diff options
Diffstat (limited to 'docs/scripting')
| -rw-r--r-- | docs/scripting/api.rst | 40 | ||||
| -rw-r--r-- | docs/scripting/events.rst | 202 | ||||
| -rw-r--r-- | docs/scripting/inlinescripts.rst | 227 | ||||
| -rw-r--r-- | docs/scripting/mitmproxy.rst | 26 | ||||
| -rw-r--r-- | docs/scripting/overview.rst | 141 |
5 files changed, 383 insertions, 253 deletions
diff --git a/docs/scripting/api.rst b/docs/scripting/api.rst new file mode 100644 index 00000000..abc9ff3e --- /dev/null +++ b/docs/scripting/api.rst @@ -0,0 +1,40 @@ +.. _api: + + +API +=== + +- Errors + - `mitmproxy.models.flow.Error <#mitmproxy.models.flow.Error>`_ +- HTTP + - `mitmproxy.models.http.HTTPRequest <#mitmproxy.models.http.HTTPRequest>`_ + - `mitmproxy.models.http.HTTPResponse <#mitmproxy.models.http.HTTPResponse>`_ + - `mitmproxy.models.http.HTTPFlow <#mitmproxy.models.http.HTTPFlow>`_ +- Logging + - `mitmproxy.controller.Log <#mitmproxy.controller.Log>`_ + - `mitmproxy.controller.LogEntry <#mitmproxy.controller.LogEntry>`_ + + +Errors +------ + +.. autoclass:: mitmproxy.models.flow.Error + :inherited-members: + +HTTP +---- + +.. autoclass:: mitmproxy.models.http.HTTPRequest + :inherited-members: + +.. autoclass:: mitmproxy.models.http.HTTPResponse + :inherited-members: + +.. autoclass:: mitmproxy.models.http.HTTPFlow + :inherited-members: + +Logging +-------- + +.. autoclass:: mitmproxy.controller.Log + :inherited-members: diff --git a/docs/scripting/events.rst b/docs/scripting/events.rst new file mode 100644 index 00000000..c16c01f6 --- /dev/null +++ b/docs/scripting/events.rst @@ -0,0 +1,202 @@ +.. _events: + +Events +======= + +General +------- + +.. list-table:: + :widths: 40 60 + :header-rows: 0 + + * - .. py:function:: configure(options, updated) + - Called once on startup, and whenever options change. + + *options* + An ``options.Options`` object with the total current configuration + state of mitmproxy. + *updated* + A set of strings indicating which configuration options have been + updated. This contains all options when *configure* is called on + startup, and only changed options subsequently. + + * - .. py:function:: done() + - Called once when the script shuts down, either because it's been + unloaded, or because the proxy itself is shutting down. + + * - .. py:function:: log(entry) + - Called whenever an event log is added. + + *entry* + An ``controller.LogEntry`` object - ``entry.msg`` is the log text, + and ``entry.level`` is the urgency level ("debug", "info", "warn", + "error"). + + * - .. py:function:: start() + - Called once on startup, before any other events. If you return a + value from this event, it will replace the current addon. This + allows you to, "boot into" an addon implemented as a class instance + from the module level. + + * - .. py:function:: tick() + - Called at a regular sub-second interval as long as the addon is + executing. + + +Connection +---------- + +.. list-table:: + :widths: 40 60 + :header-rows: 0 + + * - .. py:function:: clientconnect(root_layer) + - Called when a client initiates a connection to the proxy. Note that a + connection can correspond to multiple HTTP requests. + + *root_layer* + The root layer (see `mitmproxy.protocol` for an explanation what + the root layer is), provides transparent access to all attributes + of the :py:class:`~mitmproxy.proxy.RootContext`. For example, + ``root_layer.client_conn.address`` gives the remote address of the + connecting client. + + * - .. py:function:: clientdisconnect(root_layer) + - Called when a client disconnects from the proxy. + + *root_layer* + The root layer object. + + * - .. py:function:: next_layer(layer) + + - Called whenever layers are switched. You may change which layer will + be used by returning a new layer object from this event. + + *layer* + The next layer, as determined by mitmpmroxy. + + * - .. py:function:: serverconnect(server_conn) + - Called before the proxy initiates a connection to the target server. + Note that a connection can correspond to multiple HTTP requests. + + *server_conn* + A ``ServerConnection`` object. It is guaranteed to have a non-None + ``address`` attribute. + + * - .. py:function:: serverdisconnect(server_conn) + - Called when the proxy has closed the server connection. + + *server_conn* + A ``ServerConnection`` object. + + +HTTP Events +----------- + +.. list-table:: + :widths: 40 60 + :header-rows: 0 + + * - .. py:function:: request(flow) + - Called when a client request has been received. + + *flow* + A ``models.HTTPFlow`` object. At