The Rules tab enables you to create rules (including custom ones) that will automatically trigger in response to requests.
The Rules functionality provides options for testing changes to web code without updating the production server, reproducing previously captured bugs in SAZ files, and running website demos while you are offline.
The collaboration functionalities allow you to import and export a single rule or set of rules and share rules directly with other Fiddler Everywhere collaborators. Each rule has a different order priority and execution weight which can be easily controlled by promoting or demoting a rule.
The Rules tab is available after version 2.0.0 and later, while previous versions had the aAuto Responder tab. The capabilities of the functionalities are different—the Rule Builder can change what the servers will receive in terms of requests and responses, given that such rules are applied. The Auto Responder is only capable of mocking a server request or response and modifying the local request or response. Therefore, not all rules change the server data.
The Rules tab contains the following sections:
- Rules Toolbar—Provides options for sharing, manual import or export, and manual execution.
- Rule Builder—Creates new rules and edits existing ones.
- Rules Queue—A queue of created rules executed in the order of appearance from top to bottom. Each rule in the queue has its toolbar with different rule-related functionalities.
When executing each rule or running a rule on previously saved sessions, Rules follows a built-in logic depending on whether the session is actively captured (ongoing Live Traffic sessions).
Live Traffic and Rules stick to the following basic guidelines:
- The Rules main toggle is available only for the Live Traffic section.
- If the Rules toggle is ON, and a selected rule toggle is ON, the rule executes for all inbound/outbound captured traffic (the Live Traffic section with enabled Capturing).
- If the Rules toggle is ON, and a selected rule toggle is OFF, the rule won't execute for all of the inbound/outbound captured traffic (the Live Traffic section with enabled Capturing).
- All HTTP/HTTPS requests that are not matching any of the active rules, will be executed as is without interference from the Rules tab.
- The application setting Unmatched Requests Passthrough was deprecated in version 3.4.0. Learn how to create it manually through a custom rule...
Saved Sessions and Rules stick to the following basic guidelines:
- The Rules main toggle is not available for saved sessions (from the Sessions list). The toggle will be hidden when a saved session is loaded.
- Execute from the primary Rules toolbar will execute all currently selected rules. The result applies to all sessions that match the conditions of the rule. If multiple rules are selected, they will be executed in the order of appearance in the Rules Queue—this means that a rule can be overwritten by another rule that comes later in the queue. Some rules are also final, which means that no other rules in the queue will be executed after a final rule
- The Execute button from a selected rule toolbar will only execute the currently selected rule.
The main toolbar of the Rules comes with the following functionalities:
- Add New Rule—Opens the Rule Builder window to create a new rule.
- Shared Ruleset—Opens a list of the shared rulesets.
- Share—Opens the Share windows where you can enter a collaborator email to share all created rules.
- Import—Prompts a window for importing rules from a FARX file.
- Export—Exports all selected rules in a FARX file.
- Execute—Executes the selected rules for the captured traffic or the loaded, saved sessions.
The Rule Builder interface enables you to create (through the Add New Rule button) and edit rules (through the Edit button of a selected rule). For each new rule, you must enter a condition (previously known as a match rule) and an action (previously known as an action string). Fiddler Everywhere will undertake the action if the request URI matches the condition and if the rule is executed.
To add a new rule:
- Click the Add New Rule button from the main toolbar.
- Add a new name for your rule in the Rule Name text field.
- Set the When rule based on one of the following statements:
- all these conditions—The rule applies when all conditions are true (logical TRUE).
- any of these conditions—The rule applies when any conditions are true (logical OR).
- none of these conditions—The rule applies when none of the conditions is true (logical FALSE).
- Add one or more conditions. See the conditions section for more details.
- Set how many times the actions will be triggered when the conditions are met:
- Any number of times - The action executes each time the conditions are met.
- Specific number of times - The action executes n-times (user specifies n, which can be a numerical value between 1 and 65535).
- Add one or more actions. See the actions section for more details.
- Click Save to close the Rule Editor and add the newly created rule to the Rules Queue.
