1. Introduction to
Fiddler Fiddler is one of the more useful web proxy debugging tools. It can record and check all client and server HTTP/HTTPS requests, set breakpoints, tamper with and forge Request/Response data, modify hosts, Limit network speed, http request performance statistics, simple concurrency, interface testing, auxiliary automated testing, etc. Now that the packet capture tool has become a must-have tool for testers, and developers are also commonly using it, it is a tool that is very helpful for problem location analysis.
2. In Fiddler working mode, the
browser sends a Request to the webserver, the proxy server fiddler receives the Request, fiddler sends the Request to the webserver, the webserver processes the request after receiving the Request, and the Response to the proxy server fiddler, Fiddler returns the Response to the browser, such as Picture:
3. Fiddler is powerful and has the following commonly used functions:
Fiddler grabs HTTPS request configuration
Fiddler comes with a convenient coding tool: TextWizard
interface test
Set breakpoints, tamper with and forge data,
modify the computer system hosts
HTTP request statistical view
Simple concurrent test
slow network test (Limit Internet speed)
Display server IP method
Command line QuickExec usage
4. Menu bar
1. Click "Session Record" and "Add Remarks"
2. Click "session record", click the "playback/replay" button, or click the "shortcut key R" to replay
3. Clear the control panel, options: Images, Non-200s, Non-Browser, etc.
点击“Remove all”按钮(全部清空)
4. To debug bugs, you can let the breakpoint go down when requesting a breakpoint, and use it in conjunction with the status bar
For the sent request, set a breakpoint and click the "arrow" (located at the bottom, the arrow is facing upwards and displays ×), it means there will be a breakpoint in the sending stage of the request, click the "arrow" again (located at the bottom, the arrow is upwards and displays ×) ), which means that the request has a breakpoint during the return phase.
If the request is not sent out and you want the breakpoint to go down, click the "GO" button
5. Proxy mode switch, the default buffer mode, click "switch stream mode"
6. Decompress the request, help decompress the things in the Http request, and facilitate viewing
7. Keep sessions, the default is to select "All sessions" The more sessions Fiddler saves, the more memory Fiddler will occupy
8. Filter requests, filter some requests that you don't want to see in the process, for example: open Google Chrome, and Fiddler side by side, move the icon to Google Chrome, the filter request will display the relevant information of Google Chrome
9. Search, used when there are a lot of sessions, for example: search baidu and select "pink" to display the effect
10. Save the session, for example: save the session, name Demo, clear the session, click "File"-"Recent archives", find the session you just saved and open it
11. Save the screenshot, after clicking the "icon", the screenshot will be saved after 5 seconds
12. Timer, click "icon" to start timing, and then click "icon" to return the timing result
13. Quickly start the browser, display the browser installed on the computer itself, click "Browser" to open and use
14. Clear the cache, clear the shortcut key of IE browser cache, click "Clear Cache" to automatically clear the browser cache
15. Encode/decode, click "TextWizard" to encode/decode text content, for example: URL is encoded, select "URLDecode" to decode
16. Separate the panel, display the effect of floating window, close it when not in use
17. MSDN search, for MSDN
5. Request and return message view tab function description
6. Fiddler grab HTTPS request configuration
Because fiddler can only grab http requests by default after installation, if you need to grab https requests, you need to configure it. Configuration method:
Tools—>Options—>HTTPS, check CaptureHTTPS CONNECTs, Decrypt HTTPS traffic, ignore server certificate errors (unsafe), click OK, and the certificate will pop up to confirm directly.
7. Grab the mobile APP request configuration
Tools---->Connections---->Check Allow remote computers to connect:
and then set the proxy
on the mobile phone. Take the iPhone as an example: set the proxy on the mobile phone: Settings— >Wireless network, set the server ip and port number:
then enter the address in the mobile safari browser: computer ip:8888 such as: http://172.21.10.42:8888, the following page will appear:
click "FiddlerRoot certificate" to install the certificate, the installation is complete After that, the installation is successful as follows:
At this time, the certificate is not yet complete. If the mobile phone is ios10.0 or higher, you need to set it in the mobile phone system—about the phone—certificate trust setting. Turn on the certificate on this page.
