FiddlerScript學習一:改動Request或Response
前兩天因項目須要,簡單看了一下FiddlerScript,功能挺強的。今天有時間細致看一下,做個筆記。
改動Request或Response
改動Request和Response要在FiddlerScript中的OnBeforeRequest和OnBeforeResponse函數中加入規則就可以。OnBeforeRequest函數是在每次請求之前調用。OnBeforeResponse函數是在每次響應之前調用。
1、加入請求頭Header
oSession.oRequest["NewHeaderName"] = "New header value";
2、刪除Response的Header
oSession.oResponse.headers.Remove("Set-Cookie");
3、將請求從一個頁面轉發到同一Server上的還有一頁面
if (oSession.PathAndQuery=="/hello/hello.html") { oSession.PathAndQuery="/hello/index.html"; }註意:oSession.PathAndQuery的值為fiddler中session列表中的Url:
即圖中紅色標註出來的部分。圖中黃色標註出來的部分有點特殊。host為Tunnel to ,url為還有一host。
查看該請求的Header為:
這樣的特殊情況會在以下還有樣例。
上面的樣例,攔截請求地址為/hello/hello.html的請求,並將其轉發到同樣Server的/hello/index.html
4、將請求轉發到同樣port號的不同server(改動請求的Host)
if(oSession.HostnameIs("www.baidu.com")){ oSession.hostname = "www.sina.com.cn"; }
這個樣例是將發送到百度的請求轉發到新浪。則會提示頁面不存在。
這裏僅僅是改變了host,並不改變後面的地址。因此。假設在新浪上不存在對應的頁面。如以下圖片所看到的:
假設我訪問的是例如以下地址:http://www.baidu.com/link?url=CQuVpjo9u9UQADcstwECPEmrziPMk5u5H9PlRN2TbWLkKZaxafVER2X8OEYzovr-yasX2Fwcgj0NANBtKVj0gN78jNJ3bXTmIsTeBk7hXem
則結果例如以下:(該頁面實際是存在的,是百度搜索出來的結果頁面,被fiddler轉發到新浪。可是新浪上不存的此頁面)
5、將請求轉發到不同port號,不同Server
if (oSession.host=="192.168.0.70:8080") { oSession.host="192.168.0.69:8020"; }這個樣例是將發送到192.168.0.70:8080的請求轉發到192.168.0.69:8020,這裏僅僅是改變host。並不改變後面的請求地址。比如,做以上的規則後。我請求的是:
http://192.168.0.70:8080/hello/hello.html
而實際我項目部署到的是:192.168.0.69:8020
6、將全部請求從一個server轉發到還有一個server,包含Https
// Redirect traffic, including HTTPS tunnels if (oSession.HTTPMethodIs("CONNECT") && (oSession.PathAndQuery == "www.example.com:443")) { oSession.PathAndQuery = "beta.example.com:443"; } if (oSession.HostnameIs("www.example.com")) oSession.hostname = "beta.example.com";
7、Simulate the Windows HOSTS file, by pointing one Hostname to a different IP address. (Retargets without changing the request‘s Host header)
// All requests for subdomain.example.com should be directed to the development server at 128.123.133.123 if (oSession.HostnameIs("subdomain.example.com")){ oSession.bypassGateway = true; // Prevent this request from going through an upstream proxy oSession["x-overrideHost"] = "128.123.133.123"; // DNS name or IP address of target server }
8、Retarget requests for a single page to a different page, potentially on a different server. (Retargets by changing the request‘s Host header)
if (oSession.url=="www.example.com/live.js") { oSession.url = "dev.example.com/workinprogress.js"; }9、Prevent upload of HTTP Cookies
oSession.oRequest.headers.Remove("Cookie");
10、Decompress and unchunk a HTTP response, updating headers if needed
// Remove any compression or chunking from the response in order to make it easier to manipulate oSession.utilDecodeResponse();
11、Search and replace in HTML.
if (oSession.HostnameIs("www.bayden.com") && oSession.oResponse.headers.ExistsAndContains("Content-Type","text/html")){ oSession.utilDecodeResponse(); oSession.utilReplaceInResponse(‘<b>‘,‘<u>‘); }
12、Case insensitive Search of response HTML.
if (oSession.oResponse.headers.ExistsAndContains("Content-Type", "text/html") && oSession.utilFindInResponse("searchfor", false)>-1){ oSession["ui-color"] = "red"; }
13、Remove all DIV tags (and content inside the DIV tag)
// If content-type is HTML, then remove all DIV tags if (oSession.oResponse.headers.ExistsAndContains("Content-Type", "html")){ // Remove any compression or chunking oSession.utilDecodeResponse(); var oBody = System.Text.Encoding.UTF8.GetString(oSession.responseBodyBytes); // Replace all instances of the DIV tag with an empty string var oRegEx = /<div[^>]*>(.*?)<\/div>/gi; oBody = oBody.replace(oRegEx, ""); // Set the response body to the div-less string oSession.utilSetResponseBody(oBody); }
14、Pretend your browser is the GoogleBot webcrawler
oSession.oRequest["User-Agent"]="Googlebot/2.X (+http://www.googlebot.com/bot.html)";
15、Request Hebrew content
oSession.oRequest["Accept-Language"]="he";
16、Deny .CSS requests
if (oSession.uriContains(".css")){ oSession["ui-color"]="orange"; oSession["ui-bold"]="true"; oSession.oRequest.FailSession(404, "Blocked", "Fiddler blocked CSS file"); }
17、Simulate HTTP Basic authentication (Requires user to enter a password before displaying web content.)
if ((oSession.HostnameIs("www.example.com")) && !oSession.oRequest.headers.Exists("Authorization")) { // Prevent IE‘s "Friendly Errors Messages" from hiding the error message by making response body longer than 512 chars. var oBody = "<html><body>[Fiddler] Authentication Required.<BR>".PadRight(512, ‘ ‘) + "</body></html>"; oSession.utilSetResponseBody(oBody); // Build up the headers oSession.oResponse.headers.HTTPResponseCode = 401; oSession.oResponse.headers.HTTPResponseStatus = "401 Auth Required"; oSession.oResponse["WWW-Authenticate"] = "Basic realm=\"Fiddler (just hit Ok)\""; oResponse.headers.Add("Content-Type", "text/html"); }18、Respond to a request with a file loaded from the \Captures\Responses folder (Can be placed in OnBeforeRequest or OnBeforeResponse function)
if (oSession.PathAndQuery=="/version1.css") { oSession["x-replywithfile"] ="version2.css"; }
以上樣例我並沒有都實踐。僅僅實踐了中間幾個地址轉發的,由於如今須要用。剩下的請大家有須要的自己實踐吧。
FiddlerScript學習一:改動Request或Response