WEBVTT 1 00:00:01.000 --> 00:00:04.759 How'd you like to listen to dot net rocks with no ads? Easy? 2 00:00:05.320 --> 00:00:09.880 Become a patron For just five dollars a month you get access to a private 3 00:00:10.000 --> 00:00:14.359 RSS feed where all the shows have no ads. Twenty dollars a month will 4 00:00:14.400 --> 00:00:18.800 get you that and a special dot net Rocks patron mug. Sign up now 5 00:00:18.839 --> 00:00:23.760 at Patreon dot dot net rocks dot com. Hey Carlin, Richard Here, 6 00:00:24.079 --> 00:00:29.280 As you may have heard, NDC is back offering their incredible in person conferences 7 00:00:29.320 --> 00:00:33.240 around the world, and we'd like to tell you about them. NDC Oslow 8 00:00:33.240 --> 00:00:37.039 will be made twenty first through the twenty fifth. Go to NDC Oslo dot 9 00:00:37.119 --> 00:00:42.759 com to register. NDC Copenhagen is happening August twenty seventh through the thirty first. 10 00:00:43.320 --> 00:00:48.960 Go to NDC Copenhagen dot com for more information. NDC Porto is happening 11 00:00:49.000 --> 00:00:53.280 October sixteenth through the twentieth. The early bird discount for DC Porto ends July 12 00:00:53.560 --> 00:00:58.280 twenty first. Go to Eddcporto dot com to register and check out the full 13 00:00:58.320 --> 00:01:18.200 lineup of conferences at DC conferences dot com. Hey guess what it's dot net 14 00:01:18.280 --> 00:01:22.000 Rocks. This is Carl Franklin and this is Richard Cappell. We're here again 15 00:01:22.079 --> 00:01:27.480 for your listening pleasure, and this be episode eighteen hundred and forty. Well, 16 00:01:27.519 --> 00:01:30.799 there you go. Who knew? Yeah, who knew? Indeed, 17 00:01:30.359 --> 00:01:34.959 wait till you see the way back machine. I'm tapping for the comment on 18 00:01:34.000 --> 00:01:41.879 this show. Oh boy, wow, all right, I can't wait, 19 00:01:41.920 --> 00:01:45.920 But verse, I have something for you, okay with better know fwork awesome? 20 00:01:53.680 --> 00:01:56.599 All right, buddy, what do you got? Well, rold Buddy. 21 00:01:56.640 --> 00:02:00.359 Simon Cropp is at it again. He's wicked smart, is just ridiculous 22 00:02:00.400 --> 00:02:07.280 smart. And you know, I think it's the water in Australia that or 23 00:02:07.280 --> 00:02:13.120 maybe it's water in America. I don't know. Anyway. He wrote this 24 00:02:13.240 --> 00:02:21.240 great um source only repo called polyphil. Wait we did We used to do 25 00:02:21.280 --> 00:02:25.759 polyphilps for web. Yeah, this is polyphil for dot net. It exposes 26 00:02:25.800 --> 00:02:30.240 newer dot net and c sharp features to older run times. What older run 27 00:02:30.280 --> 00:02:38.360 times? So dot in a standard two designed to support Net four six one 28 00:02:38.400 --> 00:02:43.680 all the way to Net eight right? Dot might interesting? And if you 29 00:02:44.039 --> 00:02:46.960 yeah, if you go there, you'll see a detailed list of all of 30 00:02:47.000 --> 00:02:52.560 the polyphils that he's implemented. How cool is that? That's really clever? 31 00:02:52.840 --> 00:02:55.719 Yeah, that's an interesting idea. Yeah, I really like that feature of 32 00:02:55.759 --> 00:02:59.560 C sharp eight, but I don't have C sharp eight. Yeah, I 33 00:02:59.560 --> 00:03:01.960 can't use pay for whatever reason, so I'll do it as a poly felt 34 00:03:01.960 --> 00:03:05.560 like this is something that Microsoft is not going to build, right, They're 35 00:03:05.599 --> 00:03:08.039 going to tell you just use dot net eight. Excellent. So that's it. 36 00:03:08.199 --> 00:03:10.960 No, it learned it, love it. And Simmons just again, 37 00:03:12.240 --> 00:03:15.319 really really smart guy, so brilliant. Yeah, that's very clever. I 38 00:03:15.360 --> 00:03:17.560 expect it to be just as great as everything else that he's done. Who 39 00:03:17.639 --> 00:03:21.639 was talking to us today, Richard? You know we are doing a show 40 00:03:21.639 --> 00:03:25.120 about Fiddler today. Yeah. And the last I went and looked on like, 41 00:03:25.159 --> 00:03:29.039 when's the last time we talked about Fiddler as like a show? And 42 00:03:29.039 --> 00:03:32.080 we did one with Eric Lawrence like episode eight oh nine, like a thousand 43 00:03:32.120 --> 00:03:38.000 shows ago. Yeah, it's a little too old, but we referenced Fiddler 44 00:03:38.000 --> 00:03:42.599 on a regular basis and this led to a great little comment chain where on 45 00:03:42.919 --> 00:03:51.360 episode ten seventy two, we were talking to Shay Freedman about Chrome developer tools 46 00:03:51.960 --> 00:03:57.120 and Fiddler came up in that conversation and that led to a show we did 47 00:03:57.159 --> 00:04:00.039 with Brad Abrams about the Google Cloud back in twenty fifteen show ten to eighty 48 00:04:00.159 --> 00:04:03.840 three. Totally crap, right, Brad Abrams. Brad Abrams, who I 49 00:04:03.879 --> 00:04:08.599 think is back at Microsoft again? Really like, oh, I'm pretty sure. 50 00:04:08.919 --> 00:04:11.840 Yeah, yeah, he escaped to Google after the silver Light thing when 51 00:04:12.039 --> 00:04:15.240 it's up, and then he came back. Yeah, it's coming back around. 52 00:04:15.280 --> 00:04:17.079 You know, what comes around goes around kind of thing. But years 53 00:04:17.160 --> 00:04:21.839 later I always liked him. But what I what I appreciate the fact that 54 00:04:21.879 --> 00:04:26.759 we're talking about Fiddler is this comment from Dave's Russell, which admittedly is from 55 00:04:26.800 --> 00:04:31.920 eight years ago, eight hundred episodes ago, and where Dave says, you 56 00:04:31.959 --> 00:04:36.000 know, Fiddler is required for any non browser endpoints you wanted to bug and 57 00:04:36.040 --> 00:04:40.360 anything that requires a post to put or delete. And it can act as 58 00:04:40.360 --> 00:04:43.759 a reverse proxy and can act as a proxy for a bit of devices. 59 00:04:43.839 --> 00:04:47.240 And actually Fiddler is not going anywhere anytime soon. It's a fantastic tool. 60 00:04:47.480 --> 00:04:49.879 And saying you don't need is like saying you don't need the rest of the 61 00:04:49.879 --> 00:04:57.120 Internet because Amazon sells everything. Ridiculous. Yeah, he says that anyway, 62 00:04:57.399 --> 00:05:00.000 Well, and it's just a for me, it's a great moment to realize, 63 00:05:00.199 --> 00:05:02.720 is like Hey, this has been an amazing tool for forever and we 64 00:05:02.759 --> 00:05:05.439 don't talk about it often enough, so I'm excited to talk about it again. 65 00:05:05.519 --> 00:05:09.120 Yeah me too, So Dave, thank you so much for your comment, 66 00:05:09.160 --> 00:05:11.399 and a copy of music cobuy is on its way to you. If 67 00:05:11.399 --> 00:05:14.759 you'd like a copy music co buy, write a comment on the website dot 68 00:05:14.800 --> 00:05:17.040 net rocks dot com or on Facebook. Publish every show there, and if 69 00:05:17.040 --> 00:05:19.480 you comment there and I read it on the show, we'll send you copy. 70 00:05:19.560 --> 00:05:23.800 Mused to cobuy and you could certainly follow us on Twitter, but we'd 71 00:05:23.800 --> 00:05:27.959 prefer you follow us on Mastodon because there's more cool stuff happening there. I'm 72 00:05:28.000 --> 00:05:31.639 at Carl Franklin at tech ub dot social, and I'm Rich Campbell at mastodon 73 00:05:31.720 --> 00:05:36.759 dot social, and send us to and definitely sign up. It's good stuff. 74 00:05:38.079 --> 00:05:42.839 We're here with Sam Bassu and Rosen Vladimirov. Let me introduce them. 75 00:05:42.920 --> 00:05:45.879 Sam, of course, has been on the show many times. He's a 76 00:05:45.920 --> 00:05:49.480 technologist, author, speaker, Microsoft MVP, gadget lover, and developer advocate 77 00:05:49.519 --> 00:05:54.240 for Teller. With a long developer background, he now spends much of his 78 00:05:54.319 --> 00:05:59.720 time advocating modern web, mobile cloud development platforms on Microsoft Teller, ek stacks 79 00:06:00.319 --> 00:06:05.639 his spare times call for travel, fast cars, Cricket, Cricket somebody actually 80 00:06:05.639 --> 00:06:11.879 plays that game, and Culinary Adventures of the Family. You can find him 81 00:06:11.879 --> 00:06:16.680 on the internets. Rosen vladimirv is a senior software engineering manager at Progress Software 82 00:06:16.680 --> 00:06:20.839 Corporation. Like how I pronounced that free Richard Progress? Yeah, very nice, 83 00:06:20.959 --> 00:06:25.759 Just my inner Canadian came out. Throughout his career, he has been 84 00:06:25.800 --> 00:06:30.319 in different roles and worked with various technologies including WPF, silver Light, dot 85 00:06:30.399 --> 00:06:33.759 Net, no JS, type Script, Angular, and Electron. Currently, 86 00:06:33.839 --> 00:06:39.480 he leads the engineering team responsible for all Fiddler products. He loves helping others 87 00:06:39.480 --> 00:06:44.279 and that's why he's so involved in building developer tools such as Fiddler everywhere with 88 00:06:44.279 --> 00:06:47.800 a goal of making everyday tasks easier. Welcome guys, Yeah, thank you, 89 00:06:47.839 --> 00:06:53.199 gentlemen. Thanks for having us over here. I thought I was old 90 00:06:53.279 --> 00:06:58.319 and I met you people. Yeah, Sam, how many shows have you 91 00:06:58.360 --> 00:07:00.519 done with us? So probably a lot. We could probably figure it out 92 00:07:00.759 --> 00:07:04.560 number four, yea few, but you know, congratulations from eighteen hundred plus 93 00:07:04.680 --> 00:07:10.079 episodes. You know, after after seventeen hundred you just stopped counting. Yeah, 94 00:07:10.079 --> 00:07:12.759 it's it's all the same, really, and welcome Rosen. This is 95 00:07:12.800 --> 00:07:15.000 your first time with us. Hey guys, Yeah, thanks for having me 96 00:07:15.079 --> 00:07:19.480 here. You're certainly welcome, and thanks for Fiddler. What's name in the 97 00:07:19.519 --> 00:07:23.279 fiddler world? I guess, you know, we should start with that comment 98 00:07:24.519 --> 00:07:28.680 there there is a it's a easy to dismiss Fiddler because we have such great 99 00:07:28.680 --> 00:07:31.199 tools in the browser. But the browser tools don't go far enough for every 100 00:07:31.199 --> 00:07:34.839 situation, do they No, they don't. Um, So let's kind of 101 00:07:34.879 --> 00:07:41.160 dive in and I'm the fluff. Rosen is the stuff. But I'll try 102 00:07:41.199 --> 00:07:44.959 my best to set this stage. So, you know, like the comment 103 00:07:45.000 --> 00:07:47.199 said, it's been a long journey. This kind of started back with you 104 00:07:47.240 --> 00:07:53.959 know, Eric, way back with his Microsoft days, and it's you know, 105 00:07:54.000 --> 00:07:57.600 it's been a tool that so many developers over you know, the last 106 00:07:57.639 --> 00:08:00.759 you know, decade or two have kind of grown up with. You know, 107 00:08:00.800 --> 00:08:03.600 you use this every day as a part of your you know, deaf 108 00:08:03.720 --> 00:08:07.439 tool set, and at its very essence, it's a network debugging tool. 109 00:08:07.560 --> 00:08:13.439 It's a proxy, so it lets you capture all types of network and here, 110 00:08:13.720 --> 00:08:16.600 you know, it comes in some of the differentiators where your browser def 111 00:08:16.680 --> 00:08:20.319 tools are you know, pretty down good these days, but they only go 112 00:08:22.040 --> 00:08:24.959 as far. We're talking about every type of app. You know, I 113 00:08:26.079 --> 00:08:28.519 do a lot of you know, crosslatform mobile and you know desktop stuff. 