The Composer tab enables you to manually create, edit, send and test HTTP and HTTPS requests. You can make a new request from scratch or edit a request already captured by Fiddler Everywhere. To get started, open the Composer tab next to the Live Traffic tab. You can also open a new Composer tab by clicking the New Request button in the Requests tab (the button with the + sign). The Composer tab has the Request Composer and the Request Inspector.
The Composer contains several major sections used to construct a request, to observe the response, and to save, replay and share previosly composed requests.
The top section contains a drop-down for selecting:
- A HTTP Methods to specify the request method (for exmaple, GET, POST, etc.)
- A URL field to enter the endpoint URL.
- A drop-down to select the used HTTP version. Default version is HTTP 1.1.
- An Execute button. Action button to execute the composed request.
- A Save button. To save your composed request in the Requests list.
The mid-section provides options to further modify your request through:
- Headers section. Allows you to add and modify the request's HTTP headers.
- Params section. Allows you to add and modify the request's parameters.
- Raw section. Read-only represenation of the composed request.
- Body section. Allows you to modify the request's body. Supports different known formats (for example like JSON, form-data, XML, text, etc.)
The bottom section is a response inspector, which shows the response from the executed request.
The Requests list (to the left) is the place to save composed request for later usage. From the Requests list, the saved requests entry can also be easily shared with collaborators.
Fiddler's Composer is adding by default its
User-Agentso that it sends HTTPS request correctly. You can remove the default
User-Agentheader but notice that this can break composing a secure request (HTTPS). The default key-value
The Composer supports creating a request while using one of the following HTTP methods:
- GET - Requests a representation of the specified resource. Requests using GET should only retrieve data.
- PUT - replaces all current representations of the target resource with the request payload.
- POST - Used to submit an entity to the specified resource, often causing a change in state or side effects on the server.
- DELETE - Deletes the specified resource.
- HEAD - Asks for a response identical to a GET request, but without the response body.
- TRACE - Performs a message loop-back test along the path to the target resource.
- SEARCH - Used by a client to ask the server to perform a query operation (described by the request payload) over some set of data scoped to the effective request URI.
- PROPFIND - Retrieves properties defined on the resource identified by the Request-URI.
- PATCH - Used to apply partial modifications to a resource.
- MKCOL - The method may be included in the scope of a transaction by submitting a Transaction Header with a lock token that corresponds to that transaction.
- MOVE - Used to move a resource to the location specified by a request Uniform Resource Identifier (URI
- LOCK - Used to take out a lock of any access type on a resource so that another principal will not modify the resource while it is being edited.
- UNLOCK - Used to remove the lock on the resource at the request Uniform Resource Identifier (URI).
- OPTIONS - Used to describe the communication options for the target resource.
The URL field is the place to endpoint URL for the composed request.
From the HTTP Version drop-down, you can select the following HTTP versions:
- HTTP 2.0
- HTTP 1.2
- HTTP 1.1
- HTTP 1.0
- HTTP 0.9
Use this button to effectively execute the composed request. After successfull exectuon the Response inspector will be populated with the received response content.
Use this button to save the composed request in the Requests list. Notice that if you are editing already saved request entry, then the changes will overwrite the previous version of that entry. To save the edits as an entirely new netry use the drop-down option and select Save as (available only for already saved requests).
The middle section is allowing you to further modify your request by adding your custom Headers, Params, Body, and observing the composed request through the Raw view (read-only).
The Headers section enables you to add/modify your request headers (for example,
Authorization, etc.). By default a key-value UI is activated (you can change it to raw UI through the drop-down in the top-right corner of the section).
- Add a new header by entering the header key-value pair and then clicking the tick.
- The new header is now part of your request's headers. The header can now be disabled/enabled (using the tick to the left) or completely deleted (using the Delete icon to the right).
Most of the servers using newer versions of TLS will require a User-Agent header to be set. By default, Fiddler Everywhere will a User-Agent key set with value Fiddler Everywhere and description Lets servers and network peers identify the application, operating system, vendor, and version of the requesting user agent. The header is non-mandatory, but keep in mind that without valid User-Agent, some requests to secure servers might fail.
The Params section enables you to add query parameters to your request URL easily. Adds any key-value pair appended through the Params view to the request URL. By default a key-value UI is activated (you can change it to raw UI through the drop-down in the top-right corner of the section).
- Add new query params by entering the params key-value pair and then clicking the tick.
- The new query params is now added to your API endpoint URL. The params can now be disabled/enabled (using the tick to the left) or completely deleted (using the Delete icon to the right).
The Body section enables you to manually specify the data that should be sent with the request. By default a key-value UI is activated (you can change it to raw UI through the drop-down in the top-right corner of the section).. The Body comes with several specific editors as follows:
The view is a raw text representation of the composed request. This view is non-editable (read-only).
With the Response Inspector, you can inspect the received response (from the executed request). The inspector provides several views to visualize different parts of the request in specific formats. Find detailed information on each inspector type in the dedicated article about Inspector Types
A session previosly captured in the Live Traffic can be loaded in the Composer for applying further modifications.
Select the desired session entry and make a right-click to open the context menu. From the context menu, select Edit in Composer. Alternatively, select the session and use the keyboard shortcut by pressing key E.
The session opens in a new Composer window and then you can change the desired values. For example, change the data payload, modify the headers, test the authentication, etc.