Misc Information Page

For now, this page can be used for random information until a more formal structure to the pages is established. The info will at least be "ready" here to be used on another page
(The following is pulled from the Google Group's archives) Seemed to be finished most of the relevant info as well

How can I change where Fiddler stores its configuration files?

Fiddler loads content from the Documents\Fiddler2 folder by default.

To override:

  1. Close Fiddler
  2. Start REGEDIT
  4. Open SOFTWARE
  6. Open FIDDLER2
  7. In the pane on the right, right-click and choose NEW > STRING VALUE.
  8. Name the new string USERPATH
  9. Enter the desired settings path (e.g. C:\FIDDLERCONFIG).
  10. Ensure file system permissions allow writing to this location.

Can I use Fiddler to monitor FTP traffic?

Yes, but Fiddler does not automatically register as the FTP proxy. If you would like to enable FTP interception, click Tools > Fiddler Options > Connections and tick the "Capture FTP requests" box.

WinINET and other CERN-compatible proxy clients convert FTP requests into a HTTP-formatted message that Fiddler can see. (This will generally not work for e.g. command line FTP tools).

Fiddler Balloon Notification

FiddlerApplication.AlertUser(sTitle, sMessage);

Add a Bound Column (Should probably be it's own page)

FiddlerObject.UI.lvSessions.AddBoundColumn("List Names", 70, getListName);

Activate a Tab On Boot

If you want Fiddler to activate the Inspectors tab on every boot, click Rules > Customize Rules, scroll down to OnBoot, and uncomment the lines as follows:

        static function OnBoot(){

Explanation of Fiddler Timers

Fiddler SessionTimers

Can i find out how long the server needs to process my request ?

(ServerBeginResponse - ServerGotRequest) is probably what you want.

Can i find out how long the request needs to pass through the network?

I'm not sure that's what you really want to know, but it would be:

(ServerGotRequest - ClientDoneRequest) - (DNSTime + TCPConnectTime)

How Can I Get the Response Size of a Session?

Session s;          //s is any Fiddler Session object
long cBytesOut;      //# of bytes sent
long cBytesIn;     //# of bytes received
if (null != s.requestBodyBytes) 
    cBytesOut += s.requestBodyBytes.LongLength;
if ((null != s.oRequest) && (null != s.oRequest.headers)) 
    cBytesOut += s.oRequest.headers.ByteCount() ;
if (null != s.responseBodyBytes) 
    cBytesIn += s.responseBodyBytes.LongLength; 
if ((null != s.oResponse) && (null != s.oResponse.headers)) 
    cBytesIn += s.oResponse.headers.ByteCount();

HTTP Traffic Seems Slower When Fiddler is Capturing (may need to be worked on more since this is a common issues for people)

For some reason, your browser is currently configured to "Automatically detect proxy settings" using a technique called WPAD. Because Fiddler (by default) respects the browser's proxy settings,
that browser configuration option forces Fiddler to try to use WPAD too. That will always fail because your environment doesn't actually have a WPAD server. So, Fiddler wastes a lot of time trying to automatically detect a non-existent proxy.

By unchecking that checkbox, you're telling Fiddler "ignore my browser's proxy settings, and just send requests directly to websites."

Of course, an alternative fix (and one that would probably speed up your browser even when Fiddler *isn't* running) is to close Fiddler, open IE, choose Tools / Internet Options / Connections / Lan Settings, and uncheck the "Automatically detect" checkbox.

Add a Proxy Authorization Header to a Request

Yes, you can use Fiddler to automatically add the proxy authorization header.

Inside Rules > Customize Rules > OnBeforeRequest, add the following

// Add proxy auth header
oSession.oRequest["Proxy-Authorization"] = "YOURCREDENTIALS";

Note: the YOURCREDENTIALS string is generated by taking USERNAME:PASSWORD and encoding it in base64. The "Text Encode/Decode" feature on the Tools menu can do that for you.

Comparing Multiple Fiddler Traces

If you mean "I can only have one copy of Fiddler open at a time", then yes, that's the case.

