Each Session object in Fiddler contains a collection of string flags, in the Session.oFlags collection. The flags control how the session is processed and displayed in the Fiddler [Web Session List]. Flags can be set by FiddlerScript or an IFiddlerExtension.
Flag names are not case-sensitive.
Flag values are always strings.
If you examine oFlags["non-existent-flag"], the result will be null.
The oFlags collection is the "indexer" for the Session object, so oSession.oFlags["flagname"] can be written as:
- oSession["flagname"] or
- oSession["SESSION", "flagname"]
You can remove a flag from the list by:
- Calling: oFlags.Remove("flagname") or
- Setting oSession["flagname"] = null
The value of most flags is not important; simply adding the flag is enough. So oSession["ui-hide"]="no" does the same thing as oSession["ui-hide"] = "true" (hides the session).
While you can call oFlags.Add("flagname"), this will throw an exception if the flag already exists. It's better to just set the value: oFlags["flagname"] = "value";
You can create new flags that attach metadata to a given session. To avoid naming conflicts, it's recommended that you choose distinctive flagnames. For example: addon.acme.loggingFlag.
Hide the session from the Session List.
- The session will continue to run.
- Breakpoints on hidden sessions are ignored.
- Note: hiding a session will free up the memory that would otherwise be used to hold the session data in memory.
The value of this flag determines the font color used to render this session in the Session List.
The value of this flag determines the background color used behind this session's entry in the Session List.
If present, this session's entry will be bolded in the Session List.
If present, this session's entry will be italicized in the Session List.
If present, this session's entry will be struck out in the Session List.
The value of this flag is shown in the Fiddler Session List's "User-defined" column.
The Comment, if any, which the user set on this session.
If present, execution of this session will pause before the request is issued.
If present, execution of this session will pause after the response is received.
Provide the Host:Port combination which should be used for DNS resolution purposes. Note that this mechanism does not change the HOST header on the request, and thus is not useful if there's an upstream gateway.
Read-only. Indicates the IP address of the server used for this request.
Provide the Host:Port combination of a gateway that should be used to proxy this request, or DIRECT to send the request directly to the origin server.
Information (module name and ProcessID) on source of local requests. Requires Fiddler v18.104.22.168 or later.
Read-only. Indicates the client IP that sent this request. Mostly useful when multiple computers on a network are pointed to a single Fiddler instance.
Read-only. Indicates the port on the client that sent this request.
Socket Reuse Flags
Read-only. String containing data about the reuse status of the server socket.
Read-only. String containing data about the reuse status of a secure server socket.
Decryption and Authentication Flags
If set on a CONNECT tunnel, the traffic in the tunnel will not be decrypted. Requires Fiddler v22.214.171.124 or later.
Filename of client certificate (e.g. .CER) that should be attached to this secure request. Requires Fiddler v126.96.36.199 or later.
String specifying the hostname that should appear in the CN field of this CONNECT tunnel's Fiddler-generated certificate.
Prevent Fiddler from adding a "Proxy-Support: Session-Based-Authentication" header to HTTP/401 or HTTP/407 responses that request Negotiate or NTLM authentication. Requires Fiddler v188.8.131.52 or later.
Deprecated. Use oSession.Timer instead. Time to the first byte of the response, in milliseconds.
Deprecated. Use oSession.Timer instead. Time to the last byte of the response, in milliseconds.
Milliseconds to delay each outbound kilobyte of request data.
Milliseconds to delay each inbound kilobyte of response data.
The value of this flag is the name of a file in the Captures/Responses folder (or a fully-qualified filename) containing a HTTP response to return to the client rather than sending the request to the server.
Read-only. Contains the name of the file specified in x-replywithfile, after the automatic response was loaded.
Drop Sessions Flags
Drop the request body from the session list after request is sent to the server. Useful for minimizing memory usage.
Drop the request body from the session list after response is sent to the client. Useful for minimizing memory usage.