diff options
Diffstat (limited to 'examples/sslstrip.py')
| -rw-r--r-- | examples/sslstrip.py | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/examples/sslstrip.py b/examples/sslstrip.py index 8dde8e3e..afc95fc8 100644 --- a/examples/sslstrip.py +++ b/examples/sslstrip.py @@ -2,23 +2,21 @@ from netlib.http import decoded import re from six.moves import urllib +# set of SSL/TLS capable hosts +secure_hosts = set() -def start(context): - # set of SSL/TLS capable hosts - context.secure_hosts = set() - -def request(context, flow): +def request(flow): flow.request.headers.pop('If-Modified-Since', None) flow.request.headers.pop('Cache-Control', None) # proxy connections to SSL-enabled hosts - if flow.request.pretty_host in context.secure_hosts: + if flow.request.pretty_host in secure_hosts: flow.request.scheme = 'https' flow.request.port = 443 -def response(context, flow): +def response(flow): with decoded(flow.response): flow.request.headers.pop('Strict-Transport-Security', None) flow.request.headers.pop('Public-Key-Pins', None) @@ -31,7 +29,7 @@ def response(context, flow): location = flow.response.headers['Location'] hostname = urllib.parse.urlparse(location).hostname if hostname: - context.secure_hosts.add(hostname) + secure_hosts.add(hostname) flow.response.headers['Location'] = location.replace('https://', 'http://', 1) # strip secure flag from 'Set-Cookie' headers |