32

I'm trying to get Fiddler to work with my company's proxy. Every external request is returning 407.

So far I've tried adding oSession.oRequest["Proxy-Authorization"] = "YOURCREDENTIALS"; to the customized rules where I used my USERNAME:PASSWORD in base64. Still no luck.

Any ideas? Thanks.

Ryan Peters
  • 7,608
  • 8
  • 41
  • 57
  • Are you sure your proxy uses plain text passwords? Depending on your company it may well be NTLM-based authentication to the proxy that you need. – Paolo Jun 07 '10 at 12:48
  • Sorry, tried that too. I added a Proxy-Authorization: NTLM [encoded string] to my request header. – Ryan Peters Jun 07 '10 at 13:01
  • 2
    I'm using Fiddler2 and what I did was go to "Rules" menu and tick "Automatically Authenticate" – Shivan Dragon Feb 06 '13 at 11:45

6 Answers6

76

What worked for me was much more simpler: 

Rules > Automatically Authenticate
Francis Kim
  • 4,235
  • 4
  • 36
  • 51
  • This didn't work for me and I wonder because then the menu option gets unchecked again. How is that? – mono68 Nov 20 '13 at 09:50
  • 5
    @mono68 Fiddler doesn't remember that setting unfortunately so yes I've had to tick that each time I start Fidder – Francis Kim Nov 27 '13 at 13:50
  • This solution is work.But not working with roles. For eg. [Authorize(Roles = @"domainname\somegroup")] it's not work. But is work with [Authorize(Users = @"DomainName\userName")] and with clear attribute Authorize. – Piotr Knut Nov 19 '16 at 21:57
  • Maybe this comment will bump it up. – Francis Kim Jan 13 '20 at 07:05
23

Note: There is an answer with a higher voting available. Because of SO sorting it is below the accepted answer.

I had the same problem, too, and solved it like this:

  1. Started Fiddler with it's standard configuration.
  2. Started IE and made a HTTP-request to an external web-site.
  3. The proxy authorization dialogue popped up, where I entered my credentials.
  4. In Fiddler searched the request headers for "Proxy-Authorization".
  5. Copied the header value which looked like "Basic sOMeBASE64eNCODEdSTRING=" to the clipboard.

  6. Altered the CustomRules.js with the following line within OnBeforeRequest:

    oSession.oRequest["Proxy-Authorization"] = "Basic sOMeBASE64eNCODEdSTRING=";

So my approach was quite similar to yours just that in advance I checked what kind of proxy authorization the server required by using Fiddler to debug the authorization header. That way I found out I had to add "Basic" before the Base64 encoded credentials and I didn't even have to use the tool to encode the credentials to Base64. Just copied the value from the proxy authorization header.

Community
  • 1
  • 1
mono68
  • 2,080
  • 19
  • 27
  • Thanks for your answer, it's used to work for me, but now my company is implementing "Negotioate" (NTLM algorithm) rather than "Basic" proxy authentication. And the key keeps changing, even in matters of seconds. Any idea how to work with it? Thanks! – Robert A Henru Nov 30 '12 at 01:56
  • 4
    @RobertAHenru In the rules menu, tick "Autmatically Authenticate". To turn this on all the time, go to custimize rules & change this code: public static RulesOption("&Automatically Authenticate") var m_AutoAuth: boolean = true; ... it's false by default. – CAD bloke Dec 05 '12 at 21:18
  • Hi Thanks @CADbloke, somehow my Fiddler does not have those m_autoAuth. So what I do is to add the related code for m_AutoAuth as found in here... http://pastebin.com/cdBSnszJ – Robert A Henru Dec 21 '12 at 02:12
  • Works fine, but I have a question: This puts a HTTP_PROXY_AUTHORIZATION header to my request. When the proxy forwards the traffic it is still on the header. Shouldn't it remove it? Can I somehow prevent it to send the headers? Any workaround? (Using Fiddler Core with .NET) – Tomi Nov 28 '18 at 10:32
1

My Answer is simple. If your company proxy is NTLM, download ,setUp and configure cntlm. Route your fiddler to cntlm port by setting proxy settings.

Done! that is how i configured fiddler in my company

Enes
  • 2,225
  • 1
  • 19
  • 16
0

Fiddler should pick up native proxy configuration automatically.

Jackie
  • 25,199
  • 6
  • 33
  • 24
0

What version of Fiddler are you using?

Fiddler will automatically chain to your organization's proxy, and all current versions of Fiddler support passing of authentication information between the client and the authenticating proxy.

How are you generating the HTTP requests in question? What are the exact HTTP response headers?

EricLaw
  • 56,563
  • 7
  • 151
  • 196
0

http://blog.bareweb.eu/2010/10/http-debugging-fiddler-tip-1/

There's an entry in the "Rules" menu for Requiring Proxy Authentication. Use that and you should get a bit further!

AndyElastacloud
  • 625
  • 5
  • 21