https://www.bilibili.com/video/BV19L4y1t7d4Table of contents
1. Fiddler download and installation and certificate generator
2. Principle of packet capture
3. Introduction to fiddler software interface
5. Interface testing and debugging (web interface testing) - jmeter tool
6. Locating front-end and back-end BUGs (web interface testing)
2. Set up a weak network environment
3. After the environment is set up, you can perform a weak network test
8. Network coercion and online testing
2) Save the front-end script in an HTML file;
3) Set fiddler to network hijacking mode
4) Modify a.html and refresh the web page
1. Capture https protocol packets
2. Capture the mobile APP package
1. Fiddler download and installation and certificate generator
1. Application scenarios:
1) Accurately locate front-end and front-end BUG;
2) Weak network test;
3) Interface testing and debugging
4) Fiddler network hijacking and online debugging
2. Fiddler download link:
3. Certificate generator:
Link: https://pan.baidu.com/s/1BFq2Fy2g_Y1epJe_zfmHQw
Extraction code: msxyA generator is required otherwise an error will be reported.
The installation tutorial is simple, just double-click to install.
2. Principle of packet capture
1. Browser access before packet capture - direct browser request, server returns response data
2. Browser access after packet capture - a proxy server is added in the middle. As long as there is interaction between the browser and the server, it must go through the d proxy server, which also captures the data packets (packets).
3. Introduction to fiddler software interface
[Commonly used] The inspector tab of the tab page is used to view the contents of the package.
4. Shortcut keys
After visiting a web page and performing new actions (such as logging in, switching pages), clear the messages of the fiddler software, and then refresh with shift+F5 on the web page.
5. Interface testing and debugging (web interface testing) - jmeter tool
1. Use fiddler to capture packets to obtain the [Request Method], [Request Path], [Request Parameters], and [Request Header] of the corresponding interface;
2. Use the jmeter tool to fill in the relevant data of the above four interfaces into the corresponding locations, and then view and test.
6. Locating front-end and back-end BUGs (web interface testing)
1. Check the request parameters. If the request parameters are incorrect, it is a front-end problem;
2. If the parameters are correct, check the return value of the backend. If the return value is incorrect, it is a backend problem.
7. Weak network test
1. Default network settings
2. Set up a weak network environment
1) Modify the delay value
The larger the value, the more obvious the delay.
2) Switch to weak network mode
RULES>>>PERFORMANCE>>>SIMULATE MODEM SPEEDS
Check it
3. After the environment is set up, you can perform a weak network test
8. Network coercion and online testing
Network hijacking: Assume that clicking on link a will display html1, but now we intercept the click on link a and point it to html2. Is this a network hijacking? [Personal understanding, please correct any mistakes]
1. Application background
Assume that there is an existing web page that has been published. At this time, there is a problem with the front end of the web page and it needs to be modified. At this time, under normal circumstances, [Operation and Maintenance ] will first remove the web page, and then [ Develop ] will modify it, and then send it to [ Testing ] after modification. , and so on, and finally pass [ Operation and Maintenance ] to launch the new web page. This process is very cumbersome. If it is taken off the shelves directly, it will cause a lot of trouble in operation and maintenance, and may even cause the loss of some users, and may not adapt to the online environment.
If there is a way, [ Test ] can directly modify and test online. After OK, ask [ Development ] to modify it to the same, and then [ Operation and Maintenance ] go online. This will save a lot of trouble.
Network hijacking and online testing are to copy the code of the web page to the local, and then modify it locally, and then read the local HTML file through the fiddler software front-end. The resources are still obtained from the server, so that online testing can be realized and real-time You can see the effect of your modification on the browser. After the modification is completed, you can directly develop and modify it, and then perform operation and maintenance and release it.
2. Steps
1) Select package;
2) Save the front-end script in an HTML file;
You can see that the a.html file is opened
3) Set fiddler to network hijacking mode
In this way, a.html can be displayed in an online server environment, which is equivalent to pointing a URL link to the local. This is network hijacking. Modifications in a.html can be displayed online in real time.
4) Modify a.html and refresh the web page
Before modification: hot news
After modification: Hot news [fiddler network threat test]
You can see that the HTML code modifications are made locally and displayed online in real time, which is convenient for testing, development and operation and maintenance.
9. Capture the APP package
1. Capture https protocol packets
1) Install the certificate generator;
2) Check TOOLS---OPTIONS---HTTPS
3) Reset the root certificate
actions-reset all certificates, just click OK and Yes all the way
4) Restart fiddler
5) Capturing the https protocol package successfully
2. Capture the mobile APP package
1) Set up fiddler and restart fiddler
2) Ensure that the computer and mobile phone are in the same LAN;
3) Enter in the mobile browser: ip: port number to enter the download certificate
The IP address can be obtained through ipconfig in cmd, and the port number is generally 8888.
fiddler implements mobile phone packet capture and mobile phone installation certificate error reporting "The certificate cannot be installed because the certificate file cannot be read" solution_NO.rui1028's blog-CSDN blog_fiddler mobile certificate The best computer is a laptop, so that it can be unified with the mobile phone Within the LAN; not much else to say, just the steps. 1. Configure PC (laptop) parameters 1. Configure fiddler to allow monitoring of https (fiddler only captures http format by default). Open the Fiddler menu item Tools->TelerikFiddler Options->HTTPS, check CaptureHTTPS CONNECTs, click Actions, and check Select Decrypt HTTPStraffic and Ignore...
https://blog.csdn.net/sunruirui1028/article/details/120526637Mobile version - Enter the download certificate page, click on fiddlerRoot certificate to download
Computer side fiddler - you can see the mobile phone download certificate web page request package
4) Download and install the certificate on the mobile phone through the proxy server;
After downloading, you will get a file package: FiddlerRoot.cer
After installation, set the proxy on your phone
5) Capture the packet on fiddler and check whether the packet capture is successful by looking at the picture.
