Crossed out capture on fiddler
The Fiddler captures the traffic, but crosses out the text or captures. Please see the image for more details. Hoe do i get rid of this/
Most probably Help -> Troubleshoot option is enabled. If this is the case, the traffic which is normally filtered by the filters applied in the Filters tab is shown with strikethrough font.
From the screenshot, it seems that all or most of the traffic is filtered - you can uncheck the 'Use filters' check box in the Filters tab to disable the filters.
Related
We're in the middle of switching our website from http to https.
Our ads seem to be working on the https version of the website, we use DFP and we bring in competition via PreBid.
But for whatever reason, our 728x90 ads are always showing as house ads, whereas the 300x250, 320x250, and 300x600 ads are correctly working and showing ads.
Any idea why on the secure version of our website, the 728x90 ads wouldn't be working?
There is no generic response for that situation. There are too many possible issues.
The first thing you need to do is to:
Create a simple HTML file with the 728x90 slot inside it and of course the JavaScript code to call DFP.
Open this HTML file with Chrome.
Use the F12 key to open Chrome DevTools.
Check the Console.
For any unsecured resources, Chrome displays a “Mixed Content” message
in the Console. Some text will be in red or yellow.
Red: Errors that indicate the resource was blocked.
Yellow: Warnings that should be fixed.
I am observing a website with Google Chrome and Fiddler version 4.4.
The page is using AJAX to update its data. I want to block a specific URL to test what will happen if it doesn't work.
What is the easiest way to block the URL?
What would you like to have happen?
Go to the AutoResponder tab. Tick Enable Automatic Responses and Unmatched requests pass through. Click the Add button. In the top box, enter http://example.com/yourURLisHere. In the box below it, select either 404_Plain.dat or choose *drop or *reset. The first returns a 404. The second just drops the connection if it sees the target URL. The third sends a TCP/IP RST packet if it sees the target URL.
We have an a HTTPS site that brings up a page from a different site of ours that’s HTTP.
In IE (9), we get the message at the bottom of the page:
“Only secure content is displayed. What’s the risk? [Show all content]”.
When the button is clicked, it closes the lightbox-ish control that's open and returns to the page it was overlaid on.
Does anyone know how to avoid this?
In the HTTP site’s page, one guy here had the idea to add, at the end of On_Load, the following to turn off cross-site scripting protection:
this.Response.Headers.Add("X-XSS-Protection", "0");
Both sites are C# / ASP.NET 4.0.
Thanks in advance!
Add the url to your trusted sites, it's the only way if you don't send all data through https.
Internet Options -> Security -> Trusted Sites -> Sites.
If this is something that needs to be company wide, I would recommend pushing out the rule via a group policy.
Alternatively, allow access the control using https on the other site (if you can) and reference that - the warning will disappear.
The real setting to enable here is to "Display mixed content" for the zone of the site you want. If the site is on your Intranet, you select Intranet zone in the Security settings, then Custom level. If it's an Internet site, you go there and go to Custom level.
There, you should see the "Display mixed content" setting, and simply select "Enable", then "OK" your way out of the dialogs.
Reference: https://www.mydigitallife.net/how-to-disable-only-secure-content-is-displayed-in-ie-always-show-all-mixed-content/
I've found the page that plain http images with a https/ssl page can't be displayed without warnings. Are there any way to display a picture from another http:// web-site on your https://web-site without warnings? (suppose you have a permission to display that picture on you web-site).
Chrome put a yellow triangle on SSL locker: "...However, this page includes other resources, that are not secure..."
IE displays a warning when a page loads: "Do you want to view only the webpage content that was delivered securely?"
So, how to display a picture on https:// page if it is on another web-server?
You can use the information on this article on Encosia. Basically you have to use a // syntax for your urls in order to use the same protocol in all cases. For example, if you have a https request, the following
//ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
will hit google's CDN using the https protocol. However, if you don't have control over the other server, i think you're out of luck. If you do have control over the other server i'd recommend using the method described in the article above by allowing your content server to serve both protocols.
I have some pages that are sent via HTTPS. Internet Explorer sometimes complains about "This webpage contains content that will not be delivered using a secure HTTPS".
I looked in the html source to confirm all content calls (href, src, etc...) are sent via https. My CSS files use relative paths. But I'm still getting these warnings.
Is there an easy way to track down which items are not sent via HTTPS?
You could fire up Fiddler to see what exactly IE is requesting over regular HTTP.
In Fiddler's default configuration, HTTPS requests will show up with a lock and CONNECT as the host. HTTP requests will have a non-lock icon.
(source: josh3736.net)
I usually use Firefox + Firebug (the "Net" tab) to find the offending request. You could also use Fiddler for this. (with any browser)
I've used the following site before - I finding it easier than loading up firebug / fiddler.
http://www.whynopadlock.com/
You can use SslCheck
It's a free online tool that crawls a website recursively (following all internal links) and scans for unsecure content - images, scripts and CSS.
(disclaimer: I'm one of the developers)
In Google Chrome, similar to Firefox w/ FireBug, you can use the 'Network' tab of the Developer Tools console.
Open the Developers Tools console, go to the 'Network' tab, and reload the target page. Any warnings with the page, such as insecure content being loaded, will be indicated with the number of warning and an 'alert' icon in the bottom right corner (Chrome v23.x). Click on the icon and a list of the warnings, in this case, the resources being loaded insecurely, will be displayed.
Using following tools could help:
Firefox's FireBug . opening tab Network shows you connection details to multiple resource
Fiddler - acts as sniffer allows you explore details of connect.
using firefox - view generated source vs viewing source
there is probably a javascript file that is creating a div/iframe that is insecure