Table of Contents
- 1. Installing Fiddler
- 2. Working with Fiddler
- 3. Configuring Fiddler to Capture HTTPS Traffic
- 4. Using Fiddler with Non-Windows Systems
- 5. Additional Information
Certain problems that involve client side calls, can be much easier to debug with a capture of the HTTP traffic going back and forth between your site, the user's browser and Gigya. When you report such problems to the Gigya support team you may be asked to provide a "Fiddler capture" of the reported problem. Fiddler is a Web Debugging Proxy that logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and others.
Fiddler only runs on Windows and requires .NET version 2 or higher to be installed on the machine. The .NET Framework can be downloaded directly from Microsoft.
Then you will have to download the latest BETA version of Fiddler from the following link: http://www.fiddler2.com/Fiddler2/version.asp. Make sure to download the beta version, not the primary version.
Working with Fiddler
When Fiddler is running, you can inspect the data transferred to and from the Gigya server by simply clicking on one of the sessions in the session list on the left.
Saving the Capture to a File
In case it is required, you can save the sessions to a file by clicking on File->Save->"All Sessions", provide a file name and save (in saz file format).
Configuring Fiddler to Capture HTTPS Traffic
Fiddler includes the ability to capture and decrypt HTTPS traffic. In order to do this, it generates its own Root Certificate and you must configure your browser to trust that certificate or it will issue an error when HTTPS traffic goes through Fiddler.
Registering the Fiddler Root Certificate in the System Certificate Store
This configuration is all that is required to capture traffic from Internet Explorer and Google Chrome:
- Enable capturing HTTPS traffic by clicking Tools > Fiddler Options > HTTPS and ticking the "Decrypt HTTPS Traffic" box.
- When you tick the "Decrypt HTTPS Traffic" checkbox in Fiddler 2.2.9+, you will see the following prompt:
- Click Yes. You will see the following prompt:
- Click Yes. Then Windows will trust your Fiddler Root certificate and certificate warnings will be suppressed in any application that relies on the Windows Certificate Store.
Configuring Firefox to Trust the Fiddler Root Certificate
The following additional steps are required in order to configure Firefox to trust the Fiddler root certificate:
- Open Fiddler 2.2.9+.
- Click Tools > Fiddler Options.
- Select the HTTPS tab, and click the 'Export Fiddler Root Certificate to Desktop' button.
- In Firefox, click Tools > Options.
- Click the Advanced button at the top.
- Click the Encryption tab.
- Click View Certificates.
- Click the Authorities tab.
- Click Import.
- Pick the .CER file from your desktop.
- Check the "Trust this CA to identify web sites" checkbox.
Using Fiddler with Non-Windows Systems
It is possible to use Fiddler to capture HTTP traffic generated by other devices like Mac computers or mobile phones. To do this you will need to setup a Windows machine and install Fiddler on it. Then enable Fiddler to accept traffic from other computers by clicking Tools > Fidder Options > Connections and ticking the "Allow remote computers to connect" checkbox.
Then, in the web browser you are using on the non-Windows device, configure the proxy settings to redirect HTTP and HTTPS traffic to the IP address of the Windows machine with Fiddler and to port 8888.
If you have any further questions about Fiddler configuration, please visit this page: http://www.fiddler2.com/Fiddler/help/