For now, you can load multiple SAZ captures and compare them inline:

  1. Load file #1 using File > Load Archive.
  2. Hit CTRL+A, then CTRL+1 to flag all sessions from file #1.
  3. Load file #2 using File > Load Archive.
  4. Select all unflagged sessions from file #2, and hit CTRL+2 to flag them in blue.
  5. Now, click the URL column to sort the entire set on URL.
  6. You then get a view where the matching URIs are paired up.
  7. You can then use the context menu to individually WinDiff matching requests.

In the future, there will be a SAZDiffer extension which makes this process easier.
http://www.fiddler2.com/dl/fiddlerSAZDiffSetup.exe is an early prototype of the SAZDiff extension.

It needs a lot of work, but it may be useful for some tasks, and it will probably spark some conversations on the features that need to be present in such a tool.

Pull CustomRules.js from an External Server

This is a security risk and could easily be done in .NET instead (maybe make its own page with code snippets)

  1. Inside the registry key HKCU\Software\Microsoft\Fiddler2, create a new REG_SZ named ScriptFullPath
  2. Set the value of ScriptFullPath to the full file path of the rules file, e.g. \\server\share\fiddler2\customrules.js

I recommend that you keep the file named customrules.js, otherwise change notifications will break.
Note, if the file server is unavailable, Fiddler will complain at various points that the file cannot be found.

Injecting HTML Tags into the Head Section of a Document

Someone asked how to inject HTML tags into the HEAD section of a document using a Fiddler extension. Here's a code sample:

Call it like so:

insertIntoHTMLHead(oSession, "\r\n<!-- kilroy was here -->\r\n");
private bool insertIntoHTMLHead(Session oSession, string sToInsert)
    if ((null == oSession.responseBodyBytes) || (null == oSession.oResponse) || (null == oSession.oResponse.headers))
        return false;
    // If HTML
    if (oSession.oResponse.headers.ExistsAndContains("Content-Type", "html"))
        // Remove any content-encoding so we can properly scan the response
        Encoding oEnc = Utilities.getResponseBodyEncoding(oSession);
        string sBody = Utilities.GetStringFromArrayRemovingBOM(oSession.responseBodyBytes, oEnc);
        int iStart = 0;
        int iHeadPtr = 0;
            iHeadPtr = sBody.IndexOf("<head", iStart, Math.Min(16384, sBody.Length-iStart), StringComparison.OrdinalIgnoreCase);  //Find <HEAD within first 16k
            if (0 > iHeadPtr) 
                return false;
            if ((sBody.Length > (iHeadPtr + 5) && (sBody[iHeadPtr + 5] != '>') && ((int)(sBody[iHeadPtr + 5]) > 0x21) && (int)(sBody[iHeadPtr + 5]) < 0x7a))
                // Someone tried to trick us with a "<headNOT" or similar tag.
                iStart = iHeadPtr + 5;
                iHeadPtr = -1;
        } while (0 > iHeadPtr);
        iStart = iHeadPtr + 1;
        int iInsertPtr = sBody.IndexOf(">", iStart, Math.Min(2048, sBody.Length - iStart), StringComparison.OrdinalIgnoreCase);  // Find > within next 2k
        if (0 > iHeadPtr) 
            return false; 
        oSession.responseBodyBytes = oEnc.GetBytes(sBody.Insert(iInsertPtr + 1, sToInsert));
        oSession.oResponse.headers["Content-Length"] = oSession.responseBodyBytes.LongLength.ToString();
        return true;
    return false;

Using a .PFX Certificate

I believe that if you open the .PFX file, you can easily extract the .CER file.

Monitoring CURL Traffic (Probably should be a whole page of monitoring different types of apps)

curl doesn't use the system proxy by default. Try this:

curl -x http://www.get.this/

This tells CURL to use Fiddler (on localhost port 8888) as a proxy.

Change Default Text Editor

To change the default text editor used within Fiddler, add a REG_SZ inside HKCU\Software\Microsoft\Fiddler2 named "TextEditor" which points at the full path to your editor.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License