mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-23 00:01:36 +00:00
Merge pull request #4256 from Kriechi/release-prep
release preparations
This commit is contained in:
commit
e66c7b5960
844
CHANGELOG.rst
Normal file
844
CHANGELOG.rst
Normal file
@ -0,0 +1,844 @@
|
||||
Release History
|
||||
###############
|
||||
|
||||
Unreleased: mitmproxy next
|
||||
==========================
|
||||
|
||||
* --- TODO: add new PRs above this line ---
|
||||
|
||||
* ... and various other fixes, documentation improvements, dependency version bumps, etc.
|
||||
|
||||
01 November 2020: mitmproxy 5.3
|
||||
===============================
|
||||
|
||||
Full Changelog
|
||||
--------------
|
||||
|
||||
* Support for Python 3.9 (@mhils)
|
||||
* Add MsgPack content viewer (@tasn)
|
||||
* Use `@charset` to decode CSS files if available (@prinzhorn)
|
||||
* Fix links to anticache docs in mitmweb and use HTTPS for links to documentation (@rugk)
|
||||
* Updated typing for WebsocketMessage.content (@prinzhorn)
|
||||
* Add option `console_strip_trailing_newlines`, and no longer strip trailing newlines by default (@capt8bit)
|
||||
* Prevent transparent mode from connecting to itself in the basic cases (@prinzhorn)
|
||||
* Display HTTP trailers in mitmweb (@sanlengjingvv)
|
||||
* Revamp onboarding app (@mhils)
|
||||
* Add ASGI support for embedded apps (@mhils)
|
||||
* Updated raw exports to not remove headers (@wchasekelley)
|
||||
* Fix file unlinking before external viewer finishes loading (@wchasekelley)
|
||||
* Add --cert-passphrase command line argument (@mirosyn)
|
||||
* Add interactive tutorials to the documentation (@mplattner)
|
||||
* Support `deflateRaw` for `Content-Encoding`'s (@kjoconnor)
|
||||
* Fix broken requests without body on HTTP/2 (@Kriechi)
|
||||
* Add support for sending (but not parsing) HTTP Trailers to the HTTP/1.1 protocol (@bburky)
|
||||
* Add support to echo http trailers in dumper addon (@shiv6146)
|
||||
* Fix OpenSSL requiring different CN for root and leaf certificates (@mhils)
|
||||
* ... and various other fixes, documentation improvements, dependency version bumps, etc.
|
||||
|
||||
18 July 2020: mitmproxy 5.2
|
||||
===========================
|
||||
|
||||
* Add Filter message to mitmdump (@sarthak212)
|
||||
* Display TCP flows at flow list (@Jessonsotoventura, @nikitastupin, @mhils)
|
||||
* Colorize JSON Contentview (@sarthak212)
|
||||
* Fix console crash when entering regex escape character in half-open string (@sarthak212)
|
||||
* Integrate contentviews to TCP flow details (@nikitastupin)
|
||||
* Added add-ons that enhance the performance of web application scanners (@anneborcherding)
|
||||
* Increase WebSocket message timestamp precision (@JustAnotherArchivist)
|
||||
* Fix HTTP reason value on HTTP/2 reponses (@rbdixon)
|
||||
* mitmweb: support wslview to open a web browser (@G-Rath)
|
||||
* Fix dev version detection with parent git repo (@JustAnotherArchivist)
|
||||
* Restructure examples and supported addons (@mhils)
|
||||
* Certificate generation: mark SAN as critical if no CN is set (@mhils)
|
||||
* Simplify Replacements with new ModifyBody addon (@mplattner)
|
||||
* Rename SetHeaders addon to ModifyHeaders (@mplattner)
|
||||
* mitmweb: "New -> File" menu option has been renamed to "Clear All" (@yogeshojha)
|
||||
* Add new MapRemote addon to rewrite URLs of requests (@mplattner)
|
||||
* Add support for HTTP Trailers to the HTTP/2 protocol (@sanlengjingvv and @Kriechi)
|
||||
* Fix certificate runtime error during expire cleanup (@gorogoroumaru)
|
||||
* Fixed the DNS Rebind Protection for secure support of IPv6 addresses (@tunnelpr0)
|
||||
* WebSockets: match the HTTP-WebSocket flow for the ~websocket filter (@Kriechi)
|
||||
* Fix deadlock caused by the "replay.client.stop" command (@gorogoroumaru)
|
||||
* Add new MapLocal addon to serve local files instead of remote resources (@mplattner and @mhils)
|
||||
* Add minimal TCP interception and modification (@nikitastupin)
|
||||
* Add new CheckSSLPinning addon to check SSL-Pinning on client (@su-vikas)
|
||||
* Add a JSON dump script: write data into a file or send to an endpoint as JSON (@emedvedev)
|
||||
* Fix console output formatting (@sarthak212)
|
||||
* Add example for proxy authentication using selenium (@anneborcherding and @weichweich)
|
||||
|
||||
13 April 2020: mitmproxy 5.1.1
|
||||
==============================
|
||||
|
||||
* Fixed Docker images not starting due to missing shell
|
||||
|
||||
13 April 2020: mitmproxy 5.1
|
||||
============================
|
||||
|
