Hello

I've the following request response:

{
    "proId": 98767975948505330
}

This is correctly displayed in the "Raw Tab", but when switching to the JSON tab, the displayed number is not correct.

Could you fix this ?

Thanks

I couild highlight a row in the captured data and hit the context menu for Copy | Session and it would copy the data and present it in this type of format when pasted into notepad:

PUT https://xxx.xxx.xxx.xxx/service/core/v3/AssetPartitions/-1/DiscoveryJobs/29 HTTP/1.1

GET https://10.5.33.172/service/core/v3/AssetPartitions/1/DiscoveredSshKeys/23/10?page=0&limit=200 HTTP/1.1
Accept-Language: en-US; q=1.0, en; q=0.9
X-SignalR-Id: f83b9717-2553-438f-b76c-4c3e70159a39
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjQyRjIzMDlCQzZGMkNFQzNBQzc1MTA3RUQyRTFCREE4NzEwQUI5MUIiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJRdkl3bThieXpzT3NkUkItMHVHOXFIRUt1UnMifQ.eyJBY3R1YWxVc2VySWQiOiIxIiwiQXV0aFRva2VuSWQiOiI2OTdlZDkzOC05YTY1LTQyZDctODI2MS04MGRiYzhkYTE1OWQiLCJyc3RzOnN0czpjbGFpbXM6dXNlcjp1c2VySWQiOiIxIiwidXBuIjoiU3VwZXIiLCJhdXRobWV0aG9kIjoibG9jYWw6cHdkIiwibmFtZWlkIjoiU3VwZXIiLCJuYmYiOjE1ODc0OTI1MzMsImV4cCI6MTU4NzU3ODkzMywiaWF0IjoxNTg3NDkyNTMzLCJpc3MiOiJ1cm46dG9rZW5hdXRoZW50aWNhdGlvbnByb3ZpZGVyOlNBRkVHVUFSRF9BUFBMSUFOQ0UifQ.Leqmwi7cbogsB_XYv9DpJ2SCgCtkl7WsY8Y6pXjfHVSm1P9-82ayeNK_J9rmQUdqZrWjmCeK4DxiyifKAzpgCJm5y0XgUX02jJ5RiD_i8EWOT6ywyxgRRKLefm36jHsWVavLpidJMo4QyOEUGX1OHw0-Cgv2kJyESwkNYLgVQB34WEGMSe2Sh1kVkQrVl-WwcmlckL7yw5rPaofje5lEXrbGMHbNTfBAuei08DVf49DBjV7FGZWRMpvB3mIpWqAZylTXu2DNcfol2ZuVYG1PmTY7pENZGzO98gT7c08Q6wqbZF1846F47oZ2wZXrcYRHkNO8nJ6N7JUN8koGMQ2P6g
Host: 10.5.33.172


HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 1872
Content-Type: application/json; charset=utf-8
Content-Language: en-US
Vary: Origin
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Content-Security-Policy: object-src 'none'; img-src 'self' data:; font-src 'self'
Referrer-Policy: same-origin
X-Cluster-Role: primary
X-TokenLifetimeRemaining: 1433
Date: Tue, 21 Apr 2020 18:16:29 GMT

