Capturing and Inspecting gRPC Traffic

Environment

Product version Fiddler Everywhere 4.2.0 and above
3rd-party tools gRPC, Wikipedia gRPC page
Supported OS macOS, Linux, Windows, iOS, Android

Description

My client application utilizes the gRPC framework. What exactly is gRPC? Can I capture and inspect gRPC traffic with Fiddler Everywhere?

Capturing gRPC in Fiddler Everywhere

gRPC is an open-source, cross-platform Remote- Procedure Call (RPC) framework. One of its common usages is to connect services in and across servers with pluggable support for tracing, load balancing, and authentication.

Fiddler Everywhere captures gRPC traffic out-of-the-box through all capturing modes with the clarification that as gRPC is utilizing HTTP/2, you need to ensure that HTTP/2 capturing is enabled in Fiddler Everywhere. With Fiddler's proxy, you can capture gRPC traffic with all supported streaming modes - unary RPC (no streaming), server-streaming RPC, client-streaming RPC, and bi-directional streaming RPC. Learn more about the streaming modes in gRPC here...

To capture gRPC traffic with Fiddler Everywhere, the following conditions must be satisfied:

  1. Enable HTTP/2 capturing in Fiddler Everywhere through Settings > Connections > Enable HTTP/2 support (BETA).

  2. Configure the client using the gRPC framework to go through the Fiddler proxy. The execution of this step differs depending on the client's application. Here are some setup guidelines for different clients:

  3. Start capturing! That's it! Fiddler Everywhere will start capturing gRPC immediately.

Inspecting gRPC Traffic

Fiddler Everywhere introduces a specific user interface to ease the inspection of gRPC traffic. The gRPC inspectors are pretty similar to the inspectors used for capturing WebSocket traffic with one exception - the new gRPC Response inspector called Trailer (part of the Handshake tab).

You can use the Trailer inspector to examine the specific trailers the server sends or mock particular gRPC behavior. For example, you can modify (through a rule) the grpc_status trailer header and test how your application behaves in unexpected scenarios like unexpected errors in the stream.

gRPC traffic and the Trailers inspector

The captured gRPC session will have a green badge until the gRPC channel is open and a red badge when the gRPC channel is closed.

Selected gRPC session with closed channel

Double-click on a gRPC session to automatically open the Messages tab and the Message inspector that allows you to inspect each gRPC message as originally received (the context menu provides decoding option) or through the HEX inspector.

gRPC traffic and related Fiddler's inspectors

The Messages tab lists the outgoing (Sender: Client) and incoming (Sender: Server) gRPC messages. Fiddler Everywhere shows the size and the original content of each message. Use the context menu to copy the message or the whole row message quickly.

gRPC message context menu to copy or decode the received data

It is important to note that the gRPC uses Protobuf format which is in unreadable form. That means that the Decode value context menu option can't be used for proper decoding of any gRPC channel message. The only way to decode a Protobuf message is to own the .proto file which can't be extraced over the gRPC session. Only the scheme creators are aware of the .proto format. Fiddler can help developers (that has access to the .proto scheme) by allowing them to extract a specific message and then decode it through the owner .proto file and the following command:

// [message_object_name] is the name of the message object in the .proto file. If the message is inside a package in the .proto file, use package_name.message_object_name.
// [.proto_file_path] is the path to the .proto file where the message is defined.
// [binary_message_file_path] is the path to the file you want to decode.
protoc --decode [message_object_name] [.proto_file_path] < [binary_message_file_path]

Selecting a specific message allows you to inspect the message in detail through the Message inspector. You can examine the context as text or use the HEX inspector, which consists of an offset column, a hex view column, and a text view column.

gRPC message tab and inspecting through the HEX inspector