mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-22 07:08:10 +00:00
blacklist -> blocklist
This commit is contained in:
parent
491123df23
commit
96ce21687e
@ -89,7 +89,10 @@ Here are some other examples for ignore patterns:
|
|||||||
--ignore-hosts 17\.178\.\d+\.\d+:443
|
--ignore-hosts 17\.178\.\d+\.\d+:443
|
||||||
```
|
```
|
||||||
|
|
||||||
This option can also be used to whitelist some domains through negative lookahead expressions. However, ignore patterns are always matched against the IP address of the target before being matched against its domain name. Thus, the pattern must allow any IP addresses using an expression like `^(?![0-9\.]+:)` in order for domains whitelisting to work. Here are examples of such patterns:
|
This option can also be used to only allow some specific domains through negative lookahead expressions. However, ignore
|
||||||
|
patterns are always matched against the IP address of the target before being matched against its domain name. Thus, the
|
||||||
|
pattern must allow any IP addresses using an expression like `^(?![0-9\.]+:)` in order for this to work.
|
||||||
|
Here are examples of such patterns:
|
||||||
|
|
||||||
```
|
```
|
||||||
# Ignore everything but example.com and mitmproxy.org (not subdomains):
|
# Ignore everything but example.com and mitmproxy.org (not subdomains):
|
||||||
|
@ -154,14 +154,14 @@ def _request_has_doh_looking_path(flow):
|
|||||||
return path in doh_paths
|
return path in doh_paths
|
||||||
|
|
||||||
|
|
||||||
def _requested_hostname_is_in_doh_blacklist(flow):
|
def _requested_hostname_is_in_doh_blocklist(flow):
|
||||||
"""
|
"""
|
||||||
Check if server hostname is in our DoH provider blacklist.
|
Check if server hostname is in our DoH provider blocklist.
|
||||||
|
|
||||||
The current blacklist is taken from https://github.com/curl/curl/wiki/DNS-over-HTTPS.
|
The current blocklist is taken from https://github.com/curl/curl/wiki/DNS-over-HTTPS.
|
||||||
|
|
||||||
:param flow: mitmproxy flow
|
:param flow: mitmproxy flow
|
||||||
:return: True if server's hostname is in DoH blacklist, otherwise False
|
:return: True if server's hostname is in DoH blocklist, otherwise False
|
||||||
"""
|
"""
|
||||||
hostname = flow.request.host
|
hostname = flow.request.host
|
||||||
ip = flow.server_conn.address
|
ip = flow.server_conn.address
|
||||||
@ -172,7 +172,7 @@ doh_request_detection_checks = [
|
|||||||
_has_dns_message_content_type,
|
_has_dns_message_content_type,
|
||||||
_request_has_dns_query_string,
|
_request_has_dns_query_string,
|
||||||
_request_is_dns_json,
|
_request_is_dns_json,
|
||||||
_requested_hostname_is_in_doh_blacklist,
|
_requested_hostname_is_in_doh_blocklist,
|
||||||
_request_has_doh_looking_path
|
_request_has_doh_looking_path
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@ -437,13 +437,13 @@ class Settings(RequestHandler):
|
|||||||
|
|
||||||
def put(self):
|
def put(self):
|
||||||
update = self.json
|
update = self.json
|
||||||
option_whitelist = {
|
allowed_options = {
|
||||||
"intercept", "showhost", "upstream_cert", "ssl_insecure",
|
"intercept", "showhost", "upstream_cert", "ssl_insecure",
|
||||||
"rawtcp", "http2", "websocket", "anticache", "anticomp",
|
"rawtcp", "http2", "websocket", "anticache", "anticomp",
|
||||||
"stickycookie", "stickyauth", "stream_large_bodies"
|
"stickycookie", "stickyauth", "stream_large_bodies"
|
||||||
}
|
}
|
||||||
for k in update:
|
for k in update:
|
||||||
if k not in option_whitelist:
|
if k not in allowed_options:
|
||||||
raise APIError(400, "Unknown setting {}".format(k))
|
raise APIError(400, "Unknown setting {}".format(k))
|
||||||
self.master.options.update(**update)
|
self.master.options.update(**update)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user