mac版fiddler使用

fiddler everywhere

之前介绍过win上的fiddler的使用。
mac上没有fiddler,但有fiddler everywhere,但功能相对比较简单,也基本够用,这里做下简单介绍。

下载地址

fiddler everywhere

安装及配置

  1. 官方文档
    官方introduction
  2. 工具配置
    • 设置 -> https -> 信任证书 -> 勾选捕获https流量
    • connections -> 修改监听端口8888(默认8866,这里可不修改,个人喜好)-> 勾选允许远程设备连接(如果需要抓手机包的话)
ifconfig en0

或在工具右下角connected查看
3. 手机端安装证书

  • 跟win版本一样,获取电脑ip,在手机浏览器访问电脑ip:端口,下载证书
  • 手机安装证书,各手机安装方式略有不同,如果不会可自行百度

常用功能

  1. traffic inspectors
    基本功能,查看请求和响应,可切换不同的格式查看

  2. composer
    选中某一session,右键选择 edit in composer

    可用于接口测试(工作中一般用postman之类的工具替代)

  3. 修改响应auto responder

    • 点击更多(三点)勾选 - unmatched requests passthrough
    • 举例说明
      选中某session,右键选择add new rule, 在auto responder中进一步修改

    如上图,默认action是return manually crafted response,然后修改响应json某一字段值即可

  4. 关于match
    支持string,正则regex:EXACT:NOT:等方式

    详情可参看match官方说明文档

  5. 关于action

ACTION STRING DESCRIPTION ACTION TYPE
filename Return contents of the filename as the response. Final
http://targetURL Returns the content of the targetURL as the response. Final
*redir:http://targetURL Returns a HTTP Redirect to the target URL. Unlike the simple URL rule, this ensures that the client knows where its request is going so proper cookies are sent, etc. Final
*bpu Breaks on request before hitting the server. Non-final
*delay:### Delay sending request to the server by ### of milliseconds. Non-final
*header:Name=Value Set the Request header with the given Name to the specified Value. If no header of that name exists, a new header will be created. Non-final
*flag:Name=Value Set the Session Flag, with the given Name to the specified Value. If no header of that name exists, a new header will be created. Non-final
*CORSPreflightAllow Returns a response that indicates that CORS is allowed. Final
*reset Reset the client connection immediately using a TCP/IP RST to the client. Final
*drop Close the client connection immediately without sending a response. Final
*exit Stop processing rules at this point. Final
Return manually crafted response Allows modifying the current response (HTML, JS, JSON) previously returned by the server. Final
Find a file... The Find a file… option in the Actions dropdown displays a file picker to allow you to select a filename that should be returned. Final

Rules with Non-final actions will allow the request to match multiple AutoResponder rules. As soon a rule specifying a final action is reached, the matching process exists, and no further rules are processed for that session.

详情可参看action官方说明文档

  1. 其他
    用的比较少
    • 保存sessions
    • 分享sessions
    • api composer功能
    • filters功能
    • 回放
    • 导出sessions功能har(可用于httprunner)

补充

小米手机安装证书方式:设置->更多设置->系统安全->加密与凭据->从存储设备安装->选择要安装的fiddlerroot.cer证书->输入锁屏密码