Unplanned
Last Updated: 19 Apr 2023 10:59 by ADMIN
Created by: I3eyonder
Comments: 3
Type: Bug Report
0

I have 3 rules. Please check the images for detail how the rules define and their order of execution.

If I understand correctly, "Non-Final-After" rule must not be executed in this case due to "Final" rule contain a final action (Manual response).

But you can see, "non-final-after" header is added to response.

I am not sure if it's a bug or intended behavior.

Please take a look. Thanks.

Unplanned
Last Updated: 12 Apr 2023 06:49 by ADMIN
Created by: malwareinfosec
Comments: 4
Type: Bug Report
0

Hello,

I would like to know how the internal logic for rules with multiple conditions works.

For example, let's say we have 2 conditions and a rule will be matched if all conditions are met:

  1. URL contains 'example.com'
  2. Response Body contains 'string'
  • Are the conditions checked in any particular order (i.e. URL is checked first)?
  • What happens if the first condition fails, does it stop and not check for the second condition?

Thanks

Completed
Last Updated: 23 Nov 2022 09:25 by ADMIN
Created by: Jack
Comments: 1
Type: Bug Report
0

Hi, I have posted a question before the forum moved and did not get an answer to my latest question. https://community.getfiddler.com/support/discussions/topics/12000028910

I have confirmed that unchecking selected parameters in the "headers" tab works correctly.

But I have problems with unchecking the "body" tab. 


I set my header's "Content-Type" to "application/x-www-form-urlencoded", 

I put a key / value parameter in the body, and I send a request.

After, I uncheck the parameter in the Body tab and I execute the request but still appears on the inspector.


The problem persists even after the recent update. 

Please check!

 

Need More Info
Last Updated: 25 Oct 2021 06:31 by ADMIN
Created by: nya
Comments: 1
Type: Bug Report
1
If the message is encoding as GBK,it can't be recognized
Completed
Last Updated: 22 Sep 2021 08:30 by ADMIN
Summary:

When I toggle the 'Live Traffic (Capturing)', mac prompts for a password. When this prompt is canceled by the user (no password entered) the toggle incorrectly toggles to off/on.

 

Steps to Reproduce:

1. Fiddler Everywhere open on a Mac

2. Toggle 'Live Traffic (Capturing)'

3. Select 'Cancel'

4. Notice Toggle changes state and the state of the Capturing does not change. 

Expected Result: The 'Live Traffic (Capturing)' toggle does not change state if the mac users permissions are not accepted. 

 

Observed Result: The 'Live Traffic (Capturing)' toggle changes state if the mac users permissions are not accepted. 

Planned
Last Updated: 15 Apr 2021 07:59 by ADMIN

After installing and launching Fiddler Everywhere 1.6.0 on macOS Big Sur 11.2.3, I am presented with the account login window. No matter if i attempt to create a new account or sign into an existing account, i'm presented with a "Network error" message.

Looking in ~/Library/Application\ Support/Fiddler\ Everywhere/Logs/electron.log, I see:

[2021-04-14 08:53:53:762] [info] Setting the following proxy settings to the main window: {"pacScript":"http://<redacted>","proxyRules":null,"proxyBypassRules":"localhost;127.0.0.1;*.local;169.254/16"}

[2021-04-14 08:53:55:831] [error] Error: Error: net::ERR_MANDATORY_PROXY_CONFIGURATION_FAILED
    at SimpleURLLoaderWrapper.<anonymous> (electron/js2c/browser_init.js:105:6497)
    at SimpleURLLoaderWrapper.emit (events.js:315:20)

[2021-04-14 08:53:55:832] [error] Error: net::ERR_MANDATORY_PROXY_CONFIGURATION_FAILED

After looking at the electron log for a bit, and trying to login, the gui now reports: "No internet access and it seems you have a proxy set. Check if it is correct in your OS settings and restart the application after that."

