Merge pull request #3745 from mhils/v5.x

Prepare 5.0 release
This commit is contained in:
Maximilian Hils 2019-12-12 16:53:14 +01:00 committed by GitHub
commit 7810b68c82
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 8314 additions and 6248 deletions

View File

@ -1,3 +1,46 @@
16 December 2019: mitmproxy 5.0
** Major Changes **
* Added new Table UI (@Jessonsotoventura)
* Added EKU extension to certificates. This fixes support for macOS Catalina (@vin01)
** Security Fixes **
* Fixed command injection vulnerabilities when exporting flows as curl/httpie commands (@cript0nauta)
* Do not echo unsanitized user input in HTTP error responses (@fimad)
** Full Changelog **
* Moved to Github CI for Continuous Integration, dropping support for old Linux and macOS releases. (#3728)
* Vastly improved command parsing, in particular for setting flow filters (@typoon)
* Added a new flow export for raw responses (@mckeimic)
* URLs are now edited in an external editor (@Jessonsotoventura)
* mitmproxy now has a command history (@typoon)
* Added terminal like keyboard shortcuts for the command bar (ctrl+w, ctrl+a, ctrl+f, ...) (@typoon)
* Fixed issue with improper handling of non-ascii characters in URLs (@rjt-gupta)
* Filtering can now use unicode characters (@rjt-gupta)
* Fixed issue with user keybindings not being able to override default keybindings
* Improved installation instructions
* Added support for IPV6-only environments (@sethb157)
* Fixed bug with server replay (@rjt-gupta)
* Fixed issue with duplicate error responses (@ccssrryy)
* Users can now set a specific external editor using $MITMPROXY_EDITOR (@rjt-gupta)
* Config file can now be called `config.yml` or `config.yaml` (@ylmrx)
* Fixed crash on `view.focus.[next|prev]` (@ylmrx)
* Updated documentation to help using mitmproxy certificate on Android (@jannst)
* Added support to parse IPv6 entries from `pfctl` on MacOS. (@tomlabaude)
* Fixed instructions on how to build the documentation (@jannst)
* Added a new `--allow-hosts` option (@pierlon)
* Added support for zstd content-encoding (@tsaaristo)
* Fixed issue where the replay server would corrupt the Date header (@tonyb486)
* Improve speed for WebSocket interception (@MathieuBordere)
* Fixed issue with parsing JPEG files. (@lusceu)
* Improve example code style (@BoboTiG)
* Fixed issue converting void responses to HAR (@worldmind)
* Color coded http status codes in mitmweb (@arun-94)
* Added organization to generated certificates (@Abcdefghijklmnopqrstuvwxyzxyz)
* Errors are now displayed on sys.stderr (@JessicaFavin)
* Fixed issue with replay timestamps (@rjt-gupta)
* Fixed copying in mitmweb on macOS (@XZzYassin)
31 July 2018: mitmproxy 4.0.4 31 July 2018: mitmproxy 4.0.4
* Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, @atx) * Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, @atx)

View File

@ -4,9 +4,9 @@ from typing import Optional
import urwid import urwid
import mitmproxy.tools.console.master # noqa import mitmproxy.tools.console.master # noqa
from mitmproxy.tools.console import commandexecutor
from mitmproxy.tools.console import common from mitmproxy.tools.console import common
from mitmproxy.tools.console import signals from mitmproxy.tools.console import signals
from mitmproxy.tools.console import commandexecutor
from mitmproxy.tools.console.commander import commander from mitmproxy.tools.console.commander import commander
@ -57,6 +57,7 @@ class ActionBar(urwid.WidgetWrap):
def cb(*args): def cb(*args):
if w == self._w: if w == self._w:
self.clear() self.clear()
signals.call_in.send(seconds=expire, callback=cb) signals.call_in.send(seconds=expire, callback=cb)
def prep_prompt(self, p): def prep_prompt(self, p):
@ -105,7 +106,13 @@ class ActionBar(urwid.WidgetWrap):
) )
if cursor is not None: if cursor is not None:
self._w.cbuf.cursor = cursor self._w.cbuf.cursor = cursor
self.prompting = commandexecutor.CommandExecutor(self.master) self.prompting = self.execute_command
def execute_command(self, txt):
if txt.strip():
self.master.commands.call("commands.history.add", txt)
execute = commandexecutor.CommandExecutor(self.master)
execute(txt)
def sig_prompt_onekey(self, sender, prompt, keys, callback, args=()): def sig_prompt_onekey(self, sender, prompt, keys, callback, args=()):
""" """
@ -140,7 +147,6 @@ class ActionBar(urwid.WidgetWrap):
elif k == "enter": elif k == "enter":
text = self._w.get_edit_text() text = self._w.get_edit_text()
self.prompt_execute(text) self.prompt_execute(text)
self.master.commands.call("commands.history.add", text)
else: else:
if common.is_keypress(k): if common.is_keypress(k):
self._w.keypress(size, k) self._w.keypress(size, k)

