First, download and install
1. Download
The official website link: www.telerik.com/
Fiddler Classic, which is free but only available on Windows.
Fiddler Everywhere is available on all platforms and is equivalent to Fiddler Classic+ Postman, but for a fee.
If it is only used as the classic version of the package capture tool, you can directly click the link below to go to the download page.
Download link: www.telerik.com/download/fi…
After filling in the information, check these two items and click Download.
2. Install
Click Agree and select the installation path to install.
Second, caught
1. Basic operations
1.1 Fetch Request
-
HTTP packets are displayed in the Web Sessions session list on the left.
-
The Inspectors on the right side of the screen are used to check the session content. The above is the Request Request information and the below is the Response Response information.
-
Click “Capturing” in the lower left corner
- ALL Processes captures ALL packets
- Web Browsers grab only the packages of Browsers in PCS
- Non-browser captures non-browser packages
- Hide All Hides All agents
- When acting for mobile phones, Capturing packets automatically whether clicking or not. After Capturing desired packets, click here to hide other captured packets
-
Fields that
-
The name of the meaning # Fetch HTTP requests in ascending order, starting with 1 Result The HTTP status code Protocol Protocol used for the request, such as HTTP, HTTPS, or FTP Host The host name of the requested address URL Request the location of the resource Body The size of the request Caching The requested cache expiration time or cache control value Content-Type The type of the request response Process The process sending this request: process ID Comments Allows the user to add remarks to this reply Custom Allows users to set custom values icon meaning The request has been sent to the server The response result has been downloaded from the server The request is paused from the breakpoint The response is paused from the breakpoint The request uses the HTTP HEAD method, meaning that the response has no Body. The request uses the POST method of HTTP The request uses HTTP CONNECT method and HTTPS protocol to establish the connection tunnel The response is in HTML format The response is a picture The response is in script format The response is in CSS format The response is in XML format The response is in JSON format The response is an audio file The response is a video file The response is a SilverLight The response is a FLASH The response is a font Normal Response Succeeded The response is HTTP/300, 301, 302, 303, or 307 redirects The response is HTTP/304 (no change) : use cached files The response requires client certificate verification Server error The session is terminated by the client, Fiddler, or server
-
1.2 Delete Request
- Method 1: Click × on the toolbar to delete the request.
- Method 2: Enter CLS or clear in the black box QuickExec under the session list to delete the request.
- The shortcut Ctrl + x
1.3 Filtering Request
- Click Filters in the right TAB
- Check the User Filters
- Host Filter Select Show only the following Hosts
- Enter the host address you want to filter in the following box as “; “. Space.
- Click on Actions and select Run FilterSet Now
1.4 grab HTTPS
By default, only HTTP pages are fetched. If you want to fetch HTTPS, you need to:
- Open the Tools–Options–HTTPS TAB
- Select Capture HTTPS CONNECTs
- Select Decrypt HTTPS Traffic
- Check Ignore Server Certificate Errors (unsafe) to Ignore certificates (if fiddler certificate is not installed)
2.HTTP request and response
3. Packet capture on the mobile terminal
- Cell phone and computer must be on the same LAN: 1. Cell phone and computer together with a WiFi 2. Connect the mobile phone with WiFi, and connect the computer with the network cable to open the wireless route 3 of this WiFi. Computer open hot spot, mobile phone connect hot spot
- Start fiddler agent, tools-options-connections, check Allow remote Computers to Connect (check as many as possible) and click OK
- View the IP address of your network adapter
- Connect wifi on mobile terminal, and set proxy IP (PC nic IP) and port (8888)
- Enter the proxy IP address and port and click FiddlerRoot Certificate to download Fiddler’s certificate
- Install the certificate (installation method will be different for different devices, you can test yourself or find online tutorials, if you can not install the display can not read the certificate can try to search the CA certificate in the Settings, verify the password after installation)
- After the certificate is successfully installed, you can access the application with your mobile phone and see the captured packets
4. Built-in commands and breakpoints in Fiddler
The FIddler breakpoint function intercepts the request but does not send it, allowing you to make changes.
