Hi everyone,
As a long-time user of Fiddler Classic, I’m writing to share an idea that could benefit both the community and the product's future. While Fiddler Everywhere is great and clearly the focus moving forward, there’s still a strong group of developers who prefer the speed, simplicity, and scripting power of Classic.
⚠️ The Reality: Fiddler Classic Is No Longer Actively Maintained
Let’s be honest — Fiddler Classic isn’t just “a bit outdated.”
In recent documentation and forums, the message is clear:
“We recommend switching to Fiddler Everywhere for the latest protocol support.”
This effectively signals the end of active support for Classic. While that’s understandable from a product strategy point of view, it leaves a large number of users in a tough spot:
Classic is still powerful and widely used, especially in Windows environments.
But it lacks support for modern protocols like HTTP/2, TLS 1.3, QUIC, gRPC, Brotli, ZSTD, etc.
Some users don’t want or need to move to a completely different interface — they just want Classic to stay viable.
💡 The Proposal: Bring Premium Features to Classic via a Shared Subscription
Here’s what I propose:
Introduce an optional premium subscription tier for Fiddler Classic, shared with Fiddler Everywhere.
This would allow users to continue using Classic, while unlocking new features such as:
✅ HTTP/2, HTTP/3, and gRPC decoding
✅ TLS 1.3 and QUIC inspection
✅ ZSTD and Brotli decompression
✅ Modern cipher suite analysis
✅ Optional UI improvements like dark mode
And best of all:
If you're already a Fiddler Everywhere subscriber, you automatically get access to these premium features in Fiddler Classic — no double payment, no separate license.
🎁 Why This Makes Sense
For Users:
No forced migration — choose the tool that fits your workflow.
Lightweight, scriptable Classic experience stays alive.
One subscription, full flexibility.
For Progress (Telerik):
Generates sustainable revenue to support modern protocol implementation.
Maintains goodwill with loyal Classic users.
Provides a “bridge” to Fiddler Everywhere for hesitant adopters.
Keeps Classic usable without splitting the product line.
🧠 Why This Is Technically Feasible
Both Fiddler Classic and Fiddler Everywhere are built on the .NET stack.
Protocol decoding, TLS inspection, and compression logic can be modularized or shared.
A unified Telerik licensing system already exists — it can govern access to both products.
💬 What Do You Think?
Would you support a shared subscription model like this?
Let’s not let Fiddler Classic fade away simply because it’s "not the focus" anymore. With a shared subscription model, both tools can thrive — and users can decide what works best for them.
If this idea resonates with enough of us, maybe we can bring it to the attention of the Fiddler team and show that there’s a real demand for keeping Classic alive — the modern way.
Thanks for reading!
Hi, Support
When I use Fiddler Classic as a proxy in my program that uses SugarSync API, data reception fails due to sudden disconnection.
If I receive directly from the API server without going through Fiddler, there is no problem.
Whether it is a direct connection or Fiddler, the header and data of the server response are all the same.
When I look at Fiddler, all data is received, but when my program tries to get the data in the response, my Rebex Engine throws an error "Connection was closed by the remote connection end."
I also contacted Rebex, and they said that it is a close_notify error, so Fiddler does not handle it correctly.
In other words, I need to receive data after making a SugarSync API call, but the connection is disconnected without receiving a close_notify, so an error occurs when receiving data.
There is no problem in general when using Fiddler, but it only occurs when connecting to the SugarSync API server.
SugarSync API does not send Content-Length header and Content-Type header in response.
In my opinion, since there is no Content-Length or Content-Type in the header, it seems that Fiddler suddenly disconnects the client.
I hope this report will help you improve your product.
Thank you,
Best regards
BooKyung Oh
Fiddler Capture (Some data and information has been truncated and marked as ...)
Request :
POST https://api.sugarsync.com/authorization HTTP/1.1
Host: api.sugarsync.com
Content-Type: application/xml; charset=utf-8
Content-Length: 290
User-Agent: ...
Connection: keep-alive
<tokenAuthRequest>...</tokenAuthRequest>
Response :
HTTP/1.1 201 Created
Content-Type: application/xml; charset=UTF-8
Date: Sat, 14 Jun 2025 02:48:36 GMT
Location: ...
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Content-Length,Authorization,Range,X-SugarSync-API-Version
Access-Control-Expose-Headers: Location,Content-Disposition,Content-Length,Accept-Ranges,Date,Transfer-Encoding,Vary
Access-Control-Max-Age: 259200
Access-Control-Allow-Methods: GET,POST,DELETE,PUT
Server: Noelios-Restlet-Engine/1.1.5
Connection: close
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><authorization><expiration>2025-06-13T20:48:36.533-07:00</expiration><user>https://api.sugarsync.com/user/...</user></authorization>
Hello,
I have noticed that when rebooting from hibernation or sleep that it can happen that when the system hangs during wake-up boot and I need to hard crash it that the Windows 11 Workstation can no longer find the internet. It is only after starting Fiddler, and closing Fiddler that the Internet becomes available again.