114 00:08:28.680 --> 00:08:33.759 So the moment you step outside the web, the deaf tools, don't you 115 00:08:33.759 --> 00:08:37.279 know, work as well. And also we are talking about lots of other 116 00:08:37.399 --> 00:08:41.480 things that you need. You should you know, never be in doubt as 117 00:08:41.480 --> 00:08:45.879 a developer as to what's going on in your network and how you function together 118 00:08:46.000 --> 00:08:50.679 as a team, your your collaborations, and also doing things like you know, 119 00:08:50.759 --> 00:08:54.639 proxying things where you don't always want to go to the network, having 120 00:08:54.679 --> 00:08:58.240 a strong rules engine so you can you know, fake things on and off, 121 00:08:58.000 --> 00:09:01.679 having ways to save sessions and share them with your team, and you 122 00:09:01.679 --> 00:09:07.120 know, understanding how your users are actually using your apps so that when they 123 00:09:07.159 --> 00:09:11.559 have issues and when they come to your know QA and support people, you're 124 00:09:11.559 --> 00:09:16.120 not wasting cycles understanding what's going on. I get the packets never a kind 125 00:09:16.120 --> 00:09:18.960 of idea, but does it go so far as to being a protocol analyzer, 126 00:09:20.000 --> 00:09:22.960 Like can I put it between me and a USB device and say, 127 00:09:24.000 --> 00:09:26.639 hey, can you log all the traffic going between these two things? No, 128 00:09:26.879 --> 00:09:31.519 in the current stitution, it's it's more of a network the bugging helper 129 00:09:31.600 --> 00:09:37.519 tool that you can use to capture off your network traffic as some mensions. 130 00:09:37.279 --> 00:09:43.039 For many years, fed or was famous, like as a web debugging tool, 131 00:09:43.840 --> 00:09:48.000 but now we are trying to help our users to understand that it's not 132 00:09:48.080 --> 00:09:52.120 only the web here. There are many types of network requests that you can 133 00:09:52.200 --> 00:09:56.879 handle and capture it feedwor and to help you find out what the issue with 134 00:09:56.919 --> 00:10:01.440 them or even simulate different terrors and see how our applications will be safe when 135 00:10:01.480 --> 00:10:05.519 you're with yeah, okay, get it. Yeah, Just trying to establish 136 00:10:05.559 --> 00:10:09.639 the boundaries of expectation here in terms of what it's able to. So you 137 00:10:09.639 --> 00:10:15.440 know, we're talking to developers. It's a developer debugging tool, and that's 138 00:10:15.440 --> 00:10:20.000 that's it's realm, that's it's meal you And is it is still a browser 139 00:10:20.039 --> 00:10:24.279 based tool or are there sandalone applications? Yes? There are so. Actually, 140 00:10:24.279 --> 00:10:28.600 before we jump into tools and features, I think it's important to talk 141 00:10:28.639 --> 00:10:31.399 about what you know, Rosen and the team have done with Fiddler in the 142 00:10:31.480 --> 00:10:35.519 last you know, several years. Please, it's not just one tool anymore. 143 00:10:35.600 --> 00:10:39.559 It's become like a product family. It's a portfolio of a multiple things 144 00:10:39.600 --> 00:10:43.639 that work together to help out developers. So add it's very you know, 145 00:10:43.240 --> 00:10:46.679 basic core. Fiddler used to be a you know, Windows app, and 146 00:10:46.759 --> 00:10:50.399 that's still there. It's what we call Fiddler Classic, and you know, 147 00:10:50.480 --> 00:10:54.399 it's feature rich. A lot of you know people use it, you know, 148 00:10:54.480 --> 00:10:56.480 every day in their depth, you know cycles, and nothing wrong with 149 00:10:56.519 --> 00:11:01.159 that. We're not moving the cheese, but we are also have to reinvent 150 00:11:01.200 --> 00:11:05.559 Fiddler for how modern developers work, and we want that freedom to be you 151 00:11:05.559 --> 00:11:09.840 know, building any type of app on any platform. So you know, 152 00:11:09.879 --> 00:11:13.720 Fiddler Everywhere is our you know, most up to date Fiddler tool, and 153 00:11:13.799 --> 00:11:18.919 it is cross platforms. So now you can use Fiddler on Windows, Mac 154 00:11:18.960 --> 00:11:22.759 and Linux. And this was something of a request for like a decade for 155 00:11:22.879 --> 00:11:26.480 us make it work on Mac and Linux, but now you can, and 156 00:11:26.519 --> 00:11:30.440 it's you know, a native tool that works everywhere and functions exactly the same 157 00:11:30.519 --> 00:11:33.799 consistently ui uxys. But that's just you know, the capturing part of it. 158 00:11:33.919 --> 00:11:37.080 But we also have Fiddler in a few you know, different modes. 159 00:11:37.600 --> 00:11:43.799 When it comes to you know, understanding how your users are seeing errors in 160 00:11:43.879 --> 00:11:46.000 their apps when they're using it, we have you know two little things. 161 00:11:46.159 --> 00:11:52.559 One is called Fiddler Jam, which is essentially Chromium based browser extension. And 162 00:11:52.679 --> 00:11:56.080 this isn't something you want your non technical people to just you know, go 163 00:11:56.159 --> 00:12:00.360 to the extension store on both you know, Chrome or Edge and able to 164 00:12:00.399 --> 00:12:03.720 just quickly install an extension and run your app, capture what's going on in 165 00:12:03.720 --> 00:12:07.279 your app and shared it back with the QWA Fox when giving us a ticket, 166 00:12:07.320 --> 00:12:11.879 and it can do you know, other things like capturing a video all 167 00:12:11.919 --> 00:12:16.360 of the necessary logs. And that's for browser based tools. If you have 168 00:12:16.399 --> 00:12:18.320 a Windows based app, then we have something called Fiddler Cap which is the 169 00:12:18.360 --> 00:12:22.919 same idea. It's a very lightweight, you know, little app that you 170 00:12:22.080 --> 00:12:26.799 install that captures local traffic. Again mostly for you know, non technical people. 171 00:12:26.960 --> 00:12:31.480 And then we also have Fiddler Core, which is essentially the engine that 172 00:12:31.559 --> 00:12:35.279 drives all of Fiddler's functionality that has been separated from the UI part of it. 173 00:12:35.519 --> 00:12:39.639 So you can actually have Fiddler Core as a dot net embedible library, 174 00:12:39.759 --> 00:12:43.000 so you can you light up your dashboards or you know, things that you 175 00:12:43.200 --> 00:12:48.000 want to embed in your own apps. So that's the whole Fiddler family of 176 00:12:48.000 --> 00:12:50.600 five different things now and these are all I mean, for Fiddler core on 177 00:12:50.639 --> 00:12:56.559 app. This is all HDPHDPS traffic and analyzing. Yes, and this is 178 00:12:56.559 --> 00:13:01.639 where can Rosen and team have been, you know, very active. You 179 00:13:01.639 --> 00:13:03.039 know a lot of new things have happened. The web isn't the same as 180 00:13:03.039 --> 00:13:07.360 it was twenty years back. HTP one is where we started. Now you'n 181 00:13:07.440 --> 00:13:11.399 HDP two and we are even looking forward. So yes, HTTP and HTPS 182 00:13:11.919 --> 00:13:18.240 making sure we can capture both on encrypted and encrypted traffic, and also getting 183 00:13:18.279 --> 00:13:22.159 down to a slightly lower level. I don't want to spill Rosin's bills, 184 00:13:22.639 --> 00:13:26.240 but you know, things like web sockets, things like grpcy thanks, we 185 00:13:26.440 --> 00:13:31.120 think about a lot a lot it okay, because those things aren't transported over 186 00:13:31.240 --> 00:13:35.480 HTPS. No, so we can step one level down and you know, 187 00:13:35.600 --> 00:13:39.120 take a look at what apps are doing under the covers. gRPC web is 188 00:13:39.159 --> 00:13:43.360 of course, but gRPC I think it requires HTP two. Is that right? 189 00:13:43.600 --> 00:13:48.679 I think so, yes, it's suggested that you use HTP two and 190 00:13:48.720 --> 00:13:52.200 because like that's where that's how you can you get those parallel request and responses. 