Fiddler Tutorials (Web Debugging Tools)

Reprint address: Well written fildder tutorial Http://kb.cnblogs.com/page/130367/Fiddler Basic Introduction

Fiddler's official Website: www.fiddler2.com

Fiddler's official Help: Http://docs.telerik.com/fiddler/knowledgebase/quickexec

Fiddler official website provides a lot of help documentation and video tutorials, which is the best information for learning fiddler.

Fiddler is one of the most powerful Web debugging tools, it can record all the client and server HTTP and HTTPS requests, allowing you to monitor, set breakpoints, and even modify the input and output data, Fiddler contains a powerful event-based scripting subsystem, And can be extended using the. NET language

The more you know about the HTTP protocol, the more you can master the way fiddler is used. The more you use Fiddler, the more you can help you understand the HTTP protocol.

Fiddler is a very useful tool for developers and testers alike.

How the Fiddler works

Fiddler is working as a proxy Web server, which uses proxy addresses: 127.0.0.1, Port: 8888. When Fiddler exits, it automatically logs off, so that no other program is affected. However, if Fiddler exits abnormally, this is because Fiddler does not log off automatically, which can cause the webpage to be inaccessible. The workaround is to restart the next fiddler.

Other tools of the same kind

Similar tools are: HttpWatch, Firebug, Wireshark

Fiddler How to capture a Firefox session

can support HTTP proxy of any program's packets can be fiddler sniff, fiddler operation Mechanism is actually on this machine listening to 8888 port HTTP proxy. Fiddler2 start when the default IE proxy is set to 127.0.0.1:8888, and other browsers need to be set manually, so the Firefox agent to 127.0.0.1:8888 can listen to the data.

Set up the agent on Firefox with the following steps

Click: Tools, Options, click Advanced tab-> Network tab-Setting on the Options dialog box.

Fiddler How to capture an HTTPS session

By default, Fiddler does not capture HTTPS sessions and requires you to set the Fiddler tool->fiddler Options->https tab to open

Select the checkbox and the following dialog box appears, click "YES"

　　

When you click "Yes", you are ready to set up.

Basic interface of Fiddler

Look at the basic interface of Fiddler.

HTTP statistics view for fiddler

By displaying all of the HTTP traffic, fiddler can easily show you which files generate the page you are currently requesting. With the Statistics tab, the user can select multiple sessions to get the total information statistics for these sessions, such as multiple requests and bytes transferred.

Select the first request and the last request to get the overall time consumed by the entire page load. You can also separate which requests take the most time from the bar chart to optimize access to the page

Quickexec use of the command line

The lower left corner of Fiddler has a command-line tool called Quickexec, which allows you to enter commands directly.

Common commands are:

Help opens the Official usage page and all the commands are listed

CLS Clear Screen (Ctrl+x can also clear the screen)

Select a command for a session

?. PNG to select a PNG suffix picture

BPU Intercept Request

Setting breakpoints in fiddler modify request

Fiddler the most powerful function is to set breakpoints, after setting breakpoints, you can modify HttpRequest any information including host, cookie or the data in the form. There are two ways of setting breakpoints:

The first type: Open fiddler click Rules-> Automatic Breakpoint->before requests (this method interrupts all sessions)

How to eliminate the command? Click rules-> Automatic Breakpoint->disabled

The second type: Enter the command at the command line: Bpu www.baidu.com (This method only interrupts www.baidu.com)

How to eliminate the command? Enter a command on the command line BPU

See an example, simulation Blog Park login, in IE open the Blog Park login page, enter the wrong user name and password, with fiddler interrupt session, modify the correct username password. This will enable you to log in successfully:

1. Open the login interface of the blog park with IE http://passport.cnblogs.com/login.aspx

2. Open fiddler and enter BPU on the command line http://passport.cnblogs.com/login.aspx

3. Enter the wrong user name and password and click Sign In

4. Fiddler can interrupt this session, select the interrupted session, click the WebForms tab under Inspectors tab to modify the username password, and then click Run to completion as shown.

5. The result is a proper login to the blog park

Fiddler Setting Breakpoint Modification response

Of course fiddler can also modify the response:

The first type: Open fiddler click rules-> Automatic Breakpoint->after Response (this method interrupts all sessions)

How to eliminate the command? Click rules-> Automatic Breakpoint->disabled

The second type: Enter the command at the command line: Bpuafter www.baidu.com (This method only interrupts www.baidu.com)

How to eliminate the command? Enter command bpuafter on the command line,

The exact usage is similar to that in the previous section, not much.

Creating Autoresponder rules in Fiddler

Fiddler's Autoresponder tab allows you to return files locally without sending an HTTP request to the server.

