1 / 42

The Devil Went Down to HTTP Web Debugging with Fiddler Session Code: HTM-08

barbara
Download Presentation

The Devil Went Down to HTTP Web Debugging with Fiddler Session Code: HTM-08

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. The Devil Went Down to HTTP Web Debugging with Fiddler Session Code: HTM-08 Eric Lawrence Program Manager - IE Microsoft Corporation The Devil Went Down to HTTP: Debugging with Fiddler Eric Lawrence Fiddler is a popular and extensible web debugger used to debug traffic from any web browser or client, including applications running on Windows Phone 7. In this session, we’ll use Fiddler to debug common web application problems and explore how Internet Explorer 9’s features interact with the network. You’ll see how Fiddler’s new Import / Export architecture can be used to interoperate with captures in the HTTP Archive Format and captures collected by the Internet Explorer 9 F12 Developer Tools. We’ll dive deep into the powerful enhancements made to the AutoResponder, and use it to debug issues even while working offline. The latest features in the standalone FiddlerCap capture tool will be demonstrated, and I’ll conclude by explaining how to integrate the FiddlerCore library into your automated testing processes. Code: HTM08The Devil Went Down to HTTP: Debugging with Fiddler Eric Lawrence Fiddler is a popular and extensible web debugger used to debug traffic from any web browser or client, including applications running on Windows Phone 7. In this session, we’ll use Fiddler to debug common web application problems and explore how Internet Explorer 9’s features interact with the network. You’ll see how Fiddler’s new Import / Export architecture can be used to interoperate with captures in the HTTP Archive Format and captures collected by the Internet Explorer 9 F12 Developer Tools. We’ll dive deep into the powerful enhancements made to the AutoResponder, and use it to debug issues even while working offline. The latest features in the standalone FiddlerCap capture tool will be demonstrated, and I’ll conclude by explaining how to integrate the FiddlerCore library into your automated testing processes. Code: HTM08

    2. What’s New Fiddler Improvements >400 bugfixes and features since MiX 2010 Major UI speed improvements (10x-200x) New browsers, devices, and scenarios

    3. Basic Architecture Fiddler is a web proxy, typically proxying traffic only for applications running on the local computer. It can, however, act as a general HTTP(S) proxy.Fiddler is a web proxy, typically proxying traffic only for applications running on the local computer. It can, however, act as a general HTTP(S) proxy.

    4. Taking a Quick Tour Announcing a new version, v2.3.3 Follow along @ www.getfiddler.com... Improved Statistics tab Log Tab Filters, in particular, as well as what’s 3rd party, etc.Improved Statistics tab Log Tab Filters, in particular, as well as what’s 3rd party, etc.

    5. What’s new with Browsers Internet Explorer 9 and Firefox 4

    6. Firefox 4 adds support for System Proxy Setting

    7. Proxying Localhost Traffic with IE9 http://www.fiddler2.com/fiddler/help/hookup.asp#Q-LocalTraffichttp://www.fiddler2.com/fiddler/help/hookup.asp#Q-LocalTraffic

    8. IE9’s Accept & X-Download-Initiator headers FiddlerObject.UI.lvSessions.AddBoundColumn ("Reason", 50, “@request.X-Download-Initiator"); cols add @request.Accept cols add @request.X-Download-Initiator Talk about the IE9 Accept header changes and the cross-origin CSS requirement FiddlerObject.UI.lvSessions.AddBoundColumn ("Reason", 50, “@request.X-Download-Initiator"); cols add @request.Accept cols add @request.X-Download-Initiator Talk about the IE9 Accept header changes and the cross-origin CSS requirement

    9. F12 Developer Tools Web debugging with IE9

    10. Network Captures with F12 Developer Tools

    11. F12 Network Tab compared to Fiddler

    12. Import / Export architecture Fiddler’s Import/Export architecture http://www.fiddler2.com/fiddler/dev/isessionexport.asp Note, Chrome’s “Export all to HAR” option simply copies to your clipboard.Fiddler’s Import/Export architecture http://www.fiddler2.com/fiddler/dev/isessionexport.asp Note, Chrome’s “Export all to HAR” option simply copies to your clipboard.