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -75,16 +75,16 @@ function styles(files, dev){
.pipe(livereload({auto: false})); .pipe(livereload({auto: false}));
} }
gulp.task("styles-app-dev", function () { gulp.task("styles-app-dev", function () {
styles(conf.css.app, true); return styles(conf.css.app, true);
}); });
gulp.task("styles-vendor-dev", function () { gulp.task("styles-vendor-dev", function () {
styles(conf.css.vendor, true); return styles(conf.css.vendor, true);
}); });
gulp.task("styles-app-prod", function () { gulp.task("styles-app-prod", function () {
styles(conf.css.app, false); return styles(conf.css.app, false);
}); });
gulp.task("styles-vendor-prod", function () { gulp.task("styles-vendor-prod", function () {
styles(conf.css.vendor, false); return styles(conf.css.vendor, false);
}); });
@ -189,7 +189,7 @@ gulp.task("peg", function () {
gulp.task( gulp.task(
"dev", "dev",
[ gulp.series(
"copy", "copy",
"styles-vendor-dev", "styles-vendor-dev",
"styles-app-dev", "styles-app-dev",
@ -197,11 +197,11 @@ gulp.task(
"peg", "peg",
"scripts-app-dev", "scripts-app-dev",
"templates" "templates"
] )
); );
gulp.task( gulp.task(
"prod", "prod",
[ gulp.series(
"copy", "copy",
"styles-vendor-prod", "styles-vendor-prod",
"styles-app-prod", "styles-app-prod",
@ -209,17 +209,20 @@ gulp.task(
"peg", "peg",
"scripts-app-prod", "scripts-app-prod",
"templates" "templates"
] )
); );
gulp.task("default", ["dev"], function () { gulp.task("default", gulp.series(
"dev",
function () {
livereload.listen({auto: true}); livereload.listen({auto: true});
gulp.watch(["src/css/vendor*"], ["styles-vendor-dev"]); gulp.watch(["src/css/vendor*"], gulp.series("styles-vendor-dev"));
gulp.watch(["src/css/**"], ["styles-app-dev"]); gulp.watch(["src/css/**"], gulp.series("styles-app-dev"));
gulp.watch(conf.templates, ["templates"]); gulp.watch(conf.templates, gulp.series("templates"));
gulp.watch(conf.peg, ["peg"]); gulp.watch(conf.peg, gulp.series("peg"));
gulp.watch(["src/js/**"], ["eslint"]); gulp.watch(["src/js/**"], gulp.series("eslint"));
// other JS is handled by watchify. // other JS is handled by watchify.
gulp.watch(conf.copy, ["copy"]); gulp.watch(conf.copy, gulp.series("copy"));
}); })
);

View File

@ -52,21 +52,21 @@
"browserify": "^14.5.0", "browserify": "^14.5.0",
"envify": "^4.1.0", "envify": "^4.1.0",
"eslint": "^4.9.0", "eslint": "^4.9.0",
"gulp": "^3.9.1", "gulp": "^4.0.2",
"gulp-clean-css": "^3.9.0", "gulp-clean-css": "^4.2.0",
"gulp-eslint": "^4.0.0", "gulp-eslint": "^6.0.0",
"gulp-less": "^3.3.2", "gulp-less": "^4.0.1",
"gulp-livereload": "^3.8.1", "gulp-livereload": "^4.0.2",
"gulp-notify": "^3.0.0", "gulp-notify": "^3.2.0",
"gulp-peg": "^0.2.0", "gulp-peg": "^0.2.0",
"gulp-plumber": "^1.1.0", "gulp-plumber": "^1.2.1",
"gulp-rename": "^1.2.2", "gulp-rename": "^2.0.0",
"gulp-sourcemaps": "^2.6.1", "gulp-sourcemaps": "^2.6.5",
"gulp-util": "^3.0.8", "gulp-util": "^3.0.8",
"jest": "^21.2.1", "jest": "^21.2.1",
"uglifyify": "^4.0.4", "uglifyify": "^4.0.4",
"vinyl-buffer": "^1.0.0", "vinyl-buffer": "^1.0.1",
"vinyl-source-stream": "^1.1.0", "vinyl-source-stream": "^2.0.0",
"watchify": "^3.9.0" "watchify": "^3.11.1"
} }
} }

View File

@ -92,19 +92,19 @@ MethodColumn.headerName = 'Method'
export function StatusColumn({ flow }) { export function StatusColumn({ flow }) {
let color = 'darkred'; let color = 'darkred';
if (flow.response !== null && 100 <= flow.response.status_code && flow.response.status_code < 200) { if (flow.response && 100 <= flow.response.status_code && flow.response.status_code < 200) {
color = 'green' color = 'green'
} }
else if (flow.response !== null && 200 <= flow.response.status_code && flow.response.status_code < 300) { else if (flow.response && 200 <= flow.response.status_code && flow.response.status_code < 300) {
color = 'darkgreen' color = 'darkgreen'
} }
else if (flow.response !== null && 300 <= flow.response.status_code && flow.response.status_code < 400) { else if (flow.response && 300 <= flow.response.status_code && flow.response.status_code < 400) {
color = 'lightblue' color = 'lightblue'
} }
else if (flow.response !== null && 400 <= flow.response.status_code && flow.response.status_code < 500) { else if (flow.response && 400 <= flow.response.status_code && flow.response.status_code < 500) {
color = 'lightred' color = 'lightred'
} }
else if (flow.response !== null && 500 <= flow.response.status_code && flow.response.status_code < 600) { else if (flow.response && 500 <= flow.response.status_code && flow.response.status_code < 600) {
color = 'lightred' color = 'lightred'
} }

File diff suppressed because it is too large Load Diff