Capture HTTPS request to nonexistent server with FiddlerCore

StackOverflow https://stackoverflow.com//questions/23062986

  •  26-12-2019
  •  | 
  •  

Question

I try to response to a https request, using fiddlercore. I need things to work like that: I put some fake url in browser, like https://my_url_that_doesnt_exist.com/ I intercept this request with fiddlercore and respons to it with my data. But I only see a CONNECT and host url. I know, its due https and fiddler is a proxy. But is there a way to get real url and be able to respond to https request, using fiddler core?

Also I use this code to create a root certificate if its missing:

if (!Fiddler.CertMaker.rootCertExists()) { if (!Fiddler.CertMaker.createRootCert()) { throw new Exception("Could not create a certificate."); } }

also I use this startup settings:

FiddlerCoreStartupFlags fcsf = FiddlerCoreStartupFlags.Default | FiddlerCoreStartupFlags.DecryptSSL|FiddlerCoreStartupFlags.AllowRemoteClients;

and CONFIG.IgnoreServerCertErrors = true;

This https request is not visible in fiddler itself. I mean if I try some non-existing url to which Id like my app to respond with some custom content. Its also HTTP, not HTTPS and fiddler itself contain the following in response: [Fiddler] DNS Lookup for "my_url_that_doesnt_exist.com" failed. The requested name is valid, but no data of the requested type was found

But if I use some existing https url, like google plus or anything like that I can see the https and all the request details.

So the question follows: How can I intercept https request to non existing url and serve my content instead? I can provide any additional details if needed.

Also makecert.exe is in the same folder where all my binaries are.

Was it helpful?

Solution

The problem is that HTTPS traffic flows through a CONNECT tunnel, and by default that secure traffic won't be sent if creating the CONNECT tunnel to the target server doesn't first succeed. Of course, if that target server doesn't exist, you end up with a DNS error in creating the tunnel, so the secure requests are never sent.

The workaround is to tell Fiddler to tell the client that the CONNECT tunnel was created, without even trying to contact the server. Do so by adding this inside the BeforeRequest handler:

if (oSession.HTTPMethodIs("CONNECT"))
{
  oSession.oFlags["x-replywithtunnel"] = "GenerateTunnel";
  return;
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top