Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 00:01:36 +00:00
Code Issues Projects Releases Wiki Activity

--replay_ignore_payload_params added, to filter params in form posts

Browse Source
This commit is contained in:
Marcelo Glezer 2014-12-18 17:56:27 -03:00
parent 120ab5c4cd
commit 7e1b35bfc7
4 changed files with 110 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libmproxy/cmdline.py
View File

@ -183,7 +183,8 @@ def get_common_options(options):
verbosity=options.verbose, verbosity=options.verbose,
nopop=options.nopop, nopop=options.nopop,
replay_ignore_content = options.replay_ignore_content, replay_ignore_content = options.replay_ignore_content,
replay_ignore_params = options.replay_ignore_params replay_ignore_params = options.replay_ignore_params,
replay_ignore_payload_params = options.replay_ignore_payload_params
) )
@ -438,13 +439,24 @@ def common_options(parser):
help="Disable response pop from response flow. " help="Disable response pop from response flow. "
"This makes it possible to replay same response multiple times." "This makes it possible to replay same response multiple times."
) )
group.add_argument( payload = group.add_mutually_exclusive_group()
payload.add_argument(
"--replay-ignore-content", "--replay-ignore-content",
action="store_true", dest="replay_ignore_content", default=False, action="store_true", dest="replay_ignore_content", default=False,
help=""" help="""
Ignore request's content while searching for a saved flow to replay Ignore request's content while searching for a saved flow to replay
""" """
) )
payload.add_argument(
"--replay-ignore-payload-param",
action="append", dest="replay_ignore_payload_params", type=str,
help="""
Request's payload parameters (application/x-www-form-urlencoded) to
be ignored while searching for a saved flow to replay.
Can be passed multiple times.
"""
)
group.add_argument( group.add_argument(
"--replay-ignore-param", "--replay-ignore-param",
action="append", dest="replay_ignore_params", type=str, action="append", dest="replay_ignore_params", type=str,

5
libmproxy/dump.py
View File

@ -39,6 +39,7 @@ class Options(object):
"outfile", "outfile",
"replay_ignore_content", "replay_ignore_content",
"replay_ignore_params", "replay_ignore_params",
"replay_ignore_payload_params",
] ]
def __init__(self, **kwargs): def __init__(self, **kwargs):
@ -78,6 +79,7 @@ class DumpMaster(flow.FlowMaster):
self.replay_ignore_params = options.replay_ignore_params self.replay_ignore_params = options.replay_ignore_params
self.replay_ignore_content = options.replay_ignore_content self.replay_ignore_content = options.replay_ignore_content
self.refresh_server_playback = options.refresh_server_playback self.refresh_server_playback = options.refresh_server_playback
self.replay_ignore_payload_params = options.replay_ignore_payload_params
self.set_stream_large_bodies(options.stream_large_bodies) self.set_stream_large_bodies(options.stream_large_bodies)
@ -115,7 +117,8 @@ class DumpMaster(flow.FlowMaster):
not options.keepserving, not options.keepserving,
options.nopop, options.nopop,
options.replay_ignore_params, options.replay_ignore_params,
options.replay_ignore_content options.replay_ignore_content,
options.replay_ignore_payload_params,
) )
if options.client_replay: if options.client_replay:

41
libmproxy/flow.py
View File

@ -201,12 +201,12 @@ class ClientPlaybackState:
class ServerPlaybackState: class ServerPlaybackState:
def __init__(self, headers, flows, exit, nopop, ignore_params, ignore_content): def __init__(self, headers, flows, exit, nopop, ignore_params, ignore_content, ignore_payload_params):
""" """
headers: Case-insensitive list of request headers that should be headers: Case-insensitive list of request headers that should be
included in request-response matching. included in request-response matching.
""" """
self.headers, self.exit, self.nopop, self.ignore_params, self.ignore_content = headers, exit, nopop, ignore_params, ignore_content self.headers, self.exit, self.nopop, self.ignore_params, self.ignore_content, self.ignore_payload_params = headers, exit, nopop, ignore_params, ignore_content, ignore_payload_params
self.fmap = {} self.fmap = {}
for i in flows: for i in flows:
if i.response: if i.response:
@ -225,22 +225,37 @@ class ServerPlaybackState:
_, _, path, _, query, _ = urlparse.urlparse(r.url) _, _, path, _, query, _ = urlparse.urlparse(r.url)
queriesArray = urlparse.parse_qsl(query) queriesArray = urlparse.parse_qsl(query)
filtered = []
ignore_params = self.ignore_params or []
for p in queriesArray:
if p[0] not in ignore_params:
filtered.append(p)
key = [ key = [
str(r.host), str(r.host),
str(r.port), str(r.port),
str(r.scheme), str(r.scheme),
str(r.method), str(r.method),
str(path), str(path),
] ]
if not self.ignore_content:
key.append(str(r.content))
if not self.ignore_content:
ignore_payload_params = self.ignore_payload_params or []
ct = r.headers["Content-Type"]
if len(ct) > 0:
ct = ct[0]
if len(ignore_payload_params) > 0 and ct == "application/x-www-form-urlencoded":
parsedContent = urlparse.parse_qsl(r.content)
filtered = []
for p in parsedContent:
if p[0] not in ignore_payload_params:
filtered.append(p)
for p in filtered:
key.append(p[0])
key.append(p[1])
else:
key.append(str(r.content))
filtered = []
ignore_params = self.ignore_params or []
for p in queriesArray:
if p[0] not in ignore_params:
filtered.append(p)
for p in filtered: for p in filtered:
key.append(p[0]) key.append(p[0])
key.append(p[1]) key.append(p[1])
@ -697,14 +712,14 @@ class FlowMaster(controller.Master):
def stop_client_playback(self): def stop_client_playback(self):
self.client_playback = None self.client_playback = None
def start_server_playback(self, flows, kill, headers, exit, nopop, ignore_params, ignore_content): def start_server_playback(self, flows, kill, headers, exit, nopop, ignore_params, ignore_content, ignore_payload_params):
""" """
flows: List of flows. flows: List of flows.
kill: Boolean, should we kill requests not part of the replay? kill: Boolean, should we kill requests not part of the replay?
ignore_params: list of parameters to ignore in server replay ignore_params: list of parameters to ignore in server replay
ignore_content: true if request content should be ignored in server replay ignore_content: true if request content should be ignored in server replay
""" """
self.server_playback = ServerPlaybackState(headers, flows, exit, nopop, ignore_params, ignore_content) self.server_playback = ServerPlaybackState(headers, flows, exit, nopop, ignore_params, ignore_content, ignore_payload_params)
self.kill_nonreplay = kill self.kill_nonreplay = kill
def stop_server_playback(self): def stop_server_playback(self):

