One, what is Fiddler
Fiddler is a proxy between the client and the server, and it is also one of the most commonly used packet capture tools.
It can record all requests between the client and the server, and can target specific requests,
Analyze request data, set breakpoints, debug web applications, modify requested data, and even modify the data returned by the server.
simply put:
1. Fiddler is a proxy between the client and the server.
Fiddler works as a proxy web server, using the proxy address of 127.0.0.1 and port 8888. It will automatically start proxy when fiddler is turned on, and will automatically log out when fiddler is turned off, so that it will not affect other programs. Any program that supports an http proxy server can be sniffed by fiddler. The operating mechanism of fiddler is actually an HTTP proxy listening on port 8888 on this machine.
Note that if fiddler does not log out normally, it may cause fiddler to log out normally, making the page inaccessible.
==
2. The usage scenario of fiddler in the test:
1. Interface debugging and interface testing
2. Online debugging, found BUG
3. Determine the BUG of the front and back ends
4. Mock test
5. Weak network test
Two, installation
fiddlersetup
https://www.telerik.com/download/fiddler
Three, PC-side monitoring
We double-click to open the software, enter the following interface, and then click on a request, you will find that the requested content is a bunch of obviously wrong text, and then the left side of the request is a lock style, think of https encryption, you will The reason may be that Fiddler is not configured. Then explain the default return content on the right. The first sentence is **"This is a CONNECT tunnel through which encrypted HTTPS traffic flows."**, which confirms our guess, and it really is because of https encryption.
So how to configure FIddler to parse these encrypted requests? The first method is to check the installation documents on the official website, and the second is to look at the prompts. The software company is still very user-friendly and prompts where to set it in the returned content, which is the sentence on the second line:
"enable the Tools> Options> HTTPS> Decrypt HTTPS traffic option."
We follow the prompts to set up, first find Tools in the toolbar in the upper left corner, then select Options, HTTPS, and then check the Decrypt HTTPS traffic option, and then install the certificate.
There are two ways to install the certificate:
After checking, click the Actions button on the right to select the **"Trust Root Certificate"** option, and then select all yes.
After checking, click the Actions button on the right to select the second option to export the certificate to the desktop, and then add it in the corresponding browser.
Then we open a new web page (such as Baidu) to view the request
At this point, you can listen to requests from the PC browser.