diff options
| author | Thomas Kriechbaumer <thomas@kriechbaumer.name> | 2016-12-16 11:28:59 +0100 |
|---|---|---|
| committer | Thomas Kriechbaumer <thomas@kriechbaumer.name> | 2016-12-16 11:29:07 +0100 |
| commit | 39a8d4dc229b40d7049a2b6a07e899d89bd26eef (patch) | |
| tree | 86890f7eeb9b3404b00cdcb9815510ec3f0bddab | |
| parent | e769b1fa9a80c41bab0fa2a200f8c51fc10a3d32 (diff) | |
| download | mitmproxy-39a8d4dc229b40d7049a2b6a07e899d89bd26eef.tar.gz mitmproxy-39a8d4dc229b40d7049a2b6a07e899d89bd26eef.tar.bz2 mitmproxy-39a8d4dc229b40d7049a2b6a07e899d89bd26eef.zip | |
disable h2c upgrades
| -rw-r--r-- | mitmproxy/addons/__init__.py | 2 | ||||
| -rw-r--r-- | mitmproxy/addons/disable_h2c_upgrade.py | 21 |
2 files changed, 23 insertions, 0 deletions
diff --git a/mitmproxy/addons/__init__.py b/mitmproxy/addons/__init__.py index 71d83dad..8a2f2974 100644 --- a/mitmproxy/addons/__init__.py +++ b/mitmproxy/addons/__init__.py @@ -12,6 +12,7 @@ from mitmproxy.addons import stickyauth from mitmproxy.addons import stickycookie from mitmproxy.addons import streambodies from mitmproxy.addons import upstream_auth +from mitmproxy.addons import disable_h2c_upgrade def default_addons(): @@ -30,4 +31,5 @@ def default_addons(): serverplayback.ServerPlayback(), clientplayback.ClientPlayback(), upstream_auth.UpstreamAuth(), + disable_h2c_upgrade.DisableH2CleartextUpgrade(), ] diff --git a/mitmproxy/addons/disable_h2c_upgrade.py b/mitmproxy/addons/disable_h2c_upgrade.py new file mode 100644 index 00000000..f4a36d5f --- /dev/null +++ b/mitmproxy/addons/disable_h2c_upgrade.py @@ -0,0 +1,21 @@ +class DisableH2CleartextUpgrade: + + """ + We currently only support HTTP/2 over a TLS connection. Some clients try + to upgrade a connection from HTTP/1.1 to h2c, so we need to remove those + headers to avoid protocol errors if one endpoints suddenly starts sending + HTTP/2 frames. + """ + + def process_flow(self, f): + if f.request.headers.get('upgrade', '') == 'h2c': + del f.request.headers['upgrade'] + if 'connection' in f.request.headers: + del f.request.headers['connection'] + if 'http2-settings' in f.request.headers: + del f.request.headers['http2-settings'] + + # Handlers + + def request(self, f): + self.process_flow(f) |