This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Place inside OnBeforeResponse because even though we're only touching the | |
// request, we don't want to change what the server gets. | |
if (oSession.HTTPMethodIs("POST") && oSession.uriContains("-analytics.com/collect") | |
&& oSession.oRequest["Content-Type"].StartsWith("text/plain")) | |
{ | |
oSession.oRequest["Content-Type"] = "application/x-www-form-urlencoded"; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public BindUITab("Resource Integrity Hashes", "<nowrap><nolink>") | |
static function ShowSRIHashr(arrSess: Session[]):String | |
{ | |
var oSB: System.Text.StringBuilder = new System.Text.StringBuilder(); | |
for (var i:int = 0; i<arrSess.Length; i++) | |
{ | |
if (arrSess[i].HTTPMethodIs("CONNECT")) continue; | |
if (!arrSess[i].bHasResponse) | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Inside Rules > Customize Rules > OnBeforeResponse | |
// Hide everything except responses of type TEXT/* containing "xyz" | |
if (!oSession.ExistsAndContains("Content-Type", "text/")) | |
{ | |
oSession["ui-hide"] = "not text"; | |
} | |
else | |
{ | |
if (oSession.utilFindInResponse("xyz", true) < 0) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public interface ICertificateProviderInfo | |
{ | |
/// <summary> | |
/// Return a string describing the current configuration of the Certificate Provider. For instance, list | |
/// the configured key size, hash algorithms, etc. | |
/// </summary> | |
string GetConfigurationString(); | |
/// <summary> | |
/// Show a configuration dialog that allows user to control options related to your Certificate Provider, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Click Rules > Customize Rules. Scroll to the OnBoot function. | |
//Inside that function, add: | |
FiddlerApplication.add_OnLoadSAZ(onLoadSAZ); | |
// Just outside that OnBoot function, add the following code: | |
static function onLoadSAZ(sender: Object, oEA: FiddlerApplication.ReadSAZEventArgs) | |
{ | |
if (oEA.arrSessions.Length < 1) return; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list. | |
Secure Protocol: Tls | |
Cipher: Aes256 256bits | |
Hash Algorithm: Sha1 160bits | |
Key Exchange: RsaKeyX 2048bits | |
== Server Certificate ========== | |
[Subject] | |
CN=ppilll.com, OU=PositiveSSL, OU=Domain Control Validated |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Click Rules > Customize Rules | |
// Inside your existing onboot handler, add two lines: | |
static function OnBoot() { | |
FiddlerApplication.UI.pnlSessions.add_Enter(panelEnter); | |
FiddlerApplication.UI.pnlSessions.add_Leave(panelExit); | |
// Just before that method in the Handlers class, add: | |
public static |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The last thing I did at Telerik was release FiddlerCore 4.6.2, available from https://www.telerik.com/fiddler/fiddlercore | |
(includes demo app) and http://www.nuget.org/packages?q=fiddlercore. | |
There are three major areas of change: | |
1> v4.6.2 now goes async (unblocking the thread) for DNS lookups and for connection reuse. This should generally improve | |
performance for Fiddler[Core], in some cases dramatically, as the .NET thread pool growth algorithm is pretty conservative. | |
While I didn't have the opportunity to finish async'ing everything I wanted to, this was a pretty solid start. | |
2> Certificate generation has changed pretty significantly, to improve performance and to accommodate changes in Certificate |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Inside Rules > Customize Rules > OnBoot, add the following line: | |
FiddlerApplication.add_OnValidateServerCertificate(onEvalCert); | |
// Just before that function, add the following new function: | |
static function onEvalCert(o: Object, e: ValidateServerCertificateEventArgs) | |
{ | |
try | |
{ | |
var X2: System.Security.Cryptography.X509Certificates.X509Certificate2 = | |
new System.Security.Cryptography.X509Certificates.X509Certificate2(e.ServerCertificate); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Inside the block: | |
static function OnBeforeRequest(oSession: Session) { | |
// Add the following lines: | |
if (!oSession.isHTTPS && !oSession.HTTPMethodIs("CONNECT")) { | |
oSession["ui-backcolor"] = "#FADC93"; | |
} |
OlderNewer