I need to update the response value of my saved fiddler session.Suppose i have a saved a fiddler session of any service which has 10-20 methods in it.
Now I want to update the request value(e.g hostname) in my saved fiddler session and want to replay it sequentially.
You can easily write script that modifies any aspect of Sessions. Click Rules > Customize Rules. Inside the Handlers class add a new block like e.g.
public static ContextAction("Set MIME...")
function dosetmime(oS: Session[])
{
var s = FiddlerObject.prompt("Enter the Content-Type value", "image/jpeg", "Set MIME");
for (var i: int=0; i<oS.Length; i++)
{
oS[i].oResponse["Content-Type"] = s;
}
}
Save the script and you now have a new Context Menu command "Set MIME" that changes the response Content-Type header of each selected Session.
Related
I've got a site that accepts file uploads which are sent as multipart/form-data within a POST request. To verify that the upload, which shows the filename afterwards, is secured against XSS I want to upload a file which contains HTML Tags in the filename.
This is actually harder than I expected. I can't create a file containing < on my filesystem (Windows). Also, I don't know a way to change the filename of the file input element inside the DOM before the upload (which is what I would do with normal/hidden inputs). So I thought about editing the POST body before it's uploaded, but I don't know how. Popular extensions (I recall Tamper Data, Tamper Dev) only let me change headers. I guess this is due to the plugin system of Chrome, which is the Browser I use.
So, what's the simplest way of manipulating the POST requests body? I could craft the entire request using cUrl, but I also need state, lots of additional parameters and session data etc. which gets quite complex... A simple way within the Browser would ne nice.
So, while this is not a perfect solution, it is at least a way to recreate and manipulate the form submit using FormData and fetch. It is not as generic as I'd like it to be, but it works in that case. Just use this code in the devtools to submit the form with the altered filename:
let formElement = document.querySelector('#idForm'); // get the form element
let oldForm = new FormData(formElement);
let newForm = new FormData;
// copy the FormData entry by entry
for (var pair of oldForm.entries()) {
console.log(pair[0]+': '+pair[1]);
if(typeof(pair[1]) == 'object' && pair[1].name) {
// alter the filename if it's a file
newForm.append(pair[0],pair[1],'yourNewFilename.txt');
} else {
newForm.append(pair[0],pair[1]);
}
}
// Log the new FormData
for (var pair of newForm.entries()) {
console.log(pair[0]+': ');
console.log(pair[1]);
}
// Submit it
fetch(formElement.action, {
method: formElement.method,
body: newForm
});
I'd still appreciate other approaches.
I want to ask you if it is possible in SOAPUI to alter a mock response, and link it to the real web service operation in which the MockService is based on.
I need to do that because within SOAPUI I can reach to external webservices; BUT for security/configuration reasons, I can’t access to this external webservices inside my local code in my Eclipse (I have tried several proxy configurations in my Eclipse without success).
What I want to do is to pass the request that reach to the mock service to the original web service and return the response without manipulation.
You can create a mockService in SOAPUI to redirect your request to a 3rd party service as follows:
First creat a mockService in your project: right click on your project > New SOAP MockService
Then creat a mockOperation on it: right click on your MockService > New MockOperation
Inside your mockOperation there is a request created, open it an put for example the follow code as a response: ${myResponse}. This name is bind to a variable which will fill then with a script.
Finally open your mockOperation and use the follow script to hit your 3rd party service redirecting the original request:
final HttpURLConnection connection = 'http://yourService:8080'.toURL().openConnection()
connection.setDoOutput(true)
// copy the headers
mockRequest.getRequestHeaders().each { name, value ->
connection.setRequestProperty(name,value.toString())
}
// write the request
connection.outputStream.withWriter { Writer writer ->
writer << mockRequest.requestContent
}
// get the response
String response = connection.inputStream.withReader { Reader reader -> reader.text }
// set the response in your variable
requestContext.myResponse = response
Hope this helps,
I finally did it turning 'Dispatch' to SCRIPT and adding this script:
// import all the namespaces to trim the lines of codes
import com.eviware.soapui.impl.wsdl.WsdlProject
import com.eviware.soapui.impl.wsdl.WsdlInterface
import com.eviware.soapui.impl.wsdl.WsdlRequest
import com.eviware.soapui.impl.wsdl.WsdlSubmitContext
import com.eviware.soapui.impl.wsdl.WsdlSubmit
import com.eviware.soapui.model.iface.Response
import com.eviware.soapui.model.mock.MockResponse
// get reference to project
WsdlProject project = (WsdlProject)mockOperation.mockService.project
// get reference to request
WsdlRequest request = (WsdlRequest)project.interfaces["TheRealWebService"].operations["TheRealOperation"].getRequestByName("TheRealRequest")
// set request content from incoming mockRequest
request.setRequestContent(mockRequest.getRequestContent())
// submit request asynchronously
WsdlSubmit submit=request.submit( new WsdlSubmitContext( request ), false )
// wait for the response
Response response = submit.getResponse();
// get reference to MockResponse
MockResponse mockResponse=mockOperation.getMockResponseByName("Response1")
// set the mock response content from response received by the request.
mockResponse.setResponseContent(response.getContentAsString())
I want to save all png images that are loaded along with some webpage into a separate folder.
