When doing an IPR audit what is the actual License Type of Fiddler4 ? eg EULA, MIT Apache etc
I am running into an issue where different business units of the company have finer grained security rules which prevent people from accepting / importing / trusting the OOTB Fiddler Root Certificate. Would it be possible for Fiddler to create a new CSR and import the new signed return certificate. This way I can sign the CSR with our internal CA which all hosts within the company have been configured to trust and accept.
Im using windows 7 32-bit both on my desktop and laptop both of them have fiddler 4.6 and both of them doesnt have winconfig. Its supposed to be on the upper left corner , but mines missing on two computer.any idea? can it be activated?
Not sure if this is a recent change, but I use Microsoft Outlook and Skype, and both are having connectivity issues when Fiddler is running. Also Windows 10 apps seem to be unable to have an internet connection as well.
I'm using the feature to right-click on requests and show or hide them heavily. It would be very nice to have this functionality from the QuickExec. Especially a ShowOnly by URL would be very nice. When using Fiddler for debugging the process ID may change frequently so that is not a good basis for filtering. On the other hand a modern development machine makes so many requests - if you have a few browser tabs open - that selecting hide for all is very inconvenient.
I investigate responses from . And Fiddler is tool for this.
But now I need logs from Fiddler for 2-5 days and compare responses.
Fiddler grabs a lot of memory during 1 day and may cause my PC out of memory.
Automate autosaving saz files 4 hours with time-date in saz name, clear capture dialog and do it in the loop each next 4 hours.
I want to capture traffic from a Chrome Incognito window only.
When I click the 'pick target' button on the toolbar and point it at the Chrome window it picks up some particular process from chrome, but that does not seem to be the one from where network requests are sent from.
Looking at Chrome's Task Manager and comparing with what Fiddler shows, Fiddler is picking up the "Browser" process, while requests are coming from the "Utility: Network Service" process, thus the difference.
An acceptable solution for this would be if we could enter the process ID manually in the UI, instead of using the target picker.
Fiddler is a great tool & Composer an excellent feature of it. I frequently have to reboot my dev. PC for various reasons (actually it crashes a lot) and loosing my Composer URL history is a painful consequence. Could the URL history be retained between invocations? I use a set of about a dozen different endpoints frequentl, so a history size of 12-20 would likely be enough.
It would be even better if the last used request header and/or body and/or type (POST/GET/..) and/or Protocol (HTTP/1.1 etc.) for each URL could also be saved but perhaps that is asking too much.
Bless you for making this tool.
Hello Sir ,
I've discovered the security bug which is Bypassing UAC in Fiddler Software . any reward or acknowledgement in bug report program ?
Sai Wynn Myat. (@404death)
It would be great to have an option in the textWizard to convert an epoch date to a human-readable date.
Like: 1530417600 to "GMT: Tuesday 13 August 2019 08:32:48"
It would be great to have 2 options:
- convert epoch time to human readable time (GMT timezone)
- convert epoch time to human readable time (Local timezone)
Thanks for creating one of the most useful tools ever!
I've discovered the security bug with is privilege escalation bug via DLL sideloading.
please check it for more details:
From www.redirect-checker.org/ and http://www.seoreviewtools.com/redirect-checker-tool/, I can see that e.g. https://www.lentillas.si/lentillas?tx=v is correctly 301ing to https://www.lentillassi.es/lentillas?tx=v. But fiddler does not report the 301, which made me think I screwed up my Apache directive. The 301 IS reported for the non-https version.