Hi :
I use fiddler for a long time,but today I just found the fiddler cannot capture https again(which is ok before)
The system is window7(bit 64) ,and fiddler version is v4.6.20173.38786
The https request comes from app (android/ios),but both android and ios client are not ok , I cannot find a session which protocol is https,but the app shows the correct data,but the data comes from the https traffic(I promise),I donot know what is the reason.I can provider you some data ...And I did the following
1. I update the fiddler to the lastest version , but it still doest not work.
2.I found the lastest fiddler is ok for http connection ,https is not ok.
I guess maybe the anti-virus software symantec results this?which I install yesterday?Please help me,thank you
The log is
-= Fiddler Event Log =-
16:03:22:2702 Fiddler.Network.ProtocolViolation - [#10] The Request's Host header did not match the URL's host component.
URL Host: 61.135.185.33
16:04:12:7551 !Cannot decode HTTP response using Content-Encoding: rc4
16:04:13:0531 !Cannot decode HTTP response using Content-Encoding: rc4
16:08:03:8423 Fiddler.Network.ProtocolViolation - [#42] Incorrectly formed Request-Line. abs_path was empty (e.g. missing /). RFC2616 Section 5.1.2
16:08:08:6816 Fiddler.Network.ProtocolViolation - [#47] Incorrectly formed Request-Line. abs_path was empty (e.g. missing /). RFC2616 Section 5.1.2
16:08:10:1896 Fiddler.Network.ProtocolViolation - [#51] Incorrectly formed Request-Line. abs_path was empty (e.g. missing /). RFC2616 Section 5.1.2
16:08:18:1621 Fiddler.Network.ProtocolViolation - [#55] Incorrectly formed Request-Line. abs_path was empty (e.g. missing /). RFC2616 Section 5.1.2
and the request session is in attachment
and the session properties is
SESSION STATE: Done.
Request Entity Size: 1225 bytes.
Response Entity Size: 752 bytes.
== FLAGS ==================
BitFlags: [ResponseGeneratedByFiddler, IsBlindTunnel] 0x1100
HTTPS-CLIENT-SESSIONID: empty
HTTPS-SERVER-CIPHER: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
HTTPS-SERVER-SESSIONID: empty
UI-BOLD: user-marked
UI-COLOR: Red
UI-OLDCOLOR: Gray
X-CLIENTIP: 192.168.191.4
X-CLIENTPORT: 53510
X-EGRESSPORT: 58728
X-HOSTIP: 101.254.100.60
X-RESPONSEBODYTRANSFERLENGTH: 0
== TIMING INFO ============
ClientConnected: 16:03:16.177
ClientBeginRequest: 16:03:16.179
GotRequestHeaders: 16:03:16.179
ClientDoneRequest: 16:03:16.179
Determine Gateway: 0ms
DNS Lookup: 0ms
TCP/IP Connect: 4ms
HTTPS Handshake: 0ms
ServerConnected: 16:03:16.183
FiddlerBeginRequest: 16:03:16.183
ServerGotRequest: 16:03:16.183
ServerBeginResponse: 00:00:00.000
GotResponseHeaders: 00:00:00.000
ServerDoneResponse: 16:06:23.016
ClientBeginResponse: 16:06:23.016
ClientDoneResponse: 16:06:23.016
Overall Elapsed: 0:03:06.836
The response was buffered before delivery to the client.
== WININET CACHE INFO ============
This URL is not present in the WinINET cache. [Code: 2]
* Note: Data above shows WinINET's current cache state, not the state at the time of the request.
* Note: Data above shows WinINET's Medium Integrity (non-Protected Mode) cache only.
SESSION STATE: Done.
Request Entity Size: 2192 bytes.
Response Entity Size: 695 bytes.
