103

Recently, I came across an issue where a CGI application is not responding. Symptom is Firefox displaying:

Transferring data from localhost...

But the thing is I cannot see any traffic from Firebug's Net panel, and the browser just stays on the same stage forever.

I am thinking about the ways to debug this application but I cannot see the source code or any of its compiled Java/C++ components, therefore I reckon a HTTP network level of diagnostics is a good start.

I have little experience in Fiddler and Wireshark, just wondering will they get better feedback/statistics in the HTTP network level? I've heard Wireshark is advanced but could possibly introduce a large volume of traffic so system admins don't like it very much. At this time I think Firebug doesn't really show me enough information.

I need to collect information so that I can then forward to client as proof.

lhan
  • 4,585
  • 11
  • 60
  • 105
Michael Mao
  • 9,878
  • 23
  • 75
  • 91
  • 4
    I would not recommend **Charles** because only one developer works on it. What if he stops working on the app or gets hit by a bus ? Moreover, looks like he does not respond to support requests. I'd spend my $50 somewhere else. As for **Fiddler**, the support is slightly better, but they can take their own time because its a free tool. What am I left with ? Probably wireshark or mitm proxy. – MasterJoe Feb 06 '17 at 02:02
  • 2
    @testerjoe2 mitm proxy is slow as f*ck and not as near good as fiddler. – Neeraj Jul 14 '18 at 08:11

7 Answers7

89

Wireshark, Firebug, Fiddler all do similar things - capture network traffic.

  • Wireshark captures any kind of network packet. It can capture packet details below TCP/IP (HTTP is at the top). It does have filters to reduce the noise it captures.

  • Firebug tracks each request the browser page makes and captures the associated headers and the time taken for each stage of the request (DNS, receiving, sending, ...).

  • Fiddler works as an HTTP/HTTPS proxy. It captures every HTTP request the computer makes and records everything associated with it. It does allow things like converting post variables to a table form and editing/replaying requests. It doesn't, by default, capture localhost traffic in IE, see the FAQ for the workaround.

Njol
  • 3,271
  • 17
  • 32
mikek3332002
  • 3,546
  • 4
  • 37
  • 47
45

The benefit of WireShark is that it could possibly show you errors in levels below the HTTP protocol. Fiddler will show you errors in the HTTP protocol.

If you think the problem is somewhere in the HTTP request issued by the browser, or you are just looking for more information in regards to what the server is responding with, or how long it is taking to respond, Fiddler should do.

If you suspect something may be wrong in the TCP/IP protocol used by your browser and the server (or in other layers below that), go with WireShark.

Macy Abbey
  • 3,877
  • 1
  • 20
  • 30
  • 3
    Indeed, Wireshark can uncover proxy and nat server issues, it also can be used on both the client you are connection from as on the server. – Glenner003 Jan 15 '14 at 10:50
34

None of the above, if you are on a Mac. Use Charles Proxy. It's the best network/request information collecter that I have ever come across. You can view and edit all outgoing requests, and see the responses from those requests in several forms, depending on the type of the response. It costs 50 dollars for a license, but you can download the trial version and see what you think.

If your on Windows, then I would just stay with Fiddler.

AbdullahC
  • 6,649
  • 3
  • 27
  • 43
Alex
  • 64,178
  • 48
  • 151
  • 180
  • 1
    Ah, that appears to be awesome. – Macy Abbey Nov 24 '10 at 03:10
  • 16
    Would it be possible for you to elaborate on how Charles is different from something like Fiddler? What you have mentioned above seems very much like fiddler. I currently use fiddler but would be glad to use something better if i get something more out of it. – Jagmag Nov 24 '10 at 03:36
  • 29
    Charles and Fiddler are architecturally quite similar. Charles runs on a Mac; Fiddler won't. Charles is written in Java and costs money. Fiddler is written in C#, free, and easily extensible in .NET. – EricLaw Nov 24 '10 at 03:41
  • 7
    It actually works on Windows, Mac OSX and Linux – Casebash Feb 10 '12 at 05:13
  • 11
    Why is it better than wireshark? – Goles Aug 12 '13 at 16:51
  • In wireshark it is hard to isolate traffic by process – beppe9000 Dec 31 '15 at 14:47
  • @EricLaw - What happens to users of Charles when something happens to the only developer working on it ? But, the support in Charles and Fiddler seems equally bad. No hints for my issue for so long - http://stackoverflow.com/questions/41902367/making-fiddler-work-with-chrome – MasterJoe Feb 06 '17 at 02:07
  • @EricLaw - Unfortunately, Fiddler's support costs $1000 per year and the forums can be slow (free). What if I only want to get answers to 2-3 questions like the one I just asked you. I might as well pay a freelancer on upwork to answer the questions for me for $20 or so. – MasterJoe Feb 06 '17 at 02:17
  • 4
    I answer almost every question in Fiddler's Google Group within one day. But this isn't the right place to chat about this. – EricLaw Feb 07 '17 at 02:38
17

