diff options
| author | Aldo Cortesi <aldo@corte.si> | 2016-12-17 09:19:48 +1300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-12-17 09:19:48 +1300 |
| commit | c4929bbc190a52e4ac0f38492e085338b3e5827d (patch) | |
| tree | d2ebb639456e4f57b1f71caff07184aad6a663c1 | |
| parent | cf15a3c3ef7806ee6d6fc0e01bc20c3c51070dbf (diff) | |
| parent | 39a8d4dc229b40d7049a2b6a07e899d89bd26eef (diff) | |
| download | mitmproxy-c4929bbc190a52e4ac0f38492e085338b3e5827d.tar.gz mitmproxy-c4929bbc190a52e4ac0f38492e085338b3e5827d.tar.bz2 mitmproxy-c4929bbc190a52e4ac0f38492e085338b3e5827d.zip | |
Merge pull request #1863 from Kriechi/disable-h2c
disable h2c upgrades
| -rw-r--r-- | mitmproxy/addons/__init__.py | 2 | ||||
| -rw-r--r-- | mitmproxy/addons/disable_h2c_upgrade.py | 21 |
2 files changed, 23 insertions, 0 deletions
diff --git a/mitmproxy/addons/__init__.py b/mitmproxy/addons/__init__.py index 71d83dad..8a2f2974 100644 --- a/mitmproxy/addons/__init__.py +++ b/mitmproxy/addons/__init__.py @@ -12,6 +12,7 @@ from mitmproxy.addons import stickyauth from mitmproxy.addons import stickycookie from mitmproxy.addons import streambodies from mitmproxy.addons import upstream_auth +from mitmproxy.addons import disable_h2c_upgrade def default_addons(): @@ -30,4 +31,5 @@ def default_addons(): serverplayback.ServerPlayback(), clientplayback.ClientPlayback(), upstream_auth.UpstreamAuth(), + disable_h2c_upgrade.DisableH2CleartextUpgrade(), ] diff --git a/mitmproxy/addons/disable_h2c_upgrade.py b/mitmproxy/addons/disable_h2c_upgrade.py new file mode 100644 index 00000000..f4a36d5f --- /dev/null +++ b/mitmproxy/addons/disable_h2c_upgrade.py @@ -0,0 +1,21 @@ +class DisableH2CleartextUpgrade: + + """ + We currently only support HTTP/2 over a TLS connection. Some clients try + to upgrade a connection from HTTP/1.1 to h2c, so we need to remove those + headers to avoid protocol errors if one endpoints suddenly starts sending + HTTP/2 frames. + """ + + def process_flow(self, f): + if f.request.headers.get('upgrade', '') == 'h2c': + del f.request.headers['upgrade'] + if 'connection' in f.request.headers: + del f.request.headers['connection'] + if 'http2-settings' in f.request.headers: + del f.request.headers['http2-settings'] + + # Handlers + + def request(self, f): + self.process_flow(f) |