I am using below code with in Fiddler Script [CustomRules.js].
static function OnBeforeResponse(oSession: Session)
{
if(oSession.url.EndsWith(".png"))
{
oSession.SaveResponseBody();
}
//Actual content of OnBeforeResponse function.
}
Problem here is, I was unable to find any image got saved within Program files/Documents.
Where do “SaveResponseBody()” will save the HTTP Response Body?
Can we give our own custom folder?
My Fiddler version is (v4.4.5.6)
The default SaveResponseBody() method saves the files to your \Documents\Fiddler2\Captures\ folder. If you want to use a different name, use the overload that accepts a filename. You should check the Response's status code is 200 to ensure that you're not trying to save off HTTP/304 responses which won't contain a body. Also, rather than looking at the URL, you probably want to check the response's type.
So you end up with something like this:
if ((oSession.responseCode == 200) &&
oSession.oResponse.headers.ExistsAndContains("Content-Type", "image/png"))
{
SaveResponseBody("C:\\temp\\" + oSession.SuggestedFilename);
}
Note: The manual way of doing this would be to go to the QuickExec box below the Web Sessions list, type select png and hit Enter, then click File > Export > Selected Sessions > Raw Files.
I have a class that models exactly the entity I have in the database. I have a stored procedure that takes in parameters for a new row and returns all the settings in the table which in turn populates my repository. I am able to see the results of GET, PUT and DELETE in the List of type Setting that is in memory. I am noticing first that even when I close Visual Studio and reopen and run the project, sometimes, the List is still in the state it was before. It is not repopulating from the database so I'm not sure why that is first of all... Secondly, I can't seem to get POST to work from Fiddler unlike the other HTTP verbs. I DO see the values from Fiddler show up in the code below but I get the error: Invalid URI: The format of the URI could not be determined. I get the same error if I pass an ID or not.
Here is what I put into Fiddler:
POST localhost:54852/api/settings
Request Headers
User-Agent: Fiddler
Content-type: application/x-www-form-urlencoded
Host: localhost:54852
Content-Length: 149
Request Body
ID=0&Category=Dried%20Goods&Sub_Category=Other&UnitSize=99&UnitOfMeasureID=999&Facings=true&Quantity=true&EverydayPrice=999.99&PromotionPrice=111.11
PostSetting function within my SettingsController
public HttpResponseMessage PostSetting(Setting item)
{
item = repository.Add(item);
var response = new HttpResponseMessage<Setting>(item) { StatusCode = HttpStatusCode.Created };
string uri = Url.Route("DefaultApi", new { id = item.ID });
response.Headers.Location = new Uri(uri);
return response;
}
Should I create a new procedure that gets the MAXID from the database and use that as the NEW ID in the line above where a new ID is created?
You need to create a JSON representation of the Setting class or item that you are wanting to test with use Fiddler (now a Telerik product) and use the Composer tab.
Next you will want to perform a POST to the following URL:
http://[your base url]/api/settings
and pass the JSON formatted setting class.
You can see an example of this here: ASP.NET Web API - Scott Hanselman
Here is a short video showing how to achieve it easily
get and post to webapi from fiddler
Is there a way to filter out certain processes in Fiddler? Its very noisy currently, and I don't want it to show just one process.
The built-in Show only traffic from option is useful if your process never exits and always has the same PID. In my case, my HTTP client was starting and exiting frequently, so I added this custom FiddlerScript.
Go to Rules > Customize Rules... to start editing CustomRules.js.
Add this inside the Handlers class
class Handlers
{
RulesString("&Process filter", true)
RulesStringValue(0, "&Chrome", "chrome")
RulesStringValue(1, "&Firefox", "firefox")
RulesStringValue(2, "&Internet Explorer", "iexplore")
RulesStringValue(3, "&Opera", "opera")
RulesStringValue(4, "&PhantomJS", "phantomjs")
RulesStringValue(5, "&Custom...", "%CUSTOM%")
public static var sProcessName: String = null;
// leave the rest of the Handlers class as-is
}
Add this inside the OnBeforeRequest function
static function OnBeforeRequest(oSession: Session) {
if (null != sProcessName) {
var processInfo = oSession["X-PROCESSINFO"];
if(!processInfo || !processInfo.StartsWith(sProcessName + ":")){
oSession["ui-hide"] = "true";
FiddlerObject.StatusText = " Process filter: " + sProcessName;
}
}
// leave the rest of the OnBeforeRequest function as-is
}
Fiddler will apply your changes as soon as you save the CustomRules.js file.
To use, go to Rules > Process Filter and choose a browser, or use Custom and type in your executable's basename (e.g. iexplore).
Filtering applies to requests that start after you choose a process. Previous requests and Fiddler Composer requests are not affected.
Basically a duplicate of Filter Fiddler traffic . Just go to the Filters tab in Fiddler and then the "Client Process" fieldset and then choose "Show only traffic from " and choose the appropriate process.