Fiddler2 doesn't show captured traffic IF session was deleted previously - web

Let's say I capture the traffic between my PC and stackoverflow. If I delete this session in Fiddler, it won't be shown again if I try to capture the traffic.
What to do ?

Typically, this means that your browser cached the traffic, so that it doesn't hit the network to reload the page later. Either hit refresh in your browser (e.g. CTRL+F5 for IE) or clear your browser's cache before attempting to reload the page.

Related

Cache control header not working

I have set Cache control in my response header as Cache-Control:public, max-age=86400. But when I try to refresh page or open a new tab, it always hits my server. The response status I got is 200, server log is appeared for this request also I checked chrome://cache/ this request is not in the list. I already looked some similar SO questions cache-control not working without etag and why cache-control:max-age don't work?. But still with no luck. Tested on chrome 56.
Chrome disables cache when DevTools is open, or at least it does Chrome 59. Open DevTools, go to Network, uncheck "Disable cache" at the top. Now you should be able to refresh the page and see it in chrome://cache.
Cache control tells your browser (and proxy servers like Squid) what resources it cannot cache. But it does not force your browser to cache a resource.
I recommend to check the error_logs to see if you really go to the backend, or stay in the browser.
In my case, browser gives me 200OK in the console logs but I don't reach the back end according to the error_log ...
Cache-Control response header will not work for page refresh. Try making that request twice without refreshing the page, then you will see it being cached (the request won't reach your server internally).
To achieve what you want you might have to cache your request by accessing localStorage, or just cache it through a back-end caching library.

Changes to a file require two page refreshes

After updating a file, when running on my dev machine, I need to refresh my browser twice in order to see the changes.
How do I see the changes upon the first refresh?
Its not the browser's cache. It doesn't happen with the same browser on the live site. Server is IIS Express.
You can force your browser to empty its cache by using ctrl+f5

Can Man in the middle open a logged page?

I know that man in the middle (mitm) can be in passive mode : forward, or active mode : modify trafic and forward...
But Can mitm open a page, in firefox for example, to connect on a website where i was logged.
Is this possible ?
Yes, as you say, the man-in-the-middle can modify the traffic. So when you request a page, he/she can easily return an HTTP 302 to another page, or insert some JavaScript to set the document.location.href of your document.
If your traffic is encrypted using https, this is not possible.

Strage DNS behavior in Chrome vs Firefox

When I try to visit http://www.taobao.com/ in Chrome I get taken to an ISP error page (http://hndnserror4.wo.com.cn:8080/issueunziped/hn20150626/index.htm?sf=&UserUrl=www.taobao.com). This doesn't happen in Firefox. I've trying clearing the DNS cache both system-wide and in Chrome.
How I can diagnose the issue?
Edit: I've simplified the question for the bounty. This problem happens on Arch Linux. I've tried using DNSCrypt. I've changed /etc/resolv.conf to use various DNS servers such as Google's. I've tried clearing the host cache from chrome://net-internals/#dns. I've disabled using a web service to help resolve navigation errors in Chrome's settings. Nothing works and every time I try to open taobao.com in Chrome I get the ISP error page. It opens the error page instantly without a redirect or waiting for the hostname to resolve. When I enter "taobao.com" into the address bar and hit enter with the Network tab open I see the first request is recorded as having a request URL of http://hndnserror4.wo.com.cn:8080/issueunziped/hn20150626/index.htm?sf=&UserUrl=www.taobao.com. How is "taobao.com" getting transformed into that between hitting enter and the page loading?
I've submitted a bug: https://code.google.com/p/chromium/issues/detail?id=510680&thanks=510680&ts=1437020912
I resolved the issue by clearing the browser data. Strange, but it worked. I went to Settings -> History -> Clear browsing data. With the defaults checked (clear following items from the past hour) it allowed me to visit http://taobao.com again. Creating a new profile didn't help. Nor did clearing the DNS cache from chrome://net-internals. I don't know if it's a bug in Chromium but I'm content to have resolved the issue.

Do you want to view only the webpage content that was delivered securely? secury waring in ie, how can i fix though programing

Ie showing following issue, how can i fix this though programing? Sorry for browser security fix
"Do you want to view only the webpage content that was delivered securely?
This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the securty of the enture webpages."
That's a warning that you're serving some content via HTTPS and some via HTTP. To avoid that warning, ensure that everything is being served via HTTPS.
Unfortunately without more details that's all the advice I can offer.

Resources