Dev Depot: Fiddler, Fine-tuning Website Performance

It’s 11 a.m. — do you know what your website is doing? While many webmasters believe they have a grasp of what happens when someone visits their site, and use various analytics to support their notions, a whole range of performance-slowing communications may be occurring in the background, due to careless coding or other hard-to-spot reasons.

According to its publisher, Fiddler (www.fiddler2.com) is a web debugging proxy to helps users’ record, monitor, inspect and debug HTTP and HTTPS traffic, from virtually any application that supports a proxy; such as Chrome, Firefox, IE, Opera and Safari — logging all HTTP(S) traffic occurring between your computer and the Internet.

Fiddler benefits from a rich extensibility model which ranges from simple FiddlerScript to powerful Extensions which can be developed by using any .NET language; with a robust list of add-ons already available from Fiddler’s creator, as well as from third-party developers.

Created by former Microsoft staffer Eric Lawrence, Fiddler is now part of Telerik’s product family, where it is enjoying continued development.

Fiddler flexibly debugs web traffic from Windows-based PC, Mac or Linux systems, and mobile devices alike — no matter which development platform or language you use; supporting popular frameworks including Java, .NET and Ruby, ensuring that the proper cache directives, cookies and headers are transferred between the client and server.

Among Fiddler’s features is the ability to tamper with the client’s requests and server responses by easily manipulating and editing web sessions. All that is required is to set a breakpoint pausing the processing of the session to permit alteration of the request and/or server response. Users can also compose their own HTTP requests to run through Fiddler.

Fiddler helps users test the performance of websites and mobile apps; displaying the application’s “total page weight,” HTTP caching and compression metrics, at a glance, so that developers may isolate any performance bottlenecks by using rules such as “Flag any uncompressed responses larger than 25kb.”

Fiddler is also useful for testing the security of your web applications and sessions, by decrypting HTTPS traffic and then displaying and modifying requests via a man-in-the-middle decryption technique that allows users to configure Fiddler to decrypt all traffic, or only specific sessions, for a more flexible approach.

Telerik notes that Fiddler benefits from a rich extensibility model which ranges from simple FiddlerScript to powerful Extensions which can be developed by using any .NET language; with a robust list of add-ons already available from Fiddler’s creator, as well as from third-party developers.

For example, three popular add-ons display markup with syntax-highlighting for HTML, JavaScript, CSS, XML, and other formats, along with a standalone text editor that aids Fiddler rules editing, with a built in Class Explorer to help users author scripts.

The AnyWHERE extension allows users to spoof responses to GeoLocation service queries via Chrome, FF4, IE9 and Opera, when Fiddler’s HTTPS decryption is enabled.

CertMaker for iOS and Android devices resolves an incompatibility with the default HTTPS interception certificates used by Fiddler, with a Certificate Generating plugin that generates interception certificates compatible with those platforms. A Content Blocker uses IAutoTamper to block traffic based on URI, while the Gallery extension displays thumbnails of all images found among the selected Sessions. The Gallery also offers a full-screen slideshow mode with optional image effects.

Other useful add-ons include a JavaScript Formatter that allows users to right-click on any JavaScript session and choose “Make JavaScript Pretty” for an easier view, or use the Rules menu option to do this automatically for all downloaded scripts. The PDF Viewer generates previews of PDF files, while the Privacy Scanner extension flags responses that set cookies and color codes based on P3P headers.

Additional tools allow for the comparison of two traffic profiles, as well as provide a Windows 8 AppContainer Loopback Utility for full-screen “Metro-style” apps that need some additional configuration to work with Fiddler. There are many third party add-ons as well, providing sophisticated testing of website data streams.

From speeding up your site to combating malware, Fiddler plays many roles. Try this free solution and see how many hidden secrets it will reveal about your website.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

WIA: Alexis Fawx Levels Up as Multi-Faceted Entrepreneur

As more performers look to diversify, expanding their range of revenue streams and promotional vehicles, some are spreading their entrepreneurial wings to create new businesses — including Alexis Fawx.

Women In Adult ·
opinion

Navigating Age-Related Regulations in Europe

Age verification measures are rapidly gaining momentum across Europe, with regulators stepping up efforts to protect children online. Recently, the U.K.’s communications regulator, Ofcom, updated its timeline for implementing the Online Safety Act, while France’s ARCOM has released technical guidance detailing age verification standards.

Gavin Worrall ·
opinion

Why Cyber Insurance Is Crucial for Adult Businesses

From streaming services and interactive platforms to ecommerce and virtual reality experiences, the adult industry has long stood at the forefront of online innovation. However, the same technology-forward approach that has enabled adult businesses to deliver unique and personalized content to consumers worldwide also exposes them to myriad risks.

Corey D. Silverstein ·
opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
Show More