||||
Major Changes
|
||||
-------------
|
||||
|
||||
* Initial Support for TLS 1.3
|
||||
|
||||
Full Changelog
|
||||
--------------
|
||||
|
||||
* Reduce leaf certificate validity to one year due to upcoming browser changes (@mhils)
|
||||
* Rename mitmweb's `web_iface` option to `web_host` for consistency (@oxr463)
|
||||
* Sending a SIGTERM now exits mitmproxy without prompt, SIGINT still asks (@ThinkChaos)
|
||||
* Don't force host header on outgoing requests (@mhils)
|
||||
* Additional documentation and examples for WebSockets (@Kriechi)
|
||||
* Gracefully handle hyphens in domain names (@matosconsulting)
|
||||
* Fix header replacement count (@naivekun)
|
||||
* Emit serverconnect event only after a connection has been established (@Prinzhorn)
|
||||
* Fix ValueError in table mode of server replay flow (@ylmrx)
|
||||
* HTTP/2: send all stream reset types to other connection (@rohfle)
|
||||
* HTTP/2: fix WINDOW_UPDATE swallowed on closed streams (@Kriechi)
|
||||
* Fix wrong behavior of --allow-hosts options (@BlownSnail)
|
||||
* Additional and updated documentation for examples, WebSockets, Getting Started (@Kriechi)
|
||||
|
||||
27 December 2019: mitmproxy 5.0.1
|
||||
=================================
|
||||
|
||||
* Fixed precompiled Linux binaries to not crash in table mode
|
||||
* Display webp images in mitmweb (@cixtor)
|
||||
|
||||
16 December 2019: mitmproxy 5.0
|
||||
===============================
|
||||
|
||||
Major Changes
|
||||
-------------
|
||||
|
||||
* Added new Table UI (@Jessonsotoventura)
|
||||
* Added EKU extension to certificates. This fixes support for macOS Catalina (@vin01)
|
||||
|
||||
Security Fixes
|
||||
--------------
|
||||
|
||||
* Fixed command injection vulnerabilities when exporting flows as curl/httpie commands (@cript0nauta)
|
||||
* Do not echo unsanitized user input in HTTP error responses (@fimad)
|
||||
|
||||
Full Changelog
|
||||
--------------
|
||||
|
||||
* Moved to Github CI for Continuous Integration, dropping support for old Linux and macOS releases. (#3728)
|
||||
* Vastly improved command parsing, in particular for setting flow filters (@typoon)
|
||||
* Added a new flow export for raw responses (@mckeimic)
|
||||
* URLs are now edited in an external editor (@Jessonsotoventura)
|
||||
* mitmproxy now has a command history (@typoon)
|
||||
* Added terminal like keyboard shortcuts for the command bar (ctrl+w, ctrl+a, ctrl+f, ...) (@typoon)
|
||||
* Fixed issue with improper handling of non-ascii characters in URLs (@rjt-gupta)
|
||||
* Filtering can now use unicode characters (@rjt-gupta)
|
||||
* Fixed issue with user keybindings not being able to override default keybindings
|
||||
* Improved installation instructions
|
||||
* Added support for IPV6-only environments (@sethb157)
|
||||
* Fixed bug with server replay (@rjt-gupta)
|
||||
* Fixed issue with duplicate error responses (@ccssrryy)
|
||||
* Users can now set a specific external editor using $MITMPROXY_EDITOR (@rjt-gupta)
|
||||
* Config file can now be called `config.yml` or `config.yaml` (@ylmrx)
|
||||
* Fixed crash on `view.focus.[next|prev]` (@ylmrx)
|
||||
* Updated documentation to help using mitmproxy certificate on Android (@jannst)
|
||||
* Added support to parse IPv6 entries from `pfctl` on MacOS. (@tomlabaude)
|
||||
* Fixed instructions on how to build the documentation (@jannst)
|
||||
* Added a new `--allow-hosts` option (@pierlon)
|
||||
* Added support for zstd content-encoding (@tsaaristo)
|
||||
* Fixed issue where the replay server would corrupt the Date header (@tonyb486)
|
||||
* Improve speed for WebSocket interception (@MathieuBordere)
|
||||
* Fixed issue with parsing JPEG files. (@lusceu)
|
||||
* Improve example code style (@BoboTiG)
|
||||
* Fixed issue converting void responses to HAR (@worldmind)
|
||||
* Color coded http status codes in mitmweb (@arun-94)
|
||||
* Added organization to generated certificates (@Abcdefghijklmnopqrstuvwxyzxyz)
|
||||
* Errors are now displayed on sys.stderr (@JessicaFavin)
|
||||
* Fixed issue with replay timestamps (@rjt-gupta)
|
||||
* Fixed copying in mitmweb on macOS (@XZzYassin)
|
||||
|
||||
31 July 2018: mitmproxy 4.0.4
|
||||
=============================
|
||||
|
||||
* Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, @atx)
|
||||
* Reduce certificate lifetime to two years to be conformant with
|
||||
the current CA/Browser Forum Baseline Requirements. (@muffl0n)
|
||||
(https://cabforum.org/2017/03/17/ballot-193-825-day-certificate-lifetimes/)
|
||||
* Update cryptography to version 2.3.
