Using Fiddler to Fix Issues

I've helped many users who say Fiddler has "fixed" their issue. Unfortunately, this is a bit deceptive. Fiddler is an excellent debugging tool for web apps, but it does not permanently resolve problems. What it does do is act as a proxy with its own connection settings. This allows it to act as a "man in the middle" and even decrypt the traffic to provide better more insight into application behavior. Sometimes, this is just enough to correct the underlying problem and give the illusion that all is well. This can be very frustrating when trying to find and debug the problem! I have personally seen Fiddler "help" with the following: Proxy issues TLS versioning SSL cert problems Telerik themselves have a great post on this here outlining the technical details and corrective actions. If you do any sort of debugging with Fiddler it's worth a read. Side Note: If you help end users, but...
Read More

Case of the Large Header

Just because you can do something doesn't always mean you should. One such example of this is using large HTTP headers. While the HTTP specification itself doesn't set boundaries, most web servers have default limits around 8 KB. Other devices in the path such as firewalls/WAFs, proxies, and load balancers also have similar limits.   Problem The application testers were receiving a reset error. Their application and web server logs did not show any problems.   Analysis The first question asked was, "If the web server isn't sending the reset error, what is?" In this case we found there were several devices in the path including a domain firewall and a load balancer. The firewall admin saw two-way traffic hitting an accept rule and passing through. That left the load balancer.┬áThe load balancer admin confirmed via a packet capture that it was, in fact, sending a reset near the end of the TCP stream. Why would the load balancer send a reset? A load balancer does exactly that....balances...
Read More