Eric Lawrence ericlaw1979

## fixanalytics.js
      // Place inside OnBeforeResponse because even though we're only touching the
      // request, we don't want to change what the server gets.
      if (oSession.HTTPMethodIs("POST") && oSession.uriContains("-analytics.com/collect")
         && oSession.oRequest["Content-Type"].StartsWith("text/plain"))
      {
        oSession.oRequest["Content-Type"] = "application/x-www-form-urlencoded";
      }

## SRIHash.js
public BindUITab("Resource Integrity Hashes", "<nowrap><nolink>")
    static function ShowSRIHashr(arrSess: Session[]):String
    {
        var oSB: System.Text.StringBuilder = new System.Text.StringBuilder();
        for (var i:int = 0; i<arrSess.Length; i++)
        {
            if (arrSess[i].HTTPMethodIs("CONNECT")) continue;

            if (!arrSess[i].bHasResponse)
            {

## hide missing text.js
//Inside Rules > Customize Rules > OnBeforeResponse

// Hide everything except responses of type TEXT/* containing "xyz"
if (!oSession.ExistsAndContains("Content-Type", "text/"))
{
  oSession["ui-hide"] = "not text";
}
else
{
  if (oSession.utilFindInResponse("xyz", true) < 0)

## ICertificateProviderInfo.cs
    public interface ICertificateProviderInfo
    {
        /// <summary>
        /// Return a string describing the current configuration of the Certificate Provider. For instance, list
        /// the configured key size, hash algorithms, etc.
        /// </summary>
        string GetConfigurationString();

        /// <summary>
        /// Show a configuration dialog that allows user to control options related to your Certificate Provider,

## FilterSazLoad.js
// Click Rules > Customize Rules. Scroll to the OnBoot function.
//Inside that function, add:

    FiddlerApplication.add_OnLoadSAZ(onLoadSAZ);

// Just outside that OnBoot function, add the following code:

    static function onLoadSAZ(sender: Object, oEA: FiddlerApplication.ReadSAZEventArgs)
    {
        if (oEA.arrSessions.Length < 1) return;

## ComodoPhishCert
Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.

Secure Protocol: Tls
Cipher: Aes256 256bits
Hash Algorithm: Sha1 160bits
Key Exchange: RsaKeyX 2048bits

== Server Certificate ==========
[Subject]
  CN=ppilll.com, OU=PositiveSSL, OU=Domain Control Validated

## AutoSizeSessionList.js
// Click Rules > Customize Rules
// Inside your existing onboot handler, add two lines:
  static function OnBoot() {
		FiddlerApplication.UI.pnlSessions.add_Enter(panelEnter);
		FiddlerApplication.UI.pnlSessions.add_Leave(panelExit);


// Just before that method in the Handlers class, add:

	public static

## FiddlerCore4.6.2.txt
The last thing I did at Telerik was release FiddlerCore 4.6.2, available from https://www.telerik.com/fiddler/fiddlercore
(includes demo app) and http://www.nuget.org/packages?q=fiddlercore.

There are three major areas of change:

1> v4.6.2 now goes async (unblocking the thread) for DNS lookups and for connection reuse. This should generally improve
performance for Fiddler[Core], in some cases dramatically, as the .NET thread pool growth algorithm is pretty conservative.
While I didn't have the opportunity to finish async'ing everything I wanted to, this was a pretty solid start.

2> Certificate generation has changed pretty significantly, to improve performance and to accommodate changes in Certificate

## WarningBeforeCertExpires.js
// Inside Rules > Customize Rules > OnBoot, add the following line:
	FiddlerApplication.add_OnValidateServerCertificate(onEvalCert);

// Just before that function, add the following new function:
	static function onEvalCert(o: Object, e: ValidateServerCertificateEventArgs)
	{
		try
		{
			var X2: System.Security.Cryptography.X509Certificates.X509Certificate2 =
				new System.Security.Cryptography.X509Certificates.X509Certificate2(e.ServerCertificate);

