diff options
Diffstat (limited to 'libmproxy/protocol/http.py')
| -rw-r--r-- | libmproxy/protocol/http.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/libmproxy/protocol/http.py b/libmproxy/protocol/http.py index eec62916..68762833 100644 --- a/libmproxy/protocol/http.py +++ b/libmproxy/protocol/http.py @@ -464,9 +464,13 @@ class HTTPRequest(HTTPMessage): def get_host(self, hostheader=False): """ Heuristic to get the host of the request. - The host is not necessarily equal to the TCP destination of the request, - for example on a transparently proxified absolute-form request to an upstream HTTP proxy. + + Note that get_host() does not always return the TCP destination of the request, + e.g. on a transparently intercepted request to an unrelated HTTP proxy. + If hostheader is set to True, the Host: header will be used as additional (and preferred) data source. + This is handy in transparent mode, where only the ip of the destination is known, but not the + resolved name. This is disabled by default, as an attacker may spoof the host header to confuse an analyst. """ host = None if hostheader: |