Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is it possible to filter HTTPs traffic?
For example via a TDI filter? Or perhaps you need to use a proxy?
This product seems to do filtering of HTTPS traffic and I’d like to know how it does it, as well as if this is the only way.
How about via the Windows Filtering Platform for Vista and up?
Fiddler is simply a proxy; it decrypts HTTPS traffic using a Man-in-the-Middle approach. See https://www.fiddler2.com/fiddler/help/httpsdecryption.asp for more information on this.
With WFP/TDI, you could only see if the the target endpoint (IP+PORT) matches some combination when deciding whether to allow or deny the traffic. If you want to interfere with the traffic itself, you must either be a proxy (see http://fiddler.wikidot.com/fiddlercore) or you need to inject yourself into the pre/post decyrption HTTPS traffic using either an APP-wrapper (not recommended) or a DETOURs like approach.