diff options
author | Maximilian Hils <git@maximilianhils.com> | 2015-09-06 03:20:58 +0200 |
---|---|---|
committer | Maximilian Hils <git@maximilianhils.com> | 2015-09-06 03:20:58 +0200 |
commit | b4013659a81a48908eb3e060f04143ba1f9689bb (patch) | |
tree | 1571be3f8cb85f6e593c369a8d3ca50cb87e107b /docs/features/sticky.rst | |
parent | eb2334c6cb7c9ab9c260bc609ae43fb53d441f6f (diff) | |
download | mitmproxy-b4013659a81a48908eb3e060f04143ba1f9689bb.tar.gz mitmproxy-b4013659a81a48908eb3e060f04143ba1f9689bb.tar.bz2 mitmproxy-b4013659a81a48908eb3e060f04143ba1f9689bb.zip |
docs :tada:
Diffstat (limited to 'docs/features/sticky.rst')
-rw-r--r-- | docs/features/sticky.rst | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/docs/features/sticky.rst b/docs/features/sticky.rst new file mode 100644 index 00000000..e155fb9b --- /dev/null +++ b/docs/features/sticky.rst @@ -0,0 +1,41 @@ +.. _sticky: + +Sticky cookies and auth +======================= + +Sticky cookies +-------------- + +When the sticky cookie option is set, __mitmproxy__ will add the cookie most +recently set by the server to any cookie-less request. Consider a service that +sets a cookie to track the session after authentication. Using sticky cookies, +you can fire up mitmproxy, and authenticate to a service as you usually would +using a browser. After authentication, you can request authenticated resources +through mitmproxy as if they were unauthenticated, because mitmproxy will +automatically add the session tracking cookie to requests. Among other things, +this lets you script interactions with authenticated resources (using tools +like wget or curl) without having to worry about authentication. + +Sticky cookies are especially powerful when used in conjunction with :ref:`clientreplay` - you can +record the authentication process once, and simply replay it on startup every time you need +to interact with the secured resources. + +================== ====================== +command-line :option:`-t FILTER` +mitmproxy shortcut :kbd:`o` then :kbd:`t` +================== ====================== + + +Sticky auth +----------- + +The sticky auth option is analogous to the sticky cookie option, in that HTTP +**Authorization** headers are simply replayed to the server once they have been +seen. This is enough to allow you to access a server resource using HTTP Basic +authentication through the proxy. Note that :program:`mitmproxy` doesn't (yet) support +replay of HTTP Digest authentication. + +================== ====================== +command-line :option:`-u FILTER` +mitmproxy shortcut :kbd:`o` then :kbd:`A` +================== ======================
\ No newline at end of file |