I have a job which executes few webservices. When executed manually I keep the Fiddler app on and it captures the traffic.
But if I am scheduling the aforesaid job via Jenkins then is it feasible to capture the traffic? If yes then how?
Hello,
I'm looking to write a fiddler extension following this article: https://docs.telerik.com/fiddler/extend-fiddler/createextension
In this article it suggests linking to fiddler at a hard coded local path.
Is there any way to link to fiddler from a nuget feed, git sub-module or other way or is it best practice to bundle the Fiddler.exe with your application so it can be built without hard-coded paths to locally installed tools? How is this normally done?
Thanks
Hello Fiddler gang
Found this old post https://stackoverflow.com/questions/43898449/in-fiddler-is-it-possible-to-spoof-the-client-ip-address while trying to find out if there is a way of dynamically directing fiddler to send the requests thru specific IP address (I have a server with multiple IPs).
It suggest using X-EgreesIP so in my fiddler script I added:
oSession["X-EgreesIP"] = "10.10.10.123";
in my InBeforeRequest function but it doesn't seems to have any effect? by running netstat -f it still shows the main IP for establishing the connections to the remote host servers.
The same old post points to another link http://fiddler.wikidot.com/egressip where it mention that it can be configured by command but that means then ALL my requests will go thru that other configured IP, I want to programmatically be able to give a different IP based on the particular request. Is that at all possible?
Thanks!
Hello,
I have a very strange behavior, I build on a Java program a request to query a site. For your information, here is the code, but it's not the root of the problem:
conn = (HttpURLConnection) url.openConnection();
conn.setConnectTimeout(SimpleCrawler.timeout);
conn.setReadTimeout(SimpleCrawler.timeout);
conn.setRequestProperty( "Host", url.getAuthority() );
conn.setRequestProperty( "User-Agent", userAgent );
conn.setRequestProperty( "Accept", SimpleCrawler.acceptPageType);//text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
conn.setRequestProperty( "Accept-Language", SimpleCrawler.acceptLanguage );
conn.setRequestProperty( "Accept-Encoding", "gzip, deflate, br" );
InputStream input = conn.getInputStream();
byte[] buffer = new byte[4096];
int n;
OutputStream output = new FileOutputStream( chemin );
while ((n = input.read(buffer)) != -1)
{
output.write(buffer, 0, n);
}
output.close();
And the request downloads a corrupted file. Now if I go through fiddler with this code :
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("127.0.0.1", 8888));
conn = (HttpURLConnection) url.openConnection(proxy);
I see the request go through Fiddler and the file downloads correctly.
It's as if Fiddler modified the return or the request by reorganizing something to correct a problem that was there before. But I can't figure out what it is, if I knew I'd fix my problem.
Do you have any idea why I am seeing this behavior?
Thanks
The url captured by fiddler can send instructions through the software's own composer and return the correct json file.
However, the correct result cannot be obtained under the requests of python, and it will prompt:
{"Message":"Cannot convert object of type \u0027System.String\u0027 to type \u0027Carpa.Web.Script.HashObject\u0027","StackTrace":" in Carpa.Web.Ajax.Serialization.ObjectConverter.ConvertObjectToTypeInternal(Object o, Type type, JavaScriptSerializer serializer)\r\n at Carpa.Web.Ajax.WebServiceMethodData.StrongTypeParameters(IDictionary`2 rawParams)\r\n at Carpa.Web.Ajax.AjaxHandler.InvokeMethod(HttpContext context, WebServiceMethodData methodData, IDictionary `2 rawParams)\r\n at Carpa.Web.Ajax.AjaxHandler.ExecuteWebServiceCall(HttpContext context, WebServiceMethodData methodData)","ExceptionType":"System.InvalidOperationException"}
The code is as follows: ("..." means omitted information, the headers are consistent with the information in the fiddler software)
from urllib import response
import requests
import json
url = "http://......Web.Script.DataService.ajax/GetPagerDataEx"
headers = {
"Accept":"*/*",
"Referer":"...",
"Accept-Language":"zh-Hans-CN,zh-Hans;q=0.8,en-US;q=0.5,en;q=0.2",
"Content-Length":"...",
"Content-Type":"application/json;charset=utf-8",
"X-ClientType":"SLJson",
"X-JSONFormat":"true",
"Accept-Encoding":"gzip,deflate",
"User-Agent":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; Tablet PC 2.0)",
"Host":"...",
"Pragma":"no-cache",
"Cookie": "...",
"Connection": "keep-alive"
}
data = {
"pagerId":"$......$ptypeDataSource",
"queryParams":"null",
"orders":"null",
"filter":"null",
"first":"...",
"count":"...",
"isFirst":"false"
}
data = json.dumps(data)
response = requests.post(url=url,data=data,headers=headers)
content = response.text
print(content)
Hope that helps, thanks!
