Now and then when you encounter a problem, you have to put on your Hacker hoodie and just go for it. That's how I discovered some of the debugging capabilities of Fiddler.
As an iOS developer - it's difficult to capture the network calls your app is making to determine why weird things are happening. After you've determined it's not your code, the next step is determining where it's coming from. Enter network sniffing.
Fiddler is a free HTTP proxy server application. Translated to English: Fiddler is an application that you can hook up your device to (through a proxy) and watch the network traffic go back and forth. There are other tools out there, like Charles for Mac, but today we're discussing Fiddler.
First, download Fiddler on your PC.
Configuration
You'll need to do some configuration to connect another device to the proxy.
Click Tools -> Fiddler Options -> Connections
Select the checkbox for Allow remote computers to connect
For HTTPS connections, click on the HTTPS tab under Fiddler Options.
Select the checkbox for Capture HTTPS CONNECTs, and the Decrypt HTTPS traffic checkbox.
You'll have to initiate the SSL Certificate for Fiddler too.
Click Actions -> Trust Root Certificate
Click OK
Restart Fiddler. After any changes, you must restart Fiddler.
Note: You may have to enable Fiddler to go through the firewall.
Connection Info
On the right side of the Fiddler window, you'll see an "Online" status. If you don't - please refer to Telerik's documentation. It's great!
If you hover over your online status, you'll see the IP address at the bottom of the window. That's the IP address you'll need for the next step.
Device Setup
Go to your device's network settings, and enable a proxy.
For server, enter the IP Address from Fiddler.
For port, enter "8888" (or whatever is in the Fiddler Options -> Connections menu.)
For HTTPS:
Go to a web browser and enter "[IPADDRESS]:8888"
You should see a "Fiddler Echo Service" page.
Download the FiddlerRoot certificate
Install & Trust the certificate
Note: It's recommended to delete the certificate when you're finished
Ta-Da!
You should now be all set to go.
Now you can capture detailed network traffic, requests and responses, and figure out where things are going awry. Use your powers for good and not evil.
Originally posted on KaydaCode
Top comments (4)
I think this is a layer of the stack that application developers often find unapproachable, or not for them. But it's pretty straightforward once you get to know the tools, thanks for the post, Kim.
I started using Fiddler a few years back, and a debugging proxy of some kind has been in my toolkit ever since. (On macOS I use Charles.) Of all the tools I've picked up over the years, Fiddler & Charles have generated by far the most "Woah! How did you do that?" reactions.
Fiddler is one of those tools that once you use it for a while, and see what it can do, you'll never want to be without it.
Definitely agree - I was extremely intimidated to get started with it, but now that I feel comfortable enough to get started, I have been able to do so much with it! I didn't include it in the article, but once I needed to replicate the API calls of an app that was no longer supported. The team didn't know any of the calls and had no documentation. So, I used Fiddler to sniff the traffic, find the calls, parameters being passed, and essentially reversed engineered the documentation. :)
I haven't tried Charles yet, but I've also heard good things.
Yep, that's pretty much the killer scenario for Fiddler. And I think if you wrote up that experience it would make a great article here. Kind of a "Level 2" after folks have had a chance to play around a bit and get used to Fiddler.
I just wish it was a little easier to get started. I've had several colleagues get excited when they see what it can do, but then give up when they see how fiddly the initial setup can be. I hope your article gets more people interested in getting past that first step!