I do not know if it is a Windows of Fiddler problem. Just wanted to pass it on.
Thanks
The .NET Framework has added support for TLS/1.3.
We should do the work to enable TLS/1.3 in Fiddler (it's very little additional work to add "Tls1.3" to the options dialog and the underlying code).
Dear support-reader,
I ran into an issue with the JSON-view of a request-body.
Inspector > Raw is showing alle headers and the complete body as a string, that pretty-printed looks like this:
{
"Header": {
"Name": "MyName",
"Id": 1234
},
"Item": {
"Number": 1,
"Material": "Wood"
},
"Item": {
"Number": 2,
"Material": "Gold"
},
"Item": {
"Number": 3,
"Material": "Plastic"
}
}
When switching to the JSON tab of the Inspectors-tab, the JSON-view showed, contains only the header and first Item (second and third one are missing)
Is this a bug in the Inspector JSON-view or due to the duplicate Item-keys?
Thanks for your consideration.
Regards J.
I am using the following version
Progress Telerik Fiddler Classic v5.0.20253.3311 for .NET 4.6.2
"GET ws://10.133.37.150:9999/ HTTP/1.1"
However, the URL column in the left pane says "ws://10.133.37.150:9999/", but the correct value is "/".
Also, the Inspectors' Raw tab says
"GET http://10.133.37.150:9999ws://10.133.37.150:9999/ HTTP/1.1", but the correct value is
"GET ws://10.133.37.150:9999/ HTTP/1.1".
I think this is a bug
I am using the following version
Progress Telerik Fiddler Classic v5.0.20253.3311 for .NET 4.6.2
After opening a WebSocket, the communication is captured in which the server returns the messages "WebSocket!Message1!" and "WebSocket!Message2!".With the first WebSocket, these messages are displayed in the "WebSocket" tab as expected.
However, when the exact same interaction is captured again,
these messages are not displayed in the "WebSocket" tab as they are with the second WebSocket.
Instead, they are displayed as the response body in the "Raw" tab of "Inspectors".
Whether the messages are displayed in the "WebSocket" tab or the "Raw" tab of "Inspectors" is random, and there is no visible pattern.
There seems to be a problem with the process of determining the boundary between the WebSocket opening handshake and the WebSocket message exchange.
I'm pretty disappointed in y'all.
The January 2025 version of Fiddler introduces a pointless "Security" dialog telling the user about what modules Fiddler is loading. I'm sure you thought that this would improve security, but it won't, because the same level of permission needed to add an extension to Fiddler allows the extension to make this dialog not show (base64 is not encryption).
Worse, the dialog is messed up in high-DPI to the point where it's not readable. https://bsky.app/profile/ericlawrence.com/post/3lh2wvht5oc2k
Worse, the dialog's "Always allow" button doesn't do anything when the user is using `-viewer` mode, because when in Viewer mode preferences don't work.
Worse, it looks like you also broke Transcoder extensions (File > Import); after selecting the importer to use, nothing happens.
Please go back to the way things were before. If you'd like to talk to me about Fiddler's Threat Model, I'm happy to help.
It appears that the latest version of Fiddler breaks Fiddler's public interface. The `Fiddler.WebFormats.JSON` interface no longer appears to be available, breaking extensions and scripts that depend upon it.
---------------------------
Failed to import NetLog
---------------------------
Fiddler has encountered an unexpected problem. If you believe this is a bug in Fiddler, please copy this message by hitting CTRL+C, and submit a bug report at http://www.telerik.com/forums/fiddler.
Could not load type 'JSONParseErrors' from assembly 'Fiddler, Version=5.0.20253.3311, Culture=neutral, PublicKeyToken=null'.
Type: System.TypeLoadException
Source: FiddlerImportNetlog
at FiddlerImportNetlog.NetlogImporter..ctor(StreamReader oSR, List`1 listSessions, EventHandler`1 evtProgressNotifications)
at FiddlerImportNetlog.NetLogFormatImport.ImportSessions(String sFormat, Dictionary`2 dictOptions, EventHandler`1 evtProgressNotifications)
Fiddler v5.0.20253.3311 (x64 AMD64) [.NET 4.0.30319.42000 on Microsoft Windows NT 10.0.26100.0]
---------------------------
OK
---------------------------
I am trying to use settings Tools -> Win8 Loopback Exemptions -> Exempt All -> Save Changes. But it is giving me some error and saving those changes. Following is the error.
