diff options
author | Maximilian Hils <git@maximilianhils.com> | 2014-08-09 01:02:58 +0200 |
---|---|---|
committer | Maximilian Hils <git@maximilianhils.com> | 2014-08-09 01:02:58 +0200 |
commit | f4a1459ebeca7c72419bce17d931f8b2c846df5e (patch) | |
tree | f55df3386e7a5339a06003b0ce4ceb2ac9c92b5e | |
parent | c88613f5963c804d33fe2a8868ddbb0634b3d5ad (diff) | |
download | mitmproxy-f4a1459ebeca7c72419bce17d931f8b2c846df5e.tar.gz mitmproxy-f4a1459ebeca7c72419bce17d931f8b2c846df5e.tar.bz2 mitmproxy-f4a1459ebeca7c72419bce17d931f8b2c846df5e.zip |
fix #274
-rw-r--r-- | examples/redirect_requests.py | 4 | ||||
-rw-r--r-- | libmproxy/protocol/http.py | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/examples/redirect_requests.py b/examples/redirect_requests.py index 278160c7..a9a7e795 100644 --- a/examples/redirect_requests.py +++ b/examples/redirect_requests.py @@ -7,12 +7,12 @@ This example shows two ways to redirect flows to other destinations. def request(context, flow): - if flow.request.host.endswith("example.com"): + if flow.request.get_host(hostheader=True).endswith("example.com"): resp = HTTPResponse( [1, 1], 200, "OK", ODictCaseless([["Content-Type", "text/html"]]), "helloworld") flow.request.reply(resp) - if flow.request.host.endswith("example.org"): + if flow.request.get_host(hostheader=True).endswith("example.org"): flow.request.host = "mitmproxy.org" flow.request.headers["Host"] = ["mitmproxy.org"] diff --git a/libmproxy/protocol/http.py b/libmproxy/protocol/http.py index eec62916..68762833 100644 --- a/libmproxy/protocol/http.py +++ b/libmproxy/protocol/http.py @@ -464,9 +464,13 @@ class HTTPRequest(HTTPMessage): def get_host(self, hostheader=False): """ Heuristic to get the host of the request. - The host is not necessarily equal to the TCP destination of the request, - for example on a transparently proxified absolute-form request to an upstream HTTP proxy. + + Note that get_host() does not always return the TCP destination of the request, + e.g. on a transparently intercepted request to an unrelated HTTP proxy. + If hostheader is set to True, the Host: header will be used as additional (and preferred) data source. + This is handy in transparent mode, where only the ip of the destination is known, but not the + resolved name. This is disabled by default, as an attacker may spoof the host header to confuse an analyst. """ host = None if hostheader: |