- QuickExec command
The command | Corresponding request item | introduce | The sample |
---|---|---|---|
? | All | The question mark is followed by a string that matches the request containing the string | |
> | Body | The greater-than sign is followed by a number that matches the size of the request | > 1000 |
< | Body | The less-than sign is the opposite of the greater-than sign, matching requests that are smaller than this number | < 100 |
= | Result | The equals sign is followed by a number that matches the HTTP return code | = 200 |
@ | Host | @ followed by Host matches the domain name | @www.baidu.com |
select | Content-Type | Select is followed by the response type and can be matched to the associated type | select image |
cls | All | Clear all current requests | cls |
dump | All | Package all requests into a SAZ package and save it in the “My Documents \Fiddler2\Captures” directory | dump |
start | All | Start listening for requests | start |
stop | All | Stop listening for requests | stop |
- Breakpoint commands
Breakpoint commands | |||
---|---|---|---|
bpafter | All | Bpafter is followed by a string that interrupts all requests containing the string | Bpafter baidu (enter BPAfter to remove breakpoint) |
bpu | All | Similar to BPAfter, except that the request was received and the interrupt response was received | Bpu baidu (enter BPU to remove breakpoint) |
bps | Result | It is followed by the status code, which interrupts all requests with this status code | BPS 200 (Enter BPS to remove breakpoints) |
bpv / bpm | HTTP method | Interrupts only HTTP commands, such as POST and GET | BPV get (Enter BPV to break the breakpoint) |
g / go | All | Allow all interrupted requests | g |
5. Typical applications
-
Packet capture using web pages or mobile apps
-
Modify service request and response
-
Front-end performance analysis and optimization
-
Simulate weak network test
Three, application scenarios
- Use the packet capture tool to intercept the request information of the observation website to learn more about the website
- By using the packet capture tool to intercept, observe the website request and return information, help us to locate the BUG in the description
- Use the packet capture tool to intercept and modify request information to bypass interface restrictions and test the functions of the server
1. Assist in locating bugs
- Catching HTTP packets
- Check whether the request method and interface address are incorrect
- Check that the returned response status is normal
- Click on the requested WebForms to check the interface delivery parameters
- Click the JOSN of the response to check the response data returned by the interface
2. Build a simulation test scenario
- Simulate sending requests for interface tests
- Application Scenario 1: As described in the requirement document, an interface can request only one request from an account and one request from a device
- Application Scenario 2: If page input is limited, simulate special requests (such as special characters and Spaces) to test the program processing mechanism
- The Mock interface returns data and tests the application
- Application scenario 1: You need to verify that interface data can be processed properly. However, the program is in development and the background cannot respond to sending requests
- Application Scenario 2: Verify the processing mechanism of the program for different states, such as 443, 500, 502
2.1 Simulate sending a request
- Composer allows custom requests to be sent to the server, either by manually creating a new request or by dragging and dropping an existing request from the session table
- Click on the Composer
- Set request method, request address and protocol
- Setting the request Header
- Setting the request body
- Send the request
- See the response
2.2 Simulation returns corresponding data
- AutoResponder allows you to intercept a request for a specified rule and return a local or Fiddler resource instead of a server response.
- Click the AutoResponder
- Select the request and click Add Rule to Add the Rule
- Select the response mode in the Rule Editor
- Save
- Check three options
- Enable rules
- Unmatched requests passthrough
- Enable Latency
3. Simulate weak network operation
If the APP does not deal with all kinds of network anomalies, users may encounter problems such as app flash back, ANR and data loss in daily life.
-
Start analog modem speed to simulate weak network
- Rules–Performance–Simulate Modem Speeds
-
Customize Rules (Ctrl+R) Customize Rules
-
if (m_SimulateModem) { // Delay sends by 300ms per KB uploaded. oSession["request-trickle-delay"] = "300"; // Delay receives by 150ms per KB downloaded. oSession["response-trickle-delay"] = "150"; } Copy the code
-
A fluctuating network can be simulated using the math.random () method in the above function
-
if (m_SimulateModem) { var t = int(Math.random()*500) // Delay sends by 300ms per KB uploaded. oSession["request-trickle-delay"] = ""+ ( 2 * t ); // Delay receives by 150ms per KB downloaded. oSession["response-trickle-delay"] = "" + t; } Copy the code
-
-
Delay parameter
-
The network environment Up/down bandwidth (KBPS) Upstream/downstream packet loss rate (%) Up/down delay (ms) DNS delay (MS) note 2G 20/50 0/0 500/400 0 3G 330/2000 0/0 100/100 0 4G 40000/80000 0/0 15/10 0 wifi 33000/40000 0/0 1/1 0 Bandwidth limited environment 32/32 0/0 200/100 0 Low Packet loss rate and low latency (uplink) 33000/40000 10/0 100/100 200 The test can be set in WiFi environment Low Packet loss rate and High latency (uplink) 33000/40000 10/0 350/350 350 ,,,, Low packet loss rate and low latency (downlink) 33000/40000 0/10 100/100 200 ,,,, Low packet loss rate and high latency environment (downlink) 33000/40000 0/10 350/350 350 ,,,, An environment with low packet loss rate and low latency 33000/40000 10/10 100/100 200 ,,,, An environment with low packet loss rate and high latency 33000/40000 10/10 350/350 350 ,,,, Environment with high Packet loss Rate (Uplink) 33000/40000 90/0 100/100 200 ,,,, Environment with high packet loss Rate (down) 33000/40000 0/90 100/100 200 ,,,, An environment with a high packet loss rate 33000/40000 90/90 100/100 200 ,,,, Network timeout (response) 33000/40000 0/100 100/100 200 ,,,, Network timeout (request) 33000/40000 100/0 100/100 200 ,,,, Network timeout (complete packet loss) 33000/40000 100/100 100/100 200 ,,,, No network (flight mode or off network)
-
4. Front-end performance analysis and optimization
- Select the list of sessions you want to view
- Click Statistics to analyze the requested performance data
- Click on the Collapse Chart to see what percentage of languages are used
- Click on Timeline to view the loading time and order of each element on the page
Problem solving
Q1. Can’t you browse the Web in Chrome after Fiddler starts up?
- Open the Tools–Options–HTTPS TAB;
- Click Actions and select Trust Root Certificate. Select Yes and select Yes.
- Click the Actions drop-down list and select Export Root Certificate to Desktop to Export fiddler Certificate to Desktop.
- Open Google Browser, set – Advanced – Security – Management certificate;
- The import certificate
- Restart the browser and Fiddler.
Q2. How do I mask capturing a particular port?
To use it in Fiddler, open the custom rule with Ctrl+R and add it to OnBeforeRequest.
if (oSession.host=="localhost:9090"){
oSession["ui-hide"] = "true";
}
Copy the code