diff options
author | Maximilian Hils <git@maximilianhils.com> | 2016-11-09 13:25:37 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-11-09 13:25:37 +0100 |
commit | 564e56c26275698d3eb59bb3f97240bb0ba499e5 (patch) | |
tree | 87d0c0f263438c8c98f55f3a360953815f671bcd | |
parent | 184e29e119a56762af7cb71cc872af12f92778e8 (diff) | |
parent | 2a2387fb3293bb5cd08c4e18f1d8153619c7ef3b (diff) | |
download | mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.tar.gz mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.tar.bz2 mitmproxy-564e56c26275698d3eb59bb3f97240bb0ba499e5.zip |
Merge pull request #1724 from phackt/master
fix SNI for transparent mode - #1638
-rw-r--r-- | examples/sslstrip.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/examples/sslstrip.py b/examples/sslstrip.py index b5e46397..9a090c0c 100644 --- a/examples/sslstrip.py +++ b/examples/sslstrip.py @@ -17,6 +17,11 @@ def request(flow): flow.request.scheme = 'https' flow.request.port = 443 + # We need to update the request destination to whatever is specified in the host header: + # Having no TLS Server Name Indication from the client and just an IP address as request.host + # in transparent mode, TLS server name certificate validation would fail. + flow.request.host = flow.request.pretty_host + def response(flow): flow.response.headers.pop('Strict-Transport-Security', None) |