1 files changed, 4 insertions, 85 deletions

diff --git a/mitmproxy/models/http.py b/mitmproxy/models/http.py
index 11f46611..08fc5e46 100644
--- a/mitmproxy/models/http.py
+++ b/mitmproxy/models/http.py
@@ -1,5 +1,5 @@
 from __future__ import (absolute_import, print_function, division)
-from six.moves import http_cookies as Cookie
+import cgi
 import copy
 import warnings
 from email.utils import parsedate_tz, formatdate, mktime_tz
@@ -55,18 +55,13 @@ class HTTPRequest(MessageMixin, Request):
         content: Content of the request, the value is None if there is content
         associated, but not present.
 
-        form_in: The request form which mitmproxy has received. The following
-        values are possible:
+        first_line_format: The request form. The following values are possible:
 
-             - relative (GET /index.html, OPTIONS *) (covers origin form and
-               asterisk form)
+             - relative (GET /index.html, OPTIONS *) (origin form or asterisk form)
              - absolute (GET http://example.com:80/index.html)
              - authority-form (CONNECT example.com:443)
              Details: http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-25#section-5.3
 
-        form_out: The request form which mitmproxy will send out to the
-        destination
-
         timestamp_start: Timestamp indicating when request transmission started
 
         timestamp_end: Timestamp indicating when request transmission ended
@@ -85,7 +80,6 @@ class HTTPRequest(MessageMixin, Request):
             content,
             timestamp_start=None,
             timestamp_end=None,
-            form_out=None,
             is_replay=False,
             stickycookie=False,
             stickyauth=False,
@@ -104,7 +98,6 @@ class HTTPRequest(MessageMixin, Request):
             timestamp_start,
             timestamp_end,
         )
-        self.form_out = form_out or first_line_format  # FIXME remove
 
         # Have this request's cookies been modified by sticky cookies or auth?
         self.stickycookie = stickycookie
@@ -142,26 +135,12 @@ class HTTPRequest(MessageMixin, Request):
             content=request.data.content,
             timestamp_start=request.data.timestamp_start,
             timestamp_end=request.data.timestamp_end,
-            form_out=(request.form_out if hasattr(request, 'form_out') else None),
         )
         return req
 
-    @property
-    def form_out(self):
-        warnings.warn(".form_out is deprecated, use .first_line_format instead.", DeprecationWarning)
-        return self.first_line_format
-
-    @form_out.setter
-    def form_out(self, value):
-        warnings.warn(".form_out is deprecated, use .first_line_format instead.", DeprecationWarning)
-        self.first_line_format = value
-
     def __hash__(self):
         return id(self)
 
-    def set_auth(self, auth):
-        self.data.headers.set_all("Proxy-Authorization", (auth,))
-
 class HTTPResponse(MessageMixin, Response):
 
     """
@@ -224,66 +203,6 @@ class HTTPResponse(MessageMixin, Response):
         )
         return resp
 
-    def _refresh_cookie(self, c, delta):
-        """
-            Takes a cookie string c and a time delta in seconds, and returns
-            a refreshed cookie string.
-        """
-        try:
-            c = Cookie.SimpleCookie(str(c))
-        except Cookie.CookieError:
-            raise ValueError("Invalid Cookie")
-        for i in c.values():
-            if "expires" in i:
-                d = parsedate_tz(i["expires"])
-                if d:
-                    d = mktime_tz(d) + delta
-                    i["expires"] = formatdate(d)
-                else:
-                    # This can happen when the expires tag is invalid.
-                    # reddit.com sends a an expires tag like this: "Thu, 31 Dec
-                    # 2037 23:59:59 GMT", which is valid RFC 1123, but not
-                    # strictly correct according to the cookie spec. Browsers
-                    # appear to parse this tolerantly - maybe we should too.
-                    # For now, we just ignore this.
-                    del i["expires"]
-        ret = c.output(header="").strip()
-        if not ret:
-            raise ValueError("Invalid Cookie")
-        return ret
-
-    def refresh(self, now=None):
-        """
-            This fairly complex and heuristic function refreshes a server
-            response for replay.
-
-                - It adjusts date, expires and last-modified headers.
-                - It adjusts cookie expiration.
-        """
-        if not now:
-            now = time.time()
-        delta = now - self.timestamp_start
-        refresh_headers = [
-            "date",
-            "expires",
-            "last-modified",
-        ]
-        for i in refresh_headers:
-            if i in self.headers:
-                d = parsedate_tz(self.headers[i])
-                if d:
-                    new = mktime_tz(d) + delta
-                    self.headers[i] = formatdate(new)
-        c = []
-        for set_cookie_header in self.headers.get_all("set-cookie"):
-            try:
-                refreshed = self._refresh_cookie(set_cookie_header, delta)
-            except ValueError:
-                refreshed = set_cookie_header
-            c.append(refreshed)
-        if c:
-            self.headers.set_all("set-cookie", c)
-
 
 class HTTPFlow(Flow):
 
@@ -381,7 +300,7 @@ def make_error_response(status_code, message, headers=None):
             </head>
             <body>%s</body>
         </html>
-    """.strip() % (status_code, response, message)
+    """.strip() % (status_code, response, cgi.escape(message))
     body = body.encode("utf8", "replace")
 
     if not headers: