|Revision 1.0||01.15.2013||Admin||Fiddler tutorial|
|Revision 1.1 – 1.3||09.09.2013 - 10.04.2013||Admin||bugfixes and enhancements|
Fiddler is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software, communications protocol development and education. Fiddler captures HTTP and HTTPS traffic data between browsers and servers. These data are extremely valuable for troubleshooting, performance turning and system monitoring. This article is a step by step tutorial to guide how to use Fiddler and capture HTTP Traffic.
Fiddler sits between HTTP client and server and listened on a port. As the finger below, it acts as “man-in-the-middle” proxy, when using fiddler, the requests is being sent directly to Fiddler proxy bridge, Fiddler will forward the request to real server, Likewise, the response from server is also sent to the fiddler, fiddler will forward it to the browser. To the client browser, Fiddler claims to be the web server, and to the web server, Fiddler mimics the web browser. In this process, Fiddler intercepts and records all the incoming and outgoing messages.
Fiddler is a Windows Forms application, available for Windows XP and later, go to download page http://www.fiddler2.com/fiddler2/, there have two versions fiddler2 and fiddler4 available, fiddler2 was written in .Net 2, fiddler4 was higher, please choose either the one to download.
After downloaded, double-click the exe file and agree with the installation license, follow the step-by-step wizard to complete the installation, during installing, you may be asked to close all browsers.
Lunch the shortcut of Fiddler from from Start > All Program, you will see the below main Fiddler UI, when starting Fiddler, it will automatically check the latest version against the Fiddler server and ask you upgrade if there have new version available.
Use Internet Explorer or Mozilla FireFox, open a web page that sends a request via the explorer, we will instantly see a list of the web requests in the web sessions panel, while, if you visit more web pages, the recorded requests will continue growing and keep in order.
The web sessions show all HTTP and HTTPS sessions captured by Fiddler, the messages include certain key information:
Of course, It’s just an overall summary list, it give a generic sense that we can choose what we want.
If you double click on a HTTP session, the Inspectors tab on right hand will be displayed, it visualize requests or response content in meaningful ways. In the top half of the right hand side is the request what was sent to server, there have multiple tabs of view where show format message and data(Headers, Text View, web forms, HexView, Auth, Cookies, Raw, JSON and XML). The first one is header, it logged cache, Client, Cookies/Login, Miscellaneous and Transport, these infos are particular helpful to troubleshoot.
[RW] Headers—Shows request headers and status.
[RW] TextView—Shows the request body in a text box.
[RW] HexView—Shows the request body in a hexadecimal view.
[RO] XML—Shows the request body as an XML DOM in a tree view.
[RW] Transformer—Removes GZip, DEFLATE, and CHUNKED encodings for easier debugging.
[RW] Headers—Shows response headers and status.
[RW] TextView—Shows the response body in a text box.
[RW] HexView—Shows the response body in a hexadecimal view.
[RO] ImageView—Shows the response body as an Image. Supports all .NET image formats.
[RO] XML—Shows the response body as an XML DOM in a tree view.
[RO] Privacy—Explains the P3P statement in the response headers, if present.
The bottom half is the response tab, this is the entire response being sent back to the client browser, it may possible be HTML page, image, JSON string, Cascading Style Sheet (CSS) and other resources, we can click textview, syntaxview, Imageview and other clickable tab to view it in different format, the below example demos we syntax view the html source page of this site.
In this tutorial introduces the basic features and examples of Fiddler, Fiddler is a very good debug tool. You may take a try if you have not tried it.