Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-22 15:37:45 +00:00
Code Issues Projects Releases Wiki Activity

blacklist -> blocklist

Browse Source
This commit is contained in:
Maximilian Hils 2020-07-04 12:09:51 +02:00
parent 491123df23
commit 96ce21687e
3 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/src/content/howto-ignoredomains.md
View File

@ -89,7 +89,10 @@ Here are some other examples for ignore patterns:
--ignore-hosts 17\.178\.\d+\.\d+:443 --ignore-hosts 17\.178\.\d+\.\d+:443
``` ```
This option can also be used to whitelist some domains through negative lookahead expressions. However, ignore patterns are always matched against the IP address of the target before being matched against its domain name. Thus, the pattern must allow any IP addresses using an expression like `^(?![0-9\.]+:)` in order for domains whitelisting to work. Here are examples of such patterns: This option can also be used to only allow some specific domains through negative lookahead expressions. However, ignore
patterns are always matched against the IP address of the target before being matched against its domain name. Thus, the
pattern must allow any IP addresses using an expression like `^(?![0-9\.]+:)` in order for this to work.
Here are examples of such patterns:
``` ```
# Ignore everything but example.com and mitmproxy.org (not subdomains): # Ignore everything but example.com and mitmproxy.org (not subdomains):

10
examples/contrib/block_dns_over_https.py
View File

@ -154,14 +154,14 @@ def _request_has_doh_looking_path(flow):
return path in doh_paths return path in doh_paths
def _requested_hostname_is_in_doh_blacklist(flow): def _requested_hostname_is_in_doh_blocklist(flow):
""" """
Check if server hostname is in our DoH provider blacklist. Check if server hostname is in our DoH provider blocklist.
The current blacklist is taken from https://github.com/curl/curl/wiki/DNS-over-HTTPS. The current blocklist is taken from https://github.com/curl/curl/wiki/DNS-over-HTTPS.
:param flow: mitmproxy flow :param flow: mitmproxy flow
:return: True if server's hostname is in DoH blacklist, otherwise False :return: True if server's hostname is in DoH blocklist, otherwise False
""" """
hostname = flow.request.host hostname = flow.request.host
ip = flow.server_conn.address ip = flow.server_conn.address
@ -172,7 +172,7 @@ doh_request_detection_checks = [
_has_dns_message_content_type, _has_dns_message_content_type,
_request_has_dns_query_string, _request_has_dns_query_string,
_request_is_dns_json, _request_is_dns_json,
_requested_hostname_is_in_doh_blacklist, _requested_hostname_is_in_doh_blocklist,
_request_has_doh_looking_path _request_has_doh_looking_path
] ]

4
mitmproxy/tools/web/app.py
View File

@ -437,13 +437,13 @@ class Settings(RequestHandler):
def put(self): def put(self):
update = self.json update = self.json
option_whitelist = { allowed_options = {
"intercept", "showhost", "upstream_cert", "ssl_insecure", "intercept", "showhost", "upstream_cert", "ssl_insecure",
"rawtcp", "http2", "websocket", "anticache", "anticomp", "rawtcp", "http2", "websocket", "anticache", "anticomp",
"stickycookie", "stickyauth", "stream_large_bodies" "stickycookie", "stickyauth", "stream_large_bodies"
} }
for k in update: for k in update:
if k not in option_whitelist: if k not in allowed_options:
raise APIError(400, "Unknown setting {}".format(k)) raise APIError(400, "Unknown setting {}".format(k))
self.master.options.update(**update) self.master.options.update(**update)