Yes, it is true I have a PAC url. I am also not on the network currently that uses that PAC url. Every other network-using app seems to deal with this ok (browsers, office suite, file sync, etc.).

I request that you handle the PAC url like every other app out there and test for reachability and stand down (i.e. don't use proxy) if not reachable.

 

Completed
Last Updated: 23 Nov 2022 09:12 by ADMIN

Hi.

When I try to trusst the fiddler root certifficate, I get the message "not successfull" and see a line like this in the logfile:

[2021-03-01 16:29:48:866] [Information] [Fiddler] Error when trying to check if certificate is trusted: '.', hexadecimal value 0x00, is an invalid character. Line 304, position 38.

I also tried to trust the certificate by hand via the keyring utility.

What can I try?

Thanks.

 

Need More Info
Last Updated: 27 Oct 2020 06:51 by ADMIN

Hi!

 

When starting Fiddler Everywhere version 1.1.1, I get an exception in the log file.

Fiddler does not cappture any traffic.

 

Do you know this problem?

How can I solve it?

 

Best regards!

Under Review
Last Updated: 02 Oct 2020 06:45 by ADMIN

There's not really much more information, this occurred on both version 1.0 and 1.1. When I get an emailed fiddler trace (we ask clients for traces regularly), it opens a web page redirect https://redirect.getfiddler.com/open-fiddler.html#snapshotShared-<guid>, which opens the app, and at the top of the app says "Unexpected error" with seemingly no other information. I've tried this on multiple email requests, same effect.

 

Also on MacOS Catalina v10.15.6

Completed
Last Updated: 22 Sep 2021 07:34 by ADMIN

Steps to reproduce:

  1. Post a 69k request to a web api (encoded JSON data) via browser.
  2. Inspect request data in Text and Raw fields.
  3. Observe that the data is truncated in the middle of a property name (not a null char).

Example data posted (snippet with middle section excerpted):

valuesString=%7B%22request%22%3A%...oneTimeApproval%22%3A%22no%22%2C%22immediatePatientSaf

There is much more data that should occur after the property "immediatePatientSafety".  There does appear to possibly be additional fields presented in the Web Form inspector although some of the values are truncated and have an ellipsis (...) following those lines, so I believe that the tool is capturing the data but will not make it visible or available in the Text or Raw Inspectors.

No option exists to configure the amount of request data that is captured or to cause the Inspector to "show more" data.

I need to be able to see the full text request to troubleshoot an issue with the back-end application.

I need the data available in the Text or Raw inspector so that I can cut and paste it out for external processing and discussion with the developers.

I noted that a separate bug report has been issued for a missing "show more data" option on large response records.

Thanks,
Daniel

 

 

Completed
Last Updated: 31 Jul 2020 08:20 by ADMIN
Created by: qiao
Comments: 1
Type: Bug Report
0

the logs:

```

 ~/soft  ./fiddler-everywhere-0.11.0.AppImage 

[8989:0727/220513.696997:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_fiddle4WxzEm/chrome-sandbox is owned by root and has mode 4755.
[1]    8989 trace trap  ./fiddler-everywhere-0.11.0.AppImage

```

the environment:

Linux pc 5.3.0-3-amd64 #1 SMP deepin 5.3.15-6apricot (2020-04-13) x86_64 GNU/Linux
Won't Fix
Last Updated: 08 Dec 2020 15:02 by ADMIN

Not sure if this is a bug, but every other telerik product including previous fiddler worked with my telerik login.

Steps:

I'm not behind a VPN. 

  1. I just downloaded Fiddler Everywhere,
  2. ran it,
  3. tried to sign in and it gives "user does not exist".

This is using the same credentials I used to login to Telerik to write this ticket.

I couldn't find any documentation saying I need a separate account.

Feel free to close or push to Feature Request if this is intended behavior.

