1 00:00:01,000 --> 00:00:04,759 How'd you like to listen to dot net rocks with no ads? Easy? 2 00:00:05,320 --> 00:00:09,880 Become a patron For just five dollars a month you get access to a private 3 00:00:10,000 --> 00:00:14,359 RSS feed where all the shows have no ads. Twenty dollars a month will 4 00:00:14,400 --> 00:00:18,800 get you that and a special dot net Rocks patron mug. Sign up now 5 00:00:18,839 --> 00:00:23,760 at Patreon dot dot net rocks dot com. Hey Carlin, Richard Here, 6 00:00:24,079 --> 00:00:29,280 As you may have heard, NDC is back offering their incredible in person conferences 7 00:00:29,320 --> 00:00:33,240 around the world, and we'd like to tell you about them. NDC Oslow 8 00:00:33,240 --> 00:00:37,039 will be made twenty first through the twenty fifth. Go to NDC Oslo dot 9 00:00:37,119 --> 00:00:42,759 com to register. NDC Copenhagen is happening August twenty seventh through the thirty first. 10 00:00:43,320 --> 00:00:48,960 Go to NDC Copenhagen dot com for more information. NDC Porto is happening 11 00:00:49,000 --> 00:00:53,280 October sixteenth through the twentieth. The early bird discount for DC Porto ends July 12 00:00:53,560 --> 00:00:58,280 twenty first. Go to Eddcporto dot com to register and check out the full 13 00:00:58,320 --> 00:01:18,200 lineup of conferences at DC conferences dot com. Hey guess what it's dot net 14 00:01:18,280 --> 00:01:22,000 Rocks. This is Carl Franklin and this is Richard Cappell. We're here again 15 00:01:22,079 --> 00:01:27,480 for your listening pleasure, and this be episode eighteen hundred and forty. Well, 16 00:01:27,519 --> 00:01:30,799 there you go. Who knew? Yeah, who knew? Indeed, 17 00:01:30,359 --> 00:01:34,959 wait till you see the way back machine. I'm tapping for the comment on 18 00:01:34,000 --> 00:01:41,879 this show. Oh boy, wow, all right, I can't wait, 19 00:01:41,920 --> 00:01:45,920 But verse, I have something for you, okay with better know fwork awesome? 20 00:01:53,680 --> 00:01:56,599 All right, buddy, what do you got? Well, rold Buddy. 21 00:01:56,640 --> 00:02:00,359 Simon Cropp is at it again. He's wicked smart, is just ridiculous 22 00:02:00,400 --> 00:02:07,280 smart. And you know, I think it's the water in Australia that or 23 00:02:07,280 --> 00:02:13,120 maybe it's water in America. I don't know. Anyway. He wrote this 24 00:02:13,240 --> 00:02:21,240 great um source only repo called polyphil. Wait we did We used to do 25 00:02:21,280 --> 00:02:25,759 polyphilps for web. Yeah, this is polyphil for dot net. It exposes 26 00:02:25,800 --> 00:02:30,240 newer dot net and c sharp features to older run times. What older run 27 00:02:30,280 --> 00:02:38,360 times? So dot in a standard two designed to support Net four six one 28 00:02:38,400 --> 00:02:43,680 all the way to Net eight right? Dot might interesting? And if you 29 00:02:44,039 --> 00:02:46,960 yeah, if you go there, you'll see a detailed list of all of 30 00:02:47,000 --> 00:02:52,560 the polyphils that he's implemented. How cool is that? That's really clever? 31 00:02:52,840 --> 00:02:55,719 Yeah, that's an interesting idea. Yeah, I really like that feature of 32 00:02:55,759 --> 00:02:59,560 C sharp eight, but I don't have C sharp eight. Yeah, I 33 00:02:59,560 --> 00:03:01,960 can't use pay for whatever reason, so I'll do it as a poly felt 34 00:03:01,960 --> 00:03:05,560 like this is something that Microsoft is not going to build, right, They're 35 00:03:05,599 --> 00:03:08,039 going to tell you just use dot net eight. Excellent. So that's it. 36 00:03:08,199 --> 00:03:10,960 No, it learned it, love it. And Simmons just again, 37 00:03:12,240 --> 00:03:15,319 really really smart guy, so brilliant. Yeah, that's very clever. I 38 00:03:15,360 --> 00:03:17,560 expect it to be just as great as everything else that he's done. Who 39 00:03:17,639 --> 00:03:21,639 was talking to us today, Richard? You know we are doing a show 40 00:03:21,639 --> 00:03:25,120 about Fiddler today. Yeah. And the last I went and looked on like, 41 00:03:25,159 --> 00:03:29,039 when's the last time we talked about Fiddler as like a show? And 42 00:03:29,039 --> 00:03:32,080 we did one with Eric Lawrence like episode eight oh nine, like a thousand 43 00:03:32,120 --> 00:03:38,000 shows ago. Yeah, it's a little too old, but we referenced Fiddler 44 00:03:38,000 --> 00:03:42,599 on a regular basis and this led to a great little comment chain where on 45 00:03:42,919 --> 00:03:51,360 episode ten seventy two, we were talking to Shay Freedman about Chrome developer tools 46 00:03:51,960 --> 00:03:57,120 and Fiddler came up in that conversation and that led to a show we did 47 00:03:57,159 --> 00:04:00,039 with Brad Abrams about the Google Cloud back in twenty fifteen show ten to eighty 48 00:04:00,159 --> 00:04:03,840 three. Totally crap, right, Brad Abrams. Brad Abrams, who I 49 00:04:03,879 --> 00:04:08,599 think is back at Microsoft again? Really like, oh, I'm pretty sure. 50 00:04:08,919 --> 00:04:11,840 Yeah, yeah, he escaped to Google after the silver Light thing when 51 00:04:12,039 --> 00:04:15,240 it's up, and then he came back. Yeah, it's coming back around. 52 00:04:15,280 --> 00:04:17,079 You know, what comes around goes around kind of thing. But years 53 00:04:17,160 --> 00:04:21,839 later I always liked him. But what I what I appreciate the fact that 54 00:04:21,879 --> 00:04:26,759 we're talking about Fiddler is this comment from Dave's Russell, which admittedly is from 55 00:04:26,800 --> 00:04:31,920 eight years ago, eight hundred episodes ago, and where Dave says, you 56 00:04:31,959 --> 00:04:36,000 know, Fiddler is required for any non browser endpoints you wanted to bug and 57 00:04:36,040 --> 00:04:40,360 anything that requires a post to put or delete. And it can act as 58 00:04:40,360 --> 00:04:43,759 a reverse proxy and can act as a proxy for a bit of devices. 59 00:04:43,839 --> 00:04:47,240 And actually Fiddler is not going anywhere anytime soon. It's a fantastic tool. 60 00:04:47,480 --> 00:04:49,879 And saying you don't need is like saying you don't need the rest of the 61 00:04:49,879 --> 00:04:57,120 Internet because Amazon sells everything. Ridiculous. Yeah, he says that anyway, 62 00:04:57,399 --> 00:05:00,000 Well, and it's just a for me, it's a great moment to realize, 63 00:05:00,199 --> 00:05:02,720 is like Hey, this has been an amazing tool for forever and we 64 00:05:02,759 --> 00:05:05,439 don't talk about it often enough, so I'm excited to talk about it again. 65 00:05:05,519 --> 00:05:09,120 Yeah me too, So Dave, thank you so much for your comment, 66 00:05:09,160 --> 00:05:11,399 and a copy of music cobuy is on its way to you. If 67 00:05:11,399 --> 00:05:14,759 you'd like a copy music co buy, write a comment on the website dot 68 00:05:14,800 --> 00:05:17,040 net rocks dot com or on Facebook. Publish every show there, and if 69 00:05:17,040 --> 00:05:19,480 you comment there and I read it on the show, we'll send you copy. 70 00:05:19,560 --> 00:05:23,800 Mused to cobuy and you could certainly follow us on Twitter, but we'd 71 00:05:23,800 --> 00:05:27,959 prefer you follow us on Mastodon because there's more cool stuff happening there. I'm 72 00:05:28,000 --> 00:05:31,639 at Carl Franklin at tech ub dot social, and I'm Rich Campbell at mastodon 73 00:05:31,720 --> 00:05:36,759 dot social, and send us to and definitely sign up. It's good stuff. 74 00:05:38,079 --> 00:05:42,839 We're here with Sam Bassu and Rosen Vladimirov. Let me introduce them. 75 00:05:42,920 --> 00:05:45,879 Sam, of course, has been on the show many times. He's a 76 00:05:45,920 --> 00:05:49,480 technologist, author, speaker, Microsoft MVP, gadget lover, and developer advocate 77 00:05:49,519 --> 00:05:54,240 for Teller. With a long developer background, he now spends much of his 78 00:05:54,319 --> 00:05:59,720 time advocating modern web, mobile cloud development platforms on Microsoft Teller, ek stacks 79 00:06:00,319 --> 00:06:05,639 his spare times call for travel, fast cars, Cricket, Cricket somebody actually 80 00:06:05,639 --> 00:06:11,879 plays that game, and Culinary Adventures of the Family. You can find him 81 00:06:11,879 --> 00:06:16,680 on the internets. Rosen vladimirv is a senior software engineering manager at Progress Software 82 00:06:16,680 --> 00:06:20,839 Corporation. Like how I pronounced that free Richard Progress? Yeah, very nice, 83 00:06:20,959 --> 00:06:25,759 Just my inner Canadian came out. Throughout his career, he has been 84 00:06:25,800 --> 00:06:30,319 in different roles and worked with various technologies including WPF, silver Light, dot 85 00:06:30,399 --> 00:06:33,759 Net, no JS, type Script, Angular, and Electron. Currently, 86 00:06:33,839 --> 00:06:39,480 he leads the engineering team responsible for all Fiddler products. He loves helping others 87 00:06:39,480 --> 00:06:44,279 and that's why he's so involved in building developer tools such as Fiddler everywhere with 88 00:06:44,279 --> 00:06:47,800 a goal of making everyday tasks easier. Welcome guys, Yeah, thank you, 89 00:06:47,839 --> 00:06:53,199 gentlemen. Thanks for having us over here. I thought I was old 90 00:06:53,279 --> 00:06:58,319 and I met you people. Yeah, Sam, how many shows have you 91 00:06:58,360 --> 00:07:00,519 done with us? So probably a lot. We could probably figure it out 92 00:07:00,759 --> 00:07:04,560 number four, yea few, but you know, congratulations from eighteen hundred plus 93 00:07:04,680 --> 00:07:10,079 episodes. You know, after after seventeen hundred you just stopped counting. Yeah, 94 00:07:10,079 --> 00:07:12,759 it's it's all the same, really, and welcome Rosen. This is 95 00:07:12,800 --> 00:07:15,000 your first time with us. Hey guys, Yeah, thanks for having me 96 00:07:15,079 --> 00:07:19,480 here. You're certainly welcome, and thanks for Fiddler. What's name in the 97 00:07:19,519 --> 00:07:23,279 fiddler world? I guess, you know, we should start with that comment 98 00:07:24,519 --> 00:07:28,680 there there is a it's a easy to dismiss Fiddler because we have such great 99 00:07:28,680 --> 00:07:31,199 tools in the browser. But the browser tools don't go far enough for every 100 00:07:31,199 --> 00:07:34,839 situation, do they No, they don't. Um, So let's kind of 101 00:07:34,879 --> 00:07:41,160 dive in and I'm the fluff. Rosen is the stuff. But I'll try 102 00:07:41,199 --> 00:07:44,959 my best to set this stage. So, you know, like the comment 103 00:07:45,000 --> 00:07:47,199 said, it's been a long journey. This kind of started back with you 104 00:07:47,240 --> 00:07:53,959 know, Eric, way back with his Microsoft days, and it's you know, 105 00:07:54,000 --> 00:07:57,600 it's been a tool that so many developers over you know, the last 106 00:07:57,639 --> 00:08:00,759 you know, decade or two have kind of grown up with. You know, 107 00:08:00,800 --> 00:08:03,600 you use this every day as a part of your you know, deaf 108 00:08:03,720 --> 00:08:07,439 tool set, and at its very essence, it's a network debugging tool. 109 00:08:07,560 --> 00:08:13,439 It's a proxy, so it lets you capture all types of network and here, 110 00:08:13,720 --> 00:08:16,600 you know, it comes in some of the differentiators where your browser def 111 00:08:16,680 --> 00:08:20,319 tools are you know, pretty down good these days, but they only go 112 00:08:22,040 --> 00:08:24,959 as far. We're talking about every type of app. You know, I 113 00:08:26,079 --> 00:08:28,519 do a lot of you know, crosslatform mobile and you know desktop stuff. 