| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
|
| |
|
|
|
|
|
|
|
| |
- Don't fail to identity encoding when an unknown encoding is specified.
- Don't constrain encodings. I want to try to modify traffic as little as
possible by default.
- When decoding, delete content-encoding header rather than set it to "identity"
- Refuse to decode/encode when there is an existing but unknown
content-encoding header.
|
| | |
|
| |
|
|
|
| |
Cut out unused variables and code, generally shut up pychecker as much as is
reasonable.
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| |/
|
|
| |
Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
|
| | |
|
| |
|
|
| |
Also, squash an SSL-related bug revealed by the extended logging.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This is a common task in pentesting scenarios. This commit adds the following
functions:
utils.Headers.replace
proxy.Request.replace
proxy.Response.replace
flow.Flow.replace
|
| |
|
|
| |
identity responses
|
| |
|
|
| |
'd' to toggle autodecode, adds togglable option 'd' to do the same
|
| | |
|
| | |
|
| |
|
|
|
| |
This is on by default, which means we avoid compressed content unless the -z
flag is specified.
|
| | |
|
| |
|
|
|
| |
This fixes a bug that caused a traceback when de-serialized requests were
replayed. Also adds unit tests for the problem.
|
| |
|
|
|
|
|
|
|
| |
Since OpenSSL doesn't let us set certificate start times in the past, the
client and proxy machine time must be synchronized, or the client might reject
the certificate. We can bodgy over small discrepancies by waiting a few seconds
after a new certificate is generated (i.e. the first time an SSL domain is contacted).
Make this a configurable option, and turn it off by default.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This allows us to replay an HTTP Authorization header, in the same way as we
replay cookies using stickycookies. This lets us conveniently get at HTTP Basic
Auth protected resources through the proxy, but is not enough to do the same
for HTTP Digest auth. We'll put that on the todo list.
|
| |
|
|
|
|
|
|
|
|
|
| |
We now create three different files in the .mitmproxy directory when a dummy CA
is made:
mitmproxy-ca.pem - the CA, including private key
mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.
mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
|
| |
|
|
|
|
|
|
| |
- Computing the view of a large body is expensive, so we introduce an LRU cache
to hold the latest 20 results.
- Use ListView more correctly, passing it individual urwid.Text snippets,
rather than a single large one. This hugely improves render time.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Also, make cookie parsing for refreshing more error-tolerant.
|
| | |
|
| |
|
|
|
|
|
| |
This removes all headers that might cause a server to return 304-not-modified.
For now, all the new features are going into mitmdump - everything will be
ported over to mitmproxy once I have the feature set locked down.
|
| |
|
|
|
|
| |
Format is:
(tm_year,tm_mon,tm_mday,tm_hour,tm_min, tm_sec,tm_wday,tm_yday,tm_isdst)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
If msg is Unicode, the proto string is automatically promoted to Unicode. If
the proto string is promoted to Unicode, then the FMT interpolation is also
done in Unicode. If this happens, then binary data in content will cause an
exception.
|
| | |
|
| |
|
|
|
|
| |
This means that certificates don't accumulate in the conf directory, users
don't have to clear certificates if the CA is regenerated, and the user can
specify a custom CA without invalid certificates being loaded inadvertently.
|
| |
|
|
|
|
|
|
| |
- Move option parsing utiliities to proxy.py
- Don't have a global config object. Pass it as an argument to ProxyServer.
- Simplify certificate generation logic.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Use templates for config files. We can re-introduce customization of the
certificate attributes when we need them.
- Split CA and cert generation into separate functions.
- Generation methods provide an error return when generation fails.
- When the user explicitly specifies a certificate, we don't generate it, but
fail if it doesn't exist.
|
| |
|
|
| |
We need this to let us load state from copied Flows returned from scripts.
|
| | |
|
| |
|
|
|
|
| |
This is a big patch removing the assumption that there's one connection per
Request/Response pair. It touches pretty much every part of mitmproxy, so
expect glitches until everything is ironed out.
|
| | |
|
| |
|
|
|
|
| |
We use the ClientConnection object to tie requests, responses and errors
together. This is an HTTP 1.0 assumption, but we can fix it by just making
copies of the connection object when we handle multiple requests.
|
| | |
|