76
test/test_flow.py
View File

@ -114,7 +114,7 @@ class TestClientPlaybackState:
class TestServerPlaybackState: class TestServerPlaybackState:
def test_hash(self): def test_hash(self):
s = flow.ServerPlaybackState(None, [], False, False, None, False) s = flow.ServerPlaybackState(None, [], False, False, None, False, None)
r = tutils.tflow() r = tutils.tflow()
r2 = tutils.tflow() r2 = tutils.tflow()
@ -126,7 +126,7 @@ class TestServerPlaybackState:
assert s._hash(r) != s._hash(r2) assert s._hash(r) != s._hash(r2)
def test_headers(self): def test_headers(self):
s = flow.ServerPlaybackState(["foo"], [], False, False, None, False) s = flow.ServerPlaybackState(["foo"], [], False, False, None, False, None)
r = tutils.tflow(resp=True) r = tutils.tflow(resp=True)
r.request.headers["foo"] = ["bar"] r.request.headers["foo"] = ["bar"]
r2 = tutils.tflow(resp=True) r2 = tutils.tflow(resp=True)
@ -147,7 +147,7 @@ class TestServerPlaybackState:
r2 = tutils.tflow(resp=True) r2 = tutils.tflow(resp=True)
r2.request.headers["key"] = ["two"] r2.request.headers["key"] = ["two"]
s = flow.ServerPlaybackState(None, [r, r2], False, False, None, False) s = flow.ServerPlaybackState(None, [r, r2], False, False, None, False, None)
assert s.count() == 2 assert s.count() == 2
assert len(s.fmap.keys()) == 1 assert len(s.fmap.keys()) == 1
@ -168,7 +168,7 @@ class TestServerPlaybackState:
r2 = tutils.tflow(resp=True) r2 = tutils.tflow(resp=True)
r2.request.headers["key"] = ["two"] r2.request.headers["key"] = ["two"]
s = flow.ServerPlaybackState(None, [r, r2], False, True, None, False) s = flow.ServerPlaybackState(None, [r, r2], False, True, None, False, None)
assert s.count() == 2 assert s.count() == 2
s.next_flow(r) s.next_flow(r)
@ -176,7 +176,7 @@ class TestServerPlaybackState:
def test_ignore_params(self): def test_ignore_params(self):
s = flow.ServerPlaybackState(None, [], False, False, ["param1", "param2"], False) s = flow.ServerPlaybackState(None, [], False, False, ["param1", "param2"], False, None)
r = tutils.tflow(resp=True) r = tutils.tflow(resp=True)
r.request.path="/test?param1=1" r.request.path="/test?param1=1"
r2 = tutils.tflow(resp=True) r2 = tutils.tflow(resp=True)
@ -189,8 +189,60 @@ class TestServerPlaybackState:
r2.request.path="/test?param3=2" r2.request.path="/test?param3=2"
assert not s._hash(r) == s._hash(r2) assert not s._hash(r) == s._hash(r2)
def test_ignore_payload_params(self):
s = flow.ServerPlaybackState(None, [], False, False, None, False, ["param1", "param2"])
r = tutils.tflow(resp=True)
r.request.headers["Content-Type"] = ["application/x-www-form-urlencoded"]
r.request.content = "paramx=x&param1=1"
r2 = tutils.tflow(resp=True)
r2.request.headers["Content-Type"] = ["application/x-www-form-urlencoded"]
r2.request.content = "paramx=x&param1=1"
# same parameters
assert s._hash(r) == s._hash(r2)
# ignored parameters !=
r2.request.content = "paramx=x&param1=2"
assert s._hash(r) == s._hash(r2)
# missing parameter
r2.request.content="paramx=x"
assert s._hash(r) == s._hash(r2)
# ignorable parameter added
r2.request.content="paramx=x&param1=2"
assert s._hash(r) == s._hash(r2)
# not ignorable parameter changed
r2.request.content="paramx=y&param1=1"
assert not s._hash(r) == s._hash(r2)
# not ignorable parameter missing
r2.request.content="param1=1"
assert not s._hash(r) == s._hash(r2)
def test_ignore_payload_params_other_content_type(self):
s = flow.ServerPlaybackState(None, [], False, False, None, False, ["param1", "param2"])
r = tutils.tflow(resp=True)
r.request.headers["Content-Type"] = ["application/json"]
r.request.content = '{"param1":"1"}'
r2 = tutils.tflow(resp=True)