|
||||
|
||||
15 June 2018: mitmproxy 4.0.3
|
||||
=============================
|
||||
|
||||
* Add support for IPv6 transparent mode on Windows (#3174)
|
||||
* Add Docker images for ARMv7 - Raspberry Pi (#3190)
|
||||
* Major overhaul of our release workflow - you probably won't notice it, but for us it's a big thing!
|
||||
* Fix the Python version detection on Python 3.5, we now show a more intuitive error message (#3188)
|
||||
* Fix application shutdown on Windows (#3172)
|
||||
* Fix IPv6 scope suffixes in block addon (#3164)
|
||||
* Fix options update when added (#3157)
|
||||
* Fix "Edit Flow" button in mitmweb (#3136)
|
||||
|
||||
15 June 2018: mitmproxy 4.0.2
|
||||
=============================
|
||||
|
||||
* Skipped!
|
||||
|
||||
17 May 2018: mitmproxy 4.0.1
|
||||
============================
|
||||
|
||||
Bugfixes
|
||||
-----------
|
||||
|
||||
* The previous release had a packaging issue, so we bumped it to v4.0.1 and re-released it.
|
||||
* This contains no actual bugfixes or new features.
|
||||
|
||||
17 May 2018: mitmproxy 4.0
|
||||
==========================
|
||||
|
||||
Features
|
||||
--------
|
||||
|
||||
* mitmproxy now requires Python 3.6!
|
||||
* Moved the core to asyncio - which gives us a very significant performance boost!
|
||||
* Reduce memory consumption by using `SO_KEEPALIVE` (#3076)
|
||||
* Export request as httpie command (#3031)
|
||||
* Configure mitmproxy console keybindings with the keys.yaml file. See docs for more.
|
||||
|
||||
Breaking Changes
|
||||
----------------
|
||||
|
||||
* The --conf command-line flag is now --confdir, and specifies the mitmproxy configuration
|
||||
directory, instead of the options yaml file (which is at `config.yaml` under the configuration directory).
|
||||
* `allow_remote` got replaced by `block_global` and `block_private` (#3100)
|
||||
* No more custom events (#3093)
|
||||
* The `cadir` option has been renamed to `confdir`
|
||||
* We no longer magically capture print statements in addons and translate
|
||||
them to logs. Please use `ctx.log.info` explicitly.
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
* Correctly block connections from remote clients with IPv4-mapped IPv6 client addresses (#3099)
|
||||
* Expand `~` in paths during the `cut` command (#3078)
|
||||
* Remove socket listen backlog constraint
|
||||
* Improve handling of user script exceptions (#3050, #2837)
|
||||
* Ignore signal errors on windows
|
||||
* Fix traceback for commands with un-terminated escape characters (#2810)
|
||||
* Fix request replay when proxy is bound to local interface (#2647)
|
||||
* Fix traceback when running scripts on a flow twice (#2838)
|
||||
* Fix traceback when killing intercepted flow (#2879)
|
||||
* And lots of typos, docs improvements, revamped examples, and general fixes!
|
||||
|
||||
05 April 2018: mitmproxy 3.0.4
|
||||
==============================
|
||||
|
||||
* Fix an issue that caused mitmproxy to not retry HTTP requests on timeout.
|
||||
* Various other fixes (@kira0204, @fenilgandhi, @tran-tien-dat, @smonami,
|
||||
@luzpaz, @fristonio, @kajojify, @Oliver-Fish, @hcbarry, @jplochocki, @MikeShi42,
|
||||
@ghillu, @emilstahl)
|
||||
|
||||
25 February 2018: mitmproxy 3.0.3
|
||||
=================================
|
||||
|
||||
* Fix an issue that caused mitmproxy to lose keyboard control after spawning an external editor.
|
||||
|
||||
23 February 2018: mitmproxy 3.0.1
|
||||
=================================
|
||||
|
||||
* Fix a quote-related issue affecting the mitmproxy console command prompt.
|
||||
|
||||
22 February 2018: mitmproxy 3.0
|
||||
===============================
|
||||
|
||||
Major Changes
|
||||
-------------
|
||||
|
||||
* Commands: A consistent, typed mechanism that allows addons to expose actions
|
||||
to users.