this point, the flow is + guaranteed to have a non-None ``request`` attribute. + + * - .. py:function:: requestheaders(flow) + - Called when the headers of a client request have been received, but + before the request body is read. + + *flow* + A ``models.HTTPFlow`` object. At this point, the flow is + guaranteed to have a non-None ``request`` attribute. + + * - .. py:function:: responseheaders(flow) + + - Called when the headers of a server response have been received, but + before the response body is read. + + *flow* + A ``models.HTTPFlow`` object. At this point, the flow is + guaranteed to have a non-none ``request`` and ``response`` + attributes, however the response will have no content. + + * - .. py:function:: response(flow) + + - Called when a server response has been received. + + *flow* + A ``models.HTTPFlow`` object. At this point, the flow is + guaranteed to have a non-none ``request`` and ``response`` + attributes. The raw response body will be in ``response.body``, + unless response streaming has been enabled. + + * - .. py:function:: error(flow) + - Called when a flow error has occurred, e.g. invalid server responses, + or interrupted connections. This is distinct from a valid server HTTP + error response, which is simply a response with an HTTP error code. + + *flow* + The flow containing the error. It is guaranteed to have + non-None ``error`` attribute. + + +WebSocket Events +----------------- + +.. list-table:: + :widths: 40 60 + :header-rows: 0 + + * - .. py:function:: websockets_handshake(flow) + + - Called when a client wants to establish a WebSockets connection. The + WebSockets-specific headers can be manipulated to manipulate the + handshake. The ``flow`` object is guaranteed to have a non-None + ``request`` attribute. + + *flow* + The flow containing the HTTP websocket handshake request. The + object is guaranteed to have a non-None ``request`` attribute. + + +TCP Events +---------- + +These events are called only if the connection is in :ref:`TCP mode +<tcpproxy>`. So, for instance, TCP events are not called for ordinary HTTP/S +connections. + +.. list-table:: + :widths: 40 60 + :header-rows: 0 + + * - .. py:function:: tcp_end(flow) + - Called when TCP streaming ends. + + *flow* + A ``models.TCPFlow`` object. + + * - .. py:function:: tcp_error(flow) + - Called when a TCP error occurs - e.g. the connection closing + unexpectedly. + + *flow* + A ``models.TCPFlow`` object. + + * - .. py:function:: tcp_message(flow) + + - Called a TCP payload is received from the client or server. The + sender and receiver are identifiable. The most recent message will be + ``flow.messages[-1]``. The message is user-modifiable. + + *flow* + A ``models.TCPFlow`` object. + + * - .. py:function:: tcp_start(flow) + - Called when TCP streaming starts. + + *flow* + A ``models.TCPFlow`` object. diff --git a/docs/scripting/inlinescripts.rst b/docs/scripting/inlinescripts.rst deleted file mode 100644 index 74d4e714..00000000 --- a/docs/scripting/inlinescripts.rst +++ /dev/null @@ -1,227 +0,0 @@ -.. _inlinescripts: - -Inline Scripts -============== - -**mitmproxy** has a powerful scripting API that allows you to modify flows -on-the-fly or rewrite previously saved flows locally. - -The mitmproxy scripting API is event driven - a script is simply a Python -module that exposes a set of event methods. Here's a complete mitmproxy script -that adds a new header to every HTTP response before it is returned to the -client: - -.. literalinclude:: ../../examples/add_header.py - :caption: examples/add_header.py - :language: python - -All events that deal with an HTTP request get an instance of :py:class:`~mitmproxy.models.HTTPFlow`, -which we can use to manipulate the response itself. - -We can now run this script using mitmdump or mitmproxy as follows: - ->>> mitmdump -s add_header.py - -The new header will be added to all responses passing through the proxy. - -Examples --------- - -mitmproxy comes with a variety of example inline scripts, which demonstrate many basic tasks. -We encourage you to either browse them locally or on `GitHub`_. - - -Events ------- - -Script Lifecycle Events -^^^^^^^^^^^^^^^^^^^^^^^ - -.. py:function:: start(context) - - Called once on startup, before any other events. - - :param List[str] argv: The inline scripts' arguments. - For example, ``mitmproxy -s 'example.py --foo 42'`` sets argv to ``["--foo", "42"]``. - -.. py:function:: done(context) - - Called once on script shutdown, after any other events. - -Connection