Consider adding support for managed app configuration through Group Policies.
Currently, Fiddler provides app configuration options through registry keys on Windows. While that works well in most cases, it presents a limitation when using tools like Intune, where it is impossible to reuse a custom security group set in AD. Setting the managed app configurations through group policies will enable administrators to use custom security groups (instead of the predefined groups like Administrators, All, Everyone, etc.).
... Intune can also apply permissions to the Windows Registry, and we can use the standard Windows groups like Everyone, Administrators, etc. but not custom security groups that we've defined in Active Directory; Intune doesn't have access to Active Directory. We had wanted to create a security group, to enable authorized users to be permitted to modify the restricted settings managed in the registry, but we cannot apply permissions for this group using Intune.
Requested through t.1686216
The current Fiddler Everywhere rules do not allow you to simulate modem like you could do with Fiddler Classic.
I want this functionality brought back so I can do things like we had in the old Fiddler:
Fiddler includes a Custom Rules Engine that can simulate throttling. To enable it go to Rules -> Customize Rules... or (CTRL + R) and set the m_SimulateModem variable to true.
The script that executes when this is true is as follows:
if (m_SimulateModem) {
// Delay sends by 300ms per KB uploaded.
oSession["request-trickle-delay"] = "300";
// Delay receives by 150ms per KB downloaded.
oSession["response-trickle-delay"] = "150";
}
I have tried Delay Request but it's not the same:
Consider adding an option that will enable users to save a preferred set of columns that they can easily apply to multiple snapshots.
This will ease users' work by testing different scenarios based on different sets of snapshots.
Currently (version 6.3.0), a custom column is added to all opened snapshots only during their initial creation. However, to add/remove already created columns in multiple snapshots explicitly, one will have to go through each separate snapshot, which is not convenient and is time-consuming.
Folks,
I've been doing a bunch of OAuth work recently where DPoP is enforced. This makes it difficult to craft requests in the composer, because they need to be signed with the proof of possession token.
It strikes me this could be a feature, allow me, in composer, to provide the access token, proof of possession token and current nonce and generate the right authentication and signature headers.
Barry
Currently, the only option to intercept and decrypt secure traffic is to install and trust the Fiddler root CA. However, some applications might use different variations of cert pinning, which can be "solved" by creating and using a self-signed certificate. This would also be a viable option for testers of secured applications (that have access to the actually pinned cert).
Suggestions: provide an option for passing a custom self-signed certificate that Fiddler can use instead of the Fiddler root CA.
Related to https://stackoverflow.com/questions/42236967/change-the-root-signing-certificate-used-by-fiddler
Requested through t.1676901
Is there a way to run a filter across multiple captures (i.e. multiple SAZ files loaded into My Snapshots), as opposed to per individual capture? I'm having difficulty scaling the filtering feature across 100+ captures loaded.
Additionally, is there a way to export the filtered results to CSV/XLS for ease of mass review/searching?
Thanks!
Applications use named pipes on Windows to do interprocess communications in addition to tcp connection on localhost.
Sometimes they run grpc , sometimes json.
It would be great if Fiddler would support listening, replay and editing of those named pipe communications.
Some Applications don't like wildcards.
Battle.net prefers "eu.version.battle.net" and turns down the offered "*.version.battle.net" made by the Telerik CA.
It would be nice if we could optionally change this behaviour to better adapt to the specific needs of an application.
Perhaps a checkbox in the confirmation dialog "are you sure you want to add the rca to your user" could have a checkbox like 'also add to the Local Machine store".
Applies to Fiddler Everywhere and, more importantly for me, to Fiddler Everywhere Reporter.
In my use case, I need the cert there as well to get traffic from a process that runs as a service.
As things stand, I need to (instruct non-technical end users) to export the cert and manually add it to the Local Machine store and I would rather it were simpler.
Fiddler Everywhere is much more advanced than the classic version, but the price is not the only reason why users don't upgrade from the classic version.
User Interface
The user interface does not include native components like Classic Fiddler, which clearly degrades performance, reduces usability, complicates the user interface and certainly makes it difficult for new users to use this tool.
Apart from that the interface grouping is quite bad, for example I want to use Composer when monitoring live traffic, but this is not possible, Fiddler Classic has no such problem.
Also, considering user habits, while everyone is familiar with the operating system interface, the Everywhere user interface requires some getting used to.
Some features that are available in Native UI but not in the Fiddler Everywhere UI;
- Drag & Drop Features
- Ability to do other things while monitoring live traffic (Better multitasking)
- Keyboard integration is very bad (As you can see in the gif, the directional keys don't even change the selection, and therefore the delete key doesn't work as it should, and if you press the delete key while selected, it completely removes the selection instead of selecting the next one.)
- Fiddler Everywhere uses its own Context Menu, which is frankly terrible in terms of user habits and ease of use, it really annoys me to see the opening animation of the context menu every time.
I would expect the interface to be more practical in a programme that is constantly and actively used, and I would prefer the interface to be native rather than working with the browser engine.
(UI is the biggest reason why I didn't switch)
Missing Features
FiddlerScript and Add Ons support is not available.
General Feedback
Fiddler Everywhere feels like a downgrade, not an upgrade, and I say this as a Fiddler Classic user of over 10 years.If you were considering releasing a paid version of Fiddler Classic, I would probably subscribe, but not to Fiddler Everywhere.
Currently, the Export > Raw Files option does not work when the session is "Partial Content" (status 206).
Consider providing support for exporting sessions with status 206
Requested through t.1657416
Consider providing automated support for network-isolated applications like metro-style applications. The feature is available in Fiddler Classic through the WinConfig option
Details on how an application can be exempted from the Windows settings are posted here:
https://stackoverflow.com/a/33263253
It would be amazing if you could add a Search option for saved requests and Saved Request Folders and Also Sorting saved request folder by Name and Date
Consider the support of variables and variable environments in Fiddler Everywhere. The base functionality should have:
- Option to create a static variable
- Option to create a dynamic variable (e.g., one populated dynamically from response).
- Options to use variables in Composer, Rules, and Inspectors (e.g. for dynamic population)
- Option to easily access and modify stored variables.
- Option to store variables in different environments (e.g. stage, production, etc.)
- Option to share variables/environments.
+2 Requested from 1640564 and 1640556
Is there any way how to store rules, filters. settings etc. online in Fiddler account (like in Postman etc.) and share between different machines?
If not, is this feature planned?
Consider providing support for basic authentication through the "Set manual proxy configuration" option in the Gateway settings.
For example:
Currently, the above is possible only though composing a request with a Basic authentication header, but is not possible as direct setup through the Gateway settings.
Fiddler Classic implements and documents this feature. Is this true for Fiddler Everywhere? Can you provide instructions?
I can tell you what does not work on Windows 11:
- Copying my client certificate to $env:USERPROFILE\Documents\FiddlerCore\ClientCertificate.cer
- Copying my client certificate to $env:USERPROFILE\Documents\Fiddler2\ClientCertificate.cer
- Copying my client certificate to $env:USERPROFILE\.fiddler\ClientCertificate.cer
- Copying my client certificate to $env:USERPROFILE\.fiddler\Certificates\ClientCertificate.cer
Please provide detailed instructions for setting this up. Thank you.