Comments on: Debugging Tools for HTTP Headers with Flash? https://jessewarden.com/2007/01/debugging-tools-for-http-headers-with-flash.html Software | Fitness | Gaming Tue, 21 Oct 2008 14:22:47 +0000 hourly 1 By: Eric Lawrence https://jessewarden.com/2007/01/debugging-tools-for-http-headers-with-flash.html/comment-page-1#comment-130655 Tue, 21 Oct 2008 14:22:47 +0000 http://jessewarden.com/?p=1109#comment-130655 FWIW, Fiddler2 shows you EXACTLY what headers are sent, and it shows all of them. It’s not possible to hide any, since Fiddler2 shows you exactly what it receives, and Fiddler sends what it receives.

Contrary to the comment above, Fiddler2 has included HTTPS decryption for several years now.

]]> By: Chafic Kazoun https://jessewarden.com/2007/01/debugging-tools-for-http-headers-with-flash.html/comment-page-1#comment-4064 Fri, 05 Jan 2007 22:42:36 +0000 http://jessewarden.com/?p=1109#comment-4064 I use servicecaptuer most of the time, when I want to dig deep, especially when doing non-flash socket coding I use wirershark. I’ve also used tcpdump and fiddler

]]> By: JesterXL https://jessewarden.com/2007/01/debugging-tools-for-http-headers-with-flash.html/comment-page-1#comment-4063 Fri, 05 Jan 2007 05:07:27 +0000 http://jessewarden.com/?p=1109#comment-4063 Oh… I don’t know… like ALL the headers I’m sending custom wize excluding Authorization. Like X-If-No-Redirect, it just doesn’t work except for random times. I’m hitting Google Calendar’s API which is supposed to hit you with a 412 (or was it 302?) if you send that header. Problem is, my custom headers I’m playing with aren’t showing up. Additionally, every so often, the Google Calendar API will send a re-direct, resulting in like 4 requests, but Flash only show’s 2. Really bizarre stuff. Naturally, I’m liable to blame Google since they are changing their API often enough that my results are questioning.

Another could be my expectations. I can’t see the post data I’m sending… why not? Is it because authorization stuff isn’t shown? I guess I’m not really sure what I’m allowed to see, what I’m not, and what I can/cannot affect. Sometimes, too, the responses I get in Flash don’t match what Fiddler says. It’s all quite frustrating. I’m glad there are middle-tier solutions (which I’m now using) instead of using boilerplate HTTP requests like this. I’ve switched to using PHP make the requests for me, and all is well. I’d say 1 out of every 20 requests get’s ‘malformed’ but that could be PHP yuking… or… God knows. Why I do I specialize in client side development again…? OH YEAH!

]]> By: Kevin Langdon https://jessewarden.com/2007/01/debugging-tools-for-http-headers-with-flash.html/comment-page-1#comment-4062 Fri, 05 Jan 2007 04:25:26 +0000 http://jessewarden.com/?p=1109#comment-4062 Just curious what headers you think are being sent that are not showing in ServiceCapture? There is nothing in ServiceCapture that would be removing headers…

]]> By: Erki Esken https://jessewarden.com/2007/01/debugging-tools-for-http-headers-with-flash.html/comment-page-1#comment-4061 Thu, 04 Jan 2007 18:18:55 +0000 http://jessewarden.com/?p=1109#comment-4061 I forgot, the penetration testing tools are available for OS X as nice DMG files here: http://www.corsaire.com/downloads/

]]>