See an example:

1. Open the Blog home page, the blog Park logo image to local, and make some changes to the picture.

2. Open the Fiddler to find the logo image of the session, Http://static.cnblogs.com/images/logo_2012_lantern_festival.gif, drag the session to Autoresponer tab

3. Select Enable automatic reaponses and unmatched requests passthrough

4. Select the Find a file below the rule Editor ...  Select a locally saved picture. Finally click Save.

5. Re-use IE Blog home page, you will see the homepage of the picture with the local.

How to filter sessions in Fiddler

Each time using fiddler, open a website, can see in the Fiddler dozens of sessions, see dazzling. The best way to do this is to filter out some conversations, such as a session that filters out images. Fiddler in the filter function, in the Right Filters tab, there are many options, a little research, you know how to use.

Session compare function in Fiddler

Select 2 sessions, right click Compare, you can use WinDiff to compare two sessions (of course you need to install WinDiff)

The encoding gadget provided in Fiddler

Click Textwizard on the Fiddler toolbar, this tool can encode and decode string.

Query session in Fiddler

Use the shortcut key ctrl+f to open the Find Sessions dialog box and enter the keyword to query the session you want. The query to the session is displayed in yellow.

Save session in Fiddler

Sometimes we need to save the conversation so that we can send it to someone or analyze it later. The steps to save the session are as follows:

Select the session you want to save, then click File->save->selected Sessions

Fiddler's script system

The most complex of Fiddler is the script system, the official Help document: Http://www.fiddler2.com/Fiddler/dev/ScriptSamples.asp.

First install the Syntaxview plug-in, inspectors tab->get Syntaxview tab->download and install Syntaxview now ... Such as

After the installation is successful, Fiddler will have a fiddler Script tab, such as:

In it we can write a script, and see an example to make all cnblogs sessions appear red.

Place the script under the Onbeforerequest (osession:session) method and click Save Script

if (Osession.hostnameis ("www.cnblogs.com")) {

osession["Ui-color"] = "red";

}

This will show red for all cnblogs sessions.

How to use fiddler when you debug a Web site vs.

We also need to use Fiddler to analyze HTTP when we are developing an ASP with visual Stuido, and by default fiddler is not able to sniff localhost's web site. But if you add a dot behind localhost, fiddler can sniff.

For example: the original ASP. NET address is http://localhost:2391/Default.aspx, add a dot number, become http://localhost.:2391/Default.aspx can

HTTP Request Header

With Fiddler you can easily see the reques header, click Inspectors tab, Request tab, and headers as shown.

Header There are many, more difficult to remember, we also follow the Fiddler as the header classification, so clear and easy to remember.

　　Cache header Field

If-modified-since

Effect: The last modification time of the browser-side cache page is sent to the server, and the server compares this time with the last modification time of the actual file on the server. If the time is the same, then return 304, the client uses the local cache file directly. If the time is inconsistent, 200 and the new file contents are returned. After the client receives it, it discards the old files, caches the new files, and displays them in the browser.

For example: If-modified-since:thu, 09:07:57 GMT

Real example

If-none-match

Role: If-none-match works with the ETag and works by adding etag information to the HTTP response. When the user requests the resource again, the If-none-match information (the value of the ETag) is added to the HTTP request. If the server verifies that the etag of the resource has not changed (the resource is not updated), it returns a 304 status that tells the client to use the local cache file.  Otherwise, the 200 state and the new resource and ETag are returned. Using such a mechanism will improve the performance of your website

Example: If-none-match: "03f2b33c0bfcc1:0"

Real example

Pragma

Role: Prevent the page from being cached, in the http/1.1 version, it is identical to the Cache-control:no-cache function

Pargma has only one usage, for example: Pragma:no-cache

Note: In the http/1.0 version, only Pragema:no-cache is implemented, not implemented Cache-control

Cache-control

Role: This is a very important rule. This is used to specify the caching mechanism that response-request follows. Each instruction has the following meanings

Cache-control:public can be cached by any cache ()

Cache-control:private content is cached only in the private cache

Cache-control:no-cache All content is not cached

There are other uses, I do not understand the meaning, please refer to other information

　　Client Header Domain

Accept

Role: The type of media that can be accepted by the browser side,

For example: accept:text/html represents the type of server postback that the browser can accept as text/html, which is what we often call HTML documents,

If the server cannot return data of type text/html, the server should return a 406 error (non acceptable)

Wildcard * represents any type

For example, Accept: */* on behalf of the browser can handle all types, (the general browser to the server is the issue of this)

Accept-encoding:

Function: The browser declares itself to receive the encoding method, usually specifies the compression method, whether compression is supported, what compression method is supported (Gzip,deflate), (note: This is not a character encoding);

Example: Accept-encoding:gzip, deflate

Accept-language

Role: The browser affirms the language it receives.

Language and Character set differences: Chinese is a language, Chinese has a variety of character sets, such as BIG5,GB2312,GBK and so on;

Example: accept-language:en-us

User-agent

Role: tells the HTTP server which client uses the name and version of the operating system and browser.

