Background: I'm trying to send a request through cy.request and I get a different response from what I receive when I send a presumably similar request through PostMan. According to the debug information that Cypress writes to the console, I couldn't spot the difference. Therefore I wanted to look at Fiddler and see if I can spot the difference when looking at the raw requests side by side.
However, when I opened Fiddler I realized that I don't see any traffic from it, including the navigation to the home page using cy.visit().
Any ideas why I can't see the traffic in Fiddler, and if there's some way to capture it?
Fiddler is a proxy, it has to be explicitly used by an application, otherwise it will not be recogized by Fiddler.
There are three reasons that often cause that traffic is not visible in Fiddler:
The Windows application explicitly ignores the Windows/IE proxy settings. Usually such apps have an own proxy configuration. Configure it manually to use Fiddler. A common example of such an application is Firefox.
If you have activated the "Act as system proxy at startup" Fiddler changes the proxy settings while running. Any application that is already running when Fiddler starts may have already cached the old proxy configuration and therefore does not use Fiddler. Therefore start Fiddle before any program you want to capture.
The setting "Act as system proxy at startup" is AFAIK user specific, therefore any apps running on a different user or service account are not affected. You have to manually configure them to use Fiddler.
Cypress does not actually make an XHR request from the browser. Cypresd making the HTTP request from the Cypress Test Runner (in Node). So, you won’t see the request inside of your Developer Tools or filddler
Related
I deployed an application (let's say app1) in GKE with a service, deployment and certificate setup in an existing cluster with Jenkins and another app (let's say app2).
The other app is deployed in the same way as the new one, with a certificate (and a static IP and DNS entry).
Jenkins is not exposed to an external IP, so I used to use the port forward option in the cloud console and then web preview - this creates an appspot URL which alloww me to login to the web admin.
Something strange happened after I deployed app2.
I tested it with the webpreview button and could reach it.
All was fine and it was accessible at the new URL with HTTPS and all.
But after that, the web preview to Jenkins was not working anymore.
Instead, I would be redirected to app2, always.
I could not figure out why, so I removed everything from app2 and now I have some very strange situation:
in the (Chrome) browser where I did most of the actions, I can still access the (broken) app on both the FQDN in DNS and on the appspot link ( https://8080-dot-1234567-dot-devshell.appspot.com/ even after I reboot, clear cache and logout the google account (and removed the statis IP even) - the port forward actions works and gives the above link (with other numbers)
in another (Chromium) browser on the same laptop running Ubuntu, the portford action works, but when clicking the link in the browser it does not generate another appsot url and fails with a 500 error screen
After reading up a bit, I understand there is some proxy that is used to do the forward, I expect the proxy to be 'hanging' some how and on top of that it seems there are application left overs in the cluster that should really not be there
I have basic support currently, so not eligable for technical support.
I cannot find a manual way to access the appspot proxy and I found no load balancer or any other thing I know of that may cause this.
If I run the portfoward in the cloud shell in the second browser, I can curl to the localhost on the exposed port and get Jenkins, so that part seems to work, but the web preview then does not.
How can I go about troubleshooting this (meaning getting back to the web preview working for Jenkins and getting rid of the application left overs)?
I actually found the cause of this issue with the help of a colleague.
The second application I deployed was Yopass.
It turned out that it uses a serviceworker, that cached (almost) everything in the browser, including most of the application, I suppose to run offline.
Although I tried clearing cache in the network tab in developer options, I still had this behaviour which made me think it was not a cache issue.
After removing all cache in the applications tab for both the FQDN url and the appspot domain, behavior went back to normal.
I was not able to fix it in the other browser yet, but I suppose that is cache too. Thanks for the help, I consider this solved.
I want to capture traffic from a host using HTTP, but I do not see a response coming back. If I close fiddler, my application runs as normal.
I see '-' in the Result section, where it should have been an HTTP response code. If I manually execute the request using Composer, I get a 200 response. Fiddler is able to capture traffic from all other web applications without issue.
I have installed Fiddler certificate. Troubleshooting Mode returns 200. The host does not use HTTPS, but I have enabled Capture HTTPS Connects anyways.
I am using Fiddler v5.0.20182
Some applications performs certificate pinning. Also web applications can perform certificate pinning e.g. via HTTP Public Key Pinning (HPKP). If you have ever used the web application in your browser without Fiddler, the web app public key has been downloaded and cached in the web-browser.
Afterwards the Fiddler root certificate is no longer accepted for that site/app even it it has been installed correctly. You should be able to identify such problematic connections in Fiddler if you only see a CONNECT request but no subsequent requests to the same domain.
To delete the HPKP in your web browser you should use a fresh profile or clear the complete browser cache. Afterwards only use it with activated Fiddler proxy and SSL decryption. As far as I know Fiddler will remove HPKP data from responses so that the web application should also work with Fiddler in between.
I think you should be able to uncheck the options for https, uncheck the boxes which appear checked here? Or you might be able to skip decryption by adding the host in the box below where it says Skip decryption for the following hosts
I'm using Eclipse to develop an app that consists of an Angular 2 front end and a Java REST back end.
For the front end, I'm using the Angular CLI plugin, which starts the app by issuing an ng serve command to the CLI. This command sets up an http server on port 4200.
For the back end, I'm using an in-company framework that launches in Jetty within Eclipse in port 8088.
While both these ports are configurable, by nature of the frameworks and plugins in use, they'll always be distinct.
Authentication works via an OAuth2 service that is also deployed to port 8088, as part of the framework. This service sets a cookie which certifies the browser session as authenticated. I have verified that this service works correctly by testing it against a Swagger instance of the REST API (also running in 8088 as part of the same framework).
The problem is that when the browser is aimed at the Angular 2 app on :4200, its internal REST API requests to :8088 aren't carrying the authentication cookie. Presumably, this is because of cross-site protection.
Is there any way for the app or the framework to tell the browser that these two "sites" are actually part of the same system?
Alternatively, if I have to configure the dev browser (Chrome) to work, I can live with that too. However, I've tried the --disable-web-security --user-data-dir recommendation, but the cookie still doesn't show up on the requests.
Lastly, I have Apache installed on the dev machine. If I can set up appropriate vhosts and use it as a proxy so that the browser thinks it's all the same, that would probably work too. It would just be a matter of intercepting all /swagger and /api requests and sending them to :8088, and all forwarding all other requests to :4200. However, I've been banging my head against mod_rewrite and mod_proxy and haven't been able to come up with anything that works.
I think what you're looking for is
withCredentials = true
https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
I have a Web API application running locally. When I access it through a browser, the requests are visible in Fiddler. When I do it through the Advanced Rest Client for Chrome - nothing appears in Fiddler.
I am using IIS Express with localhost.
How do I make requests issued by ARC visible in Fiddler?
I tried with https://graph.facebook.com/test and it worked fine for me after making some setup changes. Here is what I have setup:
IE > Internet options > Connection > Lan Settings >
a. Automatically detect - Check
b. Use proxy server for your lan - check with fiddler host and port for http/s
Advanced Rest Client with ARC ( Without ARC it wont even be able to connect)
Fiddler > File > Capture Traffic
It worked even for the extension Postman (without even needing ARC).
Can you try these?
I am creating a screen scrapping application which uses web whataspp. I want to know how the messages are being posted. I installed fiddler and enabled https and tweaked the certificates settings in it. I am unable to get any traffic from web.whatsapp.com, but fiddler is able to capture requests and responses of other websites(http, https). Please help.