Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fiddler and Your Website Robert Boedigheimer. About Me Web developer since 1995 Columnist for aspalliance.com Pluralsight Author 3 rd Degree Black Belt,

Similar presentations


Presentation on theme: "Fiddler and Your Website Robert Boedigheimer. About Me Web developer since 1995 Columnist for aspalliance.com Pluralsight Author 3 rd Degree Black Belt,"— Presentation transcript:

1 Fiddler and Your Website Robert Boedigheimer

2 About Me Web developer since 1995 Columnist for aspalliance.com Pluralsight Author 3 rd Degree Black Belt, Tae Kwon Do ASP.NET MVP http://aspadvice.com/blogs/robertb/ robertb@aspalliance.com @boedie www.devreach.com

3 HTTP HyperText Transfer Protocol –http://www.ietf.org/rfc/rfc2068.txt Request/response paradigm –Header and body www.devreach.com

4 HTTP Request www.devreach.com GET http://devreach.com/ HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://devreach.com/schedule/day/day-2 Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Host: devreach.com GET http://devreach.com/ HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://devreach.com/schedule/day/day-2 Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Host: devreach.com

5 HTTP Response www.devreach.com HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Sun, 23 Sep 2012 23:11:52 GMT Content-Length: 111261 … HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Sun, 23 Sep 2012 23:11:52 GMT Content-Length: 111261 …

6 What is Fiddler? Tracing tool built specifically for HTTP Recently acquired by Telerik Eric Lawrence (@ericlaw) http://fiddler2.com (free) C# www.devreach.com

7 How Does Fiddler Work? Proxy Adjusts browser’s proxy configuration to intercept traffic www.devreach.com

8 Why Use Fiddler? Troubleshoot problems Performance review –Visualize page requests (timeline) Site review Security testing Periodic site reviews Learn how things work www.devreach.com

9 Web Sessions Web Session – single request and response Mark, Comment, Screenshot Properties Compare sessions Search www.devreach.com

10 Decrypt SSL Traffic Fiddler is “Man in the Middle” Off by default, turn on in “Fiddler Options -> HTTPS -> Decrypt HTTPS Traffic” www.devreach.com

11 Filters Can save and load filters Show and hide sessions Block –Images, scripts, CSS Help -> Troubleshoot Filters www.devreach.com

12 Composer How Fiddler got its name… Can “fiddle” with requests –Create manually –Easier to make a request, drag to composer, modify as desired Breakpoints –Interrupt for specific request or response –Opportunity to modify request or response www.devreach.com

13 AutoResponder Since fiddler is a proxy, it can return information without actually contacting the web server Rules –Used in order –Literals, regular expressions, exact matches –Actions Specific status codes Files Other URLs “Unmatched requests passthrough” www.devreach.com

14 Trace Devices Works for devices and platforms where can’t run Fiddler Configure client’s proxy with IP address and port on Windows machine “Reverse Proxy” –http://tinyurl.com/859dc4e www.devreach.com

15 Trace Services Web.config Web Service (.asmx) –.Proxy setting WCF Service –Configure Endpoints www.devreach.com

16 Common Issues Limited processes File -> Capture Traffic No proxy set Browser does not automatically support using “localhost” or “127.0.0.1” –ipv4.fiddler, ipv6.fiddler www.devreach.com

17 Fiddler Script Intercept and modify traffic JScript.NET Common functions –OnBeforeResponse( ) –OnBeforeRequest( ) –OnExecAction( ) www.devreach.com

18 Fiddler Extensions Syntax Highlighting –Color code syntax for HTML, JavaScript, and CSS JavaScript Formatter –Nicely format and un-minify Content Blocker –Use to test what happens if firewall blocked, down, etc Gallery –See thumbnails of all selected sessions that contain images Can write your own www.devreach.com

19 FiddlerCap Non-technical people can perform captures, developer can read in Fiddler –Download and install (http://www.fiddlercap.com) –Step 1, start capture –Step 2, stop capture –Step 3, save capture www.devreach.com

20 Miscellaneous Save raw files Encrypt.saz files Fiddler.exe -viewer archiveName.saz Text Wizard for conversions HTTP Sandbox (http://www.fiddler2.com/sandbox/) Custom Inspectors Fiddler Core QuickExec www.devreach.com

21 Resources Pluralsight Course – Fiddler –http://tinyurl.com/78pbozy http://www.fiddler2.com “Debugging with Fiddler: The complete reference from the creator of the Fiddler Web Debugger” (http://tinyurl.com/6vx6wnc) @ericlaw, Eric Lawrence www.devreach.com

22 Thank you! @boedie blogs.aspadvice.com/robertb robertb@aspalliance.com Robert Boedigheimer


Download ppt "Fiddler and Your Website Robert Boedigheimer. About Me Web developer since 1995 Columnist for aspalliance.com Pluralsight Author 3 rd Degree Black Belt,"

Similar presentations


Ads by Google