|
||||
* Options: A typed settings store for use by mitmproxy and addons.
|
||||
* Shift most of mitmproxy's own functionality into addons.
|
||||
* Major improvements to mitmproxy console, including an almost complete
|
||||
rewrite of the user interface, integration of commands, key bindings, and
|
||||
multi-pane layouts.
|
||||
* Major Improvements to mitmproxy’s web interface, mitmweb. (Matthew Shao,
|
||||
Google Summer of Code 2017)
|
||||
* Major Improvements to mitmproxy’s content views and protocol layers (Ujjwal
|
||||
Verma, Google Summer of Code 2017)
|
||||
* Faster JavaScript and CSS beautifiers. (Ujjwal Verma)
|
||||
|
||||
Minor Changes
|
||||
-------------
|
||||
|
||||
* Vastly improved JavaScript test coverage (Matthew Shao)
|
||||
* Options editor for mitmweb (Matthew Shao)
|
||||
* Static web-based flow viewer (Matthew Shao)
|
||||
* Request streaming for HTTP/1.x and HTTP/2 (Ujjwal Verma)
|
||||
* Implement more robust content views using Kaitai Struct (Ujjwal Verma)
|
||||
* Protobuf decoding now works without protoc being installed on the host
|
||||
system (Ujjwal Verma)
|
||||
* PNG, GIF, and JPEG can now be parsed without Pillow, which simplifies
|
||||
mitmproxy installation and moves parsing from unsafe C to pure Python (Ujjwal Verma)
|
||||
* Add parser for ICO files (Ujjwal Verma)
|
||||
* Migrate WebSockets implementation to wsproto. This reduces code size and
|
||||
adds WebSocket compression support. (Ujjwal Verma)
|
||||
* Add “split view” to split mitmproxy’s UI into two separate panes.
|
||||
* Add key binding viewer and editor
|
||||
* Add a command to spawn a preconfigured Chrome browser instance from
|
||||
mitmproxy
|
||||
* Fully support mitmproxy under the Windows Subsystem for Linux (WSL), work
|
||||
around display errors
|
||||
* Add XSS scanner addon (@ddworken)
|
||||
* Add ability to toggle interception (@mattweidner)
|
||||
* Numerous documentation improvements (@pauloromeira, @rst0git, @rgerganov,
|
||||
@fulldecent, @zhigang1992, @F1ashhimself, @vinaydargar, @jonathanrfisher1,
|
||||
@BasThomas, @LuD1161, @ayamamori, @TomTasche)
|
||||
* Add filters for websocket flows (@s4chin)
|
||||
* Make it possible to create a response to CONNECT requests in http_connect
|
||||
(@mengbiping)
|
||||
* Redirect stdout in scripts to ctx.log.warn (@nikofil)
|
||||
* Fix a crash when clearing the event log (@krsoninikhil)
|
||||
* Store the generated certificate for each flow (@dlenski)
|
||||
* Add --keep-host-header to retain the host header in reverse proxy mode
|
||||
(@krsoninikhil)
|
||||
* Fix setting palette options (@JordanLoehr)
|
||||
* Fix a crash with brotli encoding (@whackashoe)
|
||||
* Provide certificate installation instructions on mitm.it (@ritiek)
|
||||
* Fix a bug where we did not properly fall back to IPv4 when IPv6 is unavailable (@titeuf87)
|
||||
* Fix transparent mode on IPv6-enabled macOS systems (@Ga-ryo)
|
||||
* Fix handling of HTTP messages with multiple Content-Length headers (@surajt97)
|
||||
* Fix IPv6 authority form parsing in CONNECT requests (@r1b)
|
||||
* Fix event log display in mitmweb (@syahn)
|
||||
* Remove private key from PKCS12 file in ~/.mitmproxy (@ograff).
|
||||
* Add LDAP as a proxy authentication backend (@charlesdhdt)
|
||||
* Use mypy to check the whole codebase (@iharsh234)
|
||||
* Fix a crash when duplicating flows (@iharsh234)
|
||||
* Fix testsuite when the path contains a “.” (@felixonmars)
|
||||
* Store proxy authentication with flows (@lymanZerga11)
|
||||
* Match ~d and ~u filters against pretty_host (@dequis)
|
||||
* Update WBXML content view (@davidpshaw)
|
||||
* Handle HEAD requests for mitm.it to support Chrome in transparent mode on
|
||||
iOS (@tomlabaude)
|
||||
* Update dns spoofing example to use --keep-host-header (@krsoninikhil)
|
||||
* Call error handler on HTTPException (@tarnacious)
|
||||
* Make it possible to remove TLS from upstream HTTP connections
|
||||
* Update to pyOpenSSL 17.5, cryptography 2.1.4, and OpenSSL 1.1.0g
|
||||
* Make it possible to retroactively increase log verbosity.