When creating a rule, take into consideration the following tips:
- Rules are applied in their order of appearance in the Rules Queue. To demote a rule in the queue, use the Down Arrow; to promote a rule on the queue, use the Up Arrow.
- You can export selected rules from the queue through the Export button from the Rules toolbar.
- To queue rules based on previously captured traffic, import a
.FARXfile through the Import button.
- Each condition and action value corresponding to the Live Traffic capturing data can be auto-completed. This way, you can create rules based on captured sessions on the fly.
The Rule Builder can add and use single or multiple conditions needed to trigger different actions. The conditions are logical structures with different statements whose numbers can vary between two and four. A statement field that handles text (string modifier) is case-insensitive by default (you can use the Aa button to change them to case-sensitive) and can be auto-completed with suggestions corresponding to the captured sessions.
For more information, refer to the following list.
|Condition Value||Field Options||Field Options||Field Options||Usage Description|
|Protocol||HTTP or HTTPS||n/a||n/a||Differentiate the traffic based on the used protocol (HTTP vs HTTPS).|
|Host||String modifiers||Search value||n/a||Search for a specific keyword in the Host column.|
|Path||String modifiers||Search value||n/a||Search for a specific keyword in the path column.|
|URL||String modifiers||Search value||n/a||Search for a specific keyword in the URL column.|
|Status||String modifiers||Search value||n/a||Search for a specific keyword in the Result column.|
|Method||String modifiers||Search value||n/a||Search for a specific keyword in the Method column.|
|Process ID||String modifiers||Search value||n/a||Search for a specific keyword in the Process ID column.|
|Client IP||String modifiers||Search value||n/a||Search for a specific keyword in the Client IP column.|
|Remote IP||String modifiers||Search value||n/a||Search for a specific keyword in the Remote IP column.|
|Body Size||Number modifiers (compares bytes)||Search value||n/a||Search for a specific value in the Body Size column.|
|Duration||Number modifiers (compares milliseconds)||Search value||n/a||Search for a specific value in the Duration column.|
|Comment||String modifiers||Search value||n/a||Search for a specific keyword in the Comment column.|
|Request Body||String modifiers||Search value||n/a||Search for a specific keyword in the Request Body column.|
|Request Header||Header name||String modifiers||The search value||Search for a specific keyword in the explicitly mentioned Request header column.|
|Response Body||String modifiers||Search value||n/a||Search for a specific keyword in the Response body.|
|Response Header||Header name||String modifiers||The search value||Search for a specific keyword in the explicitly mentioned Response header column.|
|Cookie||Cookie name||String modifiers||Search value||Search for a specific keyword in the explicitly mentioned Cookie.|
|Certificate Information||Field name||String modifiers||Search value||Search for a specific keyword in the explicitly mentioned certificate field.|
|Magic String||The "magic string" content||n/a||n/a||Uses the legacy Fiddler Classic string literals and regular expressions.|
When Fiddler Everywhere identifies a request which matches the conditions of the rule, it automatically maps it to the action set in the rule. An action field that handles text (string modifier) is case-insensitive by default (you can use the Aa button to change them to case-sensitive) and can be auto-completed with suggestions corresponding to the captured sessions. Note that multiple actions will be executed in their numbered order, and action with the final action type will prevent the execution of all subsequent actions.