    13. Devices and Scenarios Windows Phone 7

    14. Fiddler as a (device-agnostic) shared proxy

    15. Windows Phone 7 http://fiddler2.com/phone http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspxhttp://fiddler2.com/phone http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx

    16. Reverse Proxy Mode For cases where you can’t adjust the proxy on the client, you can run Fiddler in Reverse-Proxy ModeFor cases where you can’t adjust the proxy on the client, you can run Fiddler in Reverse-Proxy Mode

    17. Understanding HTTPS Debugging secure traffic

    18. HTTPS Tunnels Proxies cannot normally “see” HTTPS requests

    19. Simpler HTTPS Decryption Export to Desktop for Firefox Added "fiddler.network.https.NoDecryptionHosts" list and UI. Cleanup certificate storeExport to Desktop for Firefox Added "fiddler.network.https.NoDecryptionHosts" list and UI. Cleanup certificate store

    20. Traffic Modification

    21. HTTPS Traffic Modification Having fun with AnyWHERE http://www.fiddler2.com/fiddler2/extensions.asp#anywherehttp://www.fiddler2.com/fiddler2/extensions.asp#anywhere

    22. Filters Tab New “Heat Map” Break on XMLHttpRequest Smarter Trimming feature

    23. Timeline Tab Use the Timeline tab to explore and optimize the loading of your site. Right-click the Timeline to select between “Timeline”, “Client PortMap” and “Server PortMap” http://blogs.msdn.com/b/ieinternals/archive/2011/03/26/https-and-connection-close-is-your-apache-modssl-server-configuration-set-to-slow.aspxhttp://blogs.msdn.com/b/ieinternals/archive/2011/03/26/https-and-connection-close-is-your-apache-modssl-server-configuration-set-to-slow.aspx

    24. Regular Expression Support

    25. ImageView Inspector IE8 supported 32kb DataURIs IE9 supports up to 4gb DataURIs.IE8 supported 32kb DataURIs IE9 supports up to 4gb DataURIs.

    26. SyntaxView Inspector http://www.fiddler2.com/Fiddler2/extensions.asphttp://www.fiddler2.com/Fiddler2/extensions.asp

    27. Cache Inspector

    28. QuickExec Method =POST or =GET Response code =404 MIME type select image/jp

    29. Editing Preferences with about:config

    30. Request Builder Redirect chasing Automatic authentication Sequential URL Crawling With Request Builder, I’ll show Meddler demo, including the dumping of raw files to the desktopWith Request Builder, I’ll show Meddler demo, including the dumping of raw files to the desktop

    31. Fiddler’s Enhanced AutoResponder Drag / drop entire folder structure FARX Bulk updates *drop Latency *delay:###ms // AutoResponder now supports *redir: and HTTP/HTTPS URL overrides // AutoResponder now supports *exit // AutoResponder now supports NOT: rules Drag / drop entire folder structure FARX Bulk updates *drop Latency *delay:###ms // AutoResponder now supports *redir: and HTTP/HTTPS URL overrides // AutoResponder now supports *exit // AutoResponder now supports NOT: rules

    32. The Fiddler AutoResponder – Drag and Drop

    33. What’s new with Add-Ons http://getfiddler.com/addons

    34. HTML Analyzer Inspector

    35. WCF Binary Inspector http://code.msdn.microsoft.com/wcfbinaryinspectorhttp://code.msdn.microsoft.com/wcfbinaryinspector

    36. StresStimulus Load Testing By Stimulus Technology http://getfiddler.com/addonshttp://getfiddler.com/addons

    37. intruder21 Web Fuzzer By yamagata21 http://yamagata.int21h.jp/tool/intruder21/http://yamagata.int21h.jp/tool/intruder21/

    38. Watcher & x5s Security Auditors http://websecuritytool.codeplex.com/ http://xss.codeplex.com/http://websecuritytool.codeplex.com/ http://xss.codeplex.com/

    39. FiddlerCore

    40. Integrating FiddlerCore

    41. Updated FiddlerCap FiddlerCap allows non-technical users to easily capture SAZ archives which can be emailed to developers or experts for analysis. FiddlerCap is available from http://www.fiddlercap.com. http://fiddler.wikidot.com/saz-files Session Archive Zip files contain: Request and response bytes Timing and other metadata HTML index file For security, SAZ files may be encrypted. FiddlerCap allows non-technical users to easily capture SAZ archives which can be emailed to developers or experts for analysis. FiddlerCap is available from http://www.fiddlercap.com. http://fiddler.wikidot.com/saz-files Session Archive Zip files contain: Request and response bytes Timing and other metadata HTML index file For security, SAZ files may be encrypted.

    42. http://live.visitmix.com/mix11http://live.visitmix.com/mix11

More Related