[{"DiscoveredDate":"2020-04-21T17:20:10.228Z","AccountName":"BobAdmin","AccountDomainName":null,"AccountId":10,"AssetName":"PAM-QA-WIN2019","AssetId":23,"AssetPartitionId":1,"AssetPartitionName":"Import","SshKeyProfileId":1,"SshKeyProfileName":"Import SSH Key Profile","SshKeyDiscoveryScheduleId":15,"SshKeyDiscoveryScheduleName":"Import SSH Key Discovery","PublicKey":"AAAAB3NzaC1yc2EAAAADAQABAAABAQCjJh0+dkm7SMIzhCVPaZTxu0pQA9uhScH26GSxDb5ddoYigi9dlq45/4zal230Nk4o3IQmbP7hLikKTCr2Y3GRUZJEJ8IdQe9zXtGnm+N2iczbmg9kGPcb6j3pMcfxrjZlcOFOXgRaz1tnJXdaSLuM4kI45+sJjtdJ9e/nDdX1HgWVyo0U3CO7q/k/srI1+KaetKW58iCIK6zZnoW8jUhmyXdxA/UkkOwUCdK7kQwOn6kBV7pRgErS1nWmd4RZ7UNi0iSpZdrg6yL7mngLfzS7ee4iZ2Hp3WUY8s1aYhPkDJcJl6uEbxy2NpwLvbUgCWcbJCUPRQUKAdheR7uJuTfF","Comment":"bross@prod@Q3LJ2RQ2","Fingerprint":"4D7280929A77CAD8C0EF03099AF90F4F","KeyType":"Rsa","Options":null,"KeyLength":2048,"AccountStatus":"Managed","IsIgnored":false,"IsManaged":true},{"DiscoveredDate":"2020-04-21T17:20:09.686Z","AccountName":"BobAdmin","AccountDomainName":null,"AccountId":10,"AssetName":"PAM-QA-WIN2019","AssetId":23,"AssetPartitionId":1,"AssetPartitionName":"Import","SshKeyProfileId":1,"SshKeyProfileName":"Import SSH Key Profile","SshKeyDiscoveryScheduleId":15,"SshKeyDiscoveryScheduleName":"Import SSH Key Discovery","PublicKey":"AAAAB3NzaC1yc2EAAAADAQABAAABAQDP1WLHVC8mq6ICGre8OUPi5FQMYxomTGlSgnVqIvIUHLNI8PPH0xpkOpfhlZASzu7WtHWX37LDvEcUqW0gYb0eYww56IeERHui5yuJ7ocJnXETO33W+n0pnYjZuyqxEjSa8P14O6smg5z6bxm+/StItb8GyL1kBdQdoVeVMfWUSUO/2qyvmK22QOS8df2Gl+MWcBvsoU6rrtTq5N9FlS05zFsQJGUt/MrV3qHhKUqviFEZ1sl5ziisRknWInCb+YTkq7a5HFSbSAjxHZDjwPJ92gTWs+W/n6GsSY9Xjnjx+rFfpD1bSD4JnjwJ2QUsbTLPutJ0CpLFdOUJbgzsQY1N","Comment":"Safeguard_Windows_SSH","Fingerprint":"850585DBE61DE4F2D638EC3DE66CCE83","KeyType":"Rsa","Options":null,"KeyLength":2048,"AccountStatus":"Managed","IsIgnored":false,"IsManaged":false}]

Now all I get is the URL...

Most extensions and inspectors need to access the decompressed/unchunked body bytes to perform their function, requiring them to have an understanding of how to get those decoded bytes. To simplify this, add UnencodedRequestBody and UnencodedResponseBody properties to Session that return a byte[], for example:

         public byte[] UnencodedResponse() {
            if (!_HasResponseBody() || !Utilities.HasHeaders(oResponse)) return Utilities.emptyByteArray;

            if (oResponse.headers.ExistsAny(new[] { "Content-Encoding", "Transfer-Encoding" }))
            {
                arrResponse = Utilities.Dupe(mySession.responseBodyBytes);
                Utilities.utilDecodeHTTPBody(mySession.ResponseHeaders, ref arrResponse);
            }
            else
            {
                arrResponse = mySession.responseBodyBytes;
            }
         }

GetRequestBodyAsString and GetResponseBodyAsString can then be refactored to call these byte[] properties.

Today, if a browser makes a HTTPS request to a site with a certificate error, and the user picks "No" when Fiddler asks whether to accept the Certificate Error, it is very difficult to figure out where the HTTPS request made in error came from.

It would be cool if instead of simply closing the TUNNEL connection, Fiddler instead had an option by which the server connection was rejected but the client connection to the Tunnel got a 200 OK but was connected to a special "DEAD" pipe that returned HTTP/503.

That way, the client could make its HTTP requests to the dead pipe (whose URL and Referer header might reveal from where the request came) allowing the user to debug, but overall security would be maintained (no network connection made insecurely).

Removing interception certificates via Fiddler options "Remove Interception Certificates" only removes them from Personal and Trusted Root Certification Authorities of the Local Computer Store.

Certificates located in Current User Store - Trusted Root Certification Authorities  and Intermediate Certificates is not removed.

This certificate is not trusted after using "Remove Interception Certificates" and has status "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store".

sigcheck -t[u]v doesn't show any warnings.

Tested this on both Windows 7 and 10.

Tried refreshing certmgr, restarting it, and rebooting machine with no success - certificates are still there.

This should

Hi,

I updated Fiddler to v5.0.20202.18177

Progress Telerik Fiddler Web Debugger

v5.0.20202.18177 for .NET 4.6.1
Built: mardi 14 avril 2020

64-bit AMD64, VM: 37,0mb, WS: 65,0mb
.NET 4.8 WinNT 10.0.18362.0

You've run Progress Telerik Fiddler: 17 times.

