Fiddler Basics
- Fiddler is a powerful packet capture tool. Its principle is to work in the form of a web proxy server. The proxy address used is: 127.0.0.1, and the port defaults to 8888. We can also modify it through settings.
- The proxy is to set up a checkpoint between the client and the server. After the client sends the request data first, the proxy server will intercept the data packet, and the proxy server will pretend to be the client to send the data to the server. Similarly, the server will respond with the data Return, the proxy server will also intercept the data and return it to the client.
- Fiddler can capture data packets of any program that supports http proxy. If you want to capture https sessions, you must install a certificate first.
HTTP protocol
- To analyze the packets captured by Fiddler, we first need to be familiar with the HTTP protocol. HTTP, the Hypertext Transfer Protocol, is a stateless, application-layer protocol based on the request and response mode. Most web development is a web application built on top of the HTTP protocol.
- The working process of HTTP: When we request a hyperlink, HTTP starts to work. The client first sends a request to the server. The request content includes: protocol version number, request address, request method, request header and request parameters; the server receives After the request is received, the corresponding processing is performed, and the response data is returned to the client. The response content includes: the protocol version number, the status code and the response data. The front end performs corresponding processing according to the response data, which is what we finally see. These processes are done automatically by HTTP, we just enter or click on the request address and see what the front end shows us. For more information about the HTTP protocol, please refer to: http://www.cnblogs.com/li0803/archive/2008/11/03/1324746.html
- Commonly used request methods are: GET, PUT, POST, DELETE.
- HTTP status codes are mainly divided into 5 categories: those starting with 1 indicate that the request has been accepted and need to continue processing; those starting with 2 indicate that the request has been successfully received, understood, and accepted by the server; those starting with 3 indicate that the client needs to take further steps. The operation can complete the request; the one starting with 4 means that the client may have an error, which hinders the processing of the server; the one starting with 5 means that the server has an error or abnormal state in the process of processing the request, or it may be The server realizes that the request cannot be processed with the current hardware and software resources.
- Common ones are: 200: The server successfully processed the request; 404: The resource was not found; 500: Internal server error; 503: The server is currently unable to serve the request; 302: The requested URL has been temporarily transferred; 304: The client's cached resource is up to date and requires the client to use the cache.
- For details of each status code, please refer to: https://baike.baidu.com/item/HTTP%E7%8A%B6%E6%80%81%E7%A0%81/5053660?fr=aladdin
Use of Fiddler
- Fiddler is a very useful tool for capturing packets, which can intercept, resend, edit and other data packets sent and received by network transmission. It can also be used to detect traffic.
- After Fiddler is installed, the default port is 8888. When Fiddler is started, the default proxy for IE is set to 127.0.0.1:8888, while other browsers such as Firefox need to manually set the proxy before they can capture packets. The setting content is as shown in the figure:
1) To use Fiddler to capture packets, you first need to ensure that Capture Traffic is enabled (it is enabled by default after installation), check File->Capture Traffic, or you can directly click the icon in the lower left corner of the Fiddler interface to enable and disable packet capture.
2) So basically no configuration is required, and the package can be captured after installation. So how do we analyze these captured packets? The area shown in the figure is the data packet list. To analyze these data packets, you must first understand the meaning of each field.
#: sequence number, increasing from 1 in the order of capturing packets
Result: HTTP status code
Protocol: The protocol used by the request, such as HTTP/HTTPS/FTP, etc.
HOST: The hostname or domain name of the requested address
URL: The location of the requested resource
Body: request size
Caching: The requested cache expiration time or cache control value
Content-Type: the type of the request response
Process: The process ID that sent this request
Comments: Notes
Custom: custom value
3) Each data packet captured by Fiddler will be displayed in this list. Click on a specific data packet and click Insepector on the right menu to view the details. It is mainly divided into two parts: the request (that is, the data sent by the client) and the response (the data returned by the server).