114 00:08:28,680 --> 00:08:33,759 So the moment you step outside the web, the deaf tools, don't you 115 00:08:33,759 --> 00:08:37,279 know, work as well. And also we are talking about lots of other 116 00:08:37,399 --> 00:08:41,480 things that you need. You should you know, never be in doubt as 117 00:08:41,480 --> 00:08:45,879 a developer as to what's going on in your network and how you function together 118 00:08:46,000 --> 00:08:50,679 as a team, your your collaborations, and also doing things like you know, 119 00:08:50,759 --> 00:08:54,639 proxying things where you don't always want to go to the network, having 120 00:08:54,679 --> 00:08:58,240 a strong rules engine so you can you know, fake things on and off, 121 00:08:58,000 --> 00:09:01,679 having ways to save sessions and share them with your team, and you 122 00:09:01,679 --> 00:09:07,120 know, understanding how your users are actually using your apps so that when they 123 00:09:07,159 --> 00:09:11,559 have issues and when they come to your know QA and support people, you're 124 00:09:11,559 --> 00:09:16,120 not wasting cycles understanding what's going on. I get the packets never a kind 125 00:09:16,120 --> 00:09:18,960 of idea, but does it go so far as to being a protocol analyzer, 126 00:09:20,000 --> 00:09:22,960 Like can I put it between me and a USB device and say, 127 00:09:24,000 --> 00:09:26,639 hey, can you log all the traffic going between these two things? No, 128 00:09:26,879 --> 00:09:31,519 in the current stitution, it's it's more of a network the bugging helper 129 00:09:31,600 --> 00:09:37,519 tool that you can use to capture off your network traffic as some mensions. 130 00:09:37,279 --> 00:09:43,039 For many years, fed or was famous, like as a web debugging tool, 131 00:09:43,840 --> 00:09:48,000 but now we are trying to help our users to understand that it's not 132 00:09:48,080 --> 00:09:52,120 only the web here. There are many types of network requests that you can 133 00:09:52,200 --> 00:09:56,879 handle and capture it feedwor and to help you find out what the issue with 134 00:09:56,919 --> 00:10:01,440 them or even simulate different terrors and see how our applications will be safe when 135 00:10:01,480 --> 00:10:05,519 you're with yeah, okay, get it. Yeah, Just trying to establish 136 00:10:05,559 --> 00:10:09,639 the boundaries of expectation here in terms of what it's able to. So you 137 00:10:09,639 --> 00:10:15,440 know, we're talking to developers. It's a developer debugging tool, and that's 138 00:10:15,440 --> 00:10:20,000 that's it's realm, that's it's meal you And is it is still a browser 139 00:10:20,039 --> 00:10:24,279 based tool or are there sandalone applications? Yes? There are so. Actually, 140 00:10:24,279 --> 00:10:28,600 before we jump into tools and features, I think it's important to talk 141 00:10:28,639 --> 00:10:31,399 about what you know, Rosen and the team have done with Fiddler in the 142 00:10:31,480 --> 00:10:35,519 last you know, several years. Please, it's not just one tool anymore. 143 00:10:35,600 --> 00:10:39,559 It's become like a product family. It's a portfolio of a multiple things 144 00:10:39,600 --> 00:10:43,639 that work together to help out developers. So add it's very you know, 145 00:10:43,240 --> 00:10:46,679 basic core. Fiddler used to be a you know, Windows app, and 146 00:10:46,759 --> 00:10:50,399 that's still there. It's what we call Fiddler Classic, and you know, 147 00:10:50,480 --> 00:10:54,399 it's feature rich. A lot of you know people use it, you know, 148 00:10:54,480 --> 00:10:56,480 every day in their depth, you know cycles, and nothing wrong with 149 00:10:56,519 --> 00:11:01,159 that. We're not moving the cheese, but we are also have to reinvent 150 00:11:01,200 --> 00:11:05,559 Fiddler for how modern developers work, and we want that freedom to be you 151 00:11:05,559 --> 00:11:09,840 know, building any type of app on any platform. So you know, 152 00:11:09,879 --> 00:11:13,720 Fiddler Everywhere is our you know, most up to date Fiddler tool, and 153 00:11:13,799 --> 00:11:18,919 it is cross platforms. So now you can use Fiddler on Windows, Mac 154 00:11:18,960 --> 00:11:22,759 and Linux. And this was something of a request for like a decade for 155 00:11:22,879 --> 00:11:26,480 us make it work on Mac and Linux, but now you can, and 156 00:11:26,519 --> 00:11:30,440 it's you know, a native tool that works everywhere and functions exactly the same 157 00:11:30,519 --> 00:11:33,799 consistently ui uxys. But that's just you know, the capturing part of it. 158 00:11:33,919 --> 00:11:37,080 But we also have Fiddler in a few you know, different modes. 159 00:11:37,600 --> 00:11:43,799 When it comes to you know, understanding how your users are seeing errors in 160 00:11:43,879 --> 00:11:46,000 their apps when they're using it, we have you know two little things. 161 00:11:46,159 --> 00:11:52,559 One is called Fiddler Jam, which is essentially Chromium based browser extension. And 162 00:11:52,679 --> 00:11:56,080 this isn't something you want your non technical people to just you know, go 163 00:11:56,159 --> 00:12:00,360 to the extension store on both you know, Chrome or Edge and able to 164 00:12:00,399 --> 00:12:03,720 just quickly install an extension and run your app, capture what's going on in 165 00:12:03,720 --> 00:12:07,279 your app and shared it back with the QWA Fox when giving us a ticket, 166 00:12:07,320 --> 00:12:11,879 and it can do you know, other things like capturing a video all 167 00:12:11,919 --> 00:12:16,360 of the necessary logs. And that's for browser based tools. If you have 168 00:12:16,399 --> 00:12:18,320 a Windows based app, then we have something called Fiddler Cap which is the 169 00:12:18,360 --> 00:12:22,919 same idea. It's a very lightweight, you know, little app that you 170 00:12:22,080 --> 00:12:26,799 install that captures local traffic. Again mostly for you know, non technical people. 171 00:12:26,960 --> 00:12:31,480 And then we also have Fiddler Core, which is essentially the engine that 172 00:12:31,559 --> 00:12:35,279 drives all of Fiddler's functionality that has been separated from the UI part of it. 173 00:12:35,519 --> 00:12:39,639 So you can actually have Fiddler Core as a dot net embedible library, 174 00:12:39,759 --> 00:12:43,000 so you can you light up your dashboards or you know, things that you 175 00:12:43,200 --> 00:12:48,000 want to embed in your own apps. So that's the whole Fiddler family of 176 00:12:48,000 --> 00:12:50,600 five different things now and these are all I mean, for Fiddler core on 177 00:12:50,639 --> 00:12:56,559 app. This is all HDPHDPS traffic and analyzing. Yes, and this is 178 00:12:56,559 --> 00:13:01,639 where can Rosen and team have been, you know, very active. You 179 00:13:01,639 --> 00:13:03,039 know a lot of new things have happened. The web isn't the same as 180 00:13:03,039 --> 00:13:07,360 it was twenty years back. HTP one is where we started. Now you'n 181 00:13:07,440 --> 00:13:11,399 HDP two and we are even looking forward. So yes, HTTP and HTPS 182 00:13:11,919 --> 00:13:18,240 making sure we can capture both on encrypted and encrypted traffic, and also getting 183 00:13:18,279 --> 00:13:22,159 down to a slightly lower level. I don't want to spill Rosin's bills, 184 00:13:22,639 --> 00:13:26,240 but you know, things like web sockets, things like grpcy thanks, we 185 00:13:26,440 --> 00:13:31,120 think about a lot a lot it okay, because those things aren't transported over 186 00:13:31,240 --> 00:13:35,480 HTPS. No, so we can step one level down and you know, 187 00:13:35,600 --> 00:13:39,120 take a look at what apps are doing under the covers. gRPC web is 188 00:13:39,159 --> 00:13:43,360 of course, but gRPC I think it requires HTP two. Is that right? 189 00:13:43,600 --> 00:13:48,679 I think so, yes, it's suggested that you use HTP two and 190 00:13:48,720 --> 00:13:52,200 because like that's where that's how you can you get those parallel request and responses. 