Running on: xxxx:8888
Listening to: All Adapters
Gateway: No Gateway

Copyright ©2003-2020 Progress Software Corporation. All rights reserved.and started to get error at launch

then i started to get error at launch : Failed to register Fiddler as the system proxy

I found a possible solution : change "WinHttp Web Proxy Auto-Discovery Service" startup to automatic

a reboot later, Fiddler worked fine 

but today, the error is back

i checked, the service is still in automatic startup

So i get a previous installer, and installed a previous version and the error is gone

Tried to update again, the error come back, rollbacked to previous version, working again

Progress Telerik Fiddler Web Debugger

v5.0.20182.28034 for .NET 4.6.1
Built: mercredi 27 juin 2018

64-bit AMD64, VM: 62,0mb, WS: 118,0mb
.NET 4.7.1 WinNT 10.0.18362.0

You've run Progress Telerik Fiddler: 18 times.

Running on: xxxx:8888
Listening to: All Adapters
Gateway: Auto-Config
	Offline/disabled

Copyright ©2003-2018 Telerik EAD. All rights reserved.

Didn't found any thread on the forum about this issue

Currently, the ImageView Inspector is only available for responses.

Why not enable it for requests?

Just installed on Windows 10 Version 1909 OS 18363.836.  Hangs whenever I try to do Step 1 of the docs, set decryption.  Debugged in VS 2019, access violation trying to read 0x00000, NullException.  Finally, shutdown all of my work and restarted machine.  Error cleared and this time asked me to accept the new Cert.  

What a terrible first time experience.  Issue resolved.

Currently Statistics show the time of request:

ACTUAL PERFORMANCE
--------------
ClientConnected: 15:33:43.395
ClientBeginRequest: 15:33:43.725
GotRequestHeaders: 15:33:43.725
ClientDoneRequest: 15:33:43.725

It would be useful to know the date of the request as well for projects that span several days.

Thank you.

I've been a Fiddler user for longer than I can recall. Recently, whilst setting up a new PC I took the opportunity to try out Fiddler Everywhere. Unfortunately after about 30seconds I had to go back and download the original Fiddler.

Here's just a couple of the things that were show stoppers for me:

- No history for composer - this was a useful addition made to Fiddler that I now can't live without

- No way to copy a request from Inspectors view to Composer

- Switching between Inspector and Composer view resets the Composer screen

- Not able to have Inspector and Composer visible at the same time - this isn't really possible in Fiddler at the moment but it feels like it's easier to switch between inspecting requests and composing requests in Fiddler.

- Enabling Https debugging doesn't trust the certificate

It would be great to have Inspector and Composer either in tabs that can be ripped off into separate windows. Ideally it would be great to have multiple Composer windows

CTRL+F

Set Examine to "Headers Only"

OBSERVE: "Search binaries" and "Decode First" checkboxes are correctly disabled.

Perform a search

CTRL+F

OBSERVE: BUG: When the dialog reopens, the "Search Binaries" checkbox is not disabled.

The bug is in the initialization of the dialog. The selected entries in the comboboxes for "Examine" and "Search In" are set in that order, but the code in the SelectedIndexChanged event handlers is not independent. The SearchIn combobox's change handler sets the state of SearchBinaries checkbox without considering the state of the Examine combobox.

Greetings!

For now very popular technology in rest is graphQL

We use it in our project

Could you please add graphQl in Fiddler?

Thx

Some third-party libraries, for example HtmlAgilityPack, cannot be added as references to FiddlerScript.

The path to the assembly is added in the Tools -> Options -> Scripting -> References, but an error message that the assembly cannot be loaded appears when the method using the assembly is invoked.

Workaround: use JScript.NET as a scripting language.

As it stands today, the "Show only traffic from" combobox in the Filters tab will show the process name, its process ID and its window title, if one is available.

However, command line applications, like dotnet.exe do not show any additional information, which can make it harder to distinguish them when there are multiple instances running.

At that point one needs to open task manager to find the process with the expected command line and figure out its process ID.

If the drop down were to show the process full command line, it would eliminate this extra step.

Thanks

Describe the bug
After following the steps in the Capture All IIS Traffic on the Web Server Forum Post Fiddler goes into an endless loop.

