Under Review
Last Updated: 26 Jun 2018 05:00 by Imported User
Created by: Imported User
Comments: 2
Type: Feature Request
1
Fiddler is perhaps the single most versatile piece of software I've ever had the pleasure of working with, and as such it would make life and work easier for countless testers and developers (and those of us combining these jobs).

The idea is to be able to sniff packets going through a remote machine—passively. Doing it with wireshark requires me to ssh over into the machine and start tcpdump writing to stdin, from which wireshark then reads:

ssh root@remote.host "/usr/sbin/tcpdump -i eth0 port 80 and http -s 0 -w -" | "/cygdrive/c/Program Files/Wireshark/Wireshark.exe -k -i -"

It starts a wireshark session and lets me see the captured packets in real time, which infinitely more convenient than any mucking about with remote saves with tcpdump, etc. But I don't have access to the convenience of Fiddler UI, and I would kill for it. In fact, even if I save the remote wireshark capture, Fiddler would claim that there is no IPv4 or IPv6 traffic in the pcap-ng (or pcap, or tcpdump...) capture, even though Wireshark clearly shows all the relevant http requests from which to glean the information.

My current (and actually nicely working) solution is to use iptables to route all outgoing traffic from port 80 on the remote host to Fiddler's port 8888 in remote capture mode. It has its benefits in that I get full control over the sessions, but it is not always a viable solution, and to be able to passively monitor with Fiddler in real time would give it yet another level of versatility and omnipower! :)
Under Review
Last Updated: 20 Jun 2018 05:00 by Eric
Your software correctly throws up a big yellow warning message about when the system proxy has changed. But after that it seems not to realize when it's changed ....yet again ... back to being "checked" under the Windows "Lan Settings" dialog boxes.

So, not a big deal but if you can make the message go away by monitoring that setting it would be cool. Or maybe even change the message to "green" when the checkbox gets ticked again and let the user dismiss it that way just so they know the current state. So, bounce between green and yellow colors depending on the "current live" setting. That would be fun! :)

Or just take it away and put back up as the user playfully ticks and unticks the box to see if your software is paying attention. More fun!!!
Under Review
Last Updated: 17 Jun 2018 05:00 by Sameera
Related to forum thread: https://www.telerik.com/forums/fiddler-no-longer-capturing-web-service-requests-in-net

We found that .NET Core projects use WinHTTP instead of WinINET. As Fiddler registers itself only as a proxy for WinINET, traffic from these projects do not show up in Fiddler. While a manual workaround exits, it would be good if there was at least an option to register Fiddler as a proxy for WinHTTP as well.


On a side note: We've seen that even node.js traffic does not show in Fiddler as well. We've not researched the cause as it wasn't critical to us at that time. But, it could also be due to the same reasons.
Under Review
Last Updated: 16 Jun 2018 05:00 by Imported User
Created by: Imported User
Comments: 2
Type: Feature Request
0
Some responses cannot be decrypted.

Sample HAR file: https://mega.nz/#!pBUhCAxb!HF7wahVT1RJog9dHNc3NQji5nZ3BNrVFzrkWJ1GI1S0

for example, search for: lrR/zv7/RNCaLj/9XY472V/Z1yMyt/KYbZU/Og8JiI/

It is readable in Chrome dev tools

the same request in https://toolbox.googleapps.com/apps/har_analyzer/
Under Review
Last Updated: 15 Jun 2018 05:00 by Eric
Created by: Imported User
Comments: 1
Type: Feature Request
1
You should delete the routes from IE connection settings and any mods your application makes to the registry when the user clicks on the X in Fiddler. It seems like when you exit using File > Exit it does a "clean" exit. Please make this consistent.
Under Review
Last Updated: 11 Jun 2018 11:10 by Imported User
When checking for updates I noticed that when I have 'offer upgrade to Beta versions' enabled, the response shows the latest version as 4.6.20171.14978 [03/22/2017].

I disabled checking for beta versions and it returned the latest released version ( 5.0.20181.14850 [03/20/2018] ).

Not sure if this is intentional or a bug. Just thought I'd point it out.
Under Review
Last Updated: 11 Jun 2018 05:00 by Eric
Created by: Júlio César
Comments: 1
Type: Feature Request
3
Today, we can only choose one font and stick to it globally on app.

Would be nice if the menus, lists, trees, etc. kept the Windows default font and only the inspectors, etc. have a custom font.

