1 files changed, 24 insertions, 0 deletions

diff --git a/doc-src/sticky.html b/doc-src/sticky.html
new file mode 100644
index 00000000..32ccdd2d
--- /dev/null
+++ b/doc-src/sticky.html
@@ -0,0 +1,24 @@
+
+When the __stickycookie__ option is set, __mitmproxy__ will add the cookie most
+recently set by the server to any cookie-less request. Consider a service that
+sets a cookie to track the session after authentication. Using sticky cookies,
+you can fire up mitmproxy, and authenticate to a service as you usually would
+using a browser. After authentication, you can request authenticated resources
+through mitmproxy as if they were unauthenticated, because mitmproxy will
+automatically add the session tracking cookie to requests. Among other things,
+this lets you script interactions with authenticated resources (using tools
+like wget or curl) without having to worry about authentication. 
+
+Sticky cookies are especially powerful when used in conjunction with [client
+replay](@!urlTo("clientreplay.html")!@) - you can record the authentication
+process once, and simply replay it on startup every time you need to interact
+with the secured resources.
+
+
+## Sticky auth
+
+The __stickyauth__ option is analagous to the __stickycookie__ option, in that
+HTTP __Authorization__ headers are simply replayed to the server once they have
+been seen. This is enough to allow you to access a server resource using HTTP
+Basic authentication through the proxy. Note that __mitmproxy__ doesn't (yet)
+support replay of HTTP Digest authentication.