aboutsummaryrefslogtreecommitdiffstats
path: root/libmproxy
diff options
context:
space:
mode:
authorMaximilian Hils <git@maximilianhils.com>2015-03-26 18:16:31 +0100
committerMaximilian Hils <git@maximilianhils.com>2015-03-26 18:16:31 +0100
commit423530fc258ddd09642de401c4fd5cf71ed06be6 (patch)
tree5813b826a24c33d71691bfea14047ac45ae2aa08 /libmproxy
parent9a328c12a44be83464e736629b6d88d02bc068f0 (diff)
parent953f9aa64166451a07502f05c15db47c053e6081 (diff)
downloadmitmproxy-423530fc258ddd09642de401c4fd5cf71ed06be6.tar.gz
mitmproxy-423530fc258ddd09642de401c4fd5cf71ed06be6.tar.bz2
mitmproxy-423530fc258ddd09642de401c4fd5cf71ed06be6.zip
Merge pull request #515 from krzysiekbielicki/master
[#514] Add support for ignoring payload params in multipart/form-data
Diffstat (limited to 'libmproxy')
-rw-r--r--libmproxy/console/contentview.py24
-rw-r--r--libmproxy/flow.py2
-rw-r--r--libmproxy/protocol/http.py21
-rw-r--r--libmproxy/utils.py27
4 files changed, 50 insertions, 24 deletions
diff --git a/libmproxy/console/contentview.py b/libmproxy/console/contentview.py
index 95d908a4..12ed5b64 100644
--- a/libmproxy/console/contentview.py
+++ b/libmproxy/console/contentview.py
@@ -240,33 +240,13 @@ class ViewMultipart:
content_types = ["multipart/form-data"]
def __call__(self, hdrs, content, limit):
- v = hdrs.get_first("content-type")
+ v = utils.multipartdecode(hdrs, content)
if v:
- v = utils.parse_content_type(v)
- if not v:
- return
- boundary = v[2].get("boundary")
- if not boundary:
- return
-
- rx = re.compile(r'\bname="([^"]+)"')
- keys = []
- vals = []
-
- for i in content.split("--" + boundary):
- parts = i.splitlines()
- if len(parts) > 1 and parts[0][0:2] != "--":
- match = rx.search(parts[1])
- if match:
- keys.append(match.group(1) + ":")
- vals.append(netlib.utils.cleanBin(
- "\n".join(parts[3+parts[2:].index(""):])
- ))
r = [
urwid.Text(("highlight", "Form data:\n")),
]
r.extend(common.format_keyvals(
- zip(keys, vals),
+ v,
key = "header",
val = "text"
))
diff --git a/libmproxy/flow.py b/libmproxy/flow.py
index bdf49133..c91d242a 100644
--- a/libmproxy/flow.py
+++ b/libmproxy/flow.py
@@ -242,7 +242,7 @@ class ServerPlaybackState:
]
if not self.ignore_content:
- form_contents = r.get_form_urlencoded()
+ form_contents = r.get_form()
if self.ignore_payload_params and form_contents:
key.extend(
p for p in form_contents
diff --git a/libmproxy/protocol/http.py b/libmproxy/protocol/http.py
index 00086c21..c763db4c 100644
--- a/libmproxy/protocol/http.py
+++ b/libmproxy/protocol/http.py
@@ -15,6 +15,7 @@ from ..proxy.connection import ServerConnection
from .. import encoding, utils, controller, stateobject, proxy
HDR_FORM_URLENCODED = "application/x-www-form-urlencoded"
+HDR_FORM_MULTIPART = "multipart/form-data"
CONTENT_MISSING = 0
@@ -509,6 +510,19 @@ class HTTPRequest(HTTPMessage):
"""
self.headers["Host"] = [self.host]
+ def get_form(self):
+ """
+ Retrieves the URL-encoded or multipart form data, returning an ODict object.
+ Returns an empty ODict if there is no data or the content-type
+ indicates non-form data.
+ """
+ if self.content:
+ if self.headers.in_any("content-type", HDR_FORM_URLENCODED, True):
+ return self.get_form_urlencoded()
+ elif self.headers.in_any("content-type", HDR_FORM_MULTIPART, True):
+ return self.get_form_multipart()
+ return ODict([])
+
def get_form_urlencoded(self):
"""
Retrieves the URL-encoded form data, returning an ODict object.
@@ -516,7 +530,12 @@ class HTTPRequest(HTTPMessage):
indicates non-form data.
"""
if self.content and self.headers.in_any("content-type", HDR_FORM_URLENCODED, True):
- return ODict(utils.urldecode(self.content))
+ return ODict(utils.urldecode(self.content))
+ return ODict([])
+
+ def get_form_multipart(self):
+ if self.content and self.headers.in_any("content-type", HDR_FORM_MULTIPART, True):
+ return ODict(utils.multipartdecode(self.headers, self.content))
return ODict([])
def set_form_urlencoded(self, odict):
diff --git a/libmproxy/utils.py b/libmproxy/utils.py
index 5ed70a45..02e8403b 100644
--- a/libmproxy/utils.py
+++ b/libmproxy/utils.py
@@ -69,6 +69,33 @@ def urlencode(s):
return urllib.urlencode(s, False)
+def multipartdecode(hdrs, content):
+ """
+ Takes a multipart boundary encoded string and returns list of (key, value) tuples.
+ """
+ v = hdrs.get_first("content-type")
+ if v:
+ v = parse_content_type(v)
+ if not v:
+ return []
+ boundary = v[2].get("boundary")
+ if not boundary:
+ return []
+
+ rx = re.compile(r'\bname="([^"]+)"')
+ r = []
+
+ for i in content.split("--" + boundary):
+ parts = i.splitlines()
+ if len(parts) > 1 and parts[0][0:2] != "--":
+ match = rx.search(parts[1])
+ if match:
+ key = match.group(1)
+ value = "".join(parts[3+parts[2:].index(""):])
+ r.append((key, value))
+ return r
+ return []
+
def pretty_size(size):
suffixes = [
("B", 2**10),