Need More Info
Last Updated: 28 Oct 2020 06:59 by ADMIN
Live Traffic stays paused. It does not unpause when toggled, and the Root Certificate and HTTPS traffic capture are enabled.
Completed
Last Updated: 22 Sep 2021 07:48 by ADMIN

On Request Inspector Screen, Web Forms Tab, I'm unable to highlight or copy contents. Cmd + A also doesn't work to highlight contents. 
Completed
Last Updated: 22 Sep 2021 07:50 by ADMIN

On Request Inspector, Web Forms Tab, the header row seems duplicate. 

Completed
Last Updated: 22 Sep 2021 07:52 by ADMIN

While inspecting requests where Content-Length > 3000, only 3000 characters of the request body gets displayed in both Raw and Text views. When I copy the whole contents of the selectable area (CMD + A, CMD + C) and paste it into a text editor, it seems like there is a 'View full request...' text somewhere which does not show up. I remember this button from previous versions. 

OS : macOS Mojave Version 10.14.6

A sample HTML with dummy form to reproduce the bug and recorded session is attached. 

Completed
Last Updated: 22 Sep 2021 07:19 by ADMIN

MacOs, Fiddler Everywhere 10, Cisco AnyConnect.

Here's the workflow...

In the morning, Cisco VPN isn't connected.  All traffic is blocked by design.  Attempt to start Fiddler Everywhere.  WON'T START because it can't login.  What is this new requirement to login?  If I don't start Fiddler before the VPN, no traffic ever logs.  If i don't start the VPN, Fiddler won't start.  A bit of a cartch-22, ya think?

Somehow I bypass the VPN (Don't tell corp security) and get logged-in.  Fiddler is up.  Start the VPN. Get some work done.  Shiny new UI!  Still can't drag-drop from inspector to composer?  Damn.

At some point the Fiddler login EXPIRES.  Why does it expire?  What do I even need a login for?  At this point ALL TRAFFIC fails, since Fiddler was the system proxy.  All work stops.  Now I need to stop Fiddler, Stop the VPN, attempt to start Fiddler again....oh wait, can't login because the VPN is down...  here we go again.

This is all a serious waste of time.  I can see registering Fiddler so you know who your users are.  What's with the REQUIREMENT to have a login, and why does it expire?  It kinda makes Fiddler useless.

Please remove the requirement to login to an account before being able to use Fiddler Everywhere.

 

Thanks,

Sean

Completed
Last Updated: 22 Sep 2021 07:32 by ADMIN

I'm unable to connect to "gateway.icloud.com" when Fiddler is open and decrypting HTTPS traffic.

This is Fiddler Everywhere 0.10.0 on macOS 10.15.5.

To reproduce:

Open Fiddler and make sure it's decrypting HTTPS traffic.

Open any browser and go to https://gateway.icloud.com/

Expected result: Page loads (it's blank. This is normal.)

What actually happens: fiddler.network.https> HTTPS handshake to gateway.icloud.com (for #820) failed. System.Security.Authentication.AuthenticationException The remote certificate is invalid according to the validation procedure.

 

Same thing happens on https://configuration.apple.com/

Completed
Last Updated: 22 Sep 2021 07:38 by ADMIN

Latest version of Fiddler (v0.10.0) and Android Emulator is not proxying the connections properly.

I have Fiddler Everywhere running and know it is working when I can send requests through Postman and see them show up in Fiddler properly.

However, if I set up the Android Emulator through Android Studio, and set the proxy to be Fiddler, connections do not fully reach the backend service I am sending requests to. All that shows up in Fiddler is

REQUEST

CONNECT 192.168.5.7:5000 HTTP/1.1
Host: 192.168.5.7:5000

RESPONSE

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 16:12:05.141
Connection: close

The service is running on my local host machine (192.168.5.7) on port 5000.

If I close Fiddler and run charles-proxy, then set the Android Emulator to use that as the proxy, I see the full request, my service responds, and I see the response in Charles.

1 2