191 00:13:52,240 --> 00:13:56,840 It's a truly bidirectional, you know, stream of information between the server 192 00:13:56,919 --> 00:14:00,960 and the client. And you know, we can capture it all. Yeah, 193 00:14:01,000 --> 00:14:03,759 that's great. Yeah, when I think back to the original Eric Lawrence 194 00:14:03,840 --> 00:14:07,159 version of fiddle are it was really a rapper of her Win I had if 195 00:14:07,159 --> 00:14:09,559 I remember correctly. Wow, that's taken me back. It just was able 196 00:14:09,600 --> 00:14:13,639 to look at the traffic back and forth and there. So if you're getting 197 00:14:13,720 --> 00:14:16,720 off, I can imagine people say that would like it to be other than 198 00:14:16,799 --> 00:14:20,039 windows. It's like, you mean, totally rewrite it because it was it 199 00:14:20,120 --> 00:14:22,919 was a rapper of her Win I ned. Yeah, yeah, very true, 200 00:14:24,480 --> 00:14:28,799 defensive lot the case, and it was it felt only its different that 201 00:14:28,919 --> 00:14:33,159 makes it more difficult because yeah, as you've mentioned, you need to re 202 00:14:33,159 --> 00:14:39,039 write the whole object to support it on different operating systems. But in addition, 203 00:14:39,200 --> 00:14:45,039 when we decided to go on with HTP two support, which had to 204 00:14:45,120 --> 00:14:48,000 write a lot of other things because HTP two is a lot more different. 205 00:14:48,480 --> 00:14:54,559 So even now it is still in Better we are waiting for feedback and gethering 206 00:14:54,600 --> 00:14:58,200 feedback from our use and now after we have it, we'll soon moved the 207 00:14:58,240 --> 00:15:03,600 feature out of Better support. But it was important for us to ensure that 208 00:15:03,639 --> 00:15:09,360 we have not process something that was working for the users because the essences that 209 00:15:09,399 --> 00:15:13,399 you need to capture traffic and easy understand what's going wrong. But still, 210 00:15:13,440 --> 00:15:18,000 as some mentioned that the network had been changed, has changed for a lot 211 00:15:18,039 --> 00:15:22,639 of different aspects. For example, the THOS one point three is something that 212 00:15:22,519 --> 00:15:26,639 we are currently working on and it will soon be out as a feature in 213 00:15:26,679 --> 00:15:31,679 feed or everywhere you know that it is. It is out there for maybe 214 00:15:31,799 --> 00:15:37,159 five or six years, but still many many servers do not support it, 215 00:15:37,840 --> 00:15:41,360 maybe due to the security the fact that it has only five ciphers that are 216 00:15:41,480 --> 00:15:46,320 supported in it, so many applications still struggle to have been supported. But 217 00:15:46,480 --> 00:15:50,440 in terms of security, it is much more secure and people actually want to 218 00:15:50,519 --> 00:15:54,799 use it. So at that point we wanted to help our users to be 219 00:15:54,840 --> 00:15:58,440 able to test which are the servers which support it, how to how to 220 00:15:58,519 --> 00:16:03,759 use them, helping form even their security team that there is stuff being broken 221 00:16:03,799 --> 00:16:10,000 there. So we were we've been working on the last a couple of feks 222 00:16:10,159 --> 00:16:14,000 for this teacher, and so we'll have it fantastic as an end user. 223 00:16:14,120 --> 00:16:18,320 Some of the things that we know have thought of thought through in the last 224 00:16:18,360 --> 00:16:21,720 few years is your experience. If you are kind of new to Fiddler and 225 00:16:21,759 --> 00:16:25,600 you're kind of getting started right so to Fiddler everywhere you have you know, 226 00:16:25,639 --> 00:16:29,960 one installer that you know recognizes your OS, and you you install it for 227 00:16:30,039 --> 00:16:33,759 Mac, Windows are you know, or Linux, and then it can be 228 00:16:33,759 --> 00:16:37,480 a little overwhelming because Fiddler is essentially a network proxy, so everything on your 229 00:16:37,519 --> 00:16:41,399 machine goes through that. So when you open it up for the first time, 230 00:16:41,440 --> 00:16:45,519 it starts capturing just about everything. It's just a lot of streaming data. 231 00:16:45,799 --> 00:16:48,759 So we think about you know, experiences like filters, so you can 232 00:16:48,799 --> 00:16:52,039 you know, turn things on and off as you go. Maybe you don't 233 00:16:52,120 --> 00:16:55,159 want, you know, it's a kind of a little embarrassing because you see, 234 00:16:55,200 --> 00:16:57,559 you know, Apple and Google and Microsoft, everybody calling home with all 235 00:16:57,559 --> 00:17:00,480 of their services, so you can turn those things off. You can just 236 00:17:00,519 --> 00:17:04,400 say, show me network for just this app and nothing else, show me 237 00:17:04,480 --> 00:17:08,000 only local host and nothing else, shown me only four or force and nothing 238 00:17:08,039 --> 00:17:11,839 else. So filtering and you know, giving you all the knobs and buttons 239 00:17:11,920 --> 00:17:15,079 when you do your traffic capturing. That's important for us. You know, 240 00:17:15,119 --> 00:17:18,720 little things like you know, dark mode and like mode support, so that 241 00:17:18,799 --> 00:17:22,160 we're not you know, uh, forcing people to work in a certain way. 242 00:17:22,359 --> 00:17:26,279 That's important and we kind of want to keep you there once you're there, 243 00:17:26,359 --> 00:17:29,920 you don't need to you know, open up anything else. You know. 244 00:17:30,079 --> 00:17:33,680 API composition is important for you know, anytime you are going from your 245 00:17:33,799 --> 00:17:37,319 you know client apps to another you know service. So I'll let you you 246 00:17:37,319 --> 00:17:41,680 know, have a nimble API composer that lets you you know, do things 247 00:17:41,039 --> 00:17:45,519 with authentication with you know, service packets going in and out and you know, 248 00:17:45,640 --> 00:17:48,200 just fine tuning it. Maybe you're working in a team. Maybe you 249 00:17:48,279 --> 00:17:51,119 have a you know, middleware team, and you have a client services team, 250 00:17:51,119 --> 00:17:52,240 you have a database team, all of them, can you know talk 251 00:17:52,279 --> 00:17:56,440 through those APIs and you know, get a nice team collaboration going. Now. 252 00:17:56,559 --> 00:18:02,160 Is some Fiddler an open source product. It isn't on open sourcities coosed 253 00:18:02,160 --> 00:18:08,559 source, but we are working well with different people who are helping cussing them. 254 00:18:08,960 --> 00:18:12,519 When you want to have a feature that is uh, let's say HTP 255 00:18:12,599 --> 00:18:18,119 two or JRPC, we're trying to find people who are actually using those protocols, 256 00:18:18,200 --> 00:18:22,799 those versions and try to work with them on the specification of the feature, 257 00:18:22,880 --> 00:18:26,920 on the requirements, and then on testing this feature. We are always 258 00:18:26,920 --> 00:18:32,240 trying to to quote in the application only feature that we have designed and tested 259 00:18:32,279 --> 00:18:37,359 with its external users because yeah, as I've mentioned already, the important part 260 00:18:37,440 --> 00:18:41,319 is to help the people and to ensure that we solve various cases or something 261 00:18:41,359 --> 00:18:45,279 that we think we will solve. Okay, so so it's now our Is 262 00:18:45,279 --> 00:18:49,119 it only a retail product there? Yeah, it is commercial, so okay, 263 00:18:49,279 --> 00:18:53,000 we do a lot of open source work. The reality is, you 264 00:18:53,039 --> 00:18:56,799 know, rosen and we have to feed our kids, ensure sneering is expensive. 265 00:18:57,200 --> 00:19:00,799 So Fiddler Classic it's in the state the way it is you know, 266 00:19:00,839 --> 00:19:04,640 always free for windows, but Fiddler Everywhere has been you know, three or 267 00:19:04,680 --> 00:19:10,400 four years. It's stuff engineering, so it's behind a little subscription model, 268 00:19:10,519 --> 00:19:12,759 which is you know, the cost of a cup of coffee for a month. 269 00:19:14,039 --> 00:19:17,400 Sure, all right, Yeah, so there is still the original free 270 00:19:17,400 --> 00:19:21,640 product, admittedly with a whole lot of updates, you know, still being 271 00:19:21,759 --> 00:19:23,640 maintained. The win i net product is out there. But if you want 272 00:19:23,680 --> 00:19:27,480 the everywhere product, that one's retail. Yeah, absolutely, yeah, because 273 00:19:27,480 --> 00:19:32,640 I mean it has extra things that are you know, starting to not quite 274 00:19:32,759 --> 00:19:37,440 be everywhere, right because like all of the you know, latest innovations have 275 00:19:37,519 --> 00:19:41,200 been on Fiddler Everywhere. You know, how you build rules and how you 276 00:19:41,279 --> 00:19:44,640 work with teams and that type of stuff is particularly you know, very heavy 277 00:19:44,640 --> 00:19:47,640 on Fiddler Everywhere. Yeah, for sure. Yeah, Well it's good that 278 00:19:47,839 --> 00:19:49,359 it's good that you have that, and I think that's that's a fair thing. 279 00:19:49,400 --> 00:19:52,759 You have a free product and if you need more, you pay for 280 00:19:52,799 --> 00:19:59,200 more. Yeah, that's fine. When did work start on Everywhere resin? 281 00:20:00,359 --> 00:20:06,119 I think it was back in the two thousand and nineteen, but the first 282 00:20:06,119 --> 00:20:11,720 official version came out in twenty twenty in the COVID time, so that's when 283 00:20:11,759 --> 00:20:18,160 it was born, and it was released in July twenty twenty, but the 284 00:20:18,279 --> 00:20:25,519 actual working ideas for having a cross platform two started earlier. One of the 285 00:20:25,559 --> 00:20:30,599 important things that we wanted to do is to ensure that we have modern technologies. 286 00:20:30,720 --> 00:20:34,440 So you know that feed were classic is using quin forms. It is 287 00:20:36,000 --> 00:20:40,400 really hard to write the whole thing, and too if you need to change 288 00:20:40,400 --> 00:20:47,519 something, there's a lot of logical many different places I've written other winforced application. 289 00:20:47,839 --> 00:20:52,279 I like the technology, but still it doesn't give you the flexibility of 290 00:20:52,279 --> 00:20:57,519 the modern technologies. So once we decided that we need to write a new 291 00:20:57,599 --> 00:21:02,480 duo, it was more of a decision of list and we decided to use 292 00:21:02,599 --> 00:21:07,319 electron anuer and dot net for this, So it's actually an electron based application. 