Fiddler tutorial – How to use Fiddler

2. Download Fiddler

Fiddler is a Windows Forms application, available for Windows XP and later, go to download page http://www.fiddler2.com/fiddler2/, there have two versions fiddler2 and fiddler4 available, fiddler2 was written in .Net 2, fiddler4 was higher, please choose either the one to download.

3. Install Fiddler on your client machine

After downloaded, double-click the exe file and agree with the installation license, follow the step-by-step wizard to complete the installation, during installing, you may be asked to close all browsers.

4. Start Fiddler

Lunch the shortcut of Fiddler from from Start > All Program, you will see the below main Fiddler UI, when starting Fiddler, it will automatically check the latest version against the Fiddler server and ask you upgrade if there have new version available.

5. Use Fiddler to Capture HTTP or HTTPS traffic

5.1 Check overall Web sessions

Use Internet Explorer or Mozilla FireFox, open a web page that sends a request via the explorer, we will instantly see a list of the web requests in the web sessions panel, while, if you visit more web pages, the recorded requests  will continue growing and keep in order.

The web sessions show all HTTP and HTTPS sessions captured by Fiddler, the messages include certain key information:

• # – An ID# of the request generated by Fiddler for your convenience
• Result – The Result code from the HTTP Response
• Protocol – The Protocol (HTTP/HTTPS/FTP) used by this session
• Host – The hostname of the server to which the request was sent
• URL – The path and file requested from the server
• Body – The number of bytes in the Response body
• Caching – Values from the Response’s Expires or Cache-Control headers
• Process – The local Windows Process from which the traffic originated
• Content-Type – The Content-Type header from the Response
• Custom – A text field you can set via scripting
• Comments – A text field you can set from scripting or the session’s context menu

The each type of item have an own icon on the left hand, the below is the list of the all icons.

Of course, It’s just an overall summary list, it give a generic sense that we can choose what we want.

5.2  Check Fiddler Inspectors

If you double click on a HTTP session, the Inspectors tab on right hand will be displayed, it visualize requests or response content in meaningful ways. In the top half of the right hand side is the request what was sent to server, there have multiple tabs of view where show format message and data(Headers, Text View, web forms, HexView, Auth, Cookies, Raw, JSON and XML). The first one is header, it logged cache, Client, Cookies/Login, Miscellaneous and Transport, these infos are particular helpful to troubleshoot.

Request Inspectors
[RW] Headers Shows request headers and status.
[RW] TextView Shows the request body in a text box.
[RW] HexView Shows the request body in a hexadecimal view.
[RO] XML Shows the request body as an XML DOM in a tree view.
Response Inspectors
[RW] Transformer Removes GZip, DEFLATE, and CHUNKED encodings for easier debugging.
[RW] Headers Shows response headers and status.
[RW] TextView Shows the response body in a text box.
[RW] HexView Shows the response body in a hexadecimal view.
[RO] ImageView Shows the response body as an Image. Supports all .NET image formats.
[RO] XML Shows the response body as an XML DOM in a tree view.
[RO] Privacy Explains the P3P statement in the response headers, if present.

The bottom half is the response tab, this is the entire response being sent back to the client browser, it may possible be HTML page, image, JSON string, Cascading Style Sheet (CSS) and other resources, we can click textview, syntaxview, Imageview and other clickable tab to view it in different format, the below example demos we syntax view the html source page of this site.

5.3  Check statistics of the request