|
||||
* Make logging from addons thread-safe
|
||||
* Tolerate imports in user scripts that match hook names
|
||||
(`from mitmproxy import log`)
|
||||
* Update mitmweb to React 16, which brings performance improvements
|
||||
* Fix a bug where reverting duplicated flows crashes mitmproxy
|
||||
* Fix a bug where successive requests are sent to the wrong host after a
|
||||
request has been redirected.
|
||||
* Fix a bug that binds outgoing connections to the wrong interface
|
||||
* Fix a bug where custom certificates are ignored in reverse proxy mode
|
||||
* Fix import of flows that have been created with mitmproxy 0.17
|
||||
* Fix formatting of (IPv6) IP addresses in a number of places
|
||||
* Fix replay for HTTP/2 flows
|
||||
* Decouple mitmproxy version and flow file format version
|
||||
* Fix a bug where “mitmdump -nr” does not exit automatically
|
||||
* Fix a crash when exporting flows to curl
|
||||
* Fix formatting of sticky cookies
|
||||
* Improve script reloading reliability by polling the filesystem instead of using watchdog
|
||||
* Fix a crash when refreshing Set-Cookie headers
|
||||
* Add connection indicator to mitmweb to alert users when the proxy server stops running
|
||||
* Add support for certificates with cyrillic domains
|
||||
* Simplify output of mitmproxy --version
|
||||
* Add Request.make to simplify request creation in scripts
|
||||
* Pathoc: Include a host header on CONNECT requests
|
||||
* Remove HTML outline contentview (#2572)
|
||||
* Remove Python and Locust export (#2465)
|
||||
* Remove emojis from tox.ini because flake8 cannot parse that. :(
|
||||
|
||||
28 April 2017: mitmproxy 2.0.2
|
||||
==============================
|
||||
|
||||
* Fix mitmweb's Content-Security-Policy to work with Chrome 58+
|
||||
* HTTP/2: actually use header normalization from hyper-h2
|
||||
|
||||
15 March 2017: mitmproxy 2.0.1
|
||||
==============================
|
||||
|
||||
* bump cryptography dependency
|
||||
* bump pyparsing dependency
|
||||
* HTTP/2: use header normalization from hyper-h2
|
||||
|
||||
21 February 2017: mitmproxy 2.0
|
||||
===============================
|
||||
|
||||
* HTTP/2 is now enabled by default.
|
||||
* Image ContentView: Parse images with Kaitai Struct (kaitai.io) instead of Pillow.
|
||||
This simplifies installation, reduces binary size, and allows parsing in pure Python.
|
||||
* Web: Add missing flow filters.
|
||||
* Add transparent proxy support for OpenBSD.
|
||||
* Check the mitmproxy CA for expiration and warn the user to regenerate it if necessary.
|
||||
* Testing: Tremendous improvements, enforced 100% coverage for large parts of the
|
||||
codebase, increased overall coverage.
|
||||
* Enforce individual coverage: one source file -> one test file with 100% coverage.
|
||||
* A myriad of other small improvements throughout the project.
|
||||
* Numerous bugfixes.
|
||||
|
||||
26 December 2016: mitmproxy 1.0
|
||||
===============================
|
||||
|
||||
* All mitmproxy tools are now Python 3 only! We plan to support Python 3.5 and higher.
|
||||
* Web-Based User Interface: Mitmproxy now officially has a web-based user interface
|
||||
called mitmweb. We consider it stable for all features currently exposed
|
||||
in the UI, but it still misses a lot of mitmproxy’s options.
|
||||
* Windows Compatibility: With mitmweb, mitmproxy is now usable on Windows.
|
||||
We are also introducing an installer (kindly sponsored by BitRock) that
|
||||
simplifies setup.
|
||||
* Configuration: The config file format is now a single YAML file. In most cases,
|
||||
converting to the new format should be trivial - please see the docs for
|
||||
more information.
|
||||
* Console: Significant UI improvements - including sorting of flows by
|
||||
size, type and url, status bar improvements, much faster indentation for
|
||||
HTTP views, and more.
|
||||
* HTTP/2: Significant improvements, but is temporarily disabled by default
|
||||
due to wide-spread protocol implementation errors on some large website
|
||||
* WebSocket: The protocol implementation is now mature, and is enabled by
|
||||
default. Complete UI support is coming in the next release. Hooks for
|
||||
message interception and manipulation are available.
|
||||
* A myriad of other small improvements throughout the project.