293 00:21:08,119 --> 00:21:12,960 Uh. In the anguer parts we are building just a seeing layer of 294 00:21:14,000 --> 00:21:18,680 FEI and the full work is again in the dot net part of the application, 295 00:21:18,279 --> 00:21:22,039 but still in the in the anjuer part, we manage to use our 296 00:21:22,599 --> 00:21:27,920 intelric controls or can do in this case, and we manage to handle a 297 00:21:27,920 --> 00:21:33,400 lot of data inside inside that you are you know some already mentioned that when 298 00:21:33,400 --> 00:21:37,839 you start feedwor and you notice how everyone is doing a lot of requests. 299 00:21:37,960 --> 00:21:42,720 For example, we have a feature that allows you to start a new instrumented 300 00:21:42,799 --> 00:21:47,960 browser. We call it instrument but it's actually clean instance of a Chromium browser, 301 00:21:48,480 --> 00:21:52,599 and once you start it, we capture everything from it. It's automatically 302 00:21:52,200 --> 00:21:57,079 um targeting the feedwork proxy. So what you will notice if you if you 303 00:21:57,200 --> 00:22:00,880 do it, is that even from the moment when the browser starts to the 304 00:22:00,920 --> 00:22:06,039 first request that you want to execute, for example, Google for soffic or 305 00:22:06,079 --> 00:22:10,680 whatever you do, you see at least three hundred requests for trucking, for 306 00:22:11,240 --> 00:22:15,200 analytics for whatever it is. Wow, So it's either visible there well, 307 00:22:15,200 --> 00:22:18,480 and it gets back to the classic problem of all of these kinds of logging 308 00:22:18,480 --> 00:22:22,720 tools, which is like you are facing a fire hose, just a huge 309 00:22:22,759 --> 00:22:26,720 amount of data and somewhere in there is the one little bit of information you 310 00:22:26,799 --> 00:22:32,279 wanted that's exactly right because you know it's it's a lot, and that's where 311 00:22:32,279 --> 00:22:34,279 the filtering really comes in handy. And you know, to Rosen's point, 312 00:22:36,039 --> 00:22:40,160 you have to understand how Fiddler is working. It is a low level network 313 00:22:40,240 --> 00:22:44,720 proxy, so everything on your machine goes through that and there is no escaping 314 00:22:44,759 --> 00:22:47,880 every you know, every time Visual Studio calls home, everything is loved. 315 00:22:47,960 --> 00:22:49,920 So you really need to you know, get down to exactly what you want 316 00:22:49,960 --> 00:22:53,920 to see. And this may not be an option if you are on a 317 00:22:55,000 --> 00:22:57,240 machine that is really heavily locked down, because you need do need to be 318 00:22:57,279 --> 00:23:02,279 an admising new machine because it's not just the tool. We would ask you 319 00:23:02,319 --> 00:23:06,039 to trust some certificates so we can you know, crack open some you know 320 00:23:06,119 --> 00:23:10,920 encryption with HDPS. So maybe you're on a machine that ID has you know, 321 00:23:11,000 --> 00:23:12,720 really locked down, but you still want to be able to see your 322 00:23:12,759 --> 00:23:18,119 app and debugg network. So that's where that in built browser comes in. 323 00:23:18,359 --> 00:23:21,599 So that is already preconfigured. You don't need to ask for an immitis permission 324 00:23:21,640 --> 00:23:25,480 anything on that app. Fiddler will automatically capture even if you do not let 325 00:23:25,519 --> 00:23:27,599 it have all the permissions. I'm kind of blown away by the idea that 326 00:23:27,640 --> 00:23:33,400 you can build an angular Electron app that can get that low level. Yeah, 327 00:23:33,440 --> 00:23:36,319 so Rosen kind of set it out loud, but I was going to 328 00:23:36,480 --> 00:23:40,079 present this as maybe a trivia because you know, when you talk about a 329 00:23:40,160 --> 00:23:44,559 truly cross platform app nowadays, there aren't you know, too many options out 330 00:23:44,599 --> 00:23:48,440 there on the table, and you know, Electron and we talk about dot 331 00:23:48,519 --> 00:23:51,319 m Malby and all of those things. But you know, this is battle 332 00:23:51,359 --> 00:23:53,440 tested, and this has been out there for you know, ten plus years. 333 00:23:53,480 --> 00:23:56,640 How Electron has worked. If you know what you're doing and if you 334 00:23:56,640 --> 00:24:00,039 can manage your footprint, this truly works. I mean, so many of 335 00:24:00,039 --> 00:24:06,039 our apps every day that we use our Electron apps and within that the front 336 00:24:06,119 --> 00:24:10,119 end being angular. This is you know, kudus to the team because we 337 00:24:10,160 --> 00:24:12,559 get asked a lot, like when you look at our telleric UI for all 338 00:24:12,599 --> 00:24:15,400 of the dot Net things, kender ui for all of the JavaScript things. 339 00:24:15,920 --> 00:24:19,799 We care about performance because we care about how developers you know, you know, 340 00:24:19,839 --> 00:24:26,200 work with our tools. Nothing says like dog fooding more than Fiddler because 341 00:24:26,319 --> 00:24:30,519 what you see in Fiddler user interface it's Kender UI grids and you know, 342 00:24:30,559 --> 00:24:36,359 list views and talk about performance. This is like hundreds and thousands of things 343 00:24:36,440 --> 00:24:41,240 just streamed into a single app NonStop. So yeah, we're proud of how 344 00:24:41,359 --> 00:24:45,279 we have been able to utilize our own UI in building something. Can you 345 00:24:45,480 --> 00:24:48,200 talk a little bit about the rule builder. This is an intriguing feature for 346 00:24:48,279 --> 00:24:55,599 me. Right. So rule builder essentially is for you to fine tune what 347 00:24:55,720 --> 00:25:00,359 type of traffic you want to capture and then what rules apply to sorta types 348 00:25:00,400 --> 00:25:03,839 of traffic. So if me and Rosen are working together and I am building 349 00:25:03,880 --> 00:25:07,880 the back end for an app, then when his client side app wants to 350 00:25:07,920 --> 00:25:11,119 call in, maybe he doesn't want to go to the internet, maybe just 351 00:25:11,160 --> 00:25:15,200 wants to come and hit my box, my machine. So that's one instance. 352 00:25:15,400 --> 00:25:18,200 Or maybe you want to test out an app. And again this is 353 00:25:18,240 --> 00:25:22,559 where we have worked a lot with people who have been using Fiddler Classic for 354 00:25:22,559 --> 00:25:26,640 a long time. We don't want to break their workflows. People use Fiddler 355 00:25:26,680 --> 00:25:30,359 for performance tuning a lot. Right, So you are building an app and 356 00:25:30,400 --> 00:25:34,000 people are using your app in a variety of settings. If it's a pa. 357 00:25:34,200 --> 00:25:37,119 Maybe you are going from you know, five G, four G all 358 00:25:37,160 --> 00:25:41,200 the way down to you know, almost no connectivity when you walk into a 359 00:25:41,240 --> 00:25:45,119 plane. So how does your app experience look like? What if your jab 360 00:25:45,200 --> 00:25:48,160 script, apps or you know resources cannot be delivered? What if your CSS 361 00:25:48,240 --> 00:25:55,400 or images are bloated and they're not working right? These are all things well 362 00:25:56,039 --> 00:25:57,559 health wise, you might be in a very good spot, I guess, 363 00:25:59,720 --> 00:26:03,839 but fine tuning those things like what if your videos stop working? What if 364 00:26:03,839 --> 00:26:07,039 your you know, images are missing? What if your jobscript doesn't get delivered 365 00:26:07,039 --> 00:26:10,440 on time? Those are all things that rule builder is very very good with. 366 00:26:10,880 --> 00:26:14,319 It lets you, you know, control exactly what the experience is. 367 00:26:14,359 --> 00:26:18,200 When somebody makes a request and you essentially get to be the middle person between 368 00:26:18,640 --> 00:26:22,559 that request and what comes back to a client who's making that request. You 369 00:26:22,599 --> 00:26:26,200 get to fake it, You get to you know, slow it down, 370 00:26:26,319 --> 00:26:29,039 you get to not deliver things. So truly, you know, fine tuned 371 00:26:29,039 --> 00:26:32,440 the experience. But Rose and what did I miss? Oh? I think 372 00:26:32,440 --> 00:26:36,960 you've mentioned only the health of the powerful features. There wasn't there? You 373 00:26:37,000 --> 00:26:42,559 go? Even I cannot cannot give exactly the amount of items that you can 374 00:26:42,599 --> 00:26:48,079 do do with this future because it's really powerful. It allows you too much 375 00:26:48,440 --> 00:26:52,119 the request based on the request or the response theater, for example, it 376 00:26:52,200 --> 00:26:57,880 allows you too much even by the certificate a certifty validity. And then there's 377 00:26:57,880 --> 00:27:02,799 something with this traffic and even market. You can modify it, you can 378 00:27:03,319 --> 00:27:07,119 replace it, or you can just return some errors or even do nothing, 379 00:27:07,160 --> 00:27:08,799 just deft market, so it too be easier for you to spot it in 380 00:27:08,839 --> 00:27:12,640 the in the grid. I'm reminded of that Boston song. More than a 381 00:27:12,680 --> 00:27:18,920 filter, isn't that energeez? I see my merry network traffic come in my 382 00:27:19,039 --> 00:27:23,039 way now, And I guess that's your point that filtering is easy. I 383 00:27:23,039 --> 00:27:26,319 only want to see that stuff. But now what do you do with it? 384 00:27:26,359 --> 00:27:29,920 You can change it, you can modify it. That's the beauty of 385 00:27:29,920 --> 00:27:33,680 that rules engine. In't that that's right? And also, you know how 386 00:27:33,720 --> 00:27:37,359 I use Fiddler might be different from how you use Fiddler, right, Right, 387 00:27:37,440 --> 00:27:40,720 all depends on the type of ad that you're building. You know, 388 00:27:40,799 --> 00:27:44,519 all of the web folks are cool, but I'm an old school guy. 389 00:27:44,680 --> 00:27:48,720 I am start doing my desktop as nowadays I'm doing a lot of you know, 390 00:27:48,000 --> 00:27:52,240 cross plat from mobile and the moment you go to iOS or Android, 391 00:27:52,720 --> 00:27:56,000 things fall apart very quickly because you want to be able to see those API 392 00:27:56,079 --> 00:28:00,319 calls and the traffic going to the devices, but you can't very easily. 