25 August 2013: mitmproxy 0.9.2: * Improvements to the mitmproxywrapper.py helper script for OSX. * Don't take minor version into account when checking for serialized file compatibility. * Fix a bug causing resource exhaustion under some circumstances for SSL connections. * Revamp the way we store interception certificates. We used to store these on disk, they're now in-memory. This fixes a race condition related to cert handling, and improves compatibility with Windows, where the rules governing permitted file names are weird, resulting in errors for some valid IDNA-encoded names. * Display transfer rates for responses in the flow list. * Many other small bugfixes and improvements. 16 June 2013: mitmproxy 0.9.1: * Use "correct" case for Content-Type headers added by mitmproxy. * Make UTF environment detection more robust. * Improved MIME-type detection for viewers. * Always read files in binary mode (Windows compatibility fix). * Some developer documentation. 15 May 2013: mitmproxy 0.9: * Upstream certs mode is now the default. * Add a WSGI container that lets you host in-proxy web applications. * Full transparent proxy support for Linux and OSX. * Introduce netlib, a common codebase for mitmproxy and pathod (http://github.com/cortesi/netlib). * Full support for SNI. * Color palettes for mitmproxy, tailored for light and dark terminal backgrounds. * Stream flows to file as responses arrive with the "W" shortcut in mitmproxy. * Extend the filter language, including ~d domain match operator, ~a to match asset flows (js, images, css). * Follow mode in mitmproxy ("F" shortcut) to "tail" flows as they arrive. * --dummy-certs option to specify and preserve the dummy certificate directory. * Server replay from the current captured buffer. * Huge improvements in content views. We now have viewers for AMF, HTML, JSON, Javascript, images, XML, URL-encoded forms, as well as hexadecimal and raw views. * Add Set Headers, analagous to replacement hooks. Defines headers that are set on flows, based on a matching pattern. * A graphical editor for path components in mitmproxy. * A small set of standard user-agent strings, which can be used easily in the header editor. * Proxy authentication to limit access to mitmproxy 5 April 2012: mitmproxy 0.8: * Detailed tutorial for Android interception. Some features that land in this release have finally made reliable Android interception possible. * Upstream-cert mode, which uses information from the upstream server to generate interception certificates. * Replacement patterns that let you easily do global replacements in flows matching filter patterns. Can be specified on the command-line, or edited interactively. * Much more sophisticated and usable pretty printing of request bodies. Support for auto-indentation of Javascript, inspection of image EXIF data, and more. * Details view for flows, showing connection and SSL cert information (X keyboard shortcut). * Server certificates are now stored and serialized in saved traffic for later analysis. This means that the 0.8 serialization format is NOT compatible with 0.7. * Many other improvements, including bugfixes, and expanded scripting API, and more sophisticated certificate handling. 20 February 2012: mitmproxy 0.7: * New built-in key/value editor. This lets you interactively edit URL query strings, headers and URL-encoded form data. * Extend script API to allow duplication and replay of flows. * API for easy manipulation of URL-encoded forms and query strings. * Add "D" shortcut in mitmproxy to duplicate a flow. * Reverse proxy mode. In this mode mitmproxy acts as an HTTP server, forwarding all traffic to a specified upstream server. * UI improvements - use unicode characters to make GUI more compact, improve spacing and layout throughout. * Add support for filtering by HTTP method. * Add the ability to specify an HTTP body size limit. * Move to typed netstrings for serialization format - this makes 0.7 backwards-incompatible with serialized data from 0.6! * Significant improvements in speed and responsiveness of UI. * Many minor bugfixes and improvements. 7 August 2011: mitmproxy 0.6: * New scripting API that allows much more flexible and fine-grained rewriting of traffic. See the docs for more info. * Support for gzip and deflate content encodings. A new "z" keybinding in mitmproxy to let us quickly encode and decode content, plus automatic decoding for the "pretty" view mode. * An event log, viewable with the "v" shortcut in mitmproxy, and the "-e" command-line flag in mitmdump. * Huge performance improvements: mitmproxy interface, loading large numbers of flows from file. * A new "replace" convenience method for all flow objects, that does a universal regex-based string replacement. * Header management has been rewritten to maintain both case and order. * Improved stability for SSL interception. * Default expiry time on generated SSL certs has been dropped to avoid an OpenSSL overflow bug that caused certificates to expire in the distant past on some systems. * A "pretty" view mode for JSON and form submission data. * Expanded documentation and examples. * Countless other small improvements and bugfixes. 27 June 2011: mitmproxy 0.5: * An -n option to start the tools without binding to a proxy port. * Allow scripts, hooks, sticky cookies etc. to run on flows loaded from save files. * Regularize command-line options for mitmproxy and mitmdump. * Add an "SSL exception" to mitmproxy's license to remove possible distribution issues. * Add a --cert-wait-time option to make mitmproxy pause after a new SSL certificate is generated. This can pave over small discrepancies in system time between the client and server. * Handle viewing big request and response bodies more elegantly. Only render the first 100k of large documents, and try to avoid running the XML indenter on non-XML data. * BUGFIX: Make the "revert" keyboard shortcut in mitmproxy work after a flow has been replayed. * BUGFIX: Repair a problem that sometimes caused SSL connections to consume 100% of CPU. 30 March 2011: mitmproxy 0.4 * Full serialization of HTTP conversations * Client and server replay * On-the-fly generation of dummy SSL certificates * mitmdump has "grown up" into a powerful tcpdump-like tool for HTTP/S * Dozens of improvements to the mitmproxy console interface * Python scripting hooks for programmatic modification of traffic 1 March 2010: mitmproxy 0.2 * Big speed and responsiveness improvements, thanks to Thomas Roth * Support urwid 0.9.9 * Terminal beeping based on filter expressions * Filter expressions for terminal beeps, limits, interceptions and sticky cookies can now be passed on the command line. * Save requests and responses to file * Split off non-interactive dump functionality into a new tool called mitmdump * "A" will now accept all intercepted connections * Lots of bugfixes