Dev Depot: Fiddler, Fine-tuning Website Performance
It’s 11 a.m. — do you know what your website is doing? While many webmasters believe they have a grasp of what happens when someone visits their site, and use various analytics to support their notions, a whole range of performance-slowing communications may be occurring in the background, due to careless coding or other hard-to-spot reasons.
According to its publisher, Fiddler (www.fiddler2.com) is a web debugging proxy to helps users’ record, monitor, inspect and debug HTTP and HTTPS traffic, from virtually any application that supports a proxy; such as Chrome, Firefox, IE, Opera and Safari — logging all HTTP(S) traffic occurring between your computer and the Internet.
Created by former Microsoft staffer Eric Lawrence, Fiddler is now part of Telerik’s product family, where it is enjoying continued development.
Fiddler flexibly debugs web traffic from Windows-based PC, Mac or Linux systems, and mobile devices alike — no matter which development platform or language you use; supporting popular frameworks including Java, .NET and Ruby, ensuring that the proper cache directives, cookies and headers are transferred between the client and server.
Among Fiddler’s features is the ability to tamper with the client’s requests and server responses by easily manipulating and editing web sessions. All that is required is to set a breakpoint pausing the processing of the session to permit alteration of the request and/or server response. Users can also compose their own HTTP requests to run through Fiddler.
Fiddler helps users test the performance of websites and mobile apps; displaying the application’s “total page weight,” HTTP caching and compression metrics, at a glance, so that developers may isolate any performance bottlenecks by using rules such as “Flag any uncompressed responses larger than 25kb.”
Fiddler is also useful for testing the security of your web applications and sessions, by decrypting HTTPS traffic and then displaying and modifying requests via a man-in-the-middle decryption technique that allows users to configure Fiddler to decrypt all traffic, or only specific sessions, for a more flexible approach.
Telerik notes that Fiddler benefits from a rich extensibility model which ranges from simple FiddlerScript to powerful Extensions which can be developed by using any .NET language; with a robust list of add-ons already available from Fiddler’s creator, as well as from third-party developers.
The AnyWHERE extension allows users to spoof responses to GeoLocation service queries via Chrome, FF4, IE9 and Opera, when Fiddler’s HTTPS decryption is enabled.
CertMaker for iOS and Android devices resolves an incompatibility with the default HTTPS interception certificates used by Fiddler, with a Certificate Generating plugin that generates interception certificates compatible with those platforms. A Content Blocker uses IAutoTamper to block traffic based on URI, while the Gallery extension displays thumbnails of all images found among the selected Sessions. The Gallery also offers a full-screen slideshow mode with optional image effects.
Additional tools allow for the comparison of two traffic profiles, as well as provide a Windows 8 AppContainer Loopback Utility for full-screen “Metro-style” apps that need some additional configuration to work with Fiddler. There are many third party add-ons as well, providing sophisticated testing of website data streams.
From speeding up your site to combating malware, Fiddler plays many roles. Try this free solution and see how many hidden secrets it will reveal about your website.