|
||||
|
||||
16 October 2016: mitmproxy 0.18
|
||||
===============================
|
||||
|
||||
* Python 3 Compatibility for mitmproxy and pathod (Shadab Zafar, GSoC 2016)
|
||||
* Major improvements to mitmweb (Clemens Brunner & Jason Hao, GSoC 2016)
|
||||
* Internal Core Refactor: Separation of most features into isolated Addons
|
||||
* Initial Support for WebSockets
|
||||
* Improved HTTP/2 Support
|
||||
* Reverse Proxy Mode now automatically adjusts host headers and TLS Server Name Indication
|
||||
* Improved HAR export
|
||||
* Improved export functionality for curl, python code, raw http etc.
|
||||
* Flow URLs are now truncated in the console for better visibility
|
||||
* New filters for TCP, HTTP and marked flows.
|
||||
* Mitmproxy now handles comma-separated Cookie headers
|
||||
* Merge mitmproxy and pathod documentation
|
||||
* Mitmdump now sanitizes its console output to not include control characters
|
||||
* Improved message body handling for HTTP messages:
|
||||
`.raw_content` provides the message body as seen on the wire
|
||||
`.content` provides the decompressed body (e.g. un-gzipped)
|
||||
`.text` provides the body decompressed and decoded body
|
||||
* New HTTP Message getters/setters for cookies and form contents.
|
||||
* Add ability to view only marked flows in mitmproxy
|
||||
* Improved Script Reloader (Always use polling, watch for whole directory)
|
||||
* Use tox for testing
|
||||
* Unicode support for tnetstrings
|
||||
* Add dumpfile converters for mitmproxy versions 0.11 and 0.12
|
||||
* Numerous bugfixes
|
||||
|
||||
9 April 2016: mitmproxy 0.17
|
||||
============================
|
||||
|
||||
* Simplify repository and release structure. mitmproxy now comes as a single package, including netlib and pathod.
|
||||
* Rename the Python package from libmproxy to mitmproxy.
|
||||
* New option to add server certs to client chain (CVE-2016-2402, John Kozyrakis)
|
||||
* Enable HTTP/2 by default (Thomas Kriechbaumer)
|
||||
* Improved HAR extractor (Shadab Zafar)
|
||||
* Add icon for OSX and Windows binaries
|
||||
* Add content view for query parameters (Will Coster)
|
||||
* Initial work on Python 3 compatibility
|
||||
* locust.io export (Zohar Lorberbaum)
|
||||
* Fix XSS vulnerability in HTTP errors (Will Coster)
|
||||
* Numerous bugfixes and minor improvements
|
||||
|
||||
|
||||
15 February 2016: mitmproxy 0.16
|
||||
================================
|
||||
|
||||
* Completely revised HTTP2 implementation based on hyper-h2 (Thomas Kriechbaumer)
|
||||
* Export flows as cURL command, Python code or raw HTTP (Shadab Zafar)
|
||||
* Fixed compatibility with the Android Emulator (Will Coster)
|
||||
* Script Reloader: Inline scripts are reloaded automatically if modified (Matthew Shao)
|
||||
* Inline script hooks for TCP mode (Michael J. Bazzinotti)
|
||||
* Add default ciphers to support iOS9 App Transport Security (Jorge Villacorta)
|
||||
* Basic Authentication for mitmweb (Guillem Anguera)
|
||||
* Exempt connections from interception based on TLS Server Name Indication (David Weinstein)
|
||||
* Provide Python Wheels for faster installation
|
||||
* Numerous bugfixes and minor improvements
|
||||
|
||||
4 December 2015: mitmproxy 0.15
|
||||
===============================
|
||||
|
||||
* Support for loading and converting older dumpfile formats (0.13 and up)
|
||||
* Content views for inline script (@chrisczub)
|
||||
* Better handling of empty header values (Benjamin Lee/@bltb)
|
||||
* Fix a gnarly memory leak in mitmdump
|
||||
* A number of bugfixes and small improvements
|
||||
|
||||
6 November 2015: mitmproxy 0.14
|
||||
===============================
|
||||
|
||||
* Statistics: 399 commits, 13 contributors, 79 closed issues, 37 closed
|
||||
PRs, 103 days
|
||||
* Docs: Greatly updated docs now hosted on ReadTheDocs!
|
||||
http://docs.mitmproxy.org
|
||||
* Docs: Fixed Typos, updated URLs etc. (Nick Badger, Ben Lerner, Choongwoo
|
||||
Han, onlywade, Jurriaan Bremer)
|
||||
* mitmdump: Colorized TTY output
|
||||
* mitmdump: Use mitmproxy's content views for human-readable output (Chris
|
||||
Czub)
|
||||
* mitmproxy and mitmdump: Support for displaying UTF8 contents
|
||||
* mitmproxy: add command line switch to disable mouse interaction (Timothy
|
||||
Elliott)
|
||||
* mitmproxy: bug fixes (Choongwoo Han, sethp-jive, FreeArtMan)
|
||||
* mitmweb: bug fixes (Colin Bendell)
|
||||
* libmproxy: Add ability to fall back to TCP passthrough for non-HTTP
|
||||
connections.
