There are many examples of various tools to monitor and analyze HTTP/HTTPS traffic on the software market, and each one has its own features.
Fiddler software has become very popular among testers in recent years.
It’s impossible to describe all features of this tool but we can highlight its main functions, used by testers on a daily basis.
What is Fiddler Classic?
Fiddler Classic is up-to-date cross-platform proxy-server software, used to debug HTTP.
It can help to analyze HTTP, HTTPS, and activated traffic of a TCP port, that can be accessed from a local PC, to it, or through it.
These are requests/responses and metadata (such as cookies), with parameters aimed at helping developers and testers while they are analyzing connections and sharing information.
And now let’s talk about a method to activate Fiddler.
Installation and launch
So we can download the software here: https://www.telerik.com/download/fiddler and then install this web product.
Note! If you are lucky to have Linux or macOS, you will need to go to a special section to download a special version, Fiddler Everywhere (https://www.telerik.com/download/fiddler-everywhere).
In this article, we will analyze Fiddler developed for Windows.
Selecting a browser to undergo a sniffing process
First of all, you need to select a browser you will work with.
We will use Mozilla Firefox as an example.
For this, you need to open browser settings and select the one you need from the suggested list.
Starting web traffic sniffing
When we have selected an appropriate browser, we will need to install an appropriate certificate.
For this, we need to move to the Tools>Options tab.
Next, you will see a dialogue box where you will need to select the HTTPS tab.
Then you will need to select the “Decrypt HTTPS traffic” parameter.
And the next step is to accept the installation of an appropriate certificate.
And when we have installed an appropriate certificate, we will need to open a website we are testing (for instance, example.com) in a browser.
On the left, in the info section, we can see all available requests to the api.example.com host.
We will need to select one request from numerous requests that will be displayed.
To decode a response, we will need to click on “Response body is inclosed. Click to decode”.
Operations performed on web requests
On the right, in a dialogue box, where request and response are located, we can see a line with additional tools.
We will analyze some of them in detail (graphically)
Statistics — it helps to analyze different statistics not only by sending one request but also by sending a grouped list.
Inspectors — helps to view titles and request’s info in different ways.
Filters — gives a possibility to perform analysis by sending a certain request.
Timeline — graphical displaying of executed requests according to a timeline.
In this article, we have tried to analyze some functions of this software, used by QA engineers of mobile and web applications.
But still, you don’t need to use only one tool, you should use different software and try to find the best fit for each case.