When we go online to the forum, often see some welcome information, which lists the name and version of your operating system, the name and version of the browser you are using, which often makes a lot of people feel very magical, in fact, The server application obtains this information from the User-agent request header domain user-agent The request header domain allows the client to tell the server about its operating system, browser, and other properties.

For example: user-agent:mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; trident/4.0; CIBA;. NET CLR 2.0.50727;. NET CLR 3.0.4506.2152;. NET CLR 3.5.30729;. net4.0c; infopath.2;. NET4.0E)

Accept-charset

Role: The browser affirms its own received character set, this is the various character sets and character encodings described earlier in this article, such as gb2312,utf-8 (usually we say CharSet includes the corresponding character encoding scheme);

For example:

　　Cookie/login header Field

Cookies:

Role: The most important header, the value of the cookie is sent to the HTTP server

　　Entity header Field

Content-length

Role: The length of the data sent to the HTTP server.

Example: content-length:38

Content-type

Role:

Example: content-type:application/x-www-form-urlencoded

　　Miscellaneous header Field

Referer:

Role: The server that provides the context information for the request tells the server which link I have received from, such as linking to a friend from my home page, and his server is able to count the number of users who clicked the link on my page every day from the HTTP referer to visit his website.

Example: REFERER:HTTP://TRANSLATE.GOOGLE.CN/?HL=ZH-CN&TAB=WT

　　Transport header Field

Connection

Example: connection:keep-alive when a Web page opens, the TCP connection between the client and the server for transmitting HTTP data does not close, and if the client accesses the Web page on the server again, it will continue to use the established connection

For example: Connection:close represents the completion of a request, the TCP connection between the client and the server for transmitting HTTP data is turned off, and the TCP connection needs to be re-established when the client sends the request again.

Host (the header field is required when the request is sent)

Role: The request header domain is used primarily to specify the Internet host and port number of the requested resource, which is typically extracted from the HTTP URL

For example: We entered in the browser: http://www.guet.edu.cn/index.html

In the request message sent by the browser, the host Request header field is included, as follows:

host:http://www.guet.edu.cn

The default port number 80 is used here, and if a port number is specified, it becomes: Host: Specify port number

HTTP Response Header

Also use Fiddler to view Response header, click Inspectors tab->response tab-> headers as shown

We also classify the header according to Fiddler, so that it is clearer and easier to remember.

　　Cache header Field

Date

Role: The exact time and date of the message generation

Example: Date:sat, 11:35:14 GMT

Expires

Role: The browser will use the local cache for the specified expiration period

For example: Expires:tue, 2022 11:35:14 GMT

Vary

Role:

Example: vary:accept-encoding

　　Cookie/login header Field

P3p

Role: Used to set cookies across domains, which resolves the issue of cross-domain access to cookies for IFRAME

Example: P3p:cp=cura ADMa DEVa Psao psdo our BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

Set-cookie

Role: A very important header, used to send cookies to the client browser, each write cookie generates a Set-cookie.

For example: set-cookie:sc=4c31523a; path=/; Domain=.acookie.taobao.com

　　Entity header Field

ETag

Function: Used in conjunction with If-none-match. (See examples of If-none-match in the section)

For example: ETag: "03f2b33c0bfcc1:0"

Last-modified:

Role: Used to indicate the last modification date and time of the resource. (See examples of if-modified-since in the section)

Example: last-modified:wed, Dec 09:09:10 GMT

Content-type

Role: The Web server tells the browser the type and character set of the object it responds to.

For example:

content-type:text/html; Charset=utf-8

content-type:text/html;charset=gb2312

Content-type:image/jpeg

Content-length

Indicates the length of the entity body, expressed as a decimal number stored in bytes. In the process of data downlink, content-length the way to pre-cache all the data in the server, and then all the data peremptorily to the client.

Example: content-length:19847

Content-encoding

The Web server indicates what compression method (Gzip,deflate) It uses to compress the objects in the response.

Example: Content-encoding:gzip

Content-language

Role: The Web server tells the browser to respond to the language of the object

Example: Content-language:da

　　Miscellaneous header Field

Server:

Function: Indicates the software information of the HTTP server

Example: server:microsoft-iis/7.5

X-aspnet-version:

Role: If the Web site is developed with ASP, this header is used to represent the version of ASP.

Example: x-aspnet-version:4.0.30319

X-powered-by:

Role: Indicates what technology the site is developed with

Example: X-powered-by:asp.net

　　Transport header Field

Connection

Example: connection:keep-alive when a Web page opens, the TCP connection between the client and the server for transmitting HTTP data does not close, and if the client accesses the Web page on the server again, it will continue to use the established connection

For example: Connection:close represents the completion of a request, the TCP connection between the client and the server for transmitting HTTP data is turned off, and the TCP connection needs to be re-established when the client sends the request again.

　　Location Header Field

Location

Function: Used to redirect a new location, including a new URL address

Http://www.cnblogs.com/anny-1980/p/4537922.html

Fiddler Tutorials (Web Debugging Tools)