How to sanitize fiddler trace saz file?

book

Article ID: 111613

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Support is requesting for fiddler trace but it contains sensitive information and customer is unable to provide.
Is there a way to sanitize the fiddler trace?

Environment

Release:
Component: SMAPC

Resolution

SAZ file is actually a plain ZIP file (only the extension has been renamed).
So you can use fiddler to capture and save the transaction in SAZ file.
Then rename the file to ZIP extension.

Let's say the POST to login.fcc is captured in line number 15 in the fiddler.

Use file explorer and double click on the renamed ZIP file and you will see the following structure.

<Please see attached file for image>

User-added image

Navigate into "raw" folder. 
You will find following file for the line number 15 in the fiddler trace. 

015_c.txt -> This is client sent request headers 
015_m.xml -> This contains additional information about this transaction. 
015_s.txt -> This is server sent response headers 

You will need to manually modify 015_c.txt file using notepad. 
---------8<------- 
POST https://www.test.com/siteminderagent/forms/login.fcc?xxxxxxx 
Host: www.test.com 

SMENC=UTF-8&SMLOCALE=US-EN&USER=user1&PASSWORD=password01&TARGET=xxxxx 
---------8<------- 

You can find the "PASSWORD=password01" in the POSTDATA above. 
Replace the password01 to ****** and save. 

Rename the ZIP extension to SAZ and upload. 
 

Attachments

1558697337313000111613_sktwi1f5rjvs16iwa.jpeg get_app