Add option to sanitize trace of credentials

Often in troubleshooting issues with websites a repro using Fiddler may be gathered. But customers may not know that any credentials posted in a web form are captured.

It would be easier if the Fiddler trace has an option added to offer to sanitize all occurrences of a string (especially in post body) which looks like a credential been sent.

This helps customer ensure no sensitive information is shared. The support engineer can rest assured that he has what he needs minus the password to review troubleshoot the trace.

Guest
Feb 15 2017
Under review

New Idea

Comments (1)
Votes (2)

Attach files

Enter a subject

Eric Lawrence commented

February 15, 2017 14:36

There are scripts to do this, and it might make sense to try to offer a built-in option to do it.

The problem is that it leads to a false sense of privacy, insofar as it's entirely possible for credentials to be masked in such a way (e.g. base64-encoding, rot-13, what have you) such that a cleaner script doesn't recognize them but an attacker would not.

×
Attachments Open full size

Fiddler Ideas

The free web debugging proxy for any browser, system or platform.

Add option to sanitize trace of credentials

Related ideas

Add option to sanitize trace of credentials

Attachments Open full size

Identify yourself with your email address

Related ideas