FiddlerScript學習一：修改Request或Response

前兩天因項目需要，簡單看了一下FiddlerScript，功能挺強的，今天有時間仔細看一下，做個筆記。

修改Request或Response

修改Request和Response要在FiddlerScript中的OnBeforeRequest和OnBeforeResponse函數中添加規則即可。OnBeforeRequest函數是在每次請求之前調用，OnBeforeResponse函數是在每次響應之前調用。

1、添加請求頭Header

 oSession.oRequest["NewHeaderName"] = "New header value";

2、刪除Response的Header

 oSession.oResponse.headers.Remove("Set-Cookie");

3、將請求從一個頁面轉發到同一Server上的另一頁面

if (oSession.PathAndQuery=="/hello/hello.html") {
      oSession.PathAndQuery="/hello/index.html";
    }

注意：oSession.PathAndQuery的值爲fiddler中session列表中的Url：

即圖中紅色標註出來的部分。圖中黃色標註出來的部分有點特殊，host爲Tunnel to ,url爲另一host。查看該請求的Header爲：

這種特殊情況會在下面還有例子。

上面的例子，攔截請求地址爲/hello/hello.html的請求，並將其轉發到相同Server的/hello/index.html

4、將請求轉發到相同端口號的不同服務器（修改請求的Host）

if(oSession.HostnameIs("www.baidu.com")){
      oSession.hostname = "www.sina.com.cn";
}

這個例子是將發送到百度的請求轉發到新浪，則會提示頁面不存在。這裏只是改變了host，並不改變後面的地址，因此，如果在新浪上不存在相應的頁面。如下面圖片所示：

如果我訪問的是如下地址：http://www.baidu.com/link?url=CQuVpjo9u9UQADcstwECPEmrziPMk5u5H9PlRN2TbWLkKZaxafVER2X8OEYzovr-yasX2Fwcgj0NANBtKVj0gN78jNJ3bXTmIsTeBk7hXem

則結果如下：（該頁面實際是存在的，是百度搜索出來的結果頁面，被fiddler轉發到新浪，但是新浪上不存的此頁面）

5、將請求轉發到不同端口號，不同Server

    if (oSession.host=="192.168.0.70:8080") {
      oSession.host="192.168.0.69:8020";
    }

這個例子是將發送到192.168.0.70:8080的請求轉發到192.168.0.69:8020，這裏只是改變host，並不改變後面的請求地址。例如，做以上的規則後，我請求的是：

http://192.168.0.70:8080/hello/hello.html

而實際我項目部署到的是：192.168.0.69:8020

6、將所有請求從一個服務器轉發到另一個服務器，包括Https

    // Redirect traffic, including HTTPS tunnels
    if (oSession.HTTPMethodIs("CONNECT") && (oSession.PathAndQuery == "www.example.com:443")) { 
        oSession.PathAndQuery = "beta.example.com:443"; 
    }

    if (oSession.HostnameIs("www.example.com")) oSession.hostname = "beta.example.com"; 

7、Simulate the Windows HOSTS file, by pointing one Hostname to a different IP address. (Retargets without changing the request's Host header)

    // All requests for subdomain.example.com should be directed to the development server at 128.123.133.123
    if (oSession.HostnameIs("subdomain.example.com")){
    oSession.bypassGateway = true;                   // Prevent this request from going through an upstream proxy
    oSession["x-overrideHost"] = "128.123.133.123";  // DNS name or IP address of target server
    }

8、Retarget requests for a single page to a different page, potentially on a different server. (Retargets by changing the request's Host header)

    if (oSession.url=="www.example.com/live.js") {
      oSession.url = "dev.example.com/workinprogress.js";
    }

9、Prevent upload of HTTP Cookies

 oSession.oRequest.headers.Remove("Cookie");

10、Decompress and unchunk a HTTP response, updating headers if needed

    // Remove any compression or chunking from the response in order to make it easier to manipulate
    oSession.utilDecodeResponse();

11、Search and replace in HTML.

    if (oSession.HostnameIs("www.bayden.com") && oSession.oResponse.headers.ExistsAndContains("Content-Type","text/html")){
      oSession.utilDecodeResponse();
      oSession.utilReplaceInResponse('<b>','<u>');
    }

12、Case insensitive Search of response HTML.

    if (oSession.oResponse.headers.ExistsAndContains("Content-Type", "text/html") && oSession.utilFindInResponse("searchfor", false)>-1){
      oSession["ui-color"] = "red";
    }

13、Remove all DIV tags (and content inside the DIV tag)

    // If content-type is HTML, then remove all DIV tags
    if (oSession.oResponse.headers.ExistsAndContains("Content-Type", "html")){
      // Remove any compression or chunking
      oSession.utilDecodeResponse();
      var oBody = System.Text.Encoding.UTF8.GetString(oSession.responseBodyBytes);

      // Replace all instances of the DIV tag with an empty string
      var oRegEx = /<div[^>]*>(.*?)<\/div>/gi;
      oBody = oBody.replace(oRegEx, "");

      // Set the response body to the div-less string
      oSession.utilSetResponseBody(oBody); 
    }

14、Pretend your browser is the GoogleBot webcrawler

oSession.oRequest["User-Agent"]="Googlebot/2.X (+http://www.googlebot.com/bot.html)";

15、Request Hebrew content

    oSession.oRequest["Accept-Language"]="he";

16、Deny .CSS requests

    if (oSession.uriContains(".css")){
     oSession["ui-color"]="orange"; 
     oSession["ui-bold"]="true";
     oSession.oRequest.FailSession(404, "Blocked", "Fiddler blocked CSS file");
    }

17、Simulate HTTP Basic authentication (Requires user to enter a password before displaying web content.)

    if ((oSession.HostnameIs("www.example.com")) && 
     !oSession.oRequest.headers.Exists("Authorization")) 
    {
    // Prevent IE's "Friendly Errors Messages" from hiding the error message by making response body longer than 512 chars.
    var oBody = "<html><body>[Fiddler] Authentication Required.<BR>".PadRight(512, ' ') + "</body></html>";
    oSession.utilSetResponseBody(oBody); 
    // Build up the headers
    oSession.oResponse.headers.HTTPResponseCode = 401;
    oSession.oResponse.headers.HTTPResponseStatus = "401 Auth Required";
    oSession.oResponse["WWW-Authenticate"] = "Basic realm=\"Fiddler (just hit Ok)\"";
    oResponse.headers.Add("Content-Type", "text/html");
    }

18、Respond to a request with a file loaded from the \Captures\Responses folder (Can be placed in OnBeforeRequest or OnBeforeResponse function)

    if (oSession.PathAndQuery=="/version1.css") {
      oSession["x-replywithfile"] ="version2.css";
    }

以上例子我並沒有都實踐，只實踐了中間幾個地址轉發的，因爲現在需要用。剩下的請大家有需要的自己實踐吧。