Events -^^^^^^^^^^^^^^^^^ - -.. py:function:: clientconnect(context, root_layer) - - Called when a client initiates a connection to the proxy. Note that - a connection can correspond to multiple HTTP requests. - - .. versionchanged:: 0.14 - - :param Layer root_layer: The root layer, which provides transparent access to all attributes of the - :py:class:`~mitmproxy.proxy.RootContext`. For example, ``root_layer.client_conn.address`` - gives the remote address of the connecting client. - -.. py:function:: clientdisconnect(context, root_layer) - - Called when a client disconnects from the proxy. - - .. versionchanged:: 0.14 - - :param Layer root_layer: see :py:func:`clientconnect` - -.. py:function:: serverconnect(context, server_conn) - - Called before the proxy initiates a connection to the target server. Note that - a connection can correspond to multiple HTTP requests. - - :param ServerConnection server_conn: The server connection object. It is guaranteed to have a - non-None ``address`` attribute. - -.. py:function:: serverdisconnect(context, server_conn) - - Called when the proxy has closed the server connection. - - .. versionadded:: 0.14 - - :param ServerConnection server_conn: see :py:func:`serverconnect` - -HTTP Events -^^^^^^^^^^^ - -.. py:function:: request(context, flow) - - Called when a client request has been received. The ``flow`` object is - guaranteed to have a non-None ``request`` attribute. - - :param HTTPFlow flow: The flow containing the request which has been received. - The object is guaranteed to have a non-None ``request`` attribute. - -.. py:function:: responseheaders(context, flow) - - Called when the headers of a server response have been received. - This will always be called before the response hook. - - :param HTTPFlow flow: The flow containing the request and response. - The object is guaranteed to have non-None ``request`` and - ``response`` attributes. ``response.content`` will be ``None``, - as the response body has not been read yet. - -.. py:function:: response(context, flow) - - Called when a server response has been received. - - :param HTTPFlow flow: The flow containing the request and response. - The object is guaranteed to have non-None ``request`` and - ``response`` attributes. ``response.body`` will contain the raw response body, - unless response streaming has been enabled. - -.. py:function:: error(context, flow) - - Called when a flow error has occurred, e.g. invalid server responses, or - interrupted connections. This is distinct from a valid server HTTP error - response, which is simply a response with an HTTP error code. - - :param HTTPFlow flow: The flow containing the error. - It is guaranteed to have non-None ``error`` attribute. - -WebSockets Events -^^^^^^^^^^^^^^^^^ - -.. py:function:: websocket_handshake(context, flow) - - Called when a client wants to establish a WebSockets connection. - The WebSockets-specific headers can be manipulated to manipulate the handshake. - The ``flow`` object is guaranteed to have a non-None ``request`` attribute. - - :param HTTPFlow flow: The flow containing the request which has been received. - The object is guaranteed to have a non-None ``request`` attribute. - -TCP Events -^^^^^^^^^^ - -.. py:function:: tcp_message(context, tcp_msg) - - .. warning:: API is subject to change - - If the proxy is in :ref:`TCP mode <tcpproxy>`, this event is called when it - receives a TCP payload from the client or server. - - The sender and receiver are identifiable. The message is user-modifiable. - - :param TcpMessage tcp_msg: see *examples/tcp_message.py* - -API ---- - -The canonical API documentation is the code, which you can browse here, locally or on `GitHub`_. -*Use the Source, Luke!* - -The main classes you will deal with in writing mitmproxy scripts are: - -:py:class:`mitmproxy.flow.FlowMaster` - - The "heart" of mitmproxy, usually subclassed as :py:class:`mitmproxy.dump.DumpMaster` or - :py:class:`mitmproxy.console.ConsoleMaster`. -:py:class:`~mitmproxy.models.ClientConnection` - - Describes a client connection. -:py:class:`~mitmproxy.models.ServerConnection` - - Describes a server connection. -:py:class:`~mitmproxy.models.HTTPFlow` - - A collection of objects representing a single HTTP transaction. -:py:class:`~mitmproxy.models.HTTPRequest` - - An HTTP request. -:py:class:`~mitmproxy.models.HTTPResponse` - - An HTTP response. -:py:class:`~mitmproxy.models.Error` - - A communications error. -:py:class:`netlib.http.Headers` - - A dictionary-like object for managing HTTP headers. -:py:class:`netlib.certutils.SSLCert` - - Exposes information SSL certificates. - - -Running scripts in parallel ---------------------------- - -We have a single flow primitive, so when a script is blocking, other requests are not processed. -While that's usually a very desirable behaviour, blocking scripts can be run threaded by using the -:py:obj:`mitmproxy.script.concurrent` decorator. -**If your script does not block, you should avoid the overhead of the decorator.