393 00:28:00,319 --> 00:28:03,559 So this is where I have it used and set up is I will have 394 00:28:03,920 --> 00:28:07,720 you know, Fiddler be my one network proxy. I know my IP address 395 00:28:07,799 --> 00:28:11,200 of my machine, and Fiddler essentially opens up one port and so I can 396 00:28:11,279 --> 00:28:15,039 make all of my iOS or Android devices instead of you know, I can 397 00:28:15,079 --> 00:28:18,119 be on the same WiFi as you know, my home computer, but I 398 00:28:18,119 --> 00:28:22,559 can make all of that go through my IP and that that's the way I 399 00:28:22,640 --> 00:28:26,519 have it set up. So I'm building an iosapp, I want that specific 400 00:28:26,640 --> 00:28:32,359 rule to come into play when I'm hitting Rosen's endpoint and I just want to 401 00:28:32,359 --> 00:28:34,839 see all of the traffic going in and out of my mobile devices. That's 402 00:28:34,880 --> 00:28:38,960 really cool. And that's stuff that you can't do without a proxy or I 403 00:28:40,000 --> 00:28:42,680 mean, you can't just like write a WPF app that listens to a port 404 00:28:42,759 --> 00:28:47,960 with HTTP, you know, the little server, and you expect to hit 405 00:28:48,000 --> 00:28:51,000 that from a mobile device connected to your Wi Fi. It just doesn't work. 406 00:28:51,319 --> 00:28:55,880 Yeah. Also, that's where the rules coming can because for example, 407 00:28:55,920 --> 00:29:00,160 if your building a mobile application and then it hits some some endpoint, if 408 00:29:00,160 --> 00:29:03,680 you want to test it to what happens when the the end point is down, 409 00:29:03,720 --> 00:29:07,599 when it's returns four or four or three or whatever. Instead of rebuilding 410 00:29:07,599 --> 00:29:12,319 the whole application or the server, you can just use feedwer return there's ball 411 00:29:12,359 --> 00:29:18,000 that you want and see how that because without wantifying your applications, neither the 412 00:29:18,680 --> 00:29:22,359 mobile up, neither the server. So I don't actually have to stop the 413 00:29:22,359 --> 00:29:26,359 server anymore. I can just spoof the four or four. Yeah, this 414 00:29:26,519 --> 00:29:33,160 is not fun. You guys are taking away my fun is kind of an 415 00:29:33,160 --> 00:29:36,279 extremely It's it's more like, how about I slow you down? Yeah, 416 00:29:36,400 --> 00:29:41,799 and then then see how you're up to the old dot net rocks trope knock 417 00:29:41,880 --> 00:29:49,559 knock, who's there? Java? And with that, we're going to take 418 00:29:49,599 --> 00:29:56,680 a brief break for this very important message. There's always something new from our 419 00:29:56,680 --> 00:30:02,960 sponsor, text Control. As developer, do you need to integrate PDF generation, 420 00:30:03,240 --> 00:30:07,519 document editing, or electronic signatures into your asp net Corp or Angular applications? 421 00:30:08,000 --> 00:30:12,200 Or you want to learn more about the differences between electronic and digital signatures. 422 00:30:12,480 --> 00:30:18,920 Text Control is offering a free consulting service to educate you about digital document 423 00:30:18,000 --> 00:30:22,960 processing and how text control products can help you add these features to your applications. 424 00:30:23,519 --> 00:30:29,279 Go to text control dot com, slash contact and request your free personal 425 00:30:29,400 --> 00:30:36,880 consultation. Then we're back. It's died at Rocks. I'm Richard Cabal. 426 00:30:36,960 --> 00:30:40,440 That's Carl Franklin, Yo yo yo, talking to our friend Sam and Rosen 427 00:30:40,519 --> 00:30:45,039 a bit about the new Fiddler, the Fiddler everywhere, and immediately getting all 428 00:30:45,039 --> 00:30:48,240 these ideas of horrible things I could do to people with this tool. This 429 00:30:48,400 --> 00:30:52,200 tool is the ultimate man in the middle attack tool. Dude, do you 430 00:30:52,359 --> 00:30:56,759 have your evil on? Is your evil showing? I mean, think about 431 00:30:56,799 --> 00:31:00,839 the trouble you could talk with two well, I mean any proxy you can 432 00:31:00,920 --> 00:31:03,720 get in trouble with, right, Yeah, cities as suities. You are 433 00:31:03,839 --> 00:31:07,440 literally in the middle. Yeah, you get to do all kinds of nutty 434 00:31:07,519 --> 00:31:12,440 things. So if if I'm on a developer team, I should probably ask 435 00:31:12,559 --> 00:31:17,279 my IT people if I can actually use this, shouldn't I as long as 436 00:31:17,319 --> 00:31:19,559 your dad man, you should be good. But you know life Ward said, 437 00:31:19,599 --> 00:31:23,960 with great power comes responsibility. It says a lot of yes, fiddler 438 00:31:25,079 --> 00:31:30,000 on your hands, it's your foot, your network, right, Yeah, 439 00:31:30,119 --> 00:31:33,000 you could mess some stuff up here without it, thought, yeah, right, 440 00:31:33,160 --> 00:31:34,799 but only for the traffic in and out of your machine. You don't 441 00:31:34,920 --> 00:31:41,440 really go further afield than that. Yeah right, But the practical gems installing 442 00:31:41,480 --> 00:31:45,079 it out of friends machine are endless hours of fun, hours of fun. 443 00:31:45,599 --> 00:31:48,559 Yeah. Well, and maybe even you don't even need the full Fiddler to 444 00:31:48,640 --> 00:31:52,559 be installed if you're just trying to message, you're trying to the gem and 445 00:31:52,680 --> 00:31:56,559 the cap comes in. Yeah. So I was thinking with Fiddler Core, 446 00:31:56,039 --> 00:32:01,839 it's like I could be dynamically putting ads on every page that talks specifically about 447 00:32:02,000 --> 00:32:07,279 you, you know, you know. On my other show Security this week, 448 00:32:07,359 --> 00:32:14,759 we have a little theme song. It goes like this criminal career advice. 449 00:32:15,440 --> 00:32:19,400 Nice. Yeah, all right, anyway, where were we? Let's 450 00:32:19,440 --> 00:32:22,559 talk about some more features of Fiddler that we might not be talking about, 451 00:32:22,640 --> 00:32:29,920 like the API composer. What's the API composer? So think about you hitting 452 00:32:30,160 --> 00:32:32,599 any type of API. Could be you know, just a back end service 453 00:32:32,680 --> 00:32:37,319 that you know, somebody else on your team is building or another team, 454 00:32:37,519 --> 00:32:40,359 or could be you know, an API halfway across the world. You want 455 00:32:40,400 --> 00:32:44,720 to you know, you a moddel with things as you're hitting that API, 456 00:32:44,880 --> 00:32:47,799 you want to see what are the parameters that I can send in what comes 457 00:32:47,880 --> 00:32:52,319 back? Is it Jason? Is it something else? How can I format 458 00:32:52,440 --> 00:32:55,599 think? How can I be the man in the middle and you know totally 459 00:32:55,799 --> 00:32:59,279 you know, tweak everything that's going in and out. So that's what the 460 00:32:59,319 --> 00:33:01,680 APA composer, or is maybe something said behind an odd wall and you get 461 00:33:01,720 --> 00:33:05,640 to you know, fake things if you want it to be. So it 462 00:33:05,839 --> 00:33:08,200 is, you know, just an API composer that you expect from a full 463 00:33:08,279 --> 00:33:13,640 featured app like you know Fiddler, right, So it's not so much the 464 00:33:13,720 --> 00:33:19,200 API composers, the API call composer. Maybe it's the client that hits the 465 00:33:19,279 --> 00:33:22,200 API. Yeah, sure, And it can be both ways. Like if 466 00:33:22,279 --> 00:33:25,599 if your client application is hitting an API, then off all of that will 467 00:33:25,640 --> 00:33:29,480 be captured as you know, network sessions and by the way, I can 468 00:33:29,559 --> 00:33:31,799 save my sessions and then Rosin can you pull up my same sessions, my 469 00:33:31,960 --> 00:33:37,000 sessions on his Fiddlers. So that's nice. But if I am building an 470 00:33:37,039 --> 00:33:38,759 API, or if I'm you know, reaching out to an API that I 471 00:33:38,880 --> 00:33:44,680 do not have any control over, this gives me the visibility to understand how 472 00:33:44,759 --> 00:33:47,200 that API endpoint is working, you know, especially when it comes to crowd 473 00:33:47,279 --> 00:33:51,759 operations, create a read update and the leader I need to know exactly what 474 00:33:52,079 --> 00:33:53,960 I need to send in and what comes back. So it gives me a 475 00:33:54,039 --> 00:33:59,559 visibility and you know, sometimes it also not quite API composition. But some 476 00:33:59,640 --> 00:34:01,480 of the new are things that we have done that Rosen and team have done 477 00:34:01,519 --> 00:34:06,640 really helped me out as a modern developer because I do web sockets. You 478 00:34:06,720 --> 00:34:07,840 know, I do a lot of signal art these days, you know, 479 00:34:08,159 --> 00:34:13,800 especially with lem Blazer server side with you know, dot net, Mary h. 480 00:34:13,960 --> 00:34:15,920 You know, I do a lot of real time apps. And now 481 00:34:15,000 --> 00:34:20,079 I can you know, step into a web sockets connection and it'll show up 482 00:34:20,079 --> 00:34:22,719 as a different connection. It's not you know, multiple HTP requests going back 483 00:34:22,719 --> 00:34:28,039 and forth. It's one connection and then you can dive into and see what 484 00:34:28,239 --> 00:34:31,039 the server and the client are talking about um and it's it could be Jason, 485 00:34:31,119 --> 00:34:35,760 could be you know, protobuff. But that's something we're excited about. 486 00:34:35,880 --> 00:34:40,199 And as we are speaking today, Rosen tells me that we are actually very 487 00:34:40,280 --> 00:34:45,719 close to putting out a build and a release that has g RPC support. 