191 00:13:52.240 --> 00:13:56.840 It's a truly bidirectional, you know, stream of information between the server 192 00:13:56.919 --> 00:14:00.960 and the client. And you know, we can capture it all. Yeah, 193 00:14:01.000 --> 00:14:03.759 that's great. Yeah, when I think back to the original Eric Lawrence 194 00:14:03.840 --> 00:14:07.159 version of fiddle are it was really a rapper of her Win I had if 195 00:14:07.159 --> 00:14:09.559 I remember correctly. Wow, that's taken me back. It just was able 196 00:14:09.600 --> 00:14:13.639 to look at the traffic back and forth and there. So if you're getting 197 00:14:13.720 --> 00:14:16.720 off, I can imagine people say that would like it to be other than 198 00:14:16.799 --> 00:14:20.039 windows. It's like, you mean, totally rewrite it because it was it 199 00:14:20.120 --> 00:14:22.919 was a rapper of her Win I ned. Yeah, yeah, very true, 200 00:14:24.480 --> 00:14:28.799 defensive lot the case, and it was it felt only its different that 201 00:14:28.919 --> 00:14:33.159 makes it more difficult because yeah, as you've mentioned, you need to re 202 00:14:33.159 --> 00:14:39.039 write the whole object to support it on different operating systems. But in addition, 203 00:14:39.200 --> 00:14:45.039 when we decided to go on with HTP two support, which had to 204 00:14:45.120 --> 00:14:48.000 write a lot of other things because HTP two is a lot more different. 205 00:14:48.480 --> 00:14:54.559 So even now it is still in Better we are waiting for feedback and gethering 206 00:14:54.600 --> 00:14:58.200 feedback from our use and now after we have it, we'll soon moved the 207 00:14:58.240 --> 00:15:03.600 feature out of Better support. But it was important for us to ensure that 208 00:15:03.639 --> 00:15:09.360 we have not process something that was working for the users because the essences that 209 00:15:09.399 --> 00:15:13.399 you need to capture traffic and easy understand what's going wrong. But still, 210 00:15:13.440 --> 00:15:18.000 as some mentioned that the network had been changed, has changed for a lot 211 00:15:18.039 --> 00:15:22.639 of different aspects. For example, the THOS one point three is something that 212 00:15:22.519 --> 00:15:26.639 we are currently working on and it will soon be out as a feature in 213 00:15:26.679 --> 00:15:31.679 feed or everywhere you know that it is. It is out there for maybe 214 00:15:31.799 --> 00:15:37.159 five or six years, but still many many servers do not support it, 215 00:15:37.840 --> 00:15:41.360 maybe due to the security the fact that it has only five ciphers that are 216 00:15:41.480 --> 00:15:46.320 supported in it, so many applications still struggle to have been supported. But 217 00:15:46.480 --> 00:15:50.440 in terms of security, it is much more secure and people actually want to 218 00:15:50.519 --> 00:15:54.799 use it. So at that point we wanted to help our users to be 219 00:15:54.840 --> 00:15:58.440 able to test which are the servers which support it, how to how to 220 00:15:58.519 --> 00:16:03.759 use them, helping form even their security team that there is stuff being broken 221 00:16:03.799 --> 00:16:10.000 there. So we were we've been working on the last a couple of feks 222 00:16:10.159 --> 00:16:14.000 for this teacher, and so we'll have it fantastic as an end user. 223 00:16:14.120 --> 00:16:18.320 Some of the things that we know have thought of thought through in the last 224 00:16:18.360 --> 00:16:21.720 few years is your experience. If you are kind of new to Fiddler and 225 00:16:21.759 --> 00:16:25.600 you're kind of getting started right so to Fiddler everywhere you have you know, 226 00:16:25.639 --> 00:16:29.960 one installer that you know recognizes your OS, and you you install it for 227 00:16:30.039 --> 00:16:33.759 Mac, Windows are you know, or Linux, and then it can be 228 00:16:33.759 --> 00:16:37.480 a little overwhelming because Fiddler is essentially a network proxy, so everything on your 229 00:16:37.519 --> 00:16:41.399 machine goes through that. So when you open it up for the first time, 230 00:16:41.440 --> 00:16:45.519 it starts capturing just about everything. It's just a lot of streaming data. 231 00:16:45.799 --> 00:16:48.759 So we think about you know, experiences like filters, so you can 232 00:16:48.799 --> 00:16:52.039 you know, turn things on and off as you go. Maybe you don't 233 00:16:52.120 --> 00:16:55.159 want, you know, it's a kind of a little embarrassing because you see, 234 00:16:55.200 --> 00:16:57.559 you know, Apple and Google and Microsoft, everybody calling home with all 235 00:16:57.559 --> 00:17:00.480 of their services, so you can turn those things off. You can just 236 00:17:00.519 --> 00:17:04.400 say, show me network for just this app and nothing else, show me 237 00:17:04.480 --> 00:17:08.000 only local host and nothing else, shown me only four or force and nothing 238 00:17:08.039 --> 00:17:11.839 else. So filtering and you know, giving you all the knobs and buttons 239 00:17:11.920 --> 00:17:15.079 when you do your traffic capturing. That's important for us. You know, 240 00:17:15.119 --> 00:17:18.720 little things like you know, dark mode and like mode support, so that 241 00:17:18.799 --> 00:17:22.160 we're not you know, uh, forcing people to work in a certain way. 242 00:17:22.359 --> 00:17:26.279 That's important and we kind of want to keep you there once you're there, 243 00:17:26.359 --> 00:17:29.920 you don't need to you know, open up anything else. You know. 244 00:17:30.079 --> 00:17:33.680 API composition is important for you know, anytime you are going from your 245 00:17:33.799 --> 00:17:37.319 you know client apps to another you know service. So I'll let you you 246 00:17:37.319 --> 00:17:41.680 know, have a nimble API composer that lets you you know, do things 247 00:17:41.039 --> 00:17:45.519 with authentication with you know, service packets going in and out and you know, 248 00:17:45.640 --> 00:17:48.200 just fine tuning it. Maybe you're working in a team. Maybe you 249 00:17:48.279 --> 00:17:51.119 have a you know, middleware team, and you have a client services team, 250 00:17:51.119 --> 00:17:52.240 you have a database team, all of them, can you know talk 251 00:17:52.279 --> 00:17:56.440 through those APIs and you know, get a nice team collaboration going. Now. 252 00:17:56.559 --> 00:18:02.160 Is some Fiddler an open source product. It isn't on open sourcities coosed 253 00:18:02.160 --> 00:18:08.559 source, but we are working well with different people who are helping cussing them. 254 00:18:08.960 --> 00:18:12.519 When you want to have a feature that is uh, let's say HTP 255 00:18:12.599 --> 00:18:18.119 two or JRPC, we're trying to find people who are actually using those protocols, 256 00:18:18.200 --> 00:18:22.799 those versions and try to work with them on the specification of the feature, 257 00:18:22.880 --> 00:18:26.920 on the requirements, and then on testing this feature. We are always 258 00:18:26.920 --> 00:18:32.240 trying to to quote in the application only feature that we have designed and tested 259 00:18:32.279 --> 00:18:37.359 with its external users because yeah, as I've mentioned already, the important part 260 00:18:37.440 --> 00:18:41.319 is to help the people and to ensure that we solve various cases or something 261 00:18:41.359 --> 00:18:45.279 that we think we will solve. Okay, so so it's now our Is 262 00:18:45.279 --> 00:18:49.119 it only a retail product there? Yeah, it is commercial, so okay, 263 00:18:49.279 --> 00:18:53.000 we do a lot of open source work. The reality is, you 264 00:18:53.039 --> 00:18:56.799 know, rosen and we have to feed our kids, ensure sneering is expensive. 265 00:18:57.200 --> 00:19:00.799 So Fiddler Classic it's in the state the way it is you know, 266 00:19:00.839 --> 00:19:04.640 always free for windows, but Fiddler Everywhere has been you know, three or 267 00:19:04.680 --> 00:19:10.400 four years. It's stuff engineering, so it's behind a little subscription model, 268 00:19:10.519 --> 00:19:12.759 which is you know, the cost of a cup of coffee for a month. 269 00:19:14.039 --> 00:19:17.400 Sure, all right, Yeah, so there is still the original free 270 00:19:17.400 --> 00:19:21.640 product, admittedly with a whole lot of updates, you know, still being 271 00:19:21.759 --> 00:19:23.640 maintained. The win i net product is out there. But if you want 272 00:19:23.680 --> 00:19:27.480 the everywhere product, that one's retail. Yeah, absolutely, yeah, because 273 00:19:27.480 --> 00:19:32.640 I mean it has extra things that are you know, starting to not quite 274 00:19:32.759 --> 00:19:37.440 be everywhere, right because like all of the you know, latest innovations have 275 00:19:37.519 --> 00:19:41.200 been on Fiddler Everywhere. You know, how you build rules and how you 276 00:19:41.279 --> 00:19:44.640 work with teams and that type of stuff is particularly you know, very heavy 277 00:19:44.640 --> 00:19:47.640 on Fiddler Everywhere. Yeah, for sure. Yeah, Well it's good that 278 00:19:47.839 --> 00:19:49.359 it's good that you have that, and I think that's that's a fair thing. 279 00:19:49.400 --> 00:19:52.759 You have a free product and if you need more, you pay for 280 00:19:52.799 --> 00:19:59.200 more. Yeah, that's fine. When did work start on Everywhere resin? 281 00:20:00.359 --> 00:20:06.119 I think it was back in the two thousand and nineteen, but the first 282 00:20:06.119 --> 00:20:11.720 official version came out in twenty twenty in the COVID time, so that's when 283 00:20:11.759 --> 00:20:18.160 it was born, and it was released in July twenty twenty, but the 284 00:20:18.279 --> 00:20:25.519 actual working ideas for having a cross platform two started earlier. One of the 285 00:20:25.559 --> 00:20:30.599 important things that we wanted to do is to ensure that we have modern technologies. 286 00:20:30.720 --> 00:20:34.440 So you know that feed were classic is using quin forms. It is 287 00:20:36.000 --> 00:20:40.400 really hard to write the whole thing, and too if you need to change 288 00:20:40.400 --> 00:20:47.519 something, there's a lot of logical many different places I've written other winforced application. 289 00:20:47.839 --> 00:20:52.279 I like the technology, but still it doesn't give you the flexibility of 290 00:20:52.279 --> 00:20:57.519 the modern technologies. So once we decided that we need to write a new 291 00:20:57.599 --> 00:21:02.480 duo, it was more of a decision of list and we decided to use 292 00:21:02.599 --> 00:21:07.319 electron anuer and dot net for this, So it's actually an electron based application. 