** - -.. literalinclude:: ../../examples/nonblocking.py - :caption: examples/nonblocking.py - :language: python - -Make scripts configurable with arguments ----------------------------------------- - -Sometimes, you want to pass runtime arguments to the inline script. This can be simply done by -surrounding the script call with quotes, e.g. ```mitmdump -s 'script.py --foo 42'``. -The arguments are then exposed in the start event: - -.. literalinclude:: ../../examples/modify_response_body.py - :caption: examples/modify_response_body.py - :language: python - -Running scripts on saved flows ------------------------------- - -Sometimes, we want to run a script on :py:class:`~mitmproxy.models.Flow` objects that are already -complete. This happens when you start a script, and then load a saved set of flows from a file -(see the "scripted data transformation" example :ref:`here <mitmdump>`). -It also happens when you run a one-shot script on a single flow through the ``|`` (pipe) shortcut -in mitmproxy. - -In this case, there are no client connections, and the events are run in the following order: -**start**, **request**, **responseheaders**, **response**, **error**, **done**. -If the flow doesn't have a **response** or **error** associated with it, the matching events will -be skipped. - -Spaces in the script path -------------------------- - -By default, spaces are interpreted as a separator between the inline script and its arguments -(e.g. ``-s 'foo.py 42'``). Consequently, the script path needs to be wrapped in a separate pair of -quotes if it contains spaces: ``-s '\'./foo bar/baz.py\' 42'``. - -.. _GitHub: https://github.com/mitmproxy/mitmproxy diff --git a/docs/scripting/mitmproxy.rst b/docs/scripting/mitmproxy.rst deleted file mode 100644 index 9e331736..00000000 --- a/docs/scripting/mitmproxy.rst +++ /dev/null @@ -1,26 +0,0 @@ - -FlowMaster -========== - -.. note:: - - We strongly encourage you to use :ref:`inlinescripts` rather than subclassing mitmproxy's FlowMaster. - - Inline Scripts are equally powerful and provide an easier syntax. - - Most examples are written as inline scripts. - - Multiple inline scripts can be used together. - - Inline Scripts can either be executed headless with mitmdump or within the mitmproxy UI. - - -All of mitmproxy's basic functionality is exposed through the **mitmproxy** -library. The example below shows a simple implementation of the "sticky cookie" -functionality included in the interactive mitmproxy program. Traffic is -monitored for ``Cookie`` and ``Set-Cookie`` headers, and requests are rewritten -to include a previously seen cookie if they don't already have one. In effect, -this lets you log in to a site using your browser, and then make subsequent -requests using a tool like curl, which will then seem to be part of the -authenticated session. - - -.. literalinclude:: ../../examples/stickycookies - :caption: examples/stickycookies - :language: python diff --git a/docs/scripting/overview.rst b/docs/scripting/overview.rst new file mode 100644 index 00000000..5966eb1d --- /dev/null +++ b/docs/scripting/overview.rst @@ -0,0 +1,141 @@ +.. _overview: + +Overview +======== + +Mitmproxy has a powerful scripting API that allows you to control almost any +aspect of traffic being proxied. In fact, much of mitmproxy's own core +functionality is implemented using the exact same API exposed to scripters (see +:src:`mitmproxy/builtins`). + + +A simple example +---------------- + +Scripting is event driven, with named handlers on the script object called at +appropriate points of mitmproxy's operation. Here's a complete mitmproxy script +that adds a new header to every HTTP response before it is returned to the +client: + +.. literalinclude:: ../../examples/add_header.py + :caption: :src:`examples/add_header.py` + :language: python + +All events that deal with an HTTP request get an instance of `HTTPFlow +<api.html#mitmproxy.models.http.HTTPFlow>`_, which we can use to manipulate the +response itself. We can now run this script using mitmdump, and