488 00:34:45,880 --> 00:34:50,440 Is that right, Rosen? Yes, I'm exactly a sugumationed So in the 489 00:34:50,480 --> 00:34:52,880 next two days, hopefully we'll have it out. And what will happened is 490 00:34:52,920 --> 00:34:59,280 that FED allow you to have the one HTP two is enabled to capture JRPC 491 00:34:59,400 --> 00:35:02,039 traffic. For this version, it will be in better state, so we 492 00:35:02,039 --> 00:35:06,559 will not be able to decode the traffic. But in the future, if 493 00:35:06,559 --> 00:35:10,559 there is an interesting interest from the people, will probably introduce functionality so you 494 00:35:10,639 --> 00:35:15,920 can give your protofiles and feed or you'll be able to decode them and make 495 00:35:15,000 --> 00:35:19,599 them human ratable for you. But for this release, we'll capture the traffic. 496 00:35:19,679 --> 00:35:23,639 We'll capture all of the communication that happens through gRPC in all the four 497 00:35:23,760 --> 00:35:29,920 modes bi directional modes, server only, and all of those. You also 498 00:35:30,000 --> 00:35:32,800 have the x inspector, which will allow you to Yeah, you'll not see 499 00:35:32,840 --> 00:35:37,559 the fully decoded message, but you'll be able to at least the text part 500 00:35:37,639 --> 00:35:39,079 of it. You'll see some of the symbol there. Now, we could 501 00:35:39,079 --> 00:35:45,599 already do gRPC web before because that's the store htps, right, but yeah, 502 00:35:45,800 --> 00:35:49,960 but gRPC what you're talking about, is the one that requires HDUP two. 503 00:35:50,280 --> 00:35:54,079 A lot of dat net developers don't use that right because of you know, 504 00:35:54,199 --> 00:35:58,280 Azure and didn't support HDP two. I think it does now, but 505 00:35:58,400 --> 00:36:00,280 I'm not sure. Yeah, yeah, it does not. And things are 506 00:36:00,360 --> 00:36:05,960 coming along. I mean, anybody who's using microservices has to depend on that. 507 00:36:06,679 --> 00:36:09,199 So and the case we dot net is welcoming gRPC, but you know, 508 00:36:09,360 --> 00:36:14,159 open open arms. So things are moving along, and you know, 509 00:36:14,239 --> 00:36:16,519 we want to make sure we are set up for you know, the next 510 00:36:16,599 --> 00:36:22,280 you know, five to six years as you know gRPC growths people. That's 511 00:36:22,320 --> 00:36:25,800 true, the guy. Yeah, And however, is your you know, 512 00:36:27,280 --> 00:36:30,599 the way in which your serialization decla works. We don't care like just as 513 00:36:30,639 --> 00:36:35,199 long as it's network we can capture it. Yeah, as as we can 514 00:36:35,280 --> 00:36:38,880 decrypt it because you've got the right searts in the right places right now. 515 00:36:38,960 --> 00:36:44,039 All of this is essentially for developers everything that we have talked about, and 516 00:36:44,280 --> 00:36:45,880 again this is how I work. Is like, this is part of my 517 00:36:46,199 --> 00:36:51,480 you know, deaf tool chain because I use this every day as I'm building 518 00:36:51,519 --> 00:36:53,800 you know, modern web mobile or desktop apps. But we have to think 519 00:36:53,840 --> 00:36:58,039 about, you know, the other side of the story when it comes to 520 00:36:58,559 --> 00:37:00,639 end users or you know, your QA people when they are testing, maybe 521 00:37:00,679 --> 00:37:05,119 they can poke holes in my app and you know, figure out things that 522 00:37:05,199 --> 00:37:07,599 I have not tested it right. So if you give them Fiddler, they 523 00:37:07,639 --> 00:37:13,360 can poke around all of those endpoints and try shutting things on and off, 524 00:37:13,559 --> 00:37:15,280 slowing things down, or you know, speaking things up, and just try 525 00:37:15,360 --> 00:37:19,440 to figure out all the different ways in which your app can be broken. 526 00:37:19,559 --> 00:37:22,280 So it is, you know, really good for QA people. But then 527 00:37:22,400 --> 00:37:27,239 once your app, you know, hits uh. You know the end users, 528 00:37:27,760 --> 00:37:30,519 you want to know what's going on, and the classic you know works 529 00:37:30,519 --> 00:37:34,719 on my machine but doesn't work on yours. That should not be an excuse 530 00:37:34,800 --> 00:37:37,239 anymore. You should be able to see exactly what the user is experiencing, 531 00:37:37,639 --> 00:37:40,719 and that's where you know, the end user capturing tools come in. That 532 00:37:40,920 --> 00:37:45,440 is, you know Fiddler jam and you know Fiddler cap. You mentioned that 533 00:37:45,599 --> 00:37:49,039 you could be working with somebody else in your team, and I see that 534 00:37:49,159 --> 00:37:53,320 there's some features for team collaboration in the app, So tell me how that 535 00:37:53,440 --> 00:37:57,599 works. What you can do in the inside the application is kept or some 536 00:37:57,760 --> 00:38:01,360 sessions. For example, you may say that you have faced an issue and 537 00:38:01,679 --> 00:38:06,480 then you can share them with specific emails. For example, you can share 538 00:38:06,480 --> 00:38:09,840 them with me and you can even mark the sessions, let's say four of 539 00:38:09,960 --> 00:38:14,920 them in with right backgrounds just to note that I need to take a look 540 00:38:14,960 --> 00:38:16,920 at those four or you can even write a comment on each of them and 541 00:38:17,039 --> 00:38:23,519 say I see something inaccurate here. What will happen is that if fedure is 542 00:38:23,559 --> 00:38:30,000 running on my side, I will receive a notification and I will be able 543 00:38:30,039 --> 00:38:35,559 to download this all of those sessions immediately and inspect them. And I can 544 00:38:35,880 --> 00:38:39,679 even update the comment mark the sessions in a different way, or even update 545 00:38:39,760 --> 00:38:43,400 them in some way. For example, I can fix some of the parameters. 546 00:38:44,079 --> 00:38:46,880 On your side where feedwa is working, you also automatically receive all of 547 00:38:47,000 --> 00:38:52,599 those updates, so we can work together to inspect and investigate what is causing 548 00:38:52,679 --> 00:38:58,559 the issues if it's one part of the of the sharing. In addition, 549 00:38:58,679 --> 00:39:04,000 what you can at this password protection because we know that the sessions can contain 550 00:39:04,079 --> 00:39:07,320 a lot of safety of information, passwords, tokens. If you add this 551 00:39:07,400 --> 00:39:14,360 password, it will be quiet science encryption and you shouldn't worry about that if 552 00:39:14,360 --> 00:39:19,360 you go through our servers and what will happen there because it will be already 553 00:39:19,400 --> 00:39:22,639 encrypted and all the people who have the password will be able to decrypt it 554 00:39:22,000 --> 00:39:28,880 well. Cool. The safe can happen with APR requests. As some already 555 00:39:28,960 --> 00:39:31,840 mentioned, we have the ability to compose some of those APR requests. I 556 00:39:31,960 --> 00:39:36,039 often use them, by the way, when I do some reverse engineering, 557 00:39:37,559 --> 00:39:40,559 it's kind of useful for me to capture the traffic to see what a specific 558 00:39:40,639 --> 00:39:46,280 web publication is doing, and then get some of the requests directly editing the 559 00:39:46,519 --> 00:39:51,960 composer. And of course I try to remove all of the of the headers 560 00:39:52,000 --> 00:39:55,039 and prodactors just to see which which of them I actually need, and plus 561 00:39:55,119 --> 00:40:00,760 I have a successful request, then what I actually do is just export the 562 00:40:00,880 --> 00:40:05,440 request in as a script. Feedwork has this capability that you can export the 563 00:40:06,039 --> 00:40:12,239 already built requesting in an old script or cur request or whatever you need, 564 00:40:12,920 --> 00:40:17,239 and then I used inside my applications. So what I can do in this 565 00:40:17,360 --> 00:40:22,159 case is save this request that I've already captured. I can save it as 566 00:40:22,159 --> 00:40:23,840 a collection, and if I want to share it with my team, I 567 00:40:23,880 --> 00:40:28,960 can do it again with emails. And the last part for the moment is 568 00:40:29,000 --> 00:40:31,119 the sharing of the rules. We've already mentioned how powerful they can be. 569 00:40:31,559 --> 00:40:37,400 You can spend a lot of time building your rules. For example, we 570 00:40:37,599 --> 00:40:43,719 have our own rule sets that helps us test fedure everywhere yeah, it may 571 00:40:43,760 --> 00:40:47,920 be surprising, but in some cases our case are using feedwork everywhere to tested 572 00:40:49,039 --> 00:40:52,280 or everywhere to see how that we behave if you have a failure in specific 573 00:40:52,400 --> 00:40:59,400 endpoints. So they have as rules and they can share them with the between 574 00:40:59,440 --> 00:41:01,519 them. When new QUA accounts in the team, they can just share the 575 00:41:01,800 --> 00:41:06,440 those rules and it's easy, beaty to do it. Yeah. You know 576 00:41:06,559 --> 00:41:09,719 you said when you were talking about the rule Builder about being able to change 577 00:41:09,840 --> 00:41:15,480 things, and I don't want to gloss over that. I mean a request 578 00:41:15,559 --> 00:41:19,239 in response mocking is a big part of what that does, and how would 579 00:41:19,320 --> 00:41:23,119 somebody go about using that into one end so I can try taking that so 580 00:41:23,320 --> 00:41:28,679 essentially, and Rosen mentioned a few ways in which teams can work together, 581 00:41:28,760 --> 00:41:32,559 but to me, like the rules Builder is particularly best suited for a collaborative 582 00:41:32,599 --> 00:41:38,000 type of environment because you are really getting down to the details of every request 583 00:41:38,079 --> 00:41:43,599 and response and being able to change everything about. So when I am building 584 00:41:44,000 --> 00:41:46,679 an app that's hitting a certain endpoint, I want to work with Rosen and 585 00:41:46,840 --> 00:41:52,079 I want to save my rules because that is fine tuned to exactly what my 586 00:41:52,199 --> 00:41:54,960 app is hitting and exactly what we're expecting out of it. And if I 587 00:41:55,079 --> 00:42:00,599 can save my rules and have him will up the same on his Fiddler. 