EDIT: The title might be confusing, but I can't edit it. I mean I want to update the public version of AppContainer Loopback Utility.
I find that "AppContainer Loopback Utility" on https://www.telerik.com/fiddler/add-ons is still at the version of 1.2.0.1 .
And the latest release of Fiddler Classical has 1.4.3.0 .
The reason for the request is that version 1.4 can read the list through the registry when it is not available through the system API (see attach pic ). But version 1.2 can not do that.
I don't know if there are infringement issues if I take "AppContainer Loopback Utility" from Fiddler Classical and embed it in a third party application. So I hope Telerik can update the public version.
I used the eval function in fiddlerscript to dynamically load code from the server when fiddler was opened.But when using the eval function to process JSON, the program throws an exception.code show as below:
//Operating normallyif(oSession.uriContains('https://xxxxxx.com')){
var responseStringOriginal = oSession.GetResponseBodyAsString();
var responseJSON = Fiddler.WebFormats.JSON.JsonDecode(responseStringOriginal);
responseJSON.JSONObject['data']['data1']['data2'] = 22;
responseJSON.JSONObject['data']['data1']['data3'] = 1;
responseJSON.JSONObject['data']['data1']['data4'][0]['type'] = 2;
responseJSON.JSONObject['data']['data1']['data5'][0]['type'] = 22;
var responseStringDestinal = Fiddler.WebFormats.JSON.JsonEncode(responseJSON.JSONObject);
oSession.utilSetResponseBody(responseStringDestinal);
}
eval("if(oSession.uriContains('https://xxxxxx.com')){var responseStringOriginal=oSession.GetResponseBodyAsString();var responseJSON=Fiddler.WebFormats.JSON.JsonDecode(responseStringOriginal);responseJSON.JSONObject['data']['data1']['data2']=22;responseJSON.JSONObject['data']['data1']['data3']=1;responseJSON.JSONObject['data']['data1']['data4'][0]['type']=2;responseJSON.JSONObject['data']['data1']['data5'][0]['type']=22;var responseStringDestinal=Fiddler.WebFormats.JSON.JsonEncode(responseJSON.JSONObject);oSession.utilSetResponseBody(responseStringDestinal)}")
(It says that Hashtable cannot cast to StackFrame)
Thanks for help.
Hello,
For the extension I work on it might happen that I need to recognize a HTTP request to a domain that does not exist. However if such a session ends with "HTTP/1.1 502 Fiddler - DNS Lookup Failed" in the Response Header, my extension is not triggered.
Such responses neither trigger the
AutoTamperResponseBefore(Session oSession)
method, nor the
OnPeekAtResponseHeaders(Session oSession)
method. My question is, what can I do here to notice such cases with my extension?
And another question, which other cases should I be aware of that don't cause a proper response?
Hello,
I currently develop a small extension for hobbyist use. The extension reads some information of HTTP traffic between a local application and a server. This works pretty well so far but I stumbled on an issue.
I have two HTTP requests from the application to the server following each other. The first contains the last telemetry and the second requests a result of all previously sent telemetry. Without using Fiddler this works just as expected, but it seems like Fiddler adds enough delay to the first session that the application sends the second request before the server received the first. This sometimes results in the second requests reaching the server to late which means the answer to it from the server is incomplete.
I currently use a workaround by adding a delay to the second session to make it less likely to happen. But I already noticed that even 250ms is not always enough.
public void AutoTamperRequestBefore(Session oSession)
{
switch (oSession.fullUrl)
{
case string s when s == Data.Version.ContractEventsUrl:
//the first session that needs to reach the server before the second
//some code
break;
case string s when s == Data.Version.ContractEndUrl:
//the second session that needs to reach the server after the first
oSession["request-trickle-delay"] = "250";
break;
}
}
I noticed that the Session object can be checked if it received a response.
https://www.fiddlerbook.com/om/html/7FE52DC7.htm
I think a good solution would be to put the first session in a variable of the Main class and hold the second session until the first received an answer.
However, I noticed that adding async code to the AutoTamperRequestBefore results in the Session to fire the HTTP request the moment async code is reached. I find nothing about it in the documentation and I don't want to put the Thread to sleep to avoid that.
What can I do?
Greetings, Ben