== FLAGS ==================
BitFlags: [ResponseGeneratedByFiddler, IsBlindTunnel] 0x1100
HTTPS-CLIENT-SESSIONID: 22 52 2A 8D 72 8D 55 CE 5F E3 A6 57 C8 34 FE 2D A6 29 A4 E5 E0 33 FB 4C 38 03 D2 AF 20 BE FA CC
HTTPS-SERVER-CIPHER: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
HTTPS-SERVER-SESSIONID: 22 52 2A 8D 72 8D 55 CE 5F E3 A6 57 C8 34 FE 2D A6 29 A4 E5 E0 33 FB 4C 38 03 D2 AF 20 BE FA CC
UI-BOLD: user-marked
UI-COLOR: Red
UI-OLDCOLOR: Gray
X-CLIENTIP: 192.168.191.4
X-CLIENTPORT: 53518
X-EGRESSPORT: 58731
X-HOSTIP: 101.254.100.60
X-RESPONSEBODYTRANSFERLENGTH: 0
== TIMING INFO ============
ClientConnected: 16:03:21.100
ClientBeginRequest: 16:03:21.308
GotRequestHeaders: 16:03:21.308
ClientDoneRequest: 16:03:21.308
Determine Gateway: 0ms
DNS Lookup: 0ms
TCP/IP Connect: 4ms
HTTPS Handshake: 0ms
ServerConnected: 16:03:21.313
FiddlerBeginRequest: 16:03:21.313
ServerGotRequest: 16:03:21.313
ServerBeginResponse: 00:00:00.000
GotResponseHeaders: 00:00:00.000
ServerDoneResponse: 16:03:27.134
ClientBeginResponse: 16:03:27.134
ClientDoneResponse: 16:03:27.134
Overall Elapsed: 0:00:05.826
The response was buffered before delivery to the client.
== WININET CACHE INFO ============
This URL is not present in the WinINET cache. [Code: 2]
* Note: Data above shows WinINET's current cache state, not the state at the time of the request.
* Note: Data above shows WinINET's Medium Integrity (non-Protected Mode) cache only.
SESSION STATE: Done.
Request Entity Size: 2193 bytes.
Response Entity Size: 695 bytes.
== FLAGS ==================
BitFlags: [ResponseGeneratedByFiddler, IsBlindTunnel] 0x1100
HTTPS-CLIENT-SESSIONID: 22 52 2A 8D 72 8D 55 CE 5F E3 A6 57 C8 34 FE 2D A6 29 A4 E5 E0 33 FB 4C 38 03 D2 AF 20 BE FA CC
HTTPS-SERVER-CIPHER: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
HTTPS-SERVER-SESSIONID: 22 52 2A 8D 72 8D 55 CE 5F E3 A6 57 C8 34 FE 2D A6 29 A4 E5 E0 33 FB 4C 38 03 D2 AF 20 BE FA CC
UI-BOLD: user-marked
UI-COLOR: Red
UI-OLDCOLOR: Gray
X-CLIENTIP: 192.168.191.4
X-CLIENTPORT: 53524
X-EGRESSPORT: 58732
X-HOSTIP: 101.254.100.60
X-RESPONSEBODYTRANSFERLENGTH: 0
== TIMING INFO ============
ClientConnected: 16:03:21.599
ClientBeginRequest: 16:03:21.599
GotRequestHeaders: 16:03:21.599
ClientDoneRequest: 16:03:21.599
Determine Gateway: 16ms
DNS Lookup: 0ms
TCP/IP Connect: 4ms
HTTPS Handshake: 0ms
ServerConnected: 16:03:21.604
FiddlerBeginRequest: 16:03:21.604
ServerGotRequest: 16:03:21.604
ServerBeginResponse: 00:00:00.000
GotResponseHeaders: 00:00:00.000
ServerDoneResponse: 16:06:22.058
ClientBeginResponse: 16:06:22.058
ClientDoneResponse: 16:06:22.058
Overall Elapsed: 0:03:00.459
The response was buffered before delivery to the client.
== WININET CACHE INFO ============
This URL is not present in the WinINET cache. [Code: 2]
* Note: Data above shows WinINET's current cache state, not the state at the time of the request.
* Note: Data above shows WinINET's Medium Integrity (non-Protected Mode) cache only.
The https configigration is