the new header +will be added to all responses passing through the proxy: + +>>> mitmdump -s add_header.py + + +Using classes +------------- + +In the example above, the script object is the ``add_header`` module itself. +That is, the handlers are declared at the global level of the script. This is +great for quick hacks, but soon becomes limiting as scripts become more +sophisticated. + +When a script first starts up, the `start <events.html#start>`_, event is +called before anything else happens. You can replace the current script object +by returning it from this handler. Here's how this looks when applied to the +example above: + +.. literalinclude:: ../../examples/classes.py + :caption: :src:`examples/classes.py` + :language: python + +So here, we're using a module-level script to "boot up" into a class instance. +From this point on, the module-level script is removed from the handler chain, +and is replaced by the class instance. + + +Handling arguments +------------------ + +Scripts can handle their own command-line arguments, just like any other Python +program. Let's build on the example above to do something slightly more +sophisticated - replace one value with another in all responses. Mitmproxy's +`HTTPRequest <api.html#mitmproxy.models.http.HTTPRequest>`_ and `HTTPResponse +<api.html#mitmproxy.models.http.HTTPResponse>`_ objects have a handy `replace +<api.html#mitmproxy.models.http.HTTPResponse.replace>`_ method that takes care +of all the details for us. + +.. literalinclude:: ../../examples/arguments.py + :caption: :src:`examples/arguments.py` + :language: python + +We can now call this script on the command-line like this: + +>>> mitmdump -dd -s "./arguments.py html faketml" + +Whenever a handler is called, mitpmroxy rewrites the script environment so that +it sees its own arguments as if it was invoked from the command-line. + + +Logging and the context +----------------------- + +Scripts should not output straight to stderr or stdout. Instead, the `log +<api.html#mitmproxy.controller.Log>`_ object on the ``ctx`` contexzt module +should be used, so that the mitmproxy host program can handle output +appropriately. So, mitmdump can print colorised sript output to the terminal, +and mitmproxy console can place script output in the event buffer. + +Here's how this looks: + +.. literalinclude:: ../../examples/logging.py + :caption: :src:`examples/logging.py` + :language: python + +The ``ctx`` module also exposes the mitmproxy master object at ``ctx.master`` +for advanced usage. + + +Running scripts on saved flows +------------------------------ + +When a flow is loaded from disk, the sequence of events that the flow would +have gone through on the wire is partially replayed. So, for instance, an HTTP +flow loaded from disk will trigger `requestheaders +<events.html#requestheaders>`_, `request <events.html#request>`_, +`responseheaders <events.html#responseheaders>`_ and `response +<events.html#response>`_ in order. We can use this behaviour to transform saved +traffic using scripts. For example, we can invoke the replacer script from +above on saved traffic as follows: + +>>> mitmdump -dd -s "./arguments.py html fakehtml" -r saved -w changed + +This command starts the ``arguments`` script, reads all the flows from +``saved`` transforming them in the process, then writes them all to +``changed``. + +The mitmproxy console tool provides interactive ways to run transforming +scripts on flows - for instance, you can run a one-shot script on a single flow +through the ``|`` (pipe) shortcut. + + +Concurrency +----------- + +The mitmproxy script mechanism is single threaded, and the proxy blocks while +script handlers execute. This hugely simplifies the most common case, where +handlers are light-weight and the blocking doesn't have a performance impact. +It's possible to implement a concurrent mechanism on top of the blocking +framework, and mitmproxy includes a handy example of this that is fit for most +purposes. You can use it as follows: + +.. literalinclude:: ../../examples/nonblocking.py + :caption: :src:`examples/nonblocking.py` + :language: python + + +Developing scripts +------------------ + +Mitmprxoy monitors scripts for modifications, and reloads them on change. When +this happens, the script is shut down (the `done <events.html#done>`_ event is +called), and the new instance is started up as if the script had just been +loaded (the `start <events.html#start>`_ and `configure +<events.html#configure>`_ events are called). |