Fiddler2 and Bad Behavior
If you have ever had to debug HTTP traffic, you probably already know what a great tool Fiddler2 is. I was recently using it to debug some WordPress 2.5 issues I was having with a test blog and noticed I was getting an odd error returned from the web site: Error 403
I recognized this as the error that Bad Behavior (a spam-fighting plugin) returns when it sees something wrong with the the request being made to the web site. Apparently Fiddler was sending a “Proxy-Connection: Keep-Alive” header that Bad Behavior was rejecting as invalid. I thought that this might be BB being overzealous in its blocking, but after doing more research it appears that the “Proxy-Connection” header is a non-standard, extended header not included in any HTTP specification.
It appears, according to HTTP: The Definitive Guide by David Gourley that this header is simply a hack to get around an issue with miscommunication between proxies.
After some more Googling, I found the simple fix:
In the Fiddler menu, select Rules › Customize Rules and then, in the OnBeforeRequest function, add this line:
oSession.oRequest.headers.Remove("Proxy-Connection");
Now Fiddler will no longer forward on this unnecessary header and Bad Behavior will be happy!
5 Responses
Leave a Reply
Search
Navigation
|
|
Daily VerseFor "All flesh is like grass and all its glory like the flower of grass. The grass withers, and the flower falls, but the word of the Lord remains forever." And this word is the good news that was preached to you. — 1 Peter 1:24-25 (ESV) (Listen)
Archives
Categories
Tagsaudio busy year catalyst celldweller cisco Clocker consulting dns driving dst family gas prices headphones hot iis industrial install internet mom music networking os x Personal php php4 php5 plugins remix Simmons Consulting soccer boy software summer the office timezone upgrade validation weather Web Development web standards windows WordPress xhtml xmlrpc YouTube Zempt
Worse, Proxy-Connection was a header proposed by Netscape about a decade ago, but the proposal was never officially accepted. Nevertheless people implemented it, and despite the fact that it doesn’t exist, isn’t documented anywhere, and is debatable as to whether it’s actually necessary at all, people continue to implement it. I haven’t yet figured out why.
Comment by Michael Hampton on June 15th, 2008 at 5:38 pm
1Yep. And thanks for your great work on Bad Behavior. It has saved me tons of headaches from spam.
Comment by Toby Simmons on June 15th, 2008 at 9:11 pm
2Specifically, the problem was that IE emits the Proxy-Connection header when it detects there is a proxy (aka Fiddler) but Fiddler did not remove the Proxy-Connection header. Ordinarily, that’s entirely harmless, but that particular HTTP filter gets upset by it.
Comment by Eric Lawrence on July 24th, 2008 at 7:46 pm
3…I should further mention that this issue is resolved in Fiddler 2.2.
Comment by Eric Lawrence on July 24th, 2008 at 7:46 pm
4Wow! Thanks for the heads up, Eric. Is F2.2 available for download yet?
Comment by Toby Simmons on July 25th, 2008 at 7:18 am
5