Apart from returning files or predefined responses, a rule can perform the following specific actions:
|Action name||Field Options||Field Options||Preview box||Usage Description||Action type|
|Mark Session||Choose background color||Choose foreground color||Sample Preview box||Marks the session with selected colors.||Non-final|
|Update Request Header||Header Name||Value modifiers||New value||Uses the selected value modifier and the new value to update the request header.||Non-final|
|Update Response Header||Header Name||Value modifiers||New value||Uses the selected value modifier and the new value to update the response header.||Non-final|
|Update Request Body||Value modifiers||New value||n/a||Uses the selected value modifier and the new value to update the request body.||Non-final|
|Update Response Body||Value modifiers||New value||n/a||Uses the selected value modifier and the new value to update the response body.||Non-final|
|Update URL||Value modifiers||New value||n/a||Uses the selected value modifier and the new value to update the current URL.||Non-final|
|Update Query Params||Query Parameter Key||Value modifiers||New value||Uses the selected value modifier and the new value to update the query parameters.||Non-final|
|Update Request Cookies||Cookie Key||Value modifiers||New value||Uses the selected value modifier and the new value to update the cookie value.||Non-final|
|Update Response Cookies||Cookie Key||Value modifiers||New value||Uses the selected value modifier and the new value to update the cookie value.||Non-final|
|Predefined Response||Drop-down with predefined responses||n/a||n/a||Returns the selected predefined response.||Final|
|Manual Response||Text field for creating manual response||n/a||n/a||Returns the manually created response.||Final|
|Response File||File Picker||n/a||n/a||Returns the picked response file.||Final|
|Do Not Capture||n/a||n/a||n/a||When the Do not capture action is applied, no other actions will be executed.||Final|
|Delay Request||Number value (milliseconds)||n/a||n/a||Delays the request execution with "n" milliseconds.||Non-final|
|Graceful Close||n/a||n/a||n/a||This action will close the connection gracefully.||Final|
|Non Graceful Close||n/a||n/a||n/a||This action will close the connection forcefully.||Final|
|Magic String||The "magic string" content||n/a||n/a||Uses the legacy Fiddler Classic string literals and regular expressions.||Final|
|Comment||String modifiers||New value||n/a||Action to modify, add, or remove a session comment||Non-final|
Rule actions can be divided into final and non-finaldepending on their behavior.
When you work with final and non-final actions, take into consideration the following insights:
Final actions immediately prevent any other action from executing if this action comes lower on the list for the specific rule. Final actions also prevent any rule with lower priority, which matches the request, from executing any actions.
Final actions are valid only when the rule is matched during the HTTP request.
If a session is matched with conditions that depend on its response (for example, a response body contains "HTML"), then any final action in any rule that matches the session will be ignored. The reason for this behavior is that final actions replace the response, and, by design, Fiddler is not intended to replace a response that was already received and matched conditions in a rule.
Non-final actions will allow other actions from the same rule or different rules with lower priority, which match the session, to execute.
The Rules Queue, also the Queue Viewer or Queue Rules Viewer, is a queue of the created rules. The Rules Queue allows you to enable, disable, promote, denote, edit, export, import, share, and immediately execute the listed rules.
When using a rule from the Rules Queue, take into consideration the following tips:
- The Rules tab must be enabled for any rule from the queue to be executed.
- Only enabled rules from the queue will be applied on ongoing Live traffic capture.
- You can explicitly apply a rule for captured traffic by using the Play button (executes the rule on current sessions).
- The rules in the Rules Queue are executed with priority based on their position in the queue. Use Demote and Promote buttons to change a rule position (and priority) in the queue.
- Some rules might trigger a final action, which will stop executing any other rules with lower priority.
By default, the Rules Queue will list all created and imported rules based on their priority. Rules will be executed according to their appearance, starting from the first. When selecting specific rules and using the explicit Execute button, they will run in the order they appear in the queue.
To activate all enabled rules (a rule with an active toggle), use the Rules toggle from the main toolbar. You must turn the Live Traffic switch to Capturing mode.
Using the Execute button from the main toolbar, explicitly execute rules on captured sessions. The Execute functionality is available for both the Live Traffic and saved sessions.
Each rule has its panel with the rule name, its toolbar with rule options, a list that previews the set conditions, and a list that previews the set actions.
The rule options allow you to further interact with the rule:
- The Play button executes the current rule only.
- The Promote up arrow promotes the selected rule in the Rules Queue.
- The Demote down arrow demotes the selected rule in the Rules Queue.
- The Edit button opens the Rule Builder to edit the rule.
- The Duplicate button creates a duplicate copy of the selected rule.
- The Share button shares the rule with other Fiddler Everywhere collaborators.
- The Delete button deletes the rule from the Rules Queue.
- The Enable/Disable toggle explicitly enables or disables the rule execution. It is available only for Live Traffic sessions and hidden when interacting with saved sessions.