Failed to set IsolationExempt AppContainers; call returned 0x57
I am blocked due to this error and cannot perform tests on my application. Pls help.
Thanks
Fiddler's Cookies inspector doesn't do very much today other than breaking out the Cookie header into a word-wrappable format.
It would be nice if it (and even the Headers inspector) flagged cookies that were sent expired (with an Expires header before the value of the Date header on the server's response). Otherwise it's hard to notice that a cookie being "Set" is actually being "Deleted".
First of all I'll say that I've investigated it deeply. I used to have fiddler 4 , earlier versions and never updated. When my computer turned to sleep , I was able to wake it by trying to rdp it. The connection itself to rdp - woke the computer ( via network card) and the computer awoke ,and then I could connect to it. this feature is called "wake on link". After installing fiddler ( latest version) , suddenly my computer won't wake up from sleep when trying to connect to pc. at first I didn't know what whet wrong and then I started uninstalling latest installed programs When I uninstalled fiddler , it started waking the computer So I don't know what's you've done in the last version , but it f*s some other functionalities. please fix it.
I'm working on an open-source Fiddler Classic extension to search the Session log (history). I'm not aware of such an extension and the lack of a search feature for the log entries always bothered me.
My current implementation already works, it searches the history listview, but it can only search in the text displayed in the listview itself because additional data is only available in the HistoryItem instances, attached to the Tag property of each list item.
Since HistoryItem is internal, I cannot access this class. I could work around this by using reflection but the internal classes of Fiddler are all obfuscated so, at the very least, my source code would look very strange and unmaintainable.
Please make HistoryItem public so it'd be accessible and un-obfuscated.
Fiddler currently does not validate that the Fiddler Trusted Root Certificate is not expired when generating certificates, and it generates certificates that have an expiration that is after the expiration of the root certificate. These certificates will not work because the browser validates the expiration of each certificate in the chain.
Browsers have a poor error message for this case and will imply that the Site's certificate is expired when it's actually the ROOT that expired.
When it loads the root certificate, Fiddler should verify that it is not expired, and if it is, it should trigger the RESET ALL CERTIFICATES flow to help unblock the user from this situation.
It should also be changed such that the root certificate is valid for MUCH longer than the site certificates (e.g. 5 years for the root) so this is less likely to happen.
(If you look in the forums, users are hitting this problem and they are not sure why or how to fix it.)
If I add a filter to hide something like /teams-modular-packages/ after closing fiddler classic and opening new file filter shows as active but is not working. I need to explicit remove filter and add it again. I would understand that filter wouldn't work accross sessions if filters were removed but they aren't and always showing in bottom left corner. This can be easily reproducible. (in this repro i have imported HAR file, not done a live capture)
The error messages pops up on Windows 10 version 1703. Fiddler installs and runs with not issues on Windows 10 version 1607.
I often have to locally save a lot of responses manually.
My workflow is:
• Open a .saz file
• Search for a particular request
• Save the response locally.
For that, I always have to manually click the "Response body is encoded. Click to decode." Button.
Fiddler Classic doesn't have a feature to automatically decode the selected request's response body.
So if I don't pay attention, and skip a step, I will store an encoded response body, without ever noticing it. Which can cause trouble later, since these files are then sent to my customer. And the customer could randomly check the files.
I need a toggle in Fiddler, that automatically decodes the selected request's response body.
Today, Fiddler exposes these two events to handle scenarios where the user is saving or loading a SAZ file.
/// fires just before a SAZ file is saved
public static event EventHandler<WriteSAZEventArgs> OnSaveSAZ;
/// fires just after a SAZ file is loaded
public static event EventHandler<ReadSAZEventArgs> OnLoadSAZ;
Equivalent event handlers should be created for the scenario where a user is Importing content into the Sessions list (e.g. using NetLog import or HAR import, etc). Otherwise, developers must undertake cumbersome workarounds to detect that a list of Sessions has been created/loaded from a file import, if, say, they wish to perform processing on those imported Sessions (adding custom properties or changing the display properties in the Session list).
Would really appreciate a proper machine based installation again, user-based installs are difficult to manage in corporate/enterprise environments & the psuedo machine install of redirecting install folder & creating new shortcuts isn't great, especially if as you mention yourself extensions wont work.
I understand the advantage of not needing admin rights to install programs, but surely most of the targeted audience for this application would either A) have admin rights, or B) be in a managed environment with deployment software in use (and potentially white-listing/App Control software preventing unauthorized apps to run anyway)