588 00:42:00,920 --> 00:42:04,800 Then we are on the same page. We know exactly which api you know, 589 00:42:04,960 --> 00:42:07,760 endpoint we are hitting, what are the parameters going in and out, 590 00:42:07,840 --> 00:42:10,920 and how we can fake things out of the way and all of this. 591 00:42:12,079 --> 00:42:15,599 It sounds a little bit like we are enabling evil. We're just giving you 592 00:42:15,719 --> 00:42:20,639 more power if you think about No, you're in a debugging scenario, just 593 00:42:20,719 --> 00:42:23,880 to understand what's going on exactly. Yeah, absolutely critical. Yeah. I 594 00:42:24,119 --> 00:42:29,960 was thinking about fiddler jam from a tech support perspective and the number of times 595 00:42:30,000 --> 00:42:35,280 I've dealt with a user that has like some ad in that's a weird old 596 00:42:35,360 --> 00:42:38,679 ad blocker or something and is knocking out a feature of the website. And 597 00:42:38,840 --> 00:42:42,880 you could go around in circles for a long time trying to figure out what 598 00:42:42,920 --> 00:42:45,079 the heck that was. But if you saw the Fiddler trace on it and 599 00:42:45,239 --> 00:42:50,880 saw that that message was just not being received and it wasn't making the request, 600 00:42:51,239 --> 00:42:54,119 you've got a pretty good hint that the browsers blocking it are some unhandled 601 00:42:54,280 --> 00:43:01,760 JavaScript error. Damn scripting turned off. If that's the worst case. Yeah, 602 00:43:02,920 --> 00:43:07,039 but you know, again, the idea is you know, your engineering 603 00:43:07,400 --> 00:43:12,880 hours are you know, valuable, and we want to sometimes protect those hours. 604 00:43:12,920 --> 00:43:15,360 And that's where you have you know, layers of you know support, 605 00:43:15,840 --> 00:43:20,199 And to Richard's point, you don't know what people have running on their machines. 606 00:43:20,280 --> 00:43:22,760 Like I am scared to look at my parents' browsers with all of their 607 00:43:22,880 --> 00:43:25,880 extensions, like they can you know, barely see a webpage. It's just 608 00:43:27,000 --> 00:43:30,800 so full of tools because they say yes to everything. But Franklin, this 609 00:43:30,960 --> 00:43:37,679 is at least one hundred and four weather applications inner task bar, right, 610 00:43:37,239 --> 00:43:42,199 So this is a way in which they can hit one small button and it 611 00:43:42,360 --> 00:43:45,519 starts capturing as they're utilizing your app, as they're running through an app, 612 00:43:45,559 --> 00:43:47,880 and if you you know, let it, it will also capture a little 613 00:43:47,880 --> 00:43:51,320 bit of video to go along, like I clicked on this button and you 614 00:43:51,360 --> 00:43:53,480 can see the Fitler logs kind of you know, follow that along. And 615 00:43:54,280 --> 00:43:58,719 once you have that, you can you know, give it off to your 616 00:43:58,760 --> 00:44:01,199 first layer of support and they can say, no, it's that extension thing 617 00:44:01,239 --> 00:44:05,119 that you have blocked toward. It's that other thing that you have turned off 618 00:44:05,159 --> 00:44:07,440 that's you know, not even letting you make the request and responses. But 619 00:44:07,599 --> 00:44:12,320 if it is truly a legitimate, you know, a bug that you want 620 00:44:12,400 --> 00:44:15,079 engineering to take a look at. That's when you just say, of the 621 00:44:15,199 --> 00:44:17,679 same sessions that you capture from fiddler jam and you just load it up in 622 00:44:17,760 --> 00:44:22,239 Fiddler all the way back to your engineering teams who can look at a session 623 00:44:22,360 --> 00:44:24,599 as if their app is running on their local machine. But it's just something 624 00:44:24,639 --> 00:44:29,360 the user has recorded. Yeah, you don't need to reproduce because you literally 625 00:44:29,400 --> 00:44:32,639 have a copy of a causal problem in the first place. You skip all 626 00:44:32,679 --> 00:44:37,239 of that. Yeah, And just to add here regarding fiddler jum, the 627 00:44:37,360 --> 00:44:40,400 one of the most the quest thing about fiddler jum is that it captures not 628 00:44:40,559 --> 00:44:46,599 only the network requests and sum mentioned video, it also keptures your actions. 629 00:44:46,639 --> 00:44:52,400 For example, user clicked on this deep, user scrolled the page, user 630 00:44:52,400 --> 00:44:57,960 or different, whatever you're doing on the on the page, it is captured. 631 00:44:58,280 --> 00:45:01,639 In additional, it captured the the console walks the terrors. So if 632 00:45:01,679 --> 00:45:06,519 you have an extension that is working southing, you'll see it in the console 633 00:45:06,599 --> 00:45:09,119 and you'll see it in the capture walk for fidmore jamp. And the cool 634 00:45:09,119 --> 00:45:14,119 thing is that the extension is free. Everyone can stell it and use it. 635 00:45:15,760 --> 00:45:20,920 The paid features fell from the analysis of those walks. So whilst your 636 00:45:21,079 --> 00:45:24,000 your end users capture the traffic, they will receive a link and they will 637 00:45:24,039 --> 00:45:30,199 send you the link. So you need to have a vicens to open this 638 00:45:30,320 --> 00:45:35,320 link. Cool and then yeah, it just works everywhere. And what's the 639 00:45:35,360 --> 00:45:42,079 difference between JAM and we'll see end cap. It's a JAM is a browser 640 00:45:42,119 --> 00:45:45,599 based extension. Essentially, it's a chromo Chromium based extension for you know, 641 00:45:45,800 --> 00:45:51,000 your browser based web apps. But if you rather have a desktop app that 642 00:45:51,039 --> 00:45:53,559 you want to look into. So fiddler cap is a very lightweight Windows desktop 643 00:45:53,639 --> 00:45:57,920 app. Okay that does the same thing. So it'll capture everything on your 644 00:45:58,079 --> 00:46:02,199 end user's machine without you having to you know, have them run through your 645 00:46:02,400 --> 00:46:06,159 entire app. You can just have it installed and you have them, you 646 00:46:06,239 --> 00:46:08,559 know, execute a few things and you can capture the same looks. Can 647 00:46:08,599 --> 00:46:13,440 I get out of the PC with Fiddler? Can I try and get all 648 00:46:13,440 --> 00:46:17,039 the traffic off of an IoT device? Like do I convince that device to 649 00:46:17,159 --> 00:46:21,599 add to use me as a proxy? Yes, in a way. And 650 00:46:21,920 --> 00:46:23,920 Rosen can speak more to this, but you know, at the end of 651 00:46:24,000 --> 00:46:29,559 the day, anybody who speaks HTTP to an endpoint, you can capture it, 652 00:46:29,760 --> 00:46:32,320 but you will have that you need to have that IoT or any type 653 00:46:32,320 --> 00:46:37,440 of other device be able to go through a machine. Right, So all 654 00:46:37,480 --> 00:46:40,559 of that, you know, devices traffic is also captured. So you ask 655 00:46:40,599 --> 00:46:45,519 the device to speak to you as the gateway so that you can then proxy 656 00:46:45,639 --> 00:46:47,920 through it, which not that hard to do. You said, you can 657 00:46:47,960 --> 00:46:52,440 go and can figure the network settings for that IoT device. You just push 658 00:46:52,480 --> 00:46:54,840 it through that way. So yeah, we are you know, trying to 659 00:46:54,960 --> 00:46:59,559 enable developers to have as much visibility. Again, you know, we are 660 00:46:59,599 --> 00:47:00,960 not trying to be able, but I mean we have had tools like you 661 00:47:01,039 --> 00:47:06,960 know Telarc, you know, disassemble and we'll let you decompile DLLs, so 662 00:47:07,079 --> 00:47:09,239 you really can you know, reverse engineer and look through a lot of things. 663 00:47:09,320 --> 00:47:13,920 But this is you know, just literally power in your hands and full 664 00:47:14,079 --> 00:47:15,920 visibility in your hands, so you know what's going on in your network. 665 00:47:16,400 --> 00:47:20,760 Yeah, I mean I think about low even lower level tools like wire shark, 666 00:47:21,480 --> 00:47:24,639 but now you're just looking at the actual network protocols like it's for a 667 00:47:24,679 --> 00:47:28,400 lot of folks, I think it's too low lew Right, Yeah, you 668 00:47:28,480 --> 00:47:30,440 don't care about a lot of that information. You want to focus on the 669 00:47:30,559 --> 00:47:35,800 application message traffic. It's flowing back and forth. Right, it's that protocol 670 00:47:35,840 --> 00:47:38,840 analyzer. It's a debugging tool. Yeah. And if you care enough about 671 00:47:39,039 --> 00:47:42,920 or if you know what you're doing, especially with you know, proto buff 672 00:47:43,079 --> 00:47:45,760 or you know Rosen mentioned, we have a hex analyzer that shows you the 673 00:47:45,880 --> 00:47:50,719 hex of the requestment responses. That's a little little hardcore for me, but 674 00:47:50,840 --> 00:47:53,199 if you want it, if you understood what assembly looks like, then that 675 00:47:53,280 --> 00:47:57,239 would be a useful tool for you. Oh, you can always write your 676 00:47:57,239 --> 00:48:01,000 own tool, you know, just like you can go grow your own electrons 677 00:48:01,039 --> 00:48:05,000 and make a PC for it. Like, it's a lot of work, 678 00:48:05,199 --> 00:48:07,119 right, I got stuff to do. The goal was to make a tool. 679 00:48:07,159 --> 00:48:10,559 The goal was solved. Problem that the tool already exists. You should 680 00:48:10,559 --> 00:48:14,239 be used the tool. They've thought about things you haven't thought about. Yeah, 681 00:48:14,360 --> 00:48:17,599 yeah, exactly. And something that that we are trying to do is 682 00:48:19,039 --> 00:48:23,840 make it even easier for people to use the tool. For example, when 683 00:48:23,880 --> 00:48:30,960 you want to capture current requests in order to capture them in feed or you 684 00:48:30,000 --> 00:48:34,519 need to provide a specific argument. When you want to do it with no 685 00:48:34,679 --> 00:48:37,880 jess, you need to set some environment variables but instead of doing cool of 686 00:48:37,960 --> 00:48:44,079 those, we are trying to introduce new features inside the application that will automatically 687 00:48:44,159 --> 00:48:46,280 handle those for you. For example, in the next release, we are 688 00:48:46,320 --> 00:48:53,159 going to introduce such such option instrumented terminal that will set all of those for 689 00:48:53,280 --> 00:48:58,239 you and will help you. So instead of wandering, okay, which was 690 00:48:58,280 --> 00:49:00,880 the parameter of how to set it, where to find it and to those, 691 00:49:01,119 --> 00:49:07,679 just run your application through THROUGHDS terminal and the network requests will be captured, 692 00:49:07,719 --> 00:49:13,320 says valid. For the applications with a bit a bits twits regarding the 693 00:49:13,480 --> 00:49:17,840 certificate, you'll be able to run them through through this terminal and twiteout changing 694 00:49:17,960 --> 00:49:23,360 your the configuration inside your application, you'll be able to capture their network traffic. 