In this five-part article series, you will learn how to manipulate your API behavior with a local proxy server. After an introduction, learning how to set up and configure Charles Proxy, and seeing it in action, we are now taking a look at the Fiddler setup and configuration.

Article series

  1. Introduction
  2. Charles Proxy Setup & Configuration
  3. Charles Proxy in Action
  4. Fiddler Setup & Configuration
  5. Fiddler in Action

For Windows, you have to download the setup file and follow the instructions.

For macOS and Linux, you need to have the Mono framework installed on your machine. Make sure to install Mono version 5.18 as Fiddler cannot decrypt SSL connections on newer versions. Telerik is currently re-implementing Fiddler's features in a new project called Fiddler Everywhere, which is not yet rich enough of features as we would need it.

To execute Fiddler on macOS, you have to follow two steps:

  1. Accept the xcodebuild license by executing on the terminal: sudo xcodebuild -license
  2. Start Fiddler with the 32-bit command: mono --arch=32 Fiddler.exe

The first run can take a couple of minutes. Once Fiddler starts, you will be prompted for your password so that Fiddler automatically sets up your system proxy.

On Linux, you have to set up your system proxy settings manually. You can either

  • set your $http_proxyand $https_proxyenvironment variables to localhost:8888 or
  • install a browser add-on for easy toggling between proxy on/of just for browser traffic.

SSL Decryption

For HTTPS traffic inspection, you need to set up SSL decryption in an extra step. When enabled, Fiddler opens encrypted channels on its own and acts as a middleman. Fiddler's certificate has to be trusted to avoid security errors.

On Windows, click "Tools" → "Options" → "HTTPS". Check "Decrypt HTTPS traffic" and then select "Actions" → "Trust Root Certificate".

Fiddler: SSL decryption settings

On Linux, this option creates an error. Instead, you have to trust the certificate manually. To do so, select the action "Export Root Certificate to Desktop". Then execute the following commands:

$~ sudo mv Desktop/FiddlerRoot.cer /etc/ca-certificates/trust-source/anchors/FiddlerRoot.cert
$~ sudo trust extract-compat

Then restart Fiddler and your browser.

On macOS, please follow this guide.

Recording Your Traffic

Fiddler has the recording feature turned on by default, so you will probably see much recorded traffic already.

Fiddler traffic recordings

To get rid of the noise, you can activate a filter to focus completely on your project's traffic. On the right side, select the tab "Filters". Then check "Use Filters", select "Show only the following Hosts" and enter your API's domain.

Fiddler filter settings

Deactivate Caching

Like in Charles Proxy, you need to disable caching to get any response bodies. In the menu bar, click "Rules" → "Performance" → "Disable Caching".

Fiddler disable caching

The next and final article of this series will show you Fiddler in action.

Don't miss out on news about Tools & more

Subscribe to our free monthly newsletter for our experts' latest technical articles about Angular, .NET, Blazor, Azure, and Kubernetes.

Please enter a valid email address.

Related Articles

tools
Fiddler in Action: Mocking and Manipulating API Behavior With a Local Proxy Server - Part 5
In this five-part article series, you learn how to manipulate your API behavior with a local proxy server. So far, this series has covered an introduction, taught you how to set up and configure Charles Proxy, and you have seen it in action. After presenting the Fiddler setup, we…
Thinktecture Team
tools
Charles Proxy in Action: Mocking and Manipulating API Behavior with a Local Proxy Server - Part 3
In this five-part article series, you will learn how to manipulate your API behavior with a local proxy server. After setting the scene with an introduction and learning how to set up and configure Charles Proxy, we will now take a look at Charles Proxy in action. You will gain…
Thinktecture Team
tools
Charles Proxy Setup & Configuration: Mocking and Manipulating API Behavior With a Local Proxy Server - Part 2
In this five-part article series, you will learn how to manipulate your API behavior with a local proxy server. After setting the scene with an introduction, we will now learn how to set up the Charles Proxy and its configuration Article series Introduction Charles Proxy Setup…
Thinktecture Team
tools
Introduction: Mocking and Manipulating API Behavior With a Local Proxy Server - Part 1
When it comes to developing against an HTTPS/REST API, which we do not control ourselves, we face many problems regularly. Issues and hard to provoke edge cases may include a wrong implementation, an incomplete implementation or connection problems (dial-in issues, dropping…
Thinktecture Team