293 00:21:08.119 --> 00:21:12.960 Uh. In the anguer parts we are building just a seeing layer of 294 00:21:14.000 --> 00:21:18.680 FEI and the full work is again in the dot net part of the application, 295 00:21:18.279 --> 00:21:22.039 but still in the in the anjuer part, we manage to use our 296 00:21:22.599 --> 00:21:27.920 intelric controls or can do in this case, and we manage to handle a 297 00:21:27.920 --> 00:21:33.400 lot of data inside inside that you are you know some already mentioned that when 298 00:21:33.400 --> 00:21:37.839 you start feedwor and you notice how everyone is doing a lot of requests. 299 00:21:37.960 --> 00:21:42.720 For example, we have a feature that allows you to start a new instrumented 300 00:21:42.799 --> 00:21:47.960 browser. We call it instrument but it's actually clean instance of a Chromium browser, 301 00:21:48.480 --> 00:21:52.599 and once you start it, we capture everything from it. It's automatically 302 00:21:52.200 --> 00:21:57.079 um targeting the feedwork proxy. So what you will notice if you if you 303 00:21:57.200 --> 00:22:00.880 do it, is that even from the moment when the browser starts to the 304 00:22:00.920 --> 00:22:06.039 first request that you want to execute, for example, Google for soffic or 305 00:22:06.079 --> 00:22:10.680 whatever you do, you see at least three hundred requests for trucking, for 306 00:22:11.240 --> 00:22:15.200 analytics for whatever it is. Wow, So it's either visible there well, 307 00:22:15.200 --> 00:22:18.480 and it gets back to the classic problem of all of these kinds of logging 308 00:22:18.480 --> 00:22:22.720 tools, which is like you are facing a fire hose, just a huge 309 00:22:22.759 --> 00:22:26.720 amount of data and somewhere in there is the one little bit of information you 310 00:22:26.799 --> 00:22:32.279 wanted that's exactly right because you know it's it's a lot, and that's where 311 00:22:32.279 --> 00:22:34.279 the filtering really comes in handy. And you know, to Rosen's point, 312 00:22:36.039 --> 00:22:40.160 you have to understand how Fiddler is working. It is a low level network 313 00:22:40.240 --> 00:22:44.720 proxy, so everything on your machine goes through that and there is no escaping 314 00:22:44.759 --> 00:22:47.880 every you know, every time Visual Studio calls home, everything is loved. 315 00:22:47.960 --> 00:22:49.920 So you really need to you know, get down to exactly what you want 316 00:22:49.960 --> 00:22:53.920 to see. And this may not be an option if you are on a 317 00:22:55.000 --> 00:22:57.240 machine that is really heavily locked down, because you need do need to be 318 00:22:57.279 --> 00:23:02.279 an admising new machine because it's not just the tool. We would ask you 319 00:23:02.319 --> 00:23:06.039 to trust some certificates so we can you know, crack open some you know 320 00:23:06.119 --> 00:23:10.920 encryption with HDPS. So maybe you're on a machine that ID has you know, 321 00:23:11.000 --> 00:23:12.720 really locked down, but you still want to be able to see your 322 00:23:12.759 --> 00:23:18.119 app and debugg network. So that's where that in built browser comes in. 323 00:23:18.359 --> 00:23:21.599 So that is already preconfigured. You don't need to ask for an immitis permission 324 00:23:21.640 --> 00:23:25.480 anything on that app. Fiddler will automatically capture even if you do not let 325 00:23:25.519 --> 00:23:27.599 it have all the permissions. I'm kind of blown away by the idea that 326 00:23:27.640 --> 00:23:33.400 you can build an angular Electron app that can get that low level. Yeah, 327 00:23:33.440 --> 00:23:36.319 so Rosen kind of set it out loud, but I was going to 328 00:23:36.480 --> 00:23:40.079 present this as maybe a trivia because you know, when you talk about a 329 00:23:40.160 --> 00:23:44.559 truly cross platform app nowadays, there aren't you know, too many options out 330 00:23:44.599 --> 00:23:48.440 there on the table, and you know, Electron and we talk about dot 331 00:23:48.519 --> 00:23:51.319 m Malby and all of those things. But you know, this is battle 332 00:23:51.359 --> 00:23:53.440 tested, and this has been out there for you know, ten plus years. 333 00:23:53.480 --> 00:23:56.640 How Electron has worked. If you know what you're doing and if you 334 00:23:56.640 --> 00:24:00.039 can manage your footprint, this truly works. I mean, so many of 335 00:24:00.039 --> 00:24:06.039 our apps every day that we use our Electron apps and within that the front 336 00:24:06.119 --> 00:24:10.119 end being angular. This is you know, kudus to the team because we 337 00:24:10.160 --> 00:24:12.559 get asked a lot, like when you look at our telleric UI for all 338 00:24:12.599 --> 00:24:15.400 of the dot Net things, kender ui for all of the JavaScript things. 339 00:24:15.920 --> 00:24:19.799 We care about performance because we care about how developers you know, you know, 340 00:24:19.839 --> 00:24:26.200 work with our tools. Nothing says like dog fooding more than Fiddler because 341 00:24:26.319 --> 00:24:30.519 what you see in Fiddler user interface it's Kender UI grids and you know, 342 00:24:30.559 --> 00:24:36.359 list views and talk about performance. This is like hundreds and thousands of things 343 00:24:36.440 --> 00:24:41.240 just streamed into a single app NonStop. So yeah, we're proud of how 344 00:24:41.359 --> 00:24:45.279 we have been able to utilize our own UI in building something. Can you 345 00:24:45.480 --> 00:24:48.200 talk a little bit about the rule builder. This is an intriguing feature for 346 00:24:48.279 --> 00:24:55.599 me. Right. So rule builder essentially is for you to fine tune what 347 00:24:55.720 --> 00:25:00.359 type of traffic you want to capture and then what rules apply to sorta types 348 00:25:00.400 --> 00:25:03.839 of traffic. So if me and Rosen are working together and I am building 349 00:25:03.880 --> 00:25:07.880 the back end for an app, then when his client side app wants to 350 00:25:07.920 --> 00:25:11.119 call in, maybe he doesn't want to go to the internet, maybe just 351 00:25:11.160 --> 00:25:15.200 wants to come and hit my box, my machine. So that's one instance. 352 00:25:15.400 --> 00:25:18.200 Or maybe you want to test out an app. And again this is 353 00:25:18.240 --> 00:25:22.559 where we have worked a lot with people who have been using Fiddler Classic for 354 00:25:22.559 --> 00:25:26.640 a long time. We don't want to break their workflows. People use Fiddler 355 00:25:26.680 --> 00:25:30.359 for performance tuning a lot. Right, So you are building an app and 356 00:25:30.400 --> 00:25:34.000 people are using your app in a variety of settings. If it's a pa. 357 00:25:34.200 --> 00:25:37.119 Maybe you are going from you know, five G, four G all 358 00:25:37.160 --> 00:25:41.200 the way down to you know, almost no connectivity when you walk into a 359 00:25:41.240 --> 00:25:45.119 plane. So how does your app experience look like? What if your jab 360 00:25:45.200 --> 00:25:48.160 script, apps or you know resources cannot be delivered? What if your CSS 361 00:25:48.240 --> 00:25:55.400 or images are bloated and they're not working right? These are all things well 362 00:25:56.039 --> 00:25:57.559 health wise, you might be in a very good spot, I guess, 363 00:25:59.720 --> 00:26:03.839 but fine tuning those things like what if your videos stop working? What if 364 00:26:03.839 --> 00:26:07.039 your you know, images are missing? What if your jobscript doesn't get delivered 365 00:26:07.039 --> 00:26:10.440 on time? Those are all things that rule builder is very very good with. 366 00:26:10.880 --> 00:26:14.319 It lets you, you know, control exactly what the experience is. 367 00:26:14.359 --> 00:26:18.200 When somebody makes a request and you essentially get to be the middle person between 368 00:26:18.640 --> 00:26:22.559 that request and what comes back to a client who's making that request. You 369 00:26:22.599 --> 00:26:26.200 get to fake it, You get to you know, slow it down, 370 00:26:26.319 --> 00:26:29.039 you get to not deliver things. So truly, you know, fine tuned 371 00:26:29.039 --> 00:26:32.440 the experience. But Rose and what did I miss? Oh? I think 372 00:26:32.440 --> 00:26:36.960 you've mentioned only the health of the powerful features. There wasn't there? You 373 00:26:37.000 --> 00:26:42.559 go? Even I cannot cannot give exactly the amount of items that you can 374 00:26:42.599 --> 00:26:48.079 do do with this future because it's really powerful. It allows you too much 375 00:26:48.440 --> 00:26:52.119 the request based on the request or the response theater, for example, it 376 00:26:52.200 --> 00:26:57.880 allows you too much even by the certificate a certifty validity. And then there's 377 00:26:57.880 --> 00:27:02.799 something with this traffic and even market. You can modify it, you can 378 00:27:03.319 --> 00:27:07.119 replace it, or you can just return some errors or even do nothing, 379 00:27:07.160 --> 00:27:08.799 just deft market, so it too be easier for you to spot it in 380 00:27:08.839 --> 00:27:12.640 the in the grid. I'm reminded of that Boston song. More than a 381 00:27:12.680 --> 00:27:18.920 filter, isn't that energeez? I see my merry network traffic come in my 382 00:27:19.039 --> 00:27:23.039 way now, And I guess that's your point that filtering is easy. I 383 00:27:23.039 --> 00:27:26.319 only want to see that stuff. But now what do you do with it? 384 00:27:26.359 --> 00:27:29.920 You can change it, you can modify it. That's the beauty of 385 00:27:29.920 --> 00:27:33.680 that rules engine. In't that that's right? And also, you know how 386 00:27:33.720 --> 00:27:37.359 I use Fiddler might be different from how you use Fiddler, right, Right, 387 00:27:37.440 --> 00:27:40.720 all depends on the type of ad that you're building. You know, 388 00:27:40.799 --> 00:27:44.519 all of the web folks are cool, but I'm an old school guy. 389 00:27:44.680 --> 00:27:48.720 I am start doing my desktop as nowadays I'm doing a lot of you know, 390 00:27:48.000 --> 00:27:52.240 cross plat from mobile and the moment you go to iOS or Android, 391 00:27:52.720 --> 00:27:56.000 things fall apart very quickly because you want to be able to see those API 392 00:27:56.079 --> 00:28:00.319 calls and the traffic going to the devices, but you can't very easily. 