I'm working on an open-source Fiddler Classic extension to search the Session log (history). I'm not aware of such an extension and the lack of a search feature for the log entries always bothered me.
My current implementation already works, it searches the history listview, but it can only search in the text displayed in the listview itself because additional data is only available in the HistoryItem instances, attached to the Tag property of each list item.
Since HistoryItem is internal, I cannot access this class. I could work around this by using reflection but the internal classes of Fiddler are all obfuscated so, at the very least, my source code would look very strange and unmaintainable.
Please make HistoryItem public so it'd be accessible and un-obfuscated.
Fiddler currently does not validate that the Fiddler Trusted Root Certificate is not expired when generating certificates, and it generates certificates that have an expiration that is after the expiration of the root certificate. These certificates will not work because the browser validates the expiration of each certificate in the chain.
Browsers have a poor error message for this case and will imply that the Site's certificate is expired when it's actually the ROOT that expired.
When it loads the root certificate, Fiddler should verify that it is not expired, and if it is, it should trigger the RESET ALL CERTIFICATES flow to help unblock the user from this situation.
It should also be changed such that the root certificate is valid for MUCH longer than the site certificates (e.g. 5 years for the root) so this is less likely to happen.
(If you look in the forums, users are hitting this problem and they are not sure why or how to fix it.)
If I add a filter to hide something like /teams-modular-packages/ after closing fiddler classic and opening new file filter shows as active but is not working. I need to explicit remove filter and add it again. I would understand that filter wouldn't work accross sessions if filters were removed but they aren't and always showing in bottom left corner. This can be easily reproducible. (in this repro i have imported HAR file, not done a live capture)
I often have to locally save a lot of responses manually.
My workflow is:
• Open a .saz file
• Search for a particular request
• Save the response locally.
For that, I always have to manually click the "Response body is encoded. Click to decode." Button.
Fiddler Classic doesn't have a feature to automatically decode the selected request's response body.
So if I don't pay attention, and skip a step, I will store an encoded response body, without ever noticing it. Which can cause trouble later, since these files are then sent to my customer. And the customer could randomly check the files.
I need a toggle in Fiddler, that automatically decodes the selected request's response body.
Would really appreciate a proper machine based installation again, user-based installs are difficult to manage in corporate/enterprise environments & the psuedo machine install of redirecting install folder & creating new shortcuts isn't great, especially if as you mention yourself extensions wont work.
I understand the advantage of not needing admin rights to install programs, but surely most of the targeted audience for this application would either A) have admin rights, or B) be in a managed environment with deployment software in use (and potentially white-listing/App Control software preventing unauthorized apps to run anyway)
The .NET Framework has added support for TLS/1.3.
We should do the work to enable TLS/1.3 in Fiddler (it's very little additional work to add "Tls1.3" to the options dialog and the underlying code).
Hi,
I’m developing a .NetFramework extension for Fiddler and am finding an issue with clearing bold, italic, strikethrough on the session text in the session list when using “this.session.RefreshUI()”. I’d like to be able to see these changes occur upon a context menu item click, immediately within Fiddler, without having the reload the sessions or the application. I can see the session flags are removed from the session as expected, but the bold, italic, or strikethrough is not unset.
I’m aware there is an option to Mark, Unmark sessions, but this doesn’t fit integrate closely enough with the extension I am developing or do exactly what I would like.
I seem to have no issues with changing the UI-Backcolor or UI-Color and refreshing for the updates to be immediately seen.
I can set UI-Bold, UI-Italic, UI-Strikethrough, but I cannot unset these with RefreshUI().
Is this a bug? Is the RefreshUI() call not doing something for UI-Bold, UI-Italic & UI-Strikethrough which it does do for UI-BackColor and UI-Color?
Thanks,
Jeremy.
Related issue: https://github.com/aws/aws-sdk-net/issues/2567
When sending multiple requests to the same domain, sometimes Fiddler alters the headers (in this case by duplicating the user-agent one), and in this case it causes a fail because a precomputed signature of the request does not match.
I've attached the raw HTTP response, copied directly from Fiddler. At lOperations[0].lRecords, you'll see that there are 2 records (arrays) and that each record contains 6 items, the last of which is an array. However, when I view the resonse using the JSON filter, the second of these arrays appears to contain only 5 items. I'm sure that the bug has something to do with the fact that the sub-array in the second array is an empty array, but it should display as an empty array, not as if it weren't there at all.
I have a base64 of a gzip of utf8 bytes of a string - base64(gzip(utg8(string)))
Please add to the TextWizard options in the transform to encode/decode a string to gzip
Fiddler's update check will always fail by default because you've disabled TLS/1.0 support on your server and Fiddler's now-very-outdated TLS config only enables TLS/1.0 by default. The user must manually go into Tools > Fiddler Options > HTTPS and change the Supported protocols string to <client>;tls1.2 to fix this problem (and to also fix problems with the Composer and any other Fiddler features that do not pass through traffic through a client that supports later TLS.
This is tracked by oAcceptedServerHTTPSProtocols in Config.cs.
If you open use fiddler for a while (a Day or so), eventually it lock up the UI on the other monitors. It is almost as if there is an invisible dialog over the other screens. Once you kill Fiddler. its all restored again.
We have been Noticing this over the last few months.
Fiddler downloads content to show on its homescreen from HTTP URLs. This is not safe because the content is rendered to the user in a WebView control and thus an attacker on the wire could replace it with malicious code or instructions that could harm the user.
Fiddler should not be using HTTP URLs for anything in this day and age.
http://fiddler2.com/content/GetArticles?clientId=0651E115B3D6EFD84CC35BE
http://fiddler2.com/content/GetBanner?clientId=0651E115B3D6EFD84CC35BE
document-policy: force-load-at-top
https://chromestatus.com/feature/5744681033924608
When there's a HAR file with h3 entries, they are either misinterpreted or ignored.
I know how to fix it both in the importer/exporter DLL and in Fiddler.exe.
I can submit a correction.
Hello! The problem is described on this link: stackoverflow
Please add in Filter - feature block named "Request Body" with options "Show only if request body contains", "Hide only if request body contains"
So far Fiddler says it can only import unencrypted sessions from PCAP files.
Various tools and libraries support the SSLKeylogfile environment variable and log the necessary keys.
You can either have them inside the pcapng file or in a seperate file.
It would be nice if Fiddler would accept an optional file with these keys and treated sessions with a suitable key as unencrypted.
This would make things a lot easier in the process.
"Target Any Process" feature no longer working with Chrome. It used to work but no longer works specifically with Chrome. Still works with other processes. Capturing still works with Chrome as long as I am not using the "Target Any Process" feature.
It would be highly useful if there was a "URL splitter" tool added, perhaps as a drop-down entry in the TextWizard, which takes a long-form paramaterized URL and splits it into a line-separated list of individual parameters (and can go the opposite way direction as well).
The "WebForms" subpanel already does this, albeit there's no manual ability to choose what URLs this can be done to ...as far as I'm aware.
Once a program has been "Filter now"ed via the context menu, if that filter is later deleted from down bottom, that program can no longer be "Filter Now"ed again; nothing happens.
It's as if program filtering is only given one opportunity to be "Filter Now"ed. Once that's happened, even if they filter gets deleted, the program isn't given another opportunity to be Filter Now'ed.