In other words: I would like to use a cool monospaced font for input/output, inspection, etc. but a normal font for lists, menus, labels, etc.
Under Review
Last Updated: 07 Jun 2018 05:00 by Imported User
Created by: Imported User
Comments: 2
Type: Feature Request
1
Once I got Fiddler on the mac to run, I kept seeing the message in the Terminal that it couldn't find settings.txt file, once I created the settings.txt file I did get another message which I will include in another idea

Here is the exact bash message:

/Fiddler/settings.txt: No such file or directory

iPhone

Not sure if the iPhone piece is relevant or not.
Under Review
Last Updated: 06 Jun 2018 19:45 by John
The Fiddler 4 installer thinks there's something still installed in c:\Program Files (x86)\Fiddler2, but that folder no longer exists and the old version of Fiddler is no longer listed in "Programs and Features".

Error message when I run the new version:

"Machine-wide Progress Telerik Fiddler installation has been found at C:\Program Files (x86)\Fiddler2\ . Please, use that one or uninstall it before starting the per user Fiddler installation."

The offending folder does not now exist. "c:\Program Files (x86)\Entity Framework Tools" exists. "c:\Program Files (x86)\Google" exists. There is nothing between them. They are adjacent in the directory listing.

Resolution:

1. I uninstalled Fiddler 4.
2. I installed Fiddler2 (installer file version 2.5.1.6) from an old installer that, by luck, I happen not to have deleted.
3. I uninstalled Filddler2 manually.
4. I installed Fiddler 4 again.

Now Filddler 4 runs.

But if I hadn't still had the old installer lingering in my downloads folder, I would have been out of luck. Please fix.
Under Review
Last Updated: 05 Jun 2018 05:00 by Eric
Created by: Michael Logan
Comments: 1
Type: Feature Request
1
I would like to know the MD5SUM or SHA256SUM for the download of Fiddler.
Under Review
Last Updated: 05 Jun 2018 05:00 by Eric
Created by: Imported User
Comments: 1
Type: Feature Request
1
code

#!/usr/bin/env python3
from urllib.request import urlopen

# with fiddler open
# no problem, see the slash
resp = urlopen("http://www.baidu.com/")

# with fiddler open
# raises 400 Bad Request
resp = urlopen("http://www.baidu.com")


# with fiddler close
# no problem
resp = urlopen("http://www.baidu.com")

wireshark

see wireshark.png

EXTRA

v5.0.20181.14850 for .NET 4.6.1
64-bit AMD64, VM: 47.0mb, WS: 87.0mb
.NET 4.6.2 WinNT 10.0.17134.0
Under Review
Last Updated: 26 May 2018 21:23 by Data
Created by: Data
Comments: 0
Type: Feature Request
1
I need help with inserting cookies through FiddlerScript. I have cookies like below which contains " inside cookie value, when I remove " from cookie value I stopped getting response from server. Now the real problem is FiddlerScript doesn't consider any cookie value outside " if I am correct. Pls help in finding some solution for me.

Cookie: session-id=135-0175204-4556648; session-id-time=2082787201l; lc-main-av=en_US; ubid-main-av=135-2827286-0395731; x-wl-uid=1byMobqIzbA4VmCWDwV79rNJ+wHLMoeuTgC5kyqO+APSg+c+Wv/UMMY6xi67XrlzDcPSHz6ggUE0HtDgMsaMNEjkwhH0hxcYmq39WpOvaAi+iexZWJAh0MNmbtCOWsI9ZBdN6DkJq0WA=; ubid-main=130-9054439-3296942; session-token=FysA2DXyj3MKW6pXFGI7OLqzeuZehd6AuMO5r6DV77zbngj5AAGRVyJqb7TgCoaEHvyGXEjN2KmZHU5HWFxM1laSBRdSy/uqqX6nz6vsWW0iHz6q6p2kU9M4NYrecfNq5VZs1RsX9caMLlP7b+nhBmWbb73glGwEEUqnOQxgqjeJ8OiwSY2conCzEjkxyDZT+CCBTKNoBpZtBgQgk4J3ZQlgjZcI36iojWXkPxjQ7TFBlOP8gjF++QOlwGyQ/rcgCj54iQL2dBP6VvRFq/4Fhw==; x-main="Wdyz3Dr1qSLl0KeISQtPRJJr1eBU7wRXq?oopMBnVYX8uUB644RDTiOXgRn95Uts"; at-main=Atza|IwEBIL0y3-FBtv0SsceSKry9ULstykIf3KPzd28lplv91oABbKlHGGo56bkbZyie0EPGtheFslrGOqcapUasp1ax14etVbx06Stv9ykbG69wS-9tqd4w7YVafZFgFIQbo1A9MO9uLka3MncKD1RL9jVYXAv1iybYXxlOITC1oGgUUBZoepHqT_mKSN1X24N3PAhaHdh2KcVHzNuZ5lxqCXAME7_HdD7PbAFYQz9Kjk8EB8dMhOgvgVEfv6RoCj1cErS4ER0mcWSk3nqBR-FlHnBnNGXtJ82UFuZDzZTWh4FRd5m82358PXvgiHjGN1XCgBCCA2ITvYeDWdOmbSHgNuMo7a5T2PdKdWQfbDt7gwcpAtw05qWS72vrDQScr4Y8iQfS8L9aJH8GYFlVS1uwlCaB28Bn; sess-at-main="wTo8DSETbB03DLqfYeuU/7au6DSM1U5CrWXfwEf3rzs="; sst-main=Sst1|PQGZ6j2tEk8hZEYlh-NDc5MFC1taqlntboO_UAL9cCzYGZ1kQkVo8EhMIw-artrDzOP2im_DyhyUpMflb3Jo14V2k9oLUp8uOtlSI7nWeqolroGPkq6XkuTfPVnu07ODxotRbvGdYdE8pn3OBXu1uaQuUDCKr2EhML52jKu6ffgjNWGDpQi5kq7SjOs_GA5yWJXx41amgvhGLxlbIM9MSnzoRGg5u0d1CSU_4Tsep_eoJSoEVN3_Ud6p12ywIOr8LsNvy2CEkLtfFy0xd7i8bFu2-UCZJZCcdDG08BW5Iw1IgQw7pTH7CW28vepB6xYTGGQZS9tWUP5hI43EIgRbsAtXJw; lc-main=en_US
Under Review
Last Updated: 18 May 2018 05:00 by Eric
Created by: Imported User
Comments: 3
Type: Feature Request
1
Sometimes I need the ability to just splat a raw HTTP request into a filtered capture before I run to completion against the target host.  At present I have to manipulate the requests via the Headers/WebForms view which is more time consuming to perform.   I appreciate it 'could' make parsing the raw request back into the other tabs more problematic - maybe this is why you can't currently do it ?
Under Review
Last Updated: 17 May 2018 22:37 by Eric
Otherwise, Chrome may reject the certificate with ERR_CERT_VALIDITY_TOO_LONG