393 00:28:00.319 --> 00:28:03.559 So this is where I have it used and set up is I will have 394 00:28:03.920 --> 00:28:07.720 you know, Fiddler be my one network proxy. I know my IP address 395 00:28:07.799 --> 00:28:11.200 of my machine, and Fiddler essentially opens up one port and so I can 396 00:28:11.279 --> 00:28:15.039 make all of my iOS or Android devices instead of you know, I can 397 00:28:15.079 --> 00:28:18.119 be on the same WiFi as you know, my home computer, but I 398 00:28:18.119 --> 00:28:22.559 can make all of that go through my IP and that that's the way I 399 00:28:22.640 --> 00:28:26.519 have it set up. So I'm building an iosapp, I want that specific 400 00:28:26.640 --> 00:28:32.359 rule to come into play when I'm hitting Rosen's endpoint and I just want to 401 00:28:32.359 --> 00:28:34.839 see all of the traffic going in and out of my mobile devices. That's 402 00:28:34.880 --> 00:28:38.960 really cool. And that's stuff that you can't do without a proxy or I 403 00:28:40.000 --> 00:28:42.680 mean, you can't just like write a WPF app that listens to a port 404 00:28:42.759 --> 00:28:47.960 with HTTP, you know, the little server, and you expect to hit 405 00:28:48.000 --> 00:28:51.000 that from a mobile device connected to your Wi Fi. It just doesn't work. 406 00:28:51.319 --> 00:28:55.880 Yeah. Also, that's where the rules coming can because for example, 407 00:28:55.920 --> 00:29:00.160 if your building a mobile application and then it hits some some endpoint, if 408 00:29:00.160 --> 00:29:03.680 you want to test it to what happens when the the end point is down, 409 00:29:03.720 --> 00:29:07.599 when it's returns four or four or three or whatever. Instead of rebuilding 410 00:29:07.599 --> 00:29:12.319 the whole application or the server, you can just use feedwer return there's ball 411 00:29:12.359 --> 00:29:18.000 that you want and see how that because without wantifying your applications, neither the 412 00:29:18.680 --> 00:29:22.359 mobile up, neither the server. So I don't actually have to stop the 413 00:29:22.359 --> 00:29:26.359 server anymore. I can just spoof the four or four. Yeah, this 414 00:29:26.519 --> 00:29:33.160 is not fun. You guys are taking away my fun is kind of an 415 00:29:33.160 --> 00:29:36.279 extremely It's it's more like, how about I slow you down? Yeah, 416 00:29:36.400 --> 00:29:41.799 and then then see how you're up to the old dot net rocks trope knock 417 00:29:41.880 --> 00:29:49.559 knock, who's there? Java? And with that, we're going to take 418 00:29:49.599 --> 00:29:56.680 a brief break for this very important message. There's always something new from our 419 00:29:56.680 --> 00:30:02.960 sponsor, text Control. As developer, do you need to integrate PDF generation, 420 00:30:03.240 --> 00:30:07.519 document editing, or electronic signatures into your asp net Corp or Angular applications? 421 00:30:08.000 --> 00:30:12.200 Or you want to learn more about the differences between electronic and digital signatures. 422 00:30:12.480 --> 00:30:18.920 Text Control is offering a free consulting service to educate you about digital document 423 00:30:18.000 --> 00:30:22.960 processing and how text control products can help you add these features to your applications. 424 00:30:23.519 --> 00:30:29.279 Go to text control dot com, slash contact and request your free personal 425 00:30:29.400 --> 00:30:36.880 consultation. Then we're back. It's died at Rocks. I'm Richard Cabal. 426 00:30:36.960 --> 00:30:40.440 That's Carl Franklin, Yo yo yo, talking to our friend Sam and Rosen 427 00:30:40.519 --> 00:30:45.039 a bit about the new Fiddler, the Fiddler everywhere, and immediately getting all 428 00:30:45.039 --> 00:30:48.240 these ideas of horrible things I could do to people with this tool. This 429 00:30:48.400 --> 00:30:52.200 tool is the ultimate man in the middle attack tool. Dude, do you 430 00:30:52.359 --> 00:30:56.759 have your evil on? Is your evil showing? I mean, think about 431 00:30:56.799 --> 00:31:00.839 the trouble you could talk with two well, I mean any proxy you can 432 00:31:00.920 --> 00:31:03.720 get in trouble with, right, Yeah, cities as suities. You are 433 00:31:03.839 --> 00:31:07.440 literally in the middle. Yeah, you get to do all kinds of nutty 434 00:31:07.519 --> 00:31:12.440 things. So if if I'm on a developer team, I should probably ask 435 00:31:12.559 --> 00:31:17.279 my IT people if I can actually use this, shouldn't I as long as 436 00:31:17.319 --> 00:31:19.559 your dad man, you should be good. But you know life Ward said, 437 00:31:19.599 --> 00:31:23.960 with great power comes responsibility. It says a lot of yes, fiddler 438 00:31:25.079 --> 00:31:30.000 on your hands, it's your foot, your network, right, Yeah, 439 00:31:30.119 --> 00:31:33.000 you could mess some stuff up here without it, thought, yeah, right, 440 00:31:33.160 --> 00:31:34.799 but only for the traffic in and out of your machine. You don't 441 00:31:34.920 --> 00:31:41.440 really go further afield than that. Yeah right, But the practical gems installing 442 00:31:41.480 --> 00:31:45.079 it out of friends machine are endless hours of fun, hours of fun. 443 00:31:45.599 --> 00:31:48.559 Yeah. Well, and maybe even you don't even need the full Fiddler to 444 00:31:48.640 --> 00:31:52.559 be installed if you're just trying to message, you're trying to the gem and 445 00:31:52.680 --> 00:31:56.559 the cap comes in. Yeah. So I was thinking with Fiddler Core, 446 00:31:56.039 --> 00:32:01.839 it's like I could be dynamically putting ads on every page that talks specifically about 447 00:32:02.000 --> 00:32:07.279 you, you know, you know. On my other show Security this week, 448 00:32:07.359 --> 00:32:14.759 we have a little theme song. It goes like this criminal career advice. 449 00:32:15.440 --> 00:32:19.400 Nice. Yeah, all right, anyway, where were we? Let's 450 00:32:19.440 --> 00:32:22.559 talk about some more features of Fiddler that we might not be talking about, 451 00:32:22.640 --> 00:32:29.920 like the API composer. What's the API composer? So think about you hitting 452 00:32:30.160 --> 00:32:32.599 any type of API. Could be you know, just a back end service 453 00:32:32.680 --> 00:32:37.319 that you know, somebody else on your team is building or another team, 454 00:32:37.519 --> 00:32:40.359 or could be you know, an API halfway across the world. You want 455 00:32:40.400 --> 00:32:44.720 to you know, you a moddel with things as you're hitting that API, 456 00:32:44.880 --> 00:32:47.799 you want to see what are the parameters that I can send in what comes 457 00:32:47.880 --> 00:32:52.319 back? Is it Jason? Is it something else? How can I format 458 00:32:52.440 --> 00:32:55.599 think? How can I be the man in the middle and you know totally 459 00:32:55.799 --> 00:32:59.279 you know, tweak everything that's going in and out. So that's what the 460 00:32:59.319 --> 00:33:01.680 APA composer, or is maybe something said behind an odd wall and you get 461 00:33:01.720 --> 00:33:05.640 to you know, fake things if you want it to be. So it 462 00:33:05.839 --> 00:33:08.200 is, you know, just an API composer that you expect from a full 463 00:33:08.279 --> 00:33:13.640 featured app like you know Fiddler, right, So it's not so much the 464 00:33:13.720 --> 00:33:19.200 API composers, the API call composer. Maybe it's the client that hits the 465 00:33:19.279 --> 00:33:22.200 API. Yeah, sure, And it can be both ways. Like if 466 00:33:22.279 --> 00:33:25.599 if your client application is hitting an API, then off all of that will 467 00:33:25.640 --> 00:33:29.480 be captured as you know, network sessions and by the way, I can 468 00:33:29.559 --> 00:33:31.799 save my sessions and then Rosin can you pull up my same sessions, my 469 00:33:31.960 --> 00:33:37.000 sessions on his Fiddlers. So that's nice. But if I am building an 470 00:33:37.039 --> 00:33:38.759 API, or if I'm you know, reaching out to an API that I 471 00:33:38.880 --> 00:33:44.680 do not have any control over, this gives me the visibility to understand how 472 00:33:44.759 --> 00:33:47.200 that API endpoint is working, you know, especially when it comes to crowd 473 00:33:47.279 --> 00:33:51.759 operations, create a read update and the leader I need to know exactly what 474 00:33:52.079 --> 00:33:53.960 I need to send in and what comes back. So it gives me a 475 00:33:54.039 --> 00:33:59.559 visibility and you know, sometimes it also not quite API composition. But some 476 00:33:59.640 --> 00:34:01.480 of the new are things that we have done that Rosen and team have done 477 00:34:01.519 --> 00:34:06.640 really helped me out as a modern developer because I do web sockets. You 478 00:34:06.720 --> 00:34:07.840 know, I do a lot of signal art these days, you know, 479 00:34:08.159 --> 00:34:13.800 especially with lem Blazer server side with you know, dot net, Mary h. 480 00:34:13.960 --> 00:34:15.920 You know, I do a lot of real time apps. And now 481 00:34:15.000 --> 00:34:20.079 I can you know, step into a web sockets connection and it'll show up 482 00:34:20.079 --> 00:34:22.719 as a different connection. It's not you know, multiple HTP requests going back 483 00:34:22.719 --> 00:34:28.039 and forth. It's one connection and then you can dive into and see what 484 00:34:28.239 --> 00:34:31.039 the server and the client are talking about um and it's it could be Jason, 485 00:34:31.119 --> 00:34:35.760 could be you know, protobuff. But that's something we're excited about. 486 00:34:35.880 --> 00:34:40.199 And as we are speaking today, Rosen tells me that we are actually very 487 00:34:40.280 --> 00:34:45.719 close to putting out a build and a release that has g RPC support. 