From f4a1459ebeca7c72419bce17d931f8b2c846df5e Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Sat, 9 Aug 2014 01:02:58 +0200 Subject: fix #274 --- examples/redirect_requests.py | 4 ++-- libmproxy/protocol/http.py | 8 ++++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/examples/redirect_requests.py b/examples/redirect_requests.py index 278160c7..a9a7e795 100644 --- a/examples/redirect_requests.py +++ b/examples/redirect_requests.py @@ -7,12 +7,12 @@ This example shows two ways to redirect flows to other destinations. def request(context, flow): - if flow.request.host.endswith("example.com"): + if flow.request.get_host(hostheader=True).endswith("example.com"): resp = HTTPResponse( [1, 1], 200, "OK", ODictCaseless([["Content-Type", "text/html"]]), "helloworld") flow.request.reply(resp) - if flow.request.host.endswith("example.org"): + if flow.request.get_host(hostheader=True).endswith("example.org"): flow.request.host = "mitmproxy.org" flow.request.headers["Host"] = ["mitmproxy.org"] diff --git a/libmproxy/protocol/http.py b/libmproxy/protocol/http.py index eec62916..68762833 100644 --- a/libmproxy/protocol/http.py +++ b/libmproxy/protocol/http.py @@ -464,9 +464,13 @@ class HTTPRequest(HTTPMessage): def get_host(self, hostheader=False): """ Heuristic to get the host of the request. - The host is not necessarily equal to the TCP destination of the request, - for example on a transparently proxified absolute-form request to an upstream HTTP proxy. + + Note that get_host() does not always return the TCP destination of the request, + e.g. on a transparently intercepted request to an unrelated HTTP proxy. + If hostheader is set to True, the Host: header will be used as additional (and preferred) data source. + This is handy in transparent mode, where only the ip of the destination is known, but not the + resolved name. This is disabled by default, as an attacker may spoof the host header to confuse an analyst. """ host = None if hostheader: -- cgit v1.2.3