https://twitter.com/irhymebetter/status/997163488559562752
Under Review
Last Updated: 17 May 2018 20:41 by Imported User
Created by: Imported User
Comments: 1
Type: Feature Request
1
Allow to search / reuse requests from history in a more efficient way

1. Add column [Date] or [Date and Time] to history, so one can look for a request that was used at a given date / time

3. Allow to sort by request Url, date / time

4. Allow to group by request urls: If there are several requests with the same url, provide the option to group / ungroup them

5. Add column [Result] with the result code for each request, so that one can now which request to use (for example, one needs a request that gave a 404, or only 202s)

6. Filter history by request type (GET, PUT, ...), url content (example: search for "/admin/ ... etc"), date / time
Under Review
Last Updated: 08 May 2018 05:00 by Leslie
Created by: Leslie
Comments: 3
Type: Feature Request
1
I am testing against an HTTPS intranet server that Fiddler is unable to proxy to.  I set the Protocols to <client>;tls1.2 and that did not work.  I changed back to tls 1.0.

I restarted Fiddler with this as the Protocols list:

<client>;tls1.0

Wireshark shows Fiddler is still sending a Client Hello with TLS 1.2!

Please add additional logging  / troubleshooting.

Current log:

14:23:17:3284 Assembly 'C:\Users\xxxx\AppData\Local\Programs\Fiddler\CertMaker.dll' was not found. Using default Certificate Generator.
14:23:17:3349 /Fiddler.CertMaker> Using .‰+˜ for certificate generation; UseWildcards=True.

14:23:17:4280 fiddler.network.https> HTTPS handshake to xxxxx.xxxxx.com (for #7) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted
Win32 (SChannel) Native Error Code: 0x80090326
Under Review
Last Updated: 04 May 2018 05:00 by Eric
Created by: Imported User
Comments: 2
Type: Feature Request
1
AutoResponder Rule Editor only shows the URL match field, and the "Test..." option.

The combo to choose a pre-defined response and the Edit Response button don't show up (and the panel cannot be resized)!

This seems to be new in v5.0.20181.14850, as it never occurred with older versions.
Under Review
Last Updated: 26 Apr 2018 05:00 by Imported User
Created by: Imported User
Comments: 4
Type: Feature Request
1
I am using Fiddler to find malware/analytics, and sometimes I get HTTPS issues.
Under Review
Last Updated: 23 Apr 2018 05:00 by Klaus
Fiddler
Turns out Telerik is distributing through Amazon WS but the https certificate Telerik is using is for telerik com so there are big UGLY security warnings which are a real sore to the eyes
Under Review
Last Updated: 23 Apr 2018 05:00 by Imported User
Created by: Imported User
Comments: 40
Type: Feature Request
1
Someone reported an issue related to autofill. Please ignore.