|
||||
* libmproxy: Avoid double-connect in case of TLS Server Name Indication.
|
||||
This yields a massive speedup for TLS handshakes.
|
||||
* libmproxy: Prevent unnecessary upstream connections (macmantrl)
|
||||
* Inline Scripts: New API for HTTP Headers:
|
||||
http://docs.mitmproxy.org/en/latest/dev/models.html#netlib.http.Headers
|
||||
* Inline Scripts: Properly handle exceptions in `done` hook
|
||||
* Inline Scripts: Allow relative imports, provide `__file__`
|
||||
* Examples: Add probabilistic TLS passthrough as an inline script
|
||||
* netlib: Refactored HTTP protocol handling code
|
||||
* netlib: ALPN support
|
||||
* netlib: fixed a bug in the optional certificate verification.
|
||||
* netlib: Initial Python 3.5 support (this is the first prerequisite for
|
||||
3.x support in mitmproxy)
|
||||
|
||||
24 July 2015: mitmproxy 0.13
|
||||
============================
|
||||
|
||||
* Upstream certificate validation. See the --verify-upstream-cert,
|
||||
--upstream-trusted-confdir and --upstream-trusted-ca parameters. Thanks to
|
||||
Kyle Morton (github.com/kyle-m) for his work on this.
|
||||
* Add HTTP transparent proxy mode. This uses the host headers from HTTP
|
||||
traffic (rather than SNI and IP address information from the OS) to
|
||||
implement perform transparent proxying. Thanks to github.com/ijiro123 for
|
||||
this feature.
|
||||
* Add ~src and ~dst REGEX filters, allowing matching on source and
|
||||
destination addresses in the form of <IP>:<Port>
|
||||
* mitmproxy console: change g/G keyboard shortcuts to match less. Thanks to
|
||||
Jose Luis Honorato (github.com/jlhonora).
|
||||
* mitmproxy console: Flow marking and unmarking. Marked flows are not
|
||||
deleted when the flow list is cleared. Thanks to Jake Drahos
|
||||
(github.com/drahosj).
|
||||
* mitmproxy console: add marking of flows
|
||||
* Remove the certforward feature. It was added to allow exploitation of
|
||||
#gotofail, which is no longer a common vulnerability. Permitting this
|
||||
hugely increased the complexity of packaging and distributing mitmproxy.
|
||||
|
||||
3 June 2015: mitmproxy 0.12.1
|
||||
=============================
|
||||
|
||||
* mitmproxy console: mouse interaction - scroll in the flow list, click on
|
||||
flow to view, click to switch between tabs.
|
||||
* Update our crypto defaults: SHA256, 2048 bit RSA, 4096 bit DH parameters.
|
||||
* BUGFIX: crash under some circumstances when copying to clipboard.
|
||||
* BUGFIX: occasional crash when deleting flows.
|
||||
|
||||
18 May 2015: mitmproxy 0.12
|
||||
===========================
|
||||
|
||||
* mitmproxy console: Significant revamp of the UI. The major changes are
|
||||
listed below, and in addition almost every aspect of the UI has
|
||||
been tweaked, and performance has improved significantly.
|
||||
* mitmproxy console: A new options screen has been created ("o" shortcut),
|
||||
and many options that were previously manipulated directly via a
|
||||
keybinding have been moved there.
|
||||
* mitmproxy console: Big improvement in palettes. This includes improvements
|
||||
to all colour schemes. Palettes now set the terminal background colour by
|
||||
default, and a new --palette-transparent option has been added to disable
|
||||
this.
|
||||
* mitmproxy console: g/G shortcuts throughout mitmproxy console to jump
|
||||
to the beginning/end of the current view.
|
||||
* mitmproxy console: switch palettes on the fly from the options screen.
|
||||
* mitmproxy console: A cookie editor has been added for mitmproxy console
|
||||
at long last.
|
||||
* mitmproxy console: Various components of requests and responses can be
|
||||
copied to the clipboard from mitmproxy - thanks to @marceloglezer.
|
||||
* Support for creating new requests from scratch in mitmproxy console (@marceloglezer).
|
||||
* SSLKEYLOGFILE environment variable to specify a logging location for TLS
|
||||
master keys. This can be used with tools like Wireshark to allow TLS
|
||||
decoding.
|
||||
* Server facing SSL cipher suite specification (thanks to Jim Shaver).
|
||||
* Official support for transparent proxying on FreeBSD - thanks to Mike C
|
||||
(http://github.com/mike-pt).
|
||||
* Many other small bugfixes and improvemenets throughout the project.
|
||||
|
||||
29 Dec 2014: mitmproxy 0.11.2
|
||||
=============================
|
||||
|
||||
* Configuration files - mitmproxy.conf, mitmdump.conf, common.conf in the
|
||||
.mitmproxy directory.
