Fiddler’s default file format is the SAZ Format, which is just a ZIP file with a particular structure (I’ve written a lot about ZIPs). Unfortunately, sometimes users’ SAZ files get corrupted due to failing disks or incomplete downloads, and when this happens, Fiddler can no longer open them. Because Fiddler uses a standard ZIP file,Continue reading “Repairing Corrupt ZIP Files”
Author Archives: ericlaw
Hashes and Code-Signing
I’ve written a few articles about using Authenticode to sign your code to help prevent attacks, increase user confidence, and reduce interference from security software like Windows SmartScreen. You can read the overview, discussion of code-signing tokens, and “tricks” you can use to shoot yourself in the foot by adding data to a file withoutContinue reading “Hashes and Code-Signing”
Understanding CONNECT Tunnels
When a browser needs to send a HTTPS request through a proxy (like Fiddler), there’s a bit of a problem. The proxy needs to know where to send the client’s request, but the whole point of protecting traffic with HTTPS is that the content is encrypted and cannot be read by anyone else on theContinue reading “Understanding CONNECT Tunnels”
The Sad State of HAR
Spring 2017 Update: Some of these issues have been fixed. The HTTP Archive Format (HAR) was designed to allow tools to exchange network traffic using a standard format; this format is akin to Fiddler’s Session Archive Zip format but is supported natively by browser developer tools. Unlike SAZ files, it is not compressed by default,Continue reading “The Sad State of HAR”
Reset Fiddler’s HTTPS certificates
I’ve made changes to the latest versions of Fiddler to improve the performance of certificate creation, and to avoid problems with new certificate validation logic coming to Chrome and Firefox. The biggest of the Fiddler changes is that CertEnroll is now the default certificate generator on Windows 7 and later. Unfortunately, this change can causeContinue reading “Reset Fiddler’s HTTPS certificates”
text/plain 