Fiddler Configure and Use

Dominic Yang
Agenda

1. What is Fiddler?
2. How to configure fiddler
3. Common usage scenarios of fiddler
4. Use of fiddler built-in commands
5. Question summary
1.What is Fiddler?
Fiddler is an HTTP proxy server on the client and server.
Fiddler is currently one of the most commonly used http packet capture tools.
Fiddler is very powerful and it is a great tool for web debugging.
Fiddler main page
2. How to configure fiddler?
Intercept HTTPS request, open Fiddler Tools -> Fiddler Options -> HTTPS.

Selected Decrpt HTTPS traffic click yes

Tips : remember to restart Fiddler after configuration.

Cert name ： DO_NOT_TRUST_FiddlerRoot click yes continue click yes then add cert to machine
3. Common usage scenarios of fiddler
• 3.1 The meaning of each column in the session list.

• # : the order of http requests, from the first, gradually increases.

• Result : http response status code.
• Protocol : request agreement.
• Host : domain name of the requested address.
• url : request address, including get parameters.
• Body : the size of the request, in bytes.
• Caching : the requested cache expiration time.
• Content-type : request response type.
• 3.2 Statistic tab

• About HTTP request performance and other

data analysis.
• 3.3 Inspectors tab

• Provide header, textview, webForms, Raw and other tabs to view the information of a single http request and
response. It is mainly divided into two parts, the upper part is the request part, and the lower part is the
response part. For each part, a variety of different formats are provided to view the content of each request

and response.
• WebForms tab : contains the parameters of the get-request.
• TextView tab : the TextView tab can see the content of the response, including HTML/JS/CSS .
• Json tab : view the formatted response data information.
3.4 AutoResponder tab
• Fiddler's AutoResponder tag allows you to return files locally, which is one of Fiddler's most useful
features. You can freely set rules and get the file you want to return without sending an http
request to the server.
• About the return settings of some abnormal scenes, there are many different states to choose.
3.5 Filters tab

• Excessive web page requests affect our development needs, So we need to exclude other useless packages and
only pay attention to the request packages of the domain name we specify.

• By default, the filter page is gray, which means that no requests are filtered. Choose to use Filters checkbox.
There are usually the following filter conditions:

• 1. Domain name filtering, only display records of a specific domain name.

• 2. Type filtering, generally filter out all kinds of static materials such as pictures, CSS, JS and so on so that they
won’t be seen in the session list.

• 3. According to the return status code, for example, only want to display the status of 200, and not display the
others.
• Tips : Refer to the filter options on the next page.
4. Use of fiddler built-in commands
• The Fiddler command line can enter commands to operate the conversation list.

• bpu (Indicator icon: ) : interrupt on request

(Operation example : bpu http://localhost:3000/api/v1/accrual_balance/import/209 )
• bpafter (Indicator icon: ) : interrupt after receiving the response

(Operation example : bpuafter http://localhost:3000/api/v1/accrual_balance/import/209 )

• Tips : this method will only interrupt http://localhost:3000/api/v1/accrual_balance/import/209
Other command line:

• bps : bps is followed by the HTTP status code, which means that all sessions with this status code
are interrupted. (example : bps 200)

• bpv or bpm : after bpv or bpm is the HTTP method, which means that all sessions of the method
are interrupted. (example : bpv post or bpm post)

• select : followed by the response type (Content-Type), it means to specify all matching sessions.
(example : Select application/json)

• allbut or keeponly : Similar to select, but allbut and keeponly will delete all irrelevant sessions. for
example, if I only want to watch html, then I can enter keeponly html, which means to delete all
sessions not related to html. (example : allbut html or keeponly html)
• urlreplace : urlreplace is followed by two strings, which means to replace the string in the URL.
(example : urlreplace v1 v2)

• cls or clear : clear all current sessions.

• go or g : release all interrupted sessions.

• start : fiddler start work.

• stop : fiddler stop work.

• quit : close fiddler.

• ? : followed by a string, fiddler will highlight all the matches that match the string in all sessions.

• Tips : entering a command without parameters means canceling the previously set command.
5. Question summary
• Fiddler Firefox access issue.

• Step1 : open fiddler, select tools--->options--->HTTPS in the tools panel, click Actions at the top
right, and select Export Root Certificate to Desktop to export the certificate to the desktop. then
Selected Tools-->Options-->Connections, click Copy browser proxy configuration URL.
• Step2 : in the Firefox browser options, select General, find the network proxy at the bottom, and
click Settings.
• Step3 : add url for automatic proxy configuration.
• Step4 : select Privacy and Security--->Certificate--->View Certificate--->Certificate Authority. Click
Import, then import the fiddler certificate on the desktop, and then click OK, the certificate is
added successfully. (in the process of adding a certificate, you need to check the Trusted option
box.)
Q&A