What is the magic behind that DOT which makes Fiddler work? - dns

It took me a while to learn that I have to put a dot after the "localhost" in the URL so that I can use fiddler with my development server.
Why do I need to put this dot here to make fiddler work for my local:
http://localhost.:1888/MyPage.aspx
What does it stand for?
thanks

It's not that you're making fiddler work, but you're making Internet Explorer work. Internet Explorer is written specifically to bypass the proxy server for "localhost" . By attaching a trailing dot, you're providing a valid DNS name that does not match the mechanism within IE that checks the domain (IE does a stricmp(userdata, "localhost") or equivalant).

localhost. just makes the hostname visible to Fiddler; otherwise, IE bypasses proxies.
You can also substitute "ipv4.fiddler" for "localhost" -- which can help prevent confusion, since the dot is easy to miss.

Related

ngrok does not load NodeJS app from outside (ERR_CONNECTION_TIMED_OUT)

ngrok is a program with which you can make a local tunnel, it generates a temporary domain for you so you can redirect people to your local content, and also use https via localhost.
https://ngrok.com/
localtunnel is just another alternative.
So I have set up either ngrok and a localtunnel but both show a white page with only the HTML loading and not css or js when loaded outside of my network (with data plan for example)
The problem is nothing gives an error, the only thing I can see is ERR_CONNECTION_TIMED_OUT when using a hotspot.
Everything works within my own network.
I have tried turning off the firewall already but it seems to make no difference, also tried looking with the chrome remote debugger but it just disconnects when I load the url.
Thing is when I go to https:// on the ngrok url I get a bunch of mixed content errors, but not when I go to http. Seem illogical to me that it would default to http when using a https link... all of my script/style tags are relative paths.
Anyway so far this is only thing that I can figure out, any ideas on what might cause this?
So it's either
ERR_CONNECTION_TIMED_OUT
or
Blocked loading mixed active content
or both?
So I go it working now by changing the base href.
<base href="http://yoururl.ngrok.io">
And also changing some paths in my config to either /app/ or ../ respectively, but most of these were already set correctly and all I did was revert them after changing the base url.
As far I understand now the problems only really start to occur when connecting to the url through a data plan and not wifi.
Some random image paths in css/js will not load, and it also appears to behave differently on Firefox and Chrome for some reason.
Problem is I cannot keep testing this indefinitely as data will obviously run out some time and I have no reliable way of debugging the console errors on mobile...
In conclusion it works on a "normal" connection now (ie Wifi/Cable) but not on data.

wildcard paths in dnsmasq?

Is it possible to set a wildcard * in a path pattern?
address=.example.com/foo/*/bar does not seem to work.
address=.example.com/foo/xxx/bar works but I have random characters I need to match for and I don't know what they are ahead of time.
Not possible.
dnsmask is about the resolution of the host name only.
Everything after the slash is between the web browser (or client) and the web server, the name servers don't ever get to see this part.
It can get confusing, because dnsmasq uses '/' as its separator character in a lot of its settings, but this is nothing to do with the path part of a url, simply a chose of config file delimiter.
To achieve some fine grained manipulation of what parts of a web server you want your users to see, you should be googling "http proxies" or possibly "transparent http proxies" and this should get you started. These provide an intermediate server that does get to see the "path" part of the URL, and con do this level of filtering.

Access internet via Apache2 ProxyPass

Recently, I made a setup where I pointed some websites to a redirect server. The redirect server in return served the website requests using ProxyPass directive of Apache2. It worked like a charm without even a single problem for my websites.
So, based on that I have got an idea to access internet via Apache2. Please note that this is because I do not have access to fast internet and every internet provider is so lousy and lame here to provide better connection speeds even for the lot of money I pay to them.
Now, https as better speends than VPN.
So, the idea is to get rid of VPN and SSH tunnel redirects and instead, resolve every domain on my Mac to a single server IP address which should be a redirect server and which can in turn bring me back every web request made from my Mac. Possible? This will make me to always use https to my own redirect server. https has better speed than VPN for me whenever I try and when I am on VPN things are too slow for me, may be because of level of encryption. Please note that I do not want solution using PPTP, L2TP and anything else which are lighter than OpenVPN (using Pritunl).
Please let me know if anything like that is possible and if yes then how.
Even though if it does not work, my mind always gets this idea every time. I just want someone to shed light on this and shut down my idea if its the worst by far. Thanks in advance.
Also, I have also seen some proxy sites where I put any website link on their website and their website works like a browser as if I am surfing on their remote server itself. May be something like that can be useful and speedy for me. But, I do not want to use them because I do not trust those sites for security. No way.
Got a solution myself without any kind of VPN.
Actually I needed to make my DNS secure and connections to my server Apps secure. So, for that I tried DNSCrypt-Proxy and its working great and resolving my DNS queries on HTTPS (443).
And, I am using an Addon on Chrome for "Always https" connections. I am blocking every request on http for Chrome using that Addon. Perfect!!!
So, now all surfing traffic on my Mac is going on HTTPS and is perfectly safe from hackers. I do not care for any other connections made by my other Mac Apps. I just care for security of my Apps while I am surfing them OR any payments I am making for shopping.
DNSCrypt-Proxy:
Please go to https://dnscrypt.org/#dnscrypt-osx and you will find all help there to how to install and run it on your Mac.
brew install dnscrypt-proxy --with-plugins
sudo dnscrypt-proxy --ephemeral-keys --resolver-name=cisco
^ You can find the resolver name in excel sheet that comes with this package.
And, just add an entry in your Network interfaces for DNS to point to 127.0.0.1, Please note that remove all other entries.
"Always HTTPS for Chrome":
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp?hl=en
Enjoy perfect security on your Mac, if you do not care about IP address anonymity. Always use legal stuff!!!

localhost.:8088 - Purpose of the "dot colon" notation

I recall the syntax of a hack when routing a request to local IIS but I cannot recall what it does. It popped up randomly in the browser during a debug session this morning and when I recognized it, I went looking for documentation on the technique to refresh my memory and came up blank.
So, if you were to enter
http://localhost:8080 and
http://localhost.:8080
into two separate browsers, what difference would you expect "the dot" to make?
I found the explanation (and when I recalled that Fiddler involved, I also recalled what the hack did)
Fiddler and IE7
It isn't related to IIS; It's a workaround for Internet Explorer to force the browser to not bypass a proxy. Since Fiddler is implemented as a proxy, http://localhost:8080 will completely bypass it but http://localhost.:8080 will not bypass the proxy, allowing monitoring tools to capture traffic.
Internet Explorer (7 and 8, I think) is written to bypass proxy servers for resolving "localhost" resources. Appending a trailing dot to "localhost" provides a valid DNS name that does not match the rules that "Old IE" uses for this bypass logic. Internally, the trailing dot gets trimmed from name resolution and you force IE to not execute its internal logic that bypasses the proxy server.
From what I understand, this was changed in IE9.

How to enable custom URLs in Google Chrome?

for local development I'm running a local webserver with virtual hosts to manage multiple webprojects requiring their own URL. Normally I use URLs like myproject.com.local and the real project will be located at myproject.com. Everything works fine in Safari, IE or Firefox. But Google Chrome throws a 404. As far as I know they have some kind of intelligent address bar. Is there any possibility to get it working with all domains?
Best Regards,
Bernd
I think it should be working with all domains, as long as your workstations DNS can resolve the name to an ip-address. Also, check if you have any proxy settings in Chrome, sometimes it helps to check the 'Bypass proxy for local domains'-checkbox (somewhere in the settings).
Also make sure that when you request non-standard domains or port-numbers to put http:// in front of your url.
Good luck.

Resources