Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2025-02-08 11:10:21 +00:00
Code Issues Projects Releases Wiki Activity

Update app.py

Browse Source 
Updated DNS Rebind Protection RegEx Pattern
This commit is contained in:
tunnelpr0 2020-07-10 12:12:43 +02:00 committed by GitHub
parent be8cb243b5
commit 817216116c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mitmproxy/tools/web/app.py
View File

@ -499,8 +499,7 @@ class Application(tornado.web.Application):
self.add_handlers("dns-rebind-protection", [(r"/.*", DnsRebind)])
self.add_handlers(
# make mitmweb accessible by IP only to prevent DNS rebinding.
# IPv(4|6) pattern from https://riptutorial.com/regex/example/14146/match-an-ip-address, slightly adjusted to mitmproxy
r'^localhost$|^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^\[((?:[0-9a-fA-F]{1,4}\:){7}[0-9a-fA-F]{1,4}|\:\:(?:[0-9a-fA-F]{1,4}\:){0,6}[0-9a-fA-F]{1,4}|[0-9a-fA-F]{1,4}\:\:(?:[0-9a-fA-F]{1,4}\:){0,5}[0-9a-fA-F]{1,4}|[0-9a-fA-F]{1,4}\:[0-9a-fA-F]{1,4}\:\:(?:[0-9a-fA-F]{1,4}\:){0,4}[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}\:){0,2}[0-9a-fA-F]{1,4}\:\:(?:[0-9a-fA-F]{1,4}\:){0,3}[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}\:){0,3}[0-9a-fA-F]{1,4}\:\:(?:[0-9a-fA-F]{1,4}\:){0,2}[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}\:){0,4}[0-9a-fA-F]{1,4}\:\:(?:[0-9a-fA-F]{1,4}\:)?[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}\:){0,5}[0-9a-fA-F]{1,4}\:\:[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}\:){0,6}[0-9a-fA-F]{1,4}\:\:)\]$',
r'^(localhost|[0-9.]+|\[[0-9a-fA-F:]+\])$',
[
(r"/", IndexHandler),
(r"/filter-help(?:\.json)?", FilterHelp),