Back in October, I showed how to debug Windows Phone emulator traffic with Fiddler. Since then, I’ve acquired the LG Quantum phone, and naturally, one of my first goals was to start looking at the traffic from mobile Internet Explorer and some of my WP7 applications. The process for capturing traffic from a phone is similar to the process of capturing traffic from another computer. First, enable Fiddler to capture remote traffic, then configure the other client to point at the computer running Fiddler.
You’ll need three things:
- A desktop PC running Fiddler
- A Windows Phone
- A WiFi network that bridges between the phone and the PC
First, I started Fiddler on my desktop PC, named DELL7 — obviously, you’ll need to use your machine’s name for all of the subsequent steps. In Fiddler, click the Tools > Fiddler Options menu, and click the Connections tab.
Place a checkmark in the Allow remote computers to connect box and close and restart Fiddler. When Fiddler restarts, you’ll see a prompt from the Windows Firewall indicating that it has blocked some features of Fiddler. Tick the three checkboxes and click the Allow Access button.
Now, Fiddler can capture HTTP and HTTPS requests from other devices.
To verify that this is working correctly, enable your phone’s WiFi connection and open mobile IE. In the browser, type http://DELL7:8888, and you should see a request in Fiddler and a “Fiddler Echo Service” page in the browser. (If you can’t see the page, you’ll need to recheck your work so far).
Now that your Phone and PC are talking, let’s set the phone’s proxy to point at Fiddler. On the phone, visit the Settings screen and open the WiFi applet.
In the WiFi applet, select the active WiFi connection to open the Edit Network screen. Slide the Proxy slider to on. In the Server/URL box, type dell7 and in the Port box, type 8888. When you are done debugging your traffic later, come back to this screen and simply move the proxy slider to Off.
Save the settings by clicking the checkmark, and go back to mobile IE. Browse around, and you should see your traffic in Fiddler. If you’ve configured Fiddler to decrypt HTTPS traffic and try to browse to a HTTPS page on your Phone, you’ll see a warning message because Fiddler has resigned the traffic with its own certificate.
If you click the Continue to website link, you’ll see the decrypted traffic in Fiddler. However, some applications will not offer the opportunity to bypass certificate warnings. If you’d like, you can add Fiddler’s root certificate to your phone’s root certificate store.
Warning: At present, I have no idea how to remove the certificate, so undertake this step at your own risk. In particular, you will likely have problems later decrypting traffic with a different Fiddler desktop PC with your phone, since each Fiddler instance generates its own certificate.
To add the Fiddler root certificate to your phone, visit http://dell7:8888/FiddlerRoot.cer in mobile IE.
Tap to open the file. Choose Install to install the certificate.
After you do this, you will find that all HTTPS traffic from mobile IE and applications is visible in Fiddler.
Have fun with Fiddler and Windows Phone 7!