possibly hide this behind an option)

2. Explain what caused a certificate error

MacOs, Fiddler Everywhere 10, Cisco AnyConnect.

Here's the workflow...

In the morning, Cisco VPN isn't connected.  All traffic is blocked by design.  Attempt to start Fiddler Everywhere.  WON'T START because it can't login.  What is this new requirement to login?  If I don't start Fiddler before the VPN, no traffic ever logs.  If i don't start the VPN, Fiddler won't start.  A bit of a cartch-22, ya think?

Somehow I bypass the VPN (Don't tell corp security) and get logged-in.  Fiddler is up.  Start the VPN. Get some work done.  Shiny new UI!  Still can't drag-drop from inspector to composer?  Damn.

At some point the Fiddler login EXPIRES.  Why does it expire?  What do I even need a login for?  At this point ALL TRAFFIC fails, since Fiddler was the system proxy.  All work stops.  Now I need to stop Fiddler, Stop the VPN, attempt to start Fiddler again....oh wait, can't login because the VPN is down...  here we go again.

This is all a serious waste of time.  I can see registering Fiddler so you know who your users are.  What's with the REQUIREMENT to have a login, and why does it expire?  It kinda makes Fiddler useless.

Please remove the requirement to login to an account before being able to use Fiddler Everywhere.

Thanks,

Sean

I am trying to login to fiddler anywhere on Ubuntu.  But since the system is behind proxy, while logging into proxy, i get network error.

I have configured the proxy in env variables as well as network settings >proxy, but it does not work.

Please provide a way to configure the corporate proxy for fiddler everywhere before login

Steps to reproduce:

1. Post a 69k request to a web api (encoded JSON data) via browser.
2. Inspect request data in Text and Raw fields.
3. Observe that the data is truncated in the middle of a property name (not a null char).

Example data posted (snippet with middle section excerpted):

valuesString=%7B%22request%22%3A%...oneTimeApproval%22%3A%22no%22%2C%22immediatePatientSaf

I need to be able to see the full text request to troubleshoot an issue with the back-end application.

I need the data available in the Text or Raw inspector so that I can cut and paste it out for external processing and discussion with the developers.

I noted that a separate bug report has been issued for a missing "show more data" option on large response records.

Thanks,
Daniel

Fiddler for Windows allowed you to add custom columns to Web Sessions list. 

Fiddler Everywhere needs this option so I can add in a column to show the IP address of the server being connected to.

Can these methods be added into Fiddler Everywhere:

1. https://docs.telerik.com/fiddler/knowledgebase/fiddlerscript/addcolumns
2. https://docs.telerik.com/fiddler/Observe-Traffic/Tasks/ConfigureColumns 

Latest version of Fiddler (v0.10.0) and Android Emulator is not proxying the connections properly.

I have Fiddler Everywhere running and know it is working when I can send requests through Postman and see them show up in Fiddler properly.

However, if I set up the Android Emulator through Android Studio, and set the proxy to be Fiddler, connections do not fully reach the backend service I am sending requests to. All that shows up in Fiddler is

REQUEST

CONNECT 192.168.5.7:5000 HTTP/1.1
Host: 192.168.5.7:5000

RESPONSE

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 16:12:05.141
Connection: close

The service is running on my local host machine (192.168.5.7) on port 5000.

If I close Fiddler and run charles-proxy, then set the Android Emulator to use that as the proxy, I see the full request, my service responds, and I see the response in Charles.

Hi there,

I've successfully setup fiddler-everywhere 0.4.0 and am able to sniff traffic to various websites on my linux (Ubuntu 18.04) laptop. However some https sites are not working - fiddler-everywhere severs the connection at the SSL handshake phase. These same sites work in the windows version of Fiddler (v 5.0.20192.25091 - built 04 June 2019) however.

What is the status of the SSL support in fiddler-everywhere vs windows Fiddler?