r2.request.headers["Content-Type"] = ["application/json"]
r2.request.content = '{"param1":"1"}'
# same content
assert s._hash(r) == s._hash(r2)
# distint content (note only x-www-form-urlencoded payload is analysed)
r2.request.content = '{"param1":"2"}'
assert not s._hash(r) == s._hash(r2)
def test_ignore_payload_wins_over_params(self):
#NOTE: parameters are mutually exclusive in options
s = flow.ServerPlaybackState(None, [], False, False, None, True, ["param1", "param2"])
r = tutils.tflow(resp=True)
r.request.headers["Content-Type"] = ["application/x-www-form-urlencoded"]
r.request.content = "paramx=y"
r2 = tutils.tflow(resp=True)
r2.request.headers["Content-Type"] = ["application/x-www-form-urlencoded"]
r2.request.content = "paramx=x"
# same parameters
assert s._hash(r) == s._hash(r2)
def test_ignore_content(self): def test_ignore_content(self):
s = flow.ServerPlaybackState(None, [], False, False, None, False) s = flow.ServerPlaybackState(None, [], False, False, None, False, None)
r = tutils.tflow(resp=True) r = tutils.tflow(resp=True)
r2 = tutils.tflow(resp=True) r2 = tutils.tflow(resp=True)
@ -201,7 +253,7 @@ class TestServerPlaybackState:
assert not s._hash(r) == s._hash(r2) assert not s._hash(r) == s._hash(r2)
#now ignoring content #now ignoring content
s = flow.ServerPlaybackState(None, [], False, False, None, True) s = flow.ServerPlaybackState(None, [], False, False, None, True, None)
r = tutils.tflow(resp=True) r = tutils.tflow(resp=True)
r2 = tutils.tflow(resp=True) r2 = tutils.tflow(resp=True)
r.request.content = "foo" r.request.content = "foo"
@ -695,7 +747,7 @@ class TestFlowMaster:
pb = [tutils.tflow(resp=True), f] pb = [tutils.tflow(resp=True), f]
fm = flow.FlowMaster(DummyServer(ProxyConfig()), s) fm = flow.FlowMaster(DummyServer(ProxyConfig()), s)
assert not fm.start_server_playback(pb, False, [], False, False, None, False) assert not fm.start_server_playback(pb, False, [], False, False, None, False, None)
assert not fm.start_client_playback(pb, False) assert not fm.start_client_playback(pb, False)
fm.client_playback.testing = True fm.client_playback.testing = True
@ -718,16 +770,16 @@ class TestFlowMaster:
fm.refresh_server_playback = True fm.refresh_server_playback = True
assert not fm.do_server_playback(tutils.tflow()) assert not fm.do_server_playback(tutils.tflow())
fm.start_server_playback(pb, False, [], False, False, None, False) fm.start_server_playback(pb, False, [], False, False, None, False, None)
assert fm.do_server_playback(tutils.tflow()) assert fm.do_server_playback(tutils.tflow())
fm.start_server_playback(pb, False, [], True, False, None, False) fm.start_server_playback(pb, False, [], True, False, None, False, None)
r = tutils.tflow() r = tutils.tflow()
r.request.content = "gibble" r.request.content = "gibble"
assert not fm.do_server_playback(r) assert not fm.do_server_playback(r)
assert fm.do_server_playback(tutils.tflow()) assert fm.do_server_playback(tutils.tflow())
fm.start_server_playback(pb, False, [], True, False, None, False) fm.start_server_playback(pb, False, [], True, False, None, False, None)
q = Queue.Queue() q = Queue.Queue()
fm.tick(q, 0) fm.tick(q, 0)
assert fm.should_exit.is_set() assert fm.should_exit.is_set()
@ -742,7 +794,7 @@ class TestFlowMaster:
pb = [f] pb = [f]
fm = flow.FlowMaster(None, s) fm = flow.FlowMaster(None, s)
fm.refresh_server_playback = True fm.refresh_server_playback = True
fm.start_server_playback(pb, True, [], False, False, None, False) fm.start_server_playback(pb, True, [], False, False, None, False, None)
f = tutils.tflow() f = tutils.tflow()
f.request.host = "nonexistent" f.request.host = "nonexistent"