To Reproduce
Steps to reproduce the behavior:

1. Disable the firewall on the IIS Web Server

2. Edit machine.config proxy settings to point to 127.0.0.1:8888

   <system.net>
       <defaultProxy>
           <proxy autoDetect="false" bypassonlocal="false" proxyaddress="http://127.0.0.1:8888" usesystemdefault="false" />
       </defaultProxy>
   </system.net>

3. Set the WinHTTP Proxy Settings to point to 127.0.0.1:8888
   netsh winhttp set proxy 127.0.0.1:8888

4. Change the IIS Site Bindings to an alternate Port. In this example, it is 8080
   

5. In Fiddler, execute !listen 80 in QuickExec
   

6. Add Custom Rule to Forward Requests Received to WinHTTP Port. In this case, 8080

   static function OnBeforeRequest(oSession: Session) {
       
       // ...Code removed for brevity...
       if(oSession.host == "[INSERT_HOST_NAME_HERE].com:80")
       {
           oSession.host = "[INSERT_HOST_NAME_HERE].com:8080"  /// This is the Fiddler Port
       }
       
       // ...Code removed for brevity...    
   }

Expected behavior
Fiddler should capture all traffic to and from the web server. This configuration should configure Fiddler as both the normal proxy and reverse proxy simultaneously.

Desktop (please complete the following information):

• OS: Windows Server 2012 R2
• Browser: Any
• Version: Any

Hi!

Is there any way to disable underlining of URL in Raw Inspector tab? It is very annoying when you try to copy part of the request but in fact open the link in the browser instead.

Fiddler crashes sometimes with this message:

No se puede obtener acceso al objeto desechado.

Nombre del objeto: 'WinHttpAutoProxy'.

Type: System.ObjectDisposedException
Source: Fiddler
   en “.Ÿœ.ƒ•(String •, String& ‘‰, String& ”) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\FiddlerCore\PlatformExtensions\Windows\FiddlerCore.PlatformExtensions.Windows.Shared\WinHttpAutoProxy.cs:línea 52
   en .‚•.œ(String –, IPEndPoint& žœ) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\AutoProxy.cs:línea 142
   en Fiddler.Proxy.FindGatewayForOrigin(String sURIScheme, String sHostAndPort) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Proxy.cs:línea 805
   en Fiddler.ServerChatter.Œ() en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:línea 1056
   en Fiddler.ServerChatter.‹Œ(AsyncCallback ŒŒ) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:línea 932
   en Fiddler.Session.‘() en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:línea 3638
   en Fiddler.Session.œ™(IAsyncResult Œ) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:línea 3649
   en Fiddler.ServerChatter.ŽŒ() en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:línea 1518
   en Fiddler.ServerChatter.Œ() en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:línea 1472
   en Fiddler.ServerChatter.‹Œ(AsyncCallback ŒŒ) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:línea 932
   en Fiddler.Session.‘() en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:línea 3638
   en Fiddler.Session.(Object ) en C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:línea 3426

Fiddler v5.0.20173.50948 (x86 x86) [.NET 4.0.30319.42000 on Microsoft Windows NT 6.1.7601 Service Pack 1] 

When right-clicking a session and going into the "Filter Now" context menu, there's a filter option at the bottom which filters by Content-Type. Very useful. However, when using Fiddler's ALT-click function on the session list, ALT-clicking on a particular session's Content-Type column value (in order to select all sessions with that same content-type), it factors in subsequent content-type parameters as a unique content-type.

For example, if back-to-back sessions for a particular website were content-types "application/json" followed by "application/json; charset=utf-8", ALT-clicking on one of their content-type entries in the Content-Type column would not select the other, since ALT-click would view them as different content-types. However, if you right-click either of them and Filter-Now by its content-type (application/json), this will filter both sessions despite the additional parameter appended onto the content-type of the latter session -- this is the more useful methodology, in my opinion.

The Filter-Now rule as it stands is the most/more useful of the two methods, since base content-type is almost always what's most important (in my experience).

Can the ALT-click functionality on Content-Type column values mirror the Filter-Now functionality in only looking at base Content-Type of a session? It would be most useful if so, especially since "charsets" can vary so widely/dynamically across sites, when trying to quickly hone-select on all sessions with application/json (or similar), for example.

For Fiddler to be able to recognize the Edge Chromium process.

To add the Context Menu to Auto replay from the Ribbon Bar where we see the IE Icon and by right click in the request frame to replay it.

The first screenshot shows where I would like to see the Edge Chromium listed under.

The second illustration, shows the Context menu Revisit In option.