Fiddler and IE (Metro mode) in Windows 8 problem

[Vasiliy Alchakov]

I have created small proxy application based on Fiddler core. All works fine with Windows XP/Vista/Seven. But I have a problem with Windows 8. Application works as windows service and works correctly if I use IE web-browser that started from desktop. But if I try to navigate to the same URL via IE that started in Metro mode, the IE show an  error window.

If I have disabled the proxy setting for IE from desktop IE, the IE in Metro mode works fine.

So my questions is: Is it Fiddler supports work with Internet Explorer that started in Metro mode? If yes, can you direct me, how to set proxy settings for IE in Win8 that started in touch Mode?

Thanks in advance.

[EricLaw]

Please read http://blogs.msdn.com/b/fiddler/archive/2011/12/10/fiddler-windows-8-apps-enable-loopback-network-isolation-exemption.aspx for an explanation.

[Vasiliy Alchakov]

Hello Eric,

Thanks a lot for your post above.

I solved my problem by adding a command execution

CheckNetIsolation.exe LoopbackExempt -a -n=windows_ie_ac_001

while my software has been installed on user PC and

CheckNetIsolation.exe LoopbackExempt -d -n=windows_ie_ac_001

while is uninstalled.

It's works for me, because I need enabled loopback only for IE.

But I'm not sure is it best approach, because the windows_ie_ac_001 name can by changed in future by the developers ща Microsoft

Regards

Vasiliy

[EricLaw]

You're correct that this works for the default Internet Explorer AppContainer, and you're also correct to note that this is a bit fragile because the AppContainer name may be different in the future. Also, I don't think Microsoft has ever documented this, but even IE10 may also have an AppContainer of a different name. That can occur if the user visits a site on their "private network" using an Internet-Zoned address and uses the notification bar to load the page in a "less restrictive" AppContainer. At that time, a new AppContainer is created to handle that site. I can't recall whether that AC is named windows_ie_ac_002 or something else.

 

One approach to be as robust as possible would be to use the Firewall APIs described in my post to exempt any AppContainers belonging to IE.

 

Also note: If your installer changes the user's PC's security posture, you absolutely must inform them of that fact. Microsoft could choose to block your application as malware otherwise.