When a browser needs to send a HTTPS request through a proxy (like Fiddler), there’s a bit of a problem. The proxy needs to know where to send the client’s request, but the whole point of protecting traffic with HTTPS is that the content is encrypted and cannot be read by anyone else on theContinue reading “Understanding CONNECT Tunnels”
Author Archives: ericlaw
The Sad State of HAR
Spring 2017 Update: Some of these issues have been fixed. The HTTP Archive Format (HAR) was designed to allow tools to exchange network traffic using a standard format; this format is akin to Fiddler’s Session Archive Zip format but is supported natively by browser developer tools. Unlike SAZ files, it is not compressed by default,Continue reading “The Sad State of HAR”
Reset Fiddler’s HTTPS certificates
I’ve made changes to the latest versions of Fiddler to improve the performance of certificate creation, and to avoid problems with new certificate validation logic coming to Chrome and Firefox. The biggest of the Fiddler changes is that CertEnroll is now the default certificate generator on Windows 7 and later. Unfortunately, this change can causeContinue reading “Reset Fiddler’s HTTPS certificates”
DotNet Makes Me Sad, In Pictures
.NET Framework KB 3088956: Ouch, that sounds pretty severe. I guess I’d better go manually install a hotfix? Seriously? An email address and a CAPTCHA? Fine. Oh, an email delivered HTTP URL pointed at an executable file? That seems totes legit. Yup, definitely legit, it says “Microsoft” right there at the top! Sure, let’s putContinue reading “DotNet Makes Me Sad, In Pictures”
The Budget
“Don’t tell me what you value, show me your budget, and I’ll tell you what you value.” – Joe Biden Across the political spectrum, Americans have thoughts on how the government should spend the money we send its way. That’s great (and it’d be better if more of us voted), but many arguments about spendingContinue reading “The Budget”
text/plain 