4) HTTP Request Header: Taking Baidu as an example, to view the request data of the data packet requesting the Baidu homepage, you can see the following content from the above Headers:
Request method : GET
Protocol : HTTP/1.1
Client header field:
Accept: text/html, application/xhtml+xml, image/jxr, */* --------- Media types accepted by the browser
Accept-Encoding: gzip, deflate --------- compression method
Accept-Language: zh-CN --------- language type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393 ---------The operation used by the client System and browser name and version
COOKIE header field : send the cookie value to the server
Transport header field:
Connection: Whether the TCP connection used to transmit HTTP data between the client and the server is closed after the web page is opened. keep-alive means that it will not be closed, and the client will continue to use the established connection when it visits the web page on this server again; close means that it will be closed, and the client will visit the web page on this server again, and the connection needs to be re-established.
HOST: host name or domain name, if no port is specified, the default port 80 is used.
5) HTTP Response Header: Continue to take Baidu as an example, as shown in the figure:
Protocol : HTTP/1.1
Status code : 200
Cache header field:
Cache-Control: private --------- This response message cannot be processed by the shared cache and is invalid for other users' requests
Date: Sat, 05 Aug 2017 04:37:43 GMT --------- Specific time and date when the message was generated
Expires: Sat, 05 Aug 2017 04:37:42 GMT --------- The browser will use the local cache within the specified expiration time
Cookie/Login header field:
Set-Cookie: BDSVRTM=264; path=/ --------- Send cookie to client
Set-Cookie: BD_HOME=1; path=/
Set-Cookie: H_PS_PSSID=1425_21097_22157; path=/; domain =.baidu.com
Entity header field
Content-Length: 202740 --------- Body length
Content-Type: text/html;charset=utf-8 --------- Tell the client the type and character of the object that the server itself responds to set
Miscellaneous 头域:
Bdpagetype: 2
Bdqid: 0x99791efd00036253
Bduserid: 2577220064
Server: BWS/1.1 --------- Indicates the software information of the HTTP server
X-Ua-Compatible: IE=Edge,chrome=1
Security header field:
Strict-Transport-Security: max-age=172800 --------- Parameters that need to be sent based on security considerations, about this parameter For explanation, please refer to: http://www.freebuf.com/articles/web/66827.html
Transport header field:
Connection: Keep-Alive
6) TextView: Display request or response data.
7) WebForms: The request part displays all request parameters and parameter values in form; the response part is the same as the TextView content.
8) Auth: Display authentication information, such as Authorization
9) Cookies: show all cookies
10) Raw: Display Headers and Body data
11) JSON: If the request or response data is in json format, the request or response content is displayed in json format
12) XML: If the request or response data is in xml format, the request or response content is displayed in xml format
13) The above is the Baidu homepage as an example. The Baidu homepage uses a GET request. There is no request body in the TextView. Let’s take the login interface of the Wuyouxing website as an example. It is a POST request. Except for the request header, in the TextView There is more request data. This is also a difference between GET requests and POST requests. The GET request puts the request parameters in the url, and the POST request generally puts the request parameters in the request body.
Summary: The request and response parameters can be captured through Fiddler. By analyzing the parameters, it is possible to locate the front-end or back-end problems. For example, when we tested the login interface, we entered the correct mobile phone number and password, but the front-end prompts "Please enter the correct user name and password"; only through the interface prompts we can only describe the appearance of the bug, but cannot analyze the cause of the problem. Suppose that we found that the front-end parameter name was wrong or the parameter value was empty by capturing the packet, resulting in an error in the background. At this time, we point the bug to the front-end developers, and upload the parameter data and the corresponding message data in the interface document as attachments. Can it improve the efficiency of bug resolution? Fiddler plays a great role in actual functional testing. On the one hand, it helps us better understand which interfaces the client and server make requests in a business, so as to better understand the code logic; on the other hand, We can also judge where there is a problem through the response data. For example, the server program may hang, causing the front end to report "server failure". At this time, we find that the response data returns 502 by capturing packets. At this time, we can manually restart the service or contact Operation and maintenance restart the service, thereby improving the efficiency of problem solving.