当前位置: 文江博客话题详情

如何使用 Fiddler 修改 HTTP 响应中的状态代码?

发布于 2024-11-06 05:34:18 字数 240 浏览 1 评论 0原文

我需要测试我编写的一些客户端应用程序代码,以测试其对 Web 服务器 HTTP 响应中返回的各种状态代码的处理。

我安装了 Fiddler 2(Web 调试代理),并且我相信有一种方法可以使用此应用程序修改响应,但我正在努力找出方法。这将是最方便的方法,因为它允许我不修改客户端和服务器代码。

任何人都可以帮忙,因为我想拦截从服务器发送到客户端的 HTTP 响应并在它到达客户端之前修改状态代码?

任何建议将不胜感激。

原文

I need to test some client application code I've written to test its' handling of various status codes returned in an HTTP response from a web server.

I have Fiddler 2 (Web Debugging Proxy) installed and I believe there's a way to modify responses using this application, but I'm struggling to find out how. This would be the most convenient way, as it would allow me to leave both client and server code unmodified.

Can anyone assist as I'd like to intercept the HTTP response being sent from server to client and modify the status code before it reaches the client?

Any advice would be much appreciated.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

孤城病女 2024-11-13 05:34:18

好的,所以我假设您已经能够监视您的客户端/服务器流量。您想要做的是在响应上设置一个断点,然后在将其发送到客户端之前对其进行修改。

这里有几种不同的方法可以做到这一点:

  1. 规则>自动断点>响应后
  2. 在快速执行框(底部的黑框)中键入“bpafter yourpage.svc”。现在,Fiddler 将在对包含“yourpage.svc”的任何 URL 的所有请求之前停止在断点处。键入不带参数的“bpafter”以清除断点。
  3. 使用 FiddlerScript 以编程方式篡改响应。 FiddlerScript 的最佳文档位于官方网站上: http://www.fiddler2.com/Fiddler/dev /

一旦响应在断点处停止,只需双击它即可在检查器中将其打开。现在您有几个选项:

  1. 在绿色“运行到完成”按钮(单击该按钮发送响应)旁边有一个下拉菜单,可让您选择一些默认响应类型。
  2. 或者,在标头检查器上,更改响应代码和顶部文本框中的消息。
  3. 或者,单击“原始”检查器并修改原始响应以对其执行任意操作。这也是查看客户端在收到格式错误的响应时执行操作的好方法,您可能会意外测试:)

Ok, so I assume that you're already able to monitor your client/server traffic. What you want to do is set a breakpoint on the response then fiddle with it before sending it on to the client.

Here are a couple of different ways to do that:

  1. Rules > Automatic Breakpoints > After Responses
  2. In the quickexec box (the black box at the bottom) type "bpafter yourpage.svc". Now Fiddler will stop at a breakpoint before all requests to any URL that contains "yourpage.svc". Type "bpafter" with no parameters to clear the breakpoint.
  3. Programmatically tamper with the response using FiddlerScript. The best documentation for FiddlerScript is on the official site: http://www.fiddler2.com/Fiddler/dev/

Once you've got a response stopped at the breakpoint, just double click it to open it in the inspectors. You've got a couple of options now:

  1. Right next to the green Run to Completion button (which you click to send the response) there's a dropdown that lets you choose some default response types.
  2. Or, on the Headers inspector, change the response code & message in the textbox at the top.
  3. Or, click the "Raw" inspector and mess with the raw response to do arbitrary things to it. Also a good way to see what your client does when it gets a malformed response, which you'll probably test accidentally :)
回复 原文
萌酱 2024-11-13 05:34:18

另一种选择是使用 Fiddler 的 AutoResponder 选项卡(位于右侧面板上)。这允许您捕获对任何与字符串匹配的 URI 的请求,并从文件中提供“预设”响应。该文件可以包含标头和有效负载。这种方法的优点是您不必编写 FiddlerScript,也不必通过断点手动处理每个请求。

您可以在 Fiddler 中设置规则,如下所示(确保启用不匹配的请求传递,否则所有其他 http 请求都将失败)。

Fiddler 自动应答器设置
在此示例中,任何 URI 包含“fooBar”的请求都将获得预设响应。文件的格式将根据您的 API 的不同而有所不同(您可以使用浏览器拦截“真实”响应并以此为基础),但我的格式如下所示:

HTTP/1.1 409 Conflict
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Max-Age: 86400
Content-Type: application/vnd.api+json
Content-Length: 149
Date: Tue, 28 Mar 2017 10:03:29 GMT

{"errors":[{"code":"OutOfStock","detail":"Item not in stock","source":{"lineId":{"type":"Order line Number","id":"1"}},"meta":{"availableStock":0}}]}

我发现它需要在末尾有一个回车符最后一行(即在 json 之后),并且 Content-Length 标头必须与 json 中的字符数匹配,否则 web 应用程序将挂起。您的里程可能会有所不同。

Another alternative is to use Fiddler's AutoResponder tab (on the right-hand panel). This allows you to catch a request to any URI that matches a string and serve a "canned" response from a file. The file can contain both headers and payload. The advantage of this approach is that you don't have to write FiddlerScript and you don't have to handle each request manually via a breakpoint.

You would set the rule up in Fiddler like shown below (ensure you enable unmatched requests passthrough otherwise all other http requests will fail).

Fiddler autoresponder setup
In this example, any request whose URI includes "fooBar" will get the canned response. The format of the file will vary depending on your APIs (you can use your browser to intercept a "real" response and base it on that) but mine looked like the following:

HTTP/1.1 409 Conflict
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Max-Age: 86400
Content-Type: application/vnd.api+json
Content-Length: 149
Date: Tue, 28 Mar 2017 10:03:29 GMT

{"errors":[{"code":"OutOfStock","detail":"Item not in stock","source":{"lineId":{"type":"Order line Number","id":"1"}},"meta":{"availableStock":0}}]}

I found that it needed a carriage return at the end of the last line (i.e. after the json), and that the Content-Length header had to match the number of characters in the json, otherwise the webapp would hang. Your mileage may vary.

回复 原文
断念 2024-11-13 05:34:18

创建 FiddlerScript 规则。以下是我用来生成网站本地副本的内容,该网站故意在每个页面上使用 403 来阻止 HTTrack/WGET。
https://gist.github.com/JamoCA/22db8d68a9a2fb20cb04a85360185333

/* 20180615 Fiddler rule to ignore all 403 HTTP Status errors so WGET or HTTrack can generate local copy of remote website */
   SCENARIO: Changing the user agent or setting a delay isn't enough and the entire remote server is configured to respond w/403.
   CONFIGURE: Add below rule to FiddlerScript OnBeforeReponse() section.  Configure HTTrack/WGET/CRON to use proxy 127.0.0.01:8888 */

static function OnBeforeResponse(oSession: Session) {
  if (oSession.HostnameIs("TARGETHOSTNAME_FILTER.com") && oSession.responseCode == 403) {
    oSession.responseCode = 200;
    oSession.oResponse.headers.HTTPResponseCode = 200;
    oSession.oResponse.headers.HTTPResponseStatus = "200 OK";
  }
}

Create a FiddlerScript rule. Here's what I used in order to generate a local copy of a website that was intentionally using 403 on every page to thwart HTTrack/WGET.
https://gist.github.com/JamoCA/22db8d68a9a2fb20cb04a85360185333

/* 20180615 Fiddler rule to ignore all 403 HTTP Status errors so WGET or HTTrack can generate local copy of remote website */
   SCENARIO: Changing the user agent or setting a delay isn't enough and the entire remote server is configured to respond w/403.
   CONFIGURE: Add below rule to FiddlerScript OnBeforeReponse() section.  Configure HTTrack/WGET/CRON to use proxy 127.0.0.01:8888 */

static function OnBeforeResponse(oSession: Session) {
  if (oSession.HostnameIs("TARGETHOSTNAME_FILTER.com") && oSession.responseCode == 403) {
    oSession.responseCode = 200;
    oSession.oResponse.headers.HTTPResponseCode = 200;
    oSession.oResponse.headers.HTTPResponseStatus = "200 OK";
  }
}
回复 原文
~没有更多了~

关于作者

滥情空心

暂无简介

0 文章
0 评论
805 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文