695 00:49:23,679 --> 00:49:28,159 Right Yeah, So what essentially Rosen is trying to point to is we 696 00:49:28,239 --> 00:49:31,199 are thinking ahead as to what you know, this tool that has been unbeloved 697 00:49:31,280 --> 00:49:35,960 and used you know for decades now by developers, how does this evolve? 698 00:49:36,159 --> 00:49:38,760 And we always want to have developers have all the power. But you know 699 00:49:38,880 --> 00:49:44,000 what's next, Let's think about automation, you know, as we are you 700 00:49:44,119 --> 00:49:46,000 know, and we spend a lot of time on the minute test of things 701 00:49:46,079 --> 00:49:50,199 like the deaf teams do because like those are important, like how you do 702 00:49:50,320 --> 00:49:53,960 your searches are important, how you filter down to every detail is important. 703 00:49:54,039 --> 00:49:58,199 We also have ways in which you can now, you know, take two 704 00:49:58,440 --> 00:50:01,000 rows of sessions. You know, as we are testing our app, one 705 00:50:01,079 --> 00:50:05,159 failed, one worked, and you don't know why, right, So now 706 00:50:05,199 --> 00:50:07,920 you can compare every part of that request, every part of the response to 707 00:50:08,000 --> 00:50:12,880 see exactly what's the difference between two. But all of that again is part 708 00:50:12,920 --> 00:50:15,079 of your deaf workflow. But you know, if you think about automation, 709 00:50:15,239 --> 00:50:19,320 like you want to hit a whole bunch of APIs and you want to see 710 00:50:19,400 --> 00:50:22,679 what's coming back, and you want to have all of this as a script. 711 00:50:22,840 --> 00:50:24,840 Right, So now we'll let you save off your sessions, your request 712 00:50:24,880 --> 00:50:29,320 from responses and open it up in a terminal, open it up as CURL, 713 00:50:29,599 --> 00:50:32,119 and have that as a set of instructions that you do maybe as a 714 00:50:32,199 --> 00:50:37,519 CICD pipeline. So these are things we are thinking ahead as to see how 715 00:50:37,679 --> 00:50:39,920 Fiddler evolves. Yeah, well, I mean, I presume you're not going 716 00:50:39,960 --> 00:50:45,119 to get out of the traffic business. But it's about traffic going in and 717 00:50:45,239 --> 00:50:49,559 out of a device that I appreciate that you're getting into different kinds of traffic 718 00:50:49,599 --> 00:50:54,559 which besides just htps. Of course there's HDP three, But is that really 719 00:50:54,599 --> 00:50:59,639 that much of a stretcher to implement. Are we already you know, using 720 00:50:59,679 --> 00:51:04,920 it? Well, I don't want to spot the news here, but we're 721 00:51:04,960 --> 00:51:07,639 looking at HTP three, okay, and we'll see a lot of what will 722 00:51:07,679 --> 00:51:14,800 happen if people demand for it, then we'll have to do it. Yeah, 723 00:51:14,840 --> 00:51:17,280 I just did a run as episode. We were talking about SMB over 724 00:51:17,440 --> 00:51:22,320 quick, which is HDP three. Just this idea of like no more VPNs, 725 00:51:22,519 --> 00:51:29,800 we want file access but securely and hand fast and those those techniques work 726 00:51:29,880 --> 00:51:32,920 really well, but they still a little lower level than web. Yeah, 727 00:51:34,039 --> 00:51:37,599 and as you mentioned, security it is. Security is quite important for us 728 00:51:37,679 --> 00:51:43,199 and everything what we are doing, we are trying to put all of our 729 00:51:43,400 --> 00:51:47,599 efforts to ensure that we will not expose users information, to ensure that we 730 00:51:47,639 --> 00:51:52,559 will not allow protocol violations. For example, when we were working on the 731 00:51:52,760 --> 00:51:57,559 HTP two, we took a lot of time to ensure that we are actually 732 00:51:57,679 --> 00:52:01,360 following all the requirements of the protocol and if something is broken, to be 733 00:52:01,480 --> 00:52:06,440 sure that we'll show it to the users and to tell them they are made 734 00:52:06,639 --> 00:52:10,280 tools that we all ignore such airs, even rather to it for some of 735 00:52:10,360 --> 00:52:15,920 them. But we prefer to be on the safe site and to sndle those 736 00:52:15,119 --> 00:52:20,199 irs in a different way to show the people that that happened. There might 737 00:52:20,280 --> 00:52:24,119 be some issues or there. One of the latest things that we are introducing 738 00:52:24,320 --> 00:52:29,960 is the you know that when you have a problem with the certificate on some 739 00:52:30,119 --> 00:52:34,079 website, the brothers are trying to pervate it for you, but in some 740 00:52:34,199 --> 00:52:37,519 cases you want to allow it for let's say local whose development or some of 741 00:52:37,599 --> 00:52:43,840 your internal servers. So until now we had an option to ignore all of 742 00:52:43,960 --> 00:52:47,599 those erirors, but we didn't feel comfortable with it because you had to ignore 743 00:52:47,639 --> 00:52:52,400 all of them, not just for the specific certificate and domain. So now 744 00:52:52,440 --> 00:52:55,400 we delay. With the new release, we are going to change this and 745 00:52:55,639 --> 00:53:00,280 you'll be able to set it for all the one of the one of the 746 00:53:00,320 --> 00:53:02,719 certificate that that we have an error. That's cool. So this way we 747 00:53:02,840 --> 00:53:07,960 think that our user feel much safer. Also, we are looking at different 748 00:53:08,039 --> 00:53:15,199 compilacies. We are looking to extend the ability to to ensure that feedwork can 749 00:53:15,280 --> 00:53:20,119 work in different environments. As we've already mentioned, it's working behind wogging. 750 00:53:20,599 --> 00:53:25,119 So we are wondering what will happened if people need to work without in an 751 00:53:25,320 --> 00:53:30,559 restricting environment where they all have no access to our work endpoints. What will 752 00:53:30,599 --> 00:53:34,440 happen there? How they are going to use the application. We know that 753 00:53:34,559 --> 00:53:37,880 we have such urist out there. We just need more information what are the 754 00:53:37,960 --> 00:53:43,159 requirements? And we work on it. Interesting, Yeah, very cool, 755 00:53:44,000 --> 00:53:49,719 very challenging. So what's next? What's on the Fiddle the horizon? Well, 756 00:53:50,199 --> 00:53:52,559 the team has been super busy and we have actually internally, you know, 757 00:53:53,199 --> 00:53:57,559 tried to align you know, it's a big portfolio products we have, 758 00:53:58,559 --> 00:54:00,960 you know, between t Laric and you know can the UI and Fiddler and 759 00:54:01,039 --> 00:54:04,840 side Trinity and all lot of the things we do. So we have been 760 00:54:05,079 --> 00:54:07,559 trying to align some you know, our releases are you know, the major 761 00:54:07,639 --> 00:54:13,079 releases go out together, so you know we're looking at maybe three major releases 762 00:54:13,119 --> 00:54:15,679 in a year for Fiddler with you know, little things in between, service 763 00:54:15,719 --> 00:54:19,880 packs in between. You know, like Rosen said, we are you know 764 00:54:19,960 --> 00:54:22,960 thinking about offline capabilities. Maybe we are working with Fiddler on a plane and 765 00:54:23,199 --> 00:54:27,840 you know maybe you're just doing local hosts and that's fine, so you know 766 00:54:28,159 --> 00:54:30,400 also thinking ahead at you know, what's next with you know, web sockets, 767 00:54:30,480 --> 00:54:35,159 what's next with gRPC? Sure? What are the little level protocols come 768 00:54:35,199 --> 00:54:37,079 along that matter to us? That's true. Yeah, so you know, 769 00:54:37,239 --> 00:54:42,639 enable developers to see everything in your network as best as we can. It's 770 00:54:42,760 --> 00:54:45,159 very cool. Thank you guys. It's been great, great, great work. 771 00:54:45,840 --> 00:54:49,280 All kudos go to you know, Rosen and the team. It's been 772 00:54:49,360 --> 00:54:52,400 you know, several years of engineering, but we are happy where we stand 773 00:54:52,440 --> 00:54:57,199 today. Yeah. I'm sure our listeners will take a first spin and we'll 774 00:54:57,280 --> 00:55:22,000 see them next time on dot neem dot net. Rocks is brought to you 775 00:55:22,079 --> 00:55:28,360 by Franklin's Net and produced by Pop Studios, a full service audio, video 776 00:55:28,480 --> 00:55:32,400 and post production facility located physically in New London, Connecticut, and of course 777 00:55:32,480 --> 00:55:38,840 in the cloud online at pwop dot com. Visit our website at dt nt 778 00:55:39,199 --> 00:55:45,719 r ocks dot com for RSS feeds, downloads, mobile apps, comments, 779 00:55:45,039 --> 00:55:50,239 and access to the full archives going back to show number one, recorded in 780 00:55:50,320 --> 00:55:53,079 September two thousand and two. And make sure you check out our sponsors. 781 00:55:53,280 --> 00:55:58,440 They keep us in business. Now, go write some code, seex time, 782 00:56:00,119 --> 00:56:07,880 middle band and summer my part that means hard than my taxis