Yes , at this time, enter the test URL in the address bar of the mobile safari browser or use the APP, and the corresponding request can be displayed on the fiddler of the computer: 8. Fiddler comes with a convenient coding tool: TextWizard
9. Interface test
Composer
10. Set the break Points, tampering and falsifying data. When
registering an order to submit a payment function
request, there are two points that can be tampered with: Before Requests and After Responses.
修改Requests方法:Rules---->Automatic Breakpoints---->Before Requests
Take the forum post as an example, modify the content of the data before the request, for example, the content of the post is as follows:
Click to publish the post, and the request is intercepted by fiddler at this time, add the new content before the message content in the request body field on the right: "Tampering with the requests data Success!", then click Run to Completion, first turn off the interception Rules---->Automatic Breakpoints---->Disabled, all other requests are let go, click "Go" in the toolbar to
modify the Response method: Rules-- -->Automatic Breakpoints---->After Responses, the method is similar to modifying Requests, except that the modified content becomes Response.
10. Modify the computer system hosts.
If I want to point www.baidu.com to the server corresponding to www.hao123.com, the public network ip of the server corresponding to www.hao123.com: 47.94.18.31, and the configuration is as follows: Tools---- >Hosts---->Check Enable remapping of requests for one host to a different host or IP,overriding DNS. Then the host edit area, enter the server public IP that the domain name needs to point to, for example, I will www.baidu.com The domain name points to 47.94.18.31, just save it. (If host is not used, just uncheck it)
11.HTTP request statistics view
ctrl+click the request that needs statistics, the statistics on the right can see the overall details.
12. Simple concurrent test
If a person can only have one chance to draw a lottery a day, then before clicking the draw button to send a request, you must set Before Requests Breakpoints. After clicking the draw, you will see a request with a breakpoint in the session list. Select this request with the mouse and press shift+u, and the setting of the number of concurrent times will pop up. Set the number of concurrent times as required.
13. Weak network test (limit network speed)
Fiddler—"Rules—"Customize Rules,
Search in CustomRules.js and find: m_SimulateModem,
Modify the upload and download delay in milliseconds in the following script:
if (m_SimulateModem) {
// Delay sends by 300ms per KB uploaded.
oSession["request-trickle-delay"] = "300";
// Delay receives by 150ms per KB downloaded.
oSession["response-trickle-delay"] = "150";
}
After the modification is completed, restart fiddler, Rules---->Performance---->Simulate Modem Speeds, select it to take effect.
14. The server IP method shows that the server IP
can not be seen in the default configuration of Fiddler. Next, let’s briefly introduce that the requested server IP can also be seen on fiddler:
1、Fiddler—》Rules—》Customize Rules ,
2. Search and find in CustomRules.js: static function Main(),
3. Add the following line of script:
FiddlerObject.UI.lvSessions.AddBoundColumn(“Server IP”, 120, “X-HostIP”);
The complete js code is as follows:
static function Main() {
var today: Date = new Date();
FiddlerObject.StatusText = " CustomRules.js was loaded at: " + today;
// Uncomment to add a “Server” column containing the response “Server” header, if present
FiddlerObject.UI.lvSessions.AddBoundColumn(“Server IP”, 120, “X-HostIP”);
}
After the addition is complete, restart fiddler to display the requested server ip.
15. Fiddler filtering requests only need to see what you want
. Check "Use Filters" in the Filers panel and set the following three options in the Hosts area:
1). There are three options for the first item, namely "No zone filter", "Show Only Intranet Hosts" and "Show Only Internet Hosts", do not change;
2). The second item has four options, namely:
No Host Filter "Do not set hosts filtering";
Hide The Following Hosts" hide the filtered domain names;
"Show Only The Following Hosts" only displays the filtered domain names;
"Flag The Following Hosts" mark the filtered domain name;
Select "Show Only The Following Hosts", enter the domain name to be filtered in the text box, multiple domain names are used ";" semicolon separation. By default, fiddler will check the host set in the http header and force the display of the German domain name in the http address. To
15. How to deal with garbled
Responses Question: Sometimes we see that the HTML in the Response is garbled. This is because the HTML is compressed. We can decompress it in two ways.
Steps: Method 1: Click on the red box content "Response body is encouded. Click to decode."
Method 2: Select "Decode" in the toolbar. This will automatically decompress.