|
||||
* Better handling of servers that reject connections that are not SNI.
|
||||
* Many other small bugfixes and improvements.
|
||||
|
||||
15 November 2014: mitmproxy 0.11.1
|
||||
==================================
|
||||
|
||||
* Bug fixes: connection leaks some crashes
|
||||
|
||||
7 November 2014: mitmproxy 0.11
|
||||
===============================
|
||||
|
||||
* Performance improvements for mitmproxy console
|
||||
* SOCKS5 proxy mode allows mitmproxy to act as a SOCKS5 proxy server
|
||||
* Data streaming for response bodies exceeding a threshold
|
||||
(bradpeabody@gmail.com)
|
||||
* Ignore hosts or IP addresses, forwarding both HTTP and HTTPS traffic
|
||||
untouched
|
||||
* Finer-grained control of traffic replay, including options to ignore
|
||||
contents or parameters when matching flows (marcelo.glezer@gmail.com)
|
||||
* Pass arguments to inline scripts
|
||||
* Configurable size limit on HTTP request and response bodies
|
||||
* Per-domain specification of interception certificates and keys (see
|
||||
--cert option)
|
||||
* Certificate forwarding, relaying upstream SSL certificates verbatim (see
|
||||
--cert-forward)
|
||||
* Search and highlighting for HTTP request and response bodies in
|
||||
mitmproxy console (pedro@worcel.com)
|
||||
* Transparent proxy support on Windows
|
||||
* Improved error messages and logging
|
||||
* Support for FreeBSD in transparent mode, using pf (zbrdge@gmail.com)
|
||||
* Content view mode for WBXML (davidshaw835@air-watch.com)
|
||||
* Better documentation, with a new section on proxy modes
|
||||
* Generic TCP proxy mode
|
||||
* Countless bugfixes and other small improvements
|
||||
* pathod: Hugely improved SSL support, including dynamic generation of certificates
|
||||
using the mitproxy cacert
|
||||
|
||||
7 November 2014: pathod 0.11
|
||||
============================
|
||||
|
||||
* Hugely improved SSL support, including dynamic generation of certificates
|
||||
using the mitproxy cacert
|
||||
* pathoc -S dumps information on the remote SSL certificate chain
|
||||
* Big improvements to fuzzing, including random spec selection and memoization to avoid repeating randomly generated patterns
|
||||
* Reflected patterns, allowing you to embed a pathod server response specification in a pathoc request, resolving both on client side. This makes fuzzing proxies and other intermediate systems much better.
|
||||
|
||||
|
||||
28 January 2014: mitmproxy 0.10
|
||||
===============================
|
||||
|
||||
* Support for multiple scripts and multiple script arguments
|
||||
* Easy certificate install through the in-proxy web app, which is now
|
||||
enabled by default
|
||||
* Forward proxy mode, that forwards proxy requests to an upstream HTTP server
|
||||
* Reverse proxy now works with SSL
|
||||
* Search within a request/response using the "/" and "n" shortcut keys
|
||||
* A view that beatifies CSS files if cssutils is available
|
||||
* Bug fix, documentation improvements, and more.
|
||||
|
||||
25 August 2013: mitmproxy 0.9.2
|
||||
===============================
|
||||
|
||||
* Improvements to the mitmproxywrapper.py helper script for OSX.
|
||||
* Don't take minor version into account when checking for serialized file
|
||||
compatibility.
|
||||
* Fix a bug causing resource exhaustion under some circumstances for SSL
|
||||
connections.
|
||||
* Revamp the way we store interception certificates. We used to store these
|
||||
on disk, they're now in-memory. This fixes a race condition related to
|
||||
cert handling, and improves compatibility with Windows, where the rules
|
||||
governing permitted file names are weird, resulting in errors for some
|
||||
valid IDNA-encoded names.
|
||||
* Display transfer rates for responses in the flow list.
|
||||
* Many other small bugfixes and improvements.
|
||||
|
||||
25 August 2013: pathod 0.9.2
|
||||
============================
|
||||
|
||||
* Adapt to interface changes in netlib
|
||||
|
||||
16 June 2013: mitmproxy 0.9.1
|
||||
=============================
|
||||
|
||||
* Use "correct" case for Content-Type headers added by mitmproxy.
|
||||
* Make UTF environment detection more robust.
|
||||
* Improved MIME-type detection for viewers.
|
||||
* Always read files in binary mode (Windows compatibility fix).
|
||||
* Some developer documentation.
|
||||
|
||||
15 May 2013: mitmproxy 0.9
|
||||
==========================
|
||||
|
||||
* Upstream certs mode is now the default.
|
||||
* Add a WSGI container that lets you host in-proxy web applications.
|
||||
* Full transparent proxy support for Linux and OSX.
|
||||
* Introduce netlib, a common codebase for mitmproