The Fiddler Everywhere HTTP(S) Inspectors tab renders the Request and the Response sections, which display the request and the response information for the HTTP(S) sessions that are selected from the Live Traffic list. In the case where the captured traffic uses the WebSocket API, a special WebSocket inspectors tan renders, which display the connection handshake details, messages, and each message content and metadata. For secure connections, Fiddler Everywhere can also show detailed server certificate information.
The inspectors are based on the Monaco editor and provide a number of features among which:
- Great performance for loading large chunks of data.
- Line IDs to quickly identify and mark a specific portion of the request or response.
- Powerful search functionality that supports strings and regular expressions.
- Context styling that highlights the content based on its type—for example, image renderers, HTML and XML formatters, JSON formatter, and more.
- Except for the Preview inspector type, all inspectors provide the Copy all content to clipboard button at the top-right corner.
To load the data of a session in the Inspectors section, select an HTTP(S) or WebSocket session from the Live Traffic list.
To switch the loaded name of the inspector, click the desired inspector name—for example, Image or Raw.
The HTTP(S) Inspectors provide the following types of inspecting tools that enable you to examine different parts of the requests and responses:
The Headers inspector allows you to view the HTTP headers of the request and the response.
Request Headers Inspector
Every HTTP(S) request begins with plain text headers that describe what the client requests as a resource or operation. The first line of the request (the Request line) contains the following values:
- The HTTP method—For example, GET.
- The URL path which is being requested—For example
- The HTTP version—For example,
The Request line can consist of one or more rows containing name-value pairs of metadata about the request and the client, such as the
Like the HTTP request, every HTTP response begins with plain text headers that describe the result from the request. The first line of the response (the Status line) contains the following values:
- The HTTP version—For example,
- The response status code—For example,
- The response status text—For example,
The Status line can consist of one or more lines containing name-value pairs of metadata about the response and the server, such as the length of the response file, the content type, and how the response can be cached.
The Params inspector, available in the Request section only, displays the content from any input endpoints parameters.
The Cookies inspector displays the contents of any outbound
Cookie2 request headers and any inbound
P3P response headers.
The Raw Inspector allows you to view the complete request and response, including headers and bodies, as text. Most of the inspector represents a large text area that displays the body text interpreted using the detected character set with the headers, the byte-order-marker, or an embedded
META tag declaration.
By default, the request or response will be displayed as received, which means that encoded or compressed content will be in a non-human readable format and received as is. The Raw Inspector comes with a special decode button (located in the inspector toolbar), decoding encoded content.
The following figure displays encoded raw content with the decode button inactive.
The following figure displays decoded raw content with the decode button active.
The Preview Inspector, available in the Request section only, allows you to view the response bodies as an image or an HTML page depending on the response content. The inspector can display the most common web image formats, including JPEG, PNG, GIF, and less common formats like cursors, WebP, JPEG-XR, bitmaps, TIFF.
If the content is in HTML format, then the Preview inspector allows you to view responses in a web browser control, which provides a quick preview of how a given response may appear in a browser. To avoid flooding the Live Traffic list, the web browser control is configured to prevent additional downloads when rendering the response, which means that most images and styles will not be displayed. Additionally, scripting and navigating are blocked and provide a read-only preview.
The Body inspectors are suitable for different types of requests and responses. Fiddler Everywhere automatically tries to load the most appropriate body inspector, depending on the content.
The Text inspector allows you to view the request and response bodies as text. It truncates the data it renders at the first null byte it finds, making it inappropriate for displaying binary content. Most body inspectors represent a large text area that reveals the body text interpreted using the detected character set with the headers, the byte-order-marker, or an embedded META tag declaration.
If the JSON data is malformed, for example, the name component of a name/value pair is unquoted, the JSON inspector will show a warning in the footer.
The XML inspector interprets the selected request or response body as an Extensible Markup Language (XML) document, showing a tree view of the XML document nodes. If the body can't be interpreted as XML, the tree view will remain empty. Each XML element is represented as a node in the tree. The attributes of the element are displayed in square brackets after its name. The inspector provides an Expand All / Collapse All toggle button to expand or collapse all XML tree nodes.
The Form Data inspector, available in the Request section only, parses the request query string and body for any HTML form-data. If a form is found, it is parsed, and the name/value pairs are displayed in the grid view. The inspector works best with application/x-www-form-urlencoded data used by most simple web forms.
The Form Data inspector provides the following options for copying the parameter content from the context menu:
- Copy Value—Copies only the value of the selected parameter from the key-value pair.
- Copy Key/Value—Copies the key-value pair of the selected parameter.
The WebSocket Inspectors provide the following types of inspecting tools that enable you to inspect different parts of the WebSocket connection:
Similarly to an HTTP(S) request and response, the Handshake tab for the WebSocket API provides the following types of inspecting tools that enable you to examine different parts of the WebSocket requests and responses:
The Messages tab renders a list of the WebSocket messages sent from the client or received from the server. The list is constantly populated with new upcoming messages until the two-way communication is disconnected. Each received WebSocket message can be inspected separately through the Metadata inspector and through the Message Inspector.
The list of messages is rendered as a grid with multiple columns:
ID—Number indicating the consecutive number of the message.
Sender—Inidicates whether the Client or Server sent the message.
Size—The length of the message in bytes.
Time—Renders the date and the time when the message is received.
Message Preview—The string representation of the message sent/received.
The Metadata inspector contains timestamps and masking information about the selected WebSocket message.
DoneRead—Timestamp that indicates when the Client/Server finished processing the message.
BeginSend—Timestamp that indicates when the Client/Server sent the message.
DoneSend—Timestamp that indicates when the Client/Server finished sending the message.
Data masked by key—The key that masked the message.
The Message Inspector contains the non-masked message content in plain text or JSON (depending on the message format).
The Response Inspectors in Fiddler Everywhere version 3.2.0 and above contain indicators and notifications that show if a server certificate is valid, expiring, or causes errors.