## FlagUnsecureRequests
// Inside the block:
static function OnBeforeRequest(oSession: Session) {

  // Add the following lines:
  if (!oSession.isHTTPS && !oSession.HTTPMethodIs("CONNECT")) {
    oSession["ui-backcolor"] = "#FADC93";
  }
	// Place inside OnBeforeResponse because even though we're only touching the
	// request, we don't want to change what the server gets.
	if (oSession.HTTPMethodIs("POST") && oSession.uriContains("-analytics.com/collect")
	&& oSession.oRequest["Content-Type"].StartsWith("text/plain"))
	{
	oSession.oRequest["Content-Type"] = "application/x-www-form-urlencoded";
	}
	public BindUITab("Resource Integrity Hashes", "<nowrap><nolink>")
	static function ShowSRIHashr(arrSess: Session[]):String
	{
	var oSB: System.Text.StringBuilder = new System.Text.StringBuilder();
	for (var i:int = 0; i<arrSess.Length; i++)
	{
	if (arrSess[i].HTTPMethodIs("CONNECT")) continue;

	if (!arrSess[i].bHasResponse)
	{
	//Inside Rules > Customize Rules > OnBeforeResponse

	// Hide everything except responses of type TEXT/* containing "xyz"
	if (!oSession.ExistsAndContains("Content-Type", "text/"))
	{
	oSession["ui-hide"] = "not text";
	}
	else
	{
	if (oSession.utilFindInResponse("xyz", true) < 0)
	public interface ICertificateProviderInfo
	{
	/// <summary>
	/// Return a string describing the current configuration of the Certificate Provider. For instance, list
	/// the configured key size, hash algorithms, etc.
	/// </summary>
	string GetConfigurationString();

	/// <summary>
	/// Show a configuration dialog that allows user to control options related to your Certificate Provider,
	// Click Rules > Customize Rules. Scroll to the OnBoot function.
	//Inside that function, add:

	FiddlerApplication.add_OnLoadSAZ(onLoadSAZ);

	// Just outside that OnBoot function, add the following code:

	static function onLoadSAZ(sender: Object, oEA: FiddlerApplication.ReadSAZEventArgs)
	{
	if (oEA.arrSessions.Length < 1) return;
	Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.

	Secure Protocol: Tls
	Cipher: Aes256 256bits
	Hash Algorithm: Sha1 160bits
	Key Exchange: RsaKeyX 2048bits

	== Server Certificate ==========
	[Subject]
	CN=ppilll.com, OU=PositiveSSL, OU=Domain Control Validated
	// Click Rules > Customize Rules
	// Inside your existing onboot handler, add two lines:
	static function OnBoot() {
	FiddlerApplication.UI.pnlSessions.add_Enter(panelEnter);
	FiddlerApplication.UI.pnlSessions.add_Leave(panelExit);


	// Just before that method in the Handlers class, add:

	public static
	The last thing I did at Telerik was release FiddlerCore 4.6.2, available from https://www.telerik.com/fiddler/fiddlercore
	(includes demo app) and http://www.nuget.org/packages?q=fiddlercore.

	There are three major areas of change:

	1> v4.6.2 now goes async (unblocking the thread) for DNS lookups and for connection reuse. This should generally improve
	performance for Fiddler[Core], in some cases dramatically, as the .NET thread pool growth algorithm is pretty conservative.
	While I didn't have the opportunity to finish async'ing everything I wanted to, this was a pretty solid start.

	2> Certificate generation has changed pretty significantly, to improve performance and to accommodate changes in Certificate
	// Inside Rules > Customize Rules > OnBoot, add the following line:
	FiddlerApplication.add_OnValidateServerCertificate(onEvalCert);

	// Just before that function, add the following new function:
	static function onEvalCert(o: Object, e: ValidateServerCertificateEventArgs)
	{
	try
	{
	var X2: System.Security.Cryptography.X509Certificates.X509Certificate2 =
	new System.Security.Cryptography.X509Certificates.X509Certificate2(e.ServerCertificate);
	// Inside the block:
	static function OnBeforeRequest(oSession: Session) {

	// Add the following lines:
	if (!oSession.isHTTPS && !oSession.HTTPMethodIs("CONNECT")) {
	oSession["ui-backcolor"] = "#FADC93";
	}