Advanced Web Debugging with Fiddler Eric Lawrence Program Manager Internet Explorer Note: Session includes demos and code samples.

Slides:



Advertisements
Similar presentations
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Advertisements

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Preface Demo A Quick Thank You How Did We Do It?
Windows 8 (1) (2) (3) Windows 8 (1) (2) (3)
Taylor Brown Test Lead Microsoft Corporation ES09.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Feature: Reprint Outstanding Transactions Report © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product.
Debugging with Fiddler
Feature: Purchase Requisitions - Requester © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
 Phil Haack Senior Program Manager Microsoft Corporation PC21.
Co- location Mass Market Managed Hosting ISV Hosting.
Windows 7 Training Microsoft Confidential. Windows ® 7 Compatibility Version Checking.
Multitenant Model Request/Response General Model.
Feature: Purchase Order Prepayments II © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
Advanced Web Debugging with Fiddler Eric Lawrence Program Manager Internet Explorer Note: Session includes demos and code samples.
Gold Silver Bronze. Eric Follow along at
Fiddler. Introducing Fiddler HTTP/HTTPS Debugger Runs as a proxy server on the local machine or on a remote server Written in C# (.NET Framework v2.0)
Note: Session includes demos and code samples. For optimal viewing, please sit near the front!
Announcing Demo Announcing.
Feature: OLE Notes Migration Utility
Feature: Web Client Keyboard Shortcuts © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
SQL Server Developer Tools, Codename “Juneau” Database Services Sanjay Nagamangalam Principal Program Manager SQL Server Manageability.
Session 1.
Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
 Rico Mariani Architect Microsoft Corporation.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Windows 8 (1) (2) (3) Windows 8 (1) (2) (3)
WinHEC /22/2017 © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Connect with life Connect with life
Windows Azure Connect Name Title Microsoft Corporation.
NEXT: Overview – Sharing skills & code.
demo Receive Inventory Export Parse and Normalize.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Feature: Suggested Item Enhancements – Sales Script and Additional Information © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows.
Building Social Games for Windows 8 with Windows Azure Name Title Microsoft Corporation.
Feature: Customer Combiner and Modifier © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
Ian Ellison-Taylor General Manager Microsoft Corporation PC27.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.
demo Instance AInstance B Read “7” Write “8”

customer.
demo © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
demo Demo.
What’s New in Fiddler2 Eric Lawrence fiddler2.com/perf/
demo QueryForeign KeyInstance /sm:body()/x:Order/x:Delivery/y:TrackingId1Z
Feature: Suggested Item Enhancements – Analysis and Assignment © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and.
Windows Azure SQL Data Sync Name Title Microsoft Corporation.
projekt202 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
The CLR CoreCLRCoreCLR © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.
Sr. Dir. – Systems Architecture Inlet Technologies.

Debugging with Fiddler Eric Lawrence ) Follow along at
MIX 09 4/17/2018 4:41 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Возможности Excel 2010, о которых следует знать
Title of Presentation 12/2/2018 3:48 PM
8/04/2019 9:13 PM © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Windows 8 Security Internals
Виктор Хаджийски Катедра “Металургия на желязото и металолеене”
Шитманов Дархан Қаражанұлы Тарих пәнінің
Title of Presentation 5/24/2019 1:26 PM
WCL425 App Compat for Nerds Chris Jackson.
Presentation transcript:

Advanced Web Debugging with Fiddler Eric Lawrence Program Manager Internet Explorer Note: Session includes demos and code samples. For optimal viewing, please sit near the front!

TRAFFIC CAPTURE GET /data HTTP/1.1

Typical Architecture

Debug Across Devices Fiddler Mac Internet SmartPhone Linux PC

FiddlerHook for Firefox

TRAFFIC IMPORT Fiddler, FiddlerCap, and IE9

FiddlerCap FiddlerCap is a lightweight capture tool

IE9 Developer Tools IE9’s Developer Tools include a “Network” tab

TRAFFIC ANALYSIS Examine Requests and Responses

Filtering Traffic Ignore Images & CONNECTs Application Type Filter Process Filter Using QuickExec Using Find

Output Options Copy sessions to the clipboard Store as a plaintext file Extract binary response bodies Archive to a database Export a Visual Studio.WebTest file Write your own… Fiddler’s native “Session Archive ZIP” (SAZ) Format

Traffic Comparison Use WinDiff to compare HTTP requests and responses.

Traffic Comparison “Viewer” mode allows examining multiple captures side-by-side. fiddler.exe -viewer

TRAFFIC MODIFICATION Rewriting HTTP(S) Traffic

Automated Rewrites Simple Built-in Rules The HOSTS extension

Breakpoint Debugging Use Fiddler inspectors to modify requests and responses….

Understanding Streaming Timeline view of Buffering Mode Timeline view of Streaming Mode

Request Builder Create hand-built HTTP requests, or modify and reissue a request previously captured.

Simple Filters Flag, modify or remove headers from all requests and responses.

AutoResponder Replay previously captured or generated traffic.

SCRIPTING AND EXTENSIBILITY Powering Up Fiddler

Understanding Extensibility Fiddler 2 Fiddler ScriptEngine Inspector2 IFiddlerExtension Fiddler Proxy ExecAction.exe Your FiddlerScript Xceed*.dll Makecert.exe Your Automation

FIDDLERSCRIPT Lightweight extensibility using JavaScript

FiddlerScript

FiddlerScript: Request Modification static function OnBeforeRequest(oS: Session){ if (oS.uriContains(".aspx")) { oS["ui-color"] = "red"; } if (m_DisableCaching){ oS.oRequest.headers.Remove("If-None-Match"); oS.oRequest.headers.Remove("If-Modified- Since"); oS.oRequest["Pragma"] = "no-cache"; }

FiddlerScript: Response Modification static function OnBeforeResponse(oS: Session) { oS.utilDecodeResponse(); oS.utilPrependToResponseBody("Injected Content!"); }

EXTENSIONS Powerful extensibility using any.NET Language

neXpert

Watcher Automated (passive) security analysis

TEST INTEGRATION Integrating Fiddler into your tools

ExecAction The ExecAction.exe command line utility calls into the OnExecAction function in script and Fiddler extensions.

FiddlerCore Fiddler 2 Fiddler ScriptEngine Inspector2 IFiddlerExtension FiddlerCore ExecAction.exe YourApp.exe FiddlerCore Fiddler application with extensionsYour application hosting FiddlerCore Your FiddlerScript Xceed*.dll Makecert.exe

Programming with FiddlerCore // Call Startup to tell FiddlerCore to begin // listening on the specified port, register as // the system proxy and decrypt HTTPS traffic. Fiddler.FiddlerApplication.Startup(8877, true, true); Fiddler.FiddlerApplication.BeforeResponse += delegate(Fiddler.Session oS) { Console.WriteLine ("{0}:HTTP {1} for {2}", oS.id, oS.responseCode, oS.fullUrl); }; // Call Shutdown to tell FiddlerCore to stop // listening and unregister as the system proxy Fiddler.FiddlerApplication.Shutdown();

Call To Action Try the Watcher & neXpert extensions Use FiddlerCap to collect traffic from the field Check out import from the IE9 Developer Tools

Questions and Resources Resources o Meet the IE Team in the MIX “Commons” o o Please fill out an evaluation form for this session ( FT-50 ). Thank you!

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Internet Explorer, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.