Example site that fails over https:

• https://www.absa.co.za

Example site that works over https:

• https://www.fnb.co.za

Fiddler captures for absa.co.za

REQUEST: 

CONNECT www.absa.co.za:443 HTTP/1.1
Host: www.absa.co.za:443
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: 1F 0E B0 54 5D 66 42 82 C9 A8 A6 D5 8F C2 F0 C6 A8 16 0C 8E 14 45 F2 B4 B5 95 92 66 B6 53 D6 F4
"Time": 2015/01/09 19:21:35
SessionID: empty
Extensions: 
	0x5a5a		empty
	server_name	www.absa.co.za
	extended_master_secret	empty
	renegotiation_info	00
	elliptic_curves	unknown [0xBABA), unknown [0x1D), secp256r1 [0x17], secp384r1 [0x18]
	ec_point_formats	uncompressed [0x0]
	SessionTicket	empty
	ALPN		h2, http/1.1
	status_request	OCSP - Implicit Responder
	signature_algs	sha256_ecdsa, Unknown[0x8]_Unknown[0x4], sha256_rsa, sha384_ecdsa, Unknown[0x8]_Unknown[0x5], sha384_rsa, Unknown[0x8]_Unknown[0x6], sha512_rsa, sha1_rsa
	SignedCertTimestamp (RFC6962)	empty
	0x001b		02 00 02
	0xeaea		00
Ciphers: 
	[5A5A]	Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/
	[C02B]	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
	[C02F]	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	[C02C]	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
	[C030]	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	[CCA9]	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
	[CCA8]	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[C013]	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
	[C014]	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
	[009C]	TLS_RSA_WITH_AES_128_GCM_SHA256
	[009D]	TLS_RSA_WITH_AES_256_GCM_SHA384
	[002F]	TLS_RSA_AES_128_SHA
	[0035]	TLS_RSA_AES_256_SHA
	[000A]	SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
	[00]	NO_COMPRESSION

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 10:28:40.706
Connection: close

fiddler.network.https> HTTPS handshake to www.absa.co.za (for #329) failed. System.IO.IOException Unable to read data from the transport connection: Connection reset by peer. < Connection reset by peer

Colleagues, please add an essential feature of Fiddler Classic called Automatic breakpoints

I'm sure that a bunch of people will migrate to Fiddler Everywhere if you implement this

Thnx

With Fiddler on Windows an imported HAR file would load into a new window. 

Current Fiddler Everywhere appends the HAR file into the current window you have open. 

For example, I see my HAR import and it gets appended into the "Live Traffic" session. It should import into a new window like the existing windows version does.

On Request Inspector, Web Forms Tab, the header row seems duplicate. 

While inspecting requests where Content-Length > 3000, only 3000 characters of the request body gets displayed in both Raw and Text views. When I copy the whole contents of the selectable area (CMD + A, CMD + C) and paste it into a text editor, it seems like there is a 'View full request...' text somewhere which does not show up. I remember this button from previous versions. 

OS : macOS Mojave Version 10.14.6

A sample HTML with dummy form to reproduce the bug and recorded session is attached. 

I fire up Fiddler Everywhere on my Mac. Generally, it appears to do nothing.

In further detail, "Stream" and "Decode" can be toggled, but otherwise do nothing. The connections icon has a hover-over describing my host and states I have a network connection. The help icon goes to the very limited documentation via browser. The settings icon pops open the settings dialog, which does appear to save changes, but not impact the "nothing" being done by the application. The capture button and inspectors button appear to do nothing. The main viewing area states "No records available." The area to the right of the main area states "Please, select a single Web Session to inspect." And that is it.

Either I'm doing (or not doing) something dumb, or it just isn't working for me. Any help would be appreciated :)

Mac specs: High Sierra 10.13.6, 2.6GHz i7, 16 GB memory

Simple as that: fiddler everywhere does not capture traffic to localhost, 172.0.0.1 AND when you insert your local address, it captures your request only to return that "

[Fiddler] DNS Lookup for "www.192.168.0.18" failed. System.Net.Internals.SocketExceptionFactory+ExtendedSocketException Device not configured

"...

MAC OSX, using safari.

Other address are captured as expected

I'm not 100% sure if this is a bug or it's a feature (of lack thereof) but it goes like this:

On regular fiddler, a great thing to do is to simply copy a raw request to the raw composer, change a param and re-issue it... Fiddler everywhere does not allow that! I have to write headers on a tab and the body on another and yet, there's a "Raw" tab.

The Raw tab unfortunately is not editable (read-only)... I believe that it should be editable

Operating System: macOs Catalina 10.15.4

Step by step instructions on how to reproduce the problem:

1. Connect to VPN (mine is Cisco AnyConnect).
2. Open fiddler capture traffic.

You can also do the following to reproduce the problem:

1. Open fiddler capture traffic.
2. Connect to VPN (mine is Cisco AnyConnect).

Use case: I work remotely and connect to a VPN. In comparison, Charles Proxy can capture traffic when VPN is on. The comparison was to point out traffic is possible to be captured on VPN to counter any arguments.