488 00:34:45.880 --> 00:34:50.440 Is that right, Rosen? Yes, I'm exactly a sugumationed So in the 489 00:34:50.480 --> 00:34:52.880 next two days, hopefully we'll have it out. And what will happened is 490 00:34:52.920 --> 00:34:59.280 that FED allow you to have the one HTP two is enabled to capture JRPC 491 00:34:59.400 --> 00:35:02.039 traffic. For this version, it will be in better state, so we 492 00:35:02.039 --> 00:35:06.559 will not be able to decode the traffic. But in the future, if 493 00:35:06.559 --> 00:35:10.559 there is an interesting interest from the people, will probably introduce functionality so you 494 00:35:10.639 --> 00:35:15.920 can give your protofiles and feed or you'll be able to decode them and make 495 00:35:15.000 --> 00:35:19.599 them human ratable for you. But for this release, we'll capture the traffic. 496 00:35:19.679 --> 00:35:23.639 We'll capture all of the communication that happens through gRPC in all the four 497 00:35:23.760 --> 00:35:29.920 modes bi directional modes, server only, and all of those. You also 498 00:35:30.000 --> 00:35:32.800 have the x inspector, which will allow you to Yeah, you'll not see 499 00:35:32.840 --> 00:35:37.559 the fully decoded message, but you'll be able to at least the text part 500 00:35:37.639 --> 00:35:39.079 of it. You'll see some of the symbol there. Now, we could 501 00:35:39.079 --> 00:35:45.599 already do gRPC web before because that's the store htps, right, but yeah, 502 00:35:45.800 --> 00:35:49.960 but gRPC what you're talking about, is the one that requires HDUP two. 503 00:35:50.280 --> 00:35:54.079 A lot of dat net developers don't use that right because of you know, 504 00:35:54.199 --> 00:35:58.280 Azure and didn't support HDP two. I think it does now, but 505 00:35:58.400 --> 00:36:00.280 I'm not sure. Yeah, yeah, it does not. And things are 506 00:36:00.360 --> 00:36:05.960 coming along. I mean, anybody who's using microservices has to depend on that. 507 00:36:06.679 --> 00:36:09.199 So and the case we dot net is welcoming gRPC, but you know, 508 00:36:09.360 --> 00:36:14.159 open open arms. So things are moving along, and you know, 509 00:36:14.239 --> 00:36:16.519 we want to make sure we are set up for you know, the next 510 00:36:16.599 --> 00:36:22.280 you know, five to six years as you know gRPC growths people. That's 511 00:36:22.320 --> 00:36:25.800 true, the guy. Yeah, And however, is your you know, 512 00:36:27.280 --> 00:36:30.599 the way in which your serialization decla works. We don't care like just as 513 00:36:30.639 --> 00:36:35.199 long as it's network we can capture it. Yeah, as as we can 514 00:36:35.280 --> 00:36:38.880 decrypt it because you've got the right searts in the right places right now. 515 00:36:38.960 --> 00:36:44.039 All of this is essentially for developers everything that we have talked about, and 516 00:36:44.280 --> 00:36:45.880 again this is how I work. Is like, this is part of my 517 00:36:46.199 --> 00:36:51.480 you know, deaf tool chain because I use this every day as I'm building 518 00:36:51.519 --> 00:36:53.800 you know, modern web mobile or desktop apps. But we have to think 519 00:36:53.840 --> 00:36:58.039 about, you know, the other side of the story when it comes to 520 00:36:58.559 --> 00:37:00.639 end users or you know, your QA people when they are testing, maybe 521 00:37:00.679 --> 00:37:05.119 they can poke holes in my app and you know, figure out things that 522 00:37:05.199 --> 00:37:07.599 I have not tested it right. So if you give them Fiddler, they 523 00:37:07.639 --> 00:37:13.360 can poke around all of those endpoints and try shutting things on and off, 524 00:37:13.559 --> 00:37:15.280 slowing things down, or you know, speaking things up, and just try 525 00:37:15.360 --> 00:37:19.440 to figure out all the different ways in which your app can be broken. 526 00:37:19.559 --> 00:37:22.280 So it is, you know, really good for QA people. But then 527 00:37:22.400 --> 00:37:27.239 once your app, you know, hits uh. You know the end users, 528 00:37:27.760 --> 00:37:30.519 you want to know what's going on, and the classic you know works 529 00:37:30.519 --> 00:37:34.719 on my machine but doesn't work on yours. That should not be an excuse 530 00:37:34.800 --> 00:37:37.239 anymore. You should be able to see exactly what the user is experiencing, 531 00:37:37.639 --> 00:37:40.719 and that's where you know, the end user capturing tools come in. That 532 00:37:40.920 --> 00:37:45.440 is, you know Fiddler jam and you know Fiddler cap. You mentioned that 533 00:37:45.599 --> 00:37:49.039 you could be working with somebody else in your team, and I see that 534 00:37:49.159 --> 00:37:53.320 there's some features for team collaboration in the app, So tell me how that 535 00:37:53.440 --> 00:37:57.599 works. What you can do in the inside the application is kept or some 536 00:37:57.760 --> 00:38:01.360 sessions. For example, you may say that you have faced an issue and 537 00:38:01.679 --> 00:38:06.480 then you can share them with specific emails. For example, you can share 538 00:38:06.480 --> 00:38:09.840 them with me and you can even mark the sessions, let's say four of 539 00:38:09.960 --> 00:38:14.920 them in with right backgrounds just to note that I need to take a look 540 00:38:14.960 --> 00:38:16.920 at those four or you can even write a comment on each of them and 541 00:38:17.039 --> 00:38:23.519 say I see something inaccurate here. What will happen is that if fedure is 542 00:38:23.559 --> 00:38:30.000 running on my side, I will receive a notification and I will be able 543 00:38:30.039 --> 00:38:35.559 to download this all of those sessions immediately and inspect them. And I can 544 00:38:35.880 --> 00:38:39.679 even update the comment mark the sessions in a different way, or even update 545 00:38:39.760 --> 00:38:43.400 them in some way. For example, I can fix some of the parameters. 546 00:38:44.079 --> 00:38:46.880 On your side where feedwa is working, you also automatically receive all of 547 00:38:47.000 --> 00:38:52.599 those updates, so we can work together to inspect and investigate what is causing 548 00:38:52.679 --> 00:38:58.559 the issues if it's one part of the of the sharing. In addition, 549 00:38:58.679 --> 00:39:04.000 what you can at this password protection because we know that the sessions can contain 550 00:39:04.079 --> 00:39:07.320 a lot of safety of information, passwords, tokens. If you add this 551 00:39:07.400 --> 00:39:14.360 password, it will be quiet science encryption and you shouldn't worry about that if 552 00:39:14.360 --> 00:39:19.360 you go through our servers and what will happen there because it will be already 553 00:39:19.400 --> 00:39:22.639 encrypted and all the people who have the password will be able to decrypt it 554 00:39:22.000 --> 00:39:28.880 well. Cool. The safe can happen with APR requests. As some already 555 00:39:28.960 --> 00:39:31.840 mentioned, we have the ability to compose some of those APR requests. I 556 00:39:31.960 --> 00:39:36.039 often use them, by the way, when I do some reverse engineering, 557 00:39:37.559 --> 00:39:40.559 it's kind of useful for me to capture the traffic to see what a specific 558 00:39:40.639 --> 00:39:46.280 web publication is doing, and then get some of the requests directly editing the 559 00:39:46.519 --> 00:39:51.960 composer. And of course I try to remove all of the of the headers 560 00:39:52.000 --> 00:39:55.039 and prodactors just to see which which of them I actually need, and plus 561 00:39:55.119 --> 00:40:00.760 I have a successful request, then what I actually do is just export the 562 00:40:00.880 --> 00:40:05.440 request in as a script. Feedwork has this capability that you can export the 563 00:40:06.039 --> 00:40:12.239 already built requesting in an old script or cur request or whatever you need, 564 00:40:12.920 --> 00:40:17.239 and then I used inside my applications. So what I can do in this 565 00:40:17.360 --> 00:40:22.159 case is save this request that I've already captured. I can save it as 566 00:40:22.159 --> 00:40:23.840 a collection, and if I want to share it with my team, I 567 00:40:23.880 --> 00:40:28.960 can do it again with emails. And the last part for the moment is 568 00:40:29.000 --> 00:40:31.119 the sharing of the rules. We've already mentioned how powerful they can be. 569 00:40:31.559 --> 00:40:37.400 You can spend a lot of time building your rules. For example, we 570 00:40:37.599 --> 00:40:43.719 have our own rule sets that helps us test fedure everywhere yeah, it may 571 00:40:43.760 --> 00:40:47.920 be surprising, but in some cases our case are using feedwork everywhere to tested 572 00:40:49.039 --> 00:40:52.280 or everywhere to see how that we behave if you have a failure in specific 573 00:40:52.400 --> 00:40:59.400 endpoints. So they have as rules and they can share them with the between 574 00:40:59.440 --> 00:41:01.519 them. When new QUA accounts in the team, they can just share the 575 00:41:01.800 --> 00:41:06.440 those rules and it's easy, beaty to do it. Yeah. You know 576 00:41:06.559 --> 00:41:09.719 you said when you were talking about the rule Builder about being able to change 577 00:41:09.840 --> 00:41:15.480 things, and I don't want to gloss over that. I mean a request 578 00:41:15.559 --> 00:41:19.239 in response mocking is a big part of what that does, and how would 579 00:41:19.320 --> 00:41:23.119 somebody go about using that into one end so I can try taking that so 580 00:41:23.320 --> 00:41:28.679 essentially, and Rosen mentioned a few ways in which teams can work together, 581 00:41:28.760 --> 00:41:32.559 but to me, like the rules Builder is particularly best suited for a collaborative 582 00:41:32.599 --> 00:41:38.000 type of environment because you are really getting down to the details of every request 583 00:41:38.079 --> 00:41:43.599 and response and being able to change everything about. So when I am building 584 00:41:44.000 --> 00:41:46.679 an app that's hitting a certain endpoint, I want to work with Rosen and 585 00:41:46.840 --> 00:41:52.079 I want to save my rules because that is fine tuned to exactly what my 586 00:41:52.199 --> 00:41:54.960 app is hitting and exactly what we're expecting out of it. And if I 587 00:41:55.079 --> 00:42:00.599 can save my rules and have him will up the same on his Fiddler. 588 00:42:00.920 --> 00:42:04.800 Then we are on the same page. We know exactly which api you know, 589 00:42:04.960 --> 00:42:07.760 endpoint we are hitting, what are the parameters going in and out, 590 00:42:07.840 --> 00:42:10.920 and how we can fake things out of the way and all of this. 591 00:42:12.079 --> 00:42:15.599 It sounds a little bit like we are enabling evil. We're just giving you 592 00:42:15.719 --> 00:42:20.639 more power if you think about No, you're in a debugging scenario, just 593 00:42:20.719 --> 00:42:23.880 to understand what's going on exactly. Yeah, absolutely critical. Yeah. I 594 00:42:24.119 --> 00:42:29.960 was thinking about fiddler jam from a tech support perspective and the number of times 595 00:42:30.000 --> 00:42:35.280 I've dealt with a user that has like some ad in that's a weird old 596 00:42:35.360 --> 00:42:38.679 ad blocker or something and is knocking out a feature of the website. And 597 00:42:38.840 --> 00:42:42.880 you could go around in circles for a long time trying to figure out what 598 00:42:42.920 --> 00:42:45.079 the heck that was. But if you saw the Fiddler trace on it and 599 00:42:45.239 --> 00:42:50.880 saw that that message was just not being received and it wasn't making the request, 600 00:42:51.239 --> 00:42:54.119 you've got a pretty good hint that the browsers blocking it are some unhandled 601 00:42:54.280 --> 00:43:01.760 JavaScript error. Damn scripting turned off. If that's the worst case. Yeah, 602 00:43:02.920 --> 00:43:07.039 but you know, again, the idea is you know, your engineering 603 00:43:07.400 --> 00:43:12.880 hours are you know, valuable, and we want to sometimes protect those hours. 604 00:43:12.920 --> 00:43:15.360 And that's where you have you know, layers of you know support, 605 00:43:15.840 --> 00:43:20.199 And to Richard's point, you don't know what people have running on their machines. 606 00:43:20.280 --> 00:43:22.760 Like I am scared to look at my parents' browsers with all of their 607 00:43:22.880 --> 00:43:25.880 extensions, like they can you know, barely see a webpage. It's just 608 00:43:27.000 --> 00:43:30.800 so full of tools because they say yes to everything. But Franklin, this 609 00:43:30.960 --> 00:43:37.679 is at least one hundred and four weather applications inner task bar, right, 610 00:43:37.239 --> 00:43:42.199 So this is a way in which they can hit one small button and it 611 00:43:42.360 --> 00:43:45.519 starts capturing as they're utilizing your app, as they're running through an app, 612 00:43:45.559 --> 00:43:47.880 and if you you know, let it, it will also capture a little 613 00:43:47.880 --> 00:43:51.320 bit of video to go along, like I clicked on this button and you 614 00:43:51.360 --> 00:43:53.480 can see the Fitler logs kind of you know, follow that along. And 615 00:43:54.280 --> 00:43:58.719 once you have that, you can you know, give it off to your 616 00:43:58.760 --> 00:44:01.199 first layer of support and they can say, no, it's that extension thing 617 00:44:01.239 --> 00:44:05.119 that you have blocked toward. It's that other thing that you have turned off 618 00:44:05.159 --> 00:44:07.440 that's you know, not even letting you make the request and responses. But 619 00:44:07.599 --> 00:44:12.320 if it is truly a legitimate, you know, a bug that you want 620 00:44:12.400 --> 00:44:15.079 engineering to take a look at. That's when you just say, of the 621 00:44:15.199 --> 00:44:17.679 same sessions that you capture from fiddler jam and you just load it up in 622 00:44:17.760 --> 00:44:22.239 Fiddler all the way back to your engineering teams who can look at a session 623 00:44:22.360 --> 00:44:24.599 as if their app is running on their local machine. But it's just something 624 00:44:24.639 --> 00:44:29.360 the user has recorded. Yeah, you don't need to reproduce because you literally 625 00:44:29.400 --> 00:44:32.639 have a copy of a causal problem in the first place. You skip all 626 00:44:32.679 --> 00:44:37.239 of that. Yeah, And just to add here regarding fiddler jum, the 627 00:44:37.360 --> 00:44:40.400 one of the most the quest thing about fiddler jum is that it captures not 628 00:44:40.559 --> 00:44:46.599 only the network requests and sum mentioned video, it also keptures your actions. 629 00:44:46.639 --> 00:44:52.400 For example, user clicked on this deep, user scrolled the page, user 630 00:44:52.400 --> 00:44:57.960 or different, whatever you're doing on the on the page, it is captured. 631 00:44:58.280 --> 00:45:01.639 In additional, it captured the the console walks the terrors. So if 632 00:45:01.679 --> 00:45:06.519 you have an extension that is working southing, you'll see it in the console 633 00:45:06.599 --> 00:45:09.119 and you'll see it in the capture walk for fidmore jamp. And the cool 634 00:45:09.119 --> 00:45:14.119 thing is that the extension is free. Everyone can stell it and use it. 635 00:45:15.760 --> 00:45:20.920 The paid features fell from the analysis of those walks. So whilst your 636 00:45:21.079 --> 00:45:24.000 your end users capture the traffic, they will receive a link and they will 637 00:45:24.039 --> 00:45:30.199 send you the link. So you need to have a vicens to open this 638 00:45:30.320 --> 00:45:35.320 link. Cool and then yeah, it just works everywhere. And what's the 639 00:45:35.360 --> 00:45:42.079 difference between JAM and we'll see end cap. It's a JAM is a browser 640 00:45:42.119 --> 00:45:45.599 based extension. Essentially, it's a chromo Chromium based extension for you know, 641 00:45:45.800 --> 00:45:51.000 your browser based web apps. But if you rather have a desktop app that 642 00:45:51.039 --> 00:45:53.559 you want to look into. So fiddler cap is a very lightweight Windows desktop 643 00:45:53.639 --> 00:45:57.920 app. Okay that does the same thing. So it'll capture everything on your 644 00:45:58.079 --> 00:46:02.199 end user's machine without you having to you know, have them run through your 645 00:46:02.400 --> 00:46:06.159 entire app. You can just have it installed and you have them, you 646 00:46:06.239 --> 00:46:08.559 know, execute a few things and you can capture the same looks. Can 647 00:46:08.599 --> 00:46:13.440 I get out of the PC with Fiddler? Can I try and get all 648 00:46:13.440 --> 00:46:17.039 the traffic off of an IoT device? Like do I convince that device to 649 00:46:17.159 --> 00:46:21.599 add to use me as a proxy? Yes, in a way. And 650 00:46:21.920 --> 00:46:23.920 Rosen can speak more to this, but you know, at the end of 651 00:46:24.000 --> 00:46:29.559 the day, anybody who speaks HTTP to an endpoint, you can capture it, 652 00:46:29.760 --> 00:46:32.320 but you will have that you need to have that IoT or any type 653 00:46:32.320 --> 00:46:37.440 of other device be able to go through a machine. Right, So all 654 00:46:37.480 --> 00:46:40.559 of that, you know, devices traffic is also captured. So you ask 655 00:46:40.599 --> 00:46:45.519 the device to speak to you as the gateway so that you can then proxy 656 00:46:45.639 --> 00:46:47.920 through it, which not that hard to do. You said, you can 657 00:46:47.960 --> 00:46:52.440 go and can figure the network settings for that IoT device. You just push 658 00:46:52.480 --> 00:46:54.840 it through that way. So yeah, we are you know, trying to 659 00:46:54.960 --> 00:46:59.559 enable developers to have as much visibility. Again, you know, we are 660 00:46:59.599 --> 00:47:00.960 not trying to be able, but I mean we have had tools like you 661 00:47:01.039 --> 00:47:06.960 know Telarc, you know, disassemble and we'll let you decompile DLLs, so 662 00:47:07.079 --> 00:47:09.239 you really can you know, reverse engineer and look through a lot of things. 663 00:47:09.320 --> 00:47:13.920 But this is you know, just literally power in your hands and full 664 00:47:14.079 --> 00:47:15.920 visibility in your hands, so you know what's going on in your network. 665 00:47:16.400 --> 00:47:20.760 Yeah, I mean I think about low even lower level tools like wire shark, 666 00:47:21.480 --> 00:47:24.639 but now you're just looking at the actual network protocols like it's for a 667 00:47:24.679 --> 00:47:28.400 lot of folks, I think it's too low lew Right, Yeah, you 668 00:47:28.480 --> 00:47:30.440 don't care about a lot of that information. You want to focus on the 669 00:47:30.559 --> 00:47:35.800 application message traffic. It's flowing back and forth. Right, it's that protocol 670 00:47:35.840 --> 00:47:38.840 analyzer. It's a debugging tool. Yeah. And if you care enough about 671 00:47:39.039 --> 00:47:42.920 or if you know what you're doing, especially with you know, proto buff 672 00:47:43.079 --> 00:47:45.760 or you know Rosen mentioned, we have a hex analyzer that shows you the 673 00:47:45.880 --> 00:47:50.719 hex of the requestment responses. That's a little little hardcore for me, but 674 00:47:50.840 --> 00:47:53.199 if you want it, if you understood what assembly looks like, then that 675 00:47:53.280 --> 00:47:57.239 would be a useful tool for you. Oh, you can always write your 676 00:47:57.239 --> 00:48:01.000 own tool, you know, just like you can go grow your own electrons 677 00:48:01.039 --> 00:48:05.000 and make a PC for it. Like, it's a lot of work, 678 00:48:05.199 --> 00:48:07.119 right, I got stuff to do. The goal was to make a tool. 679 00:48:07.159 --> 00:48:10.559 The goal was solved. Problem that the tool already exists. You should 680 00:48:10.559 --> 00:48:14.239 be used the tool. They've thought about things you haven't thought about. Yeah, 681 00:48:14.360 --> 00:48:17.599 yeah, exactly. And something that that we are trying to do is 682 00:48:19.039 --> 00:48:23.840 make it even easier for people to use the tool. For example, when 683 00:48:23.880 --> 00:48:30.960 you want to capture current requests in order to capture them in feed or you 684 00:48:30.000 --> 00:48:34.519 need to provide a specific argument. When you want to do it with no 685 00:48:34.679 --> 00:48:37.880 jess, you need to set some environment variables but instead of doing cool of 686 00:48:37.960 --> 00:48:44.079 those, we are trying to introduce new features inside the application that will automatically 687 00:48:44.159 --> 00:48:46.280 handle those for you. For example, in the next release, we are 688 00:48:46.320 --> 00:48:53.159 going to introduce such such option instrumented terminal that will set all of those for 689 00:48:53.280 --> 00:48:58.239 you and will help you. So instead of wandering, okay, which was 690 00:48:58.280 --> 00:49:00.880 the parameter of how to set it, where to find it and to those, 691 00:49:01.119 --> 00:49:07.679 just run your application through THROUGHDS terminal and the network requests will be captured, 692 00:49:07.719 --> 00:49:13.320 says valid. For the applications with a bit a bits twits regarding the 693 00:49:13.480 --> 00:49:17.840 certificate, you'll be able to run them through through this terminal and twiteout changing 694 00:49:17.960 --> 00:49:23.360 your the configuration inside your application, you'll be able to capture their network traffic. 695 00:49:23.679 --> 00:49:28.159 Right Yeah, So what essentially Rosen is trying to point to is we 696 00:49:28.239 --> 00:49:31.199 are thinking ahead as to what you know, this tool that has been unbeloved 697 00:49:31.280 --> 00:49:35.960 and used you know for decades now by developers, how does this evolve? 698 00:49:36.159 --> 00:49:38.760 And we always want to have developers have all the power. But you know 699 00:49:38.880 --> 00:49:44.000 what's next, Let's think about automation, you know, as we are you 700 00:49:44.119 --> 00:49:46.000 know, and we spend a lot of time on the minute test of things 701 00:49:46.079 --> 00:49:50.199 like the deaf teams do because like those are important, like how you do 702 00:49:50.320 --> 00:49:53.960 your searches are important, how you filter down to every detail is important. 703 00:49:54.039 --> 00:49:58.199 We also have ways in which you can now, you know, take two 704 00:49:58.440 --> 00:50:01.000 rows of sessions. You know, as we are testing our app, one 705 00:50:01.079 --> 00:50:05.159 failed, one worked, and you don't know why, right, So now 706 00:50:05.199 --> 00:50:07.920 you can compare every part of that request, every part of the response to 707 00:50:08.000 --> 00:50:12.880 see exactly what's the difference between two. But all of that again is part 708 00:50:12.920 --> 00:50:15.079 of your deaf workflow. But you know, if you think about automation, 709 00:50:15.239 --> 00:50:19.320 like you want to hit a whole bunch of APIs and you want to see 710 00:50:19.400 --> 00:50:22.679 what's coming back, and you want to have all of this as a script. 711 00:50:22.840 --> 00:50:24.840 Right, So now we'll let you save off your sessions, your request 712 00:50:24.880 --> 00:50:29.320 from responses and open it up in a terminal, open it up as CURL, 713 00:50:29.599 --> 00:50:32.119 and have that as a set of instructions that you do maybe as a 714 00:50:32.199 --> 00:50:37.519 CICD pipeline. So these are things we are thinking ahead as to see how 715 00:50:37.679 --> 00:50:39.920 Fiddler evolves. Yeah, well, I mean, I presume you're not going 716 00:50:39.960 --> 00:50:45.119 to get out of the traffic business. But it's about traffic going in and 717 00:50:45.239 --> 00:50:49.559 out of a device that I appreciate that you're getting into different kinds of traffic 718 00:50:49.599 --> 00:50:54.559 which besides just htps. Of course there's HDP three, But is that really 719 00:50:54.599 --> 00:50:59.639 that much of a stretcher to implement. Are we already you know, using 720 00:50:59.679 --> 00:51:04.920 it? Well, I don't want to spot the news here, but we're 721 00:51:04.960 --> 00:51:07.639 looking at HTP three, okay, and we'll see a lot of what will 722 00:51:07.679 --> 00:51:14.800 happen if people demand for it, then we'll have to do it. Yeah, 723 00:51:14.840 --> 00:51:17.280 I just did a run as episode. We were talking about SMB over 724 00:51:17.440 --> 00:51:22.320 quick, which is HDP three. Just this idea of like no more VPNs, 725 00:51:22.519 --> 00:51:29.800 we want file access but securely and hand fast and those those techniques work 726 00:51:29.880 --> 00:51:32.920 really well, but they still a little lower level than web. Yeah, 727 00:51:34.039 --> 00:51:37.599 and as you mentioned, security it is. Security is quite important for us 728 00:51:37.679 --> 00:51:43.199 and everything what we are doing, we are trying to put all of our 729 00:51:43.400 --> 00:51:47.599 efforts to ensure that we will not expose users information, to ensure that we 730 00:51:47.639 --> 00:51:52.559 will not allow protocol violations. For example, when we were working on the 731 00:51:52.760 --> 00:51:57.559 HTP two, we took a lot of time to ensure that we are actually 732 00:51:57.679 --> 00:52:01.360 following all the requirements of the protocol and if something is broken, to be 733 00:52:01.480 --> 00:52:06.440 sure that we'll show it to the users and to tell them they are made 734 00:52:06.639 --> 00:52:10.280 tools that we all ignore such airs, even rather to it for some of 735 00:52:10.360 --> 00:52:15.920 them. But we prefer to be on the safe site and to sndle those 736 00:52:15.119 --> 00:52:20.199 irs in a different way to show the people that that happened. There might 737 00:52:20.280 --> 00:52:24.119 be some issues or there. One of the latest things that we are introducing 738 00:52:24.320 --> 00:52:29.960 is the you know that when you have a problem with the certificate on some 739 00:52:30.119 --> 00:52:34.079 website, the brothers are trying to pervate it for you, but in some 740 00:52:34.199 --> 00:52:37.519 cases you want to allow it for let's say local whose development or some of 741 00:52:37.599 --> 00:52:43.840 your internal servers. So until now we had an option to ignore all of 742 00:52:43.960 --> 00:52:47.599 those erirors, but we didn't feel comfortable with it because you had to ignore 743 00:52:47.639 --> 00:52:52.400 all of them, not just for the specific certificate and domain. So now 744 00:52:52.440 --> 00:52:55.400 we delay. With the new release, we are going to change this and 745 00:52:55.639 --> 00:53:00.280 you'll be able to set it for all the one of the one of the 746 00:53:00.320 --> 00:53:02.719 certificate that that we have an error. That's cool. So this way we 747 00:53:02.840 --> 00:53:07.960 think that our user feel much safer. Also, we are looking at different 748 00:53:08.039 --> 00:53:15.199 compilacies. We are looking to extend the ability to to ensure that feedwork can 749 00:53:15.280 --> 00:53:20.119 work in different environments. As we've already mentioned, it's working behind wogging. 750 00:53:20.599 --> 00:53:25.119 So we are wondering what will happened if people need to work without in an 751 00:53:25.320 --> 00:53:30.559 restricting environment where they all have no access to our work endpoints. What will 752 00:53:30.599 --> 00:53:34.440 happen there? How they are going to use the application. We know that 753 00:53:34.559 --> 00:53:37.880 we have such urist out there. We just need more information what are the 754 00:53:37.960 --> 00:53:43.159 requirements? And we work on it. Interesting, Yeah, very cool, 755 00:53:44.000 --> 00:53:49.719 very challenging. So what's next? What's on the Fiddle the horizon? Well, 756 00:53:50.199 --> 00:53:52.559 the team has been super busy and we have actually internally, you know, 757 00:53:53.199 --> 00:53:57.559 tried to align you know, it's a big portfolio products we have, 758 00:53:58.559 --> 00:54:00.960 you know, between t Laric and you know can the UI and Fiddler and 759 00:54:01.039 --> 00:54:04.840 side Trinity and all lot of the things we do. So we have been 760 00:54:05.079 --> 00:54:07.559 trying to align some you know, our releases are you know, the major 761 00:54:07.639 --> 00:54:13.079 releases go out together, so you know we're looking at maybe three major releases 762 00:54:13.119 --> 00:54:15.679 in a year for Fiddler with you know, little things in between, service 763 00:54:15.719 --> 00:54:19.880 packs in between. You know, like Rosen said, we are you know 764 00:54:19.960 --> 00:54:22.960 thinking about offline capabilities. Maybe we are working with Fiddler on a plane and 765 00:54:23.199 --> 00:54:27.840 you know maybe you're just doing local hosts and that's fine, so you know 766 00:54:28.159 --> 00:54:30.400 also thinking ahead at you know, what's next with you know, web sockets, 767 00:54:30.480 --> 00:54:35.159 what's next with gRPC? Sure? What are the little level protocols come 768 00:54:35.199 --> 00:54:37.079 along that matter to us? That's true. Yeah, so you know, 769 00:54:37.239 --> 00:54:42.639 enable developers to see everything in your network as best as we can. It's 770 00:54:42.760 --> 00:54:45.159 very cool. Thank you guys. It's been great, great, great work. 771 00:54:45.840 --> 00:54:49.280 All kudos go to you know, Rosen and the team. It's been 772 00:54:49.360 --> 00:54:52.400 you know, several years of engineering, but we are happy where we stand 773 00:54:52.440 --> 00:54:57.199 today. Yeah. I'm sure our listeners will take a first spin and we'll 774 00:54:57.280 --> 00:55:22.000 see them next time on dot neem dot net. Rocks is brought to you 775 00:55:22.079 --> 00:55:28.360 by Franklin's Net and produced by Pop Studios, a full service audio, video 776 00:55:28.480 --> 00:55:32.400 and post production facility located physically in New London, Connecticut, and of course 777 00:55:32.480 --> 00:55:38.840 in the cloud online at pwop dot com. Visit our website at dt nt 778 00:55:39.199 --> 00:55:45.719 r ocks dot com for RSS feeds, downloads, mobile apps, comments, 779 00:55:45.039 --> 00:55:50.239 and access to the full archives going back to show number one, recorded in 780 00:55:50.320 --> 00:55:53.079 September two thousand and two. And make sure you check out our sponsors. 781 00:55:53.280 --> 00:55:58.440 They keep us in business. Now, go write some code, seex time, 782 00:56:00.119 --> 00:56:07.880 middle band and summer my part that means hard than my taxis