Fiddler is the winner every time when comparing to Charles.

The "customize rules" feature of fiddler is unparalleled in any http debugger. The ability to write code to manipulate http requests and responses on-the-fly is invaluable to me and the work I do in web development.

There are so many features to fiddler that charles just does not have, and likely won't ever have. Fiddler is light-years ahead.

neimad
  • 594
  • 5
  • 5
  • 4
    Except that fiddler is of no use when you don't work under windows. You can also put a proxy in between, then you can do that yourselfs (in C#). For example http://www.mentalis.org/soft/projects/proxy/ . No Fiddler required. I don't have a windows system anymore at home - only ARM-based Linuces. And I'm very happy about that. – Stefan Steiger Nov 29 '16 at 08:33
  • You mentioned many features of fiddler that charles does not have. What are these features ? – MasterJoe Jan 18 '17 at 06:23
5

To complement the list, also be aware of http://mitmproxy.org/

Maxim Veksler
  • 29,272
  • 38
  • 131
  • 151
  • What would make this option worth considering? –  Aug 01 '14 at 14:36
  • 1
    @JonofAllTrades this runs from command line. Each alternative provides a different implementation, so variety in this case does serves a purpose. – Maxim Veksler Aug 02 '14 at 16:25
  • Maxim - Mitm is a commandline based tool. The lack of GUI is a problem for users like me. Can you tell us when to use commandline tool and when to use gui ? – MasterJoe Feb 06 '17 at 02:11
  • When you're SSHing into a server and you need a proxy, maybe mitmproxy would be a life saver (unless you're ready to have a separate environment with a GUI to proxy to.) – arithma Aug 28 '19 at 21:23
  • there is a UI for mitmproxy, https://docs.mitmproxy.org/stable/tools-mitmweb/ – yeradis Mar 18 '20 at 10:57
5

I use both Charles Proxy and Fiddler for my HTTP/HTTPS level debugging.

Pros of Charles Proxy:

  1. Handles HTTPS better (you get a Charles Certificate which you'd put in 'Trusted Authorities' list)
  2. Has more features like Load/Save Session (esp. useful when debugging multiple pages), Mirror a website (useful in caching assets and hence faster debugging), etc.
  3. As mentioned by jburgess, handles AMF.
  4. Displays JSON, XML and other kind of responses in a tree structure, making it easier to read. Displays images in image responses instead of binary data.

Cons of Charles Proxy:

  1. Cost :-)
RSW
  • 1,649
  • 1
  • 17
  • 37
Manu Manjunath
  • 6,201
  • 3
  • 32
  • 31
  • 10
    Fiddler offers simpler HTTPS trust than Charles, offers a richer set of Save/Load, and displays JSON/XML and other formats using a tree structure. It's freeware, and there are AMF inspectors available, although I haven't used them. – EricLaw Mar 25 '13 at 21:58
  • 1
    @EricLaw: Yes, but your "freeware" (subject to american export restriction - aka unsafe cryptography) doesn't run on Linux (my ARM-processor Chromebook Linux with Debian) . – Stefan Steiger Nov 29 '16 at 08:31
4

If you're developing an application that transfers data using AMF (fairly common in a particular set of GIS web APIs I use regularly), Fiddler does not currently provide an AMF decoder that will allow you to easily view the binary data in an easily-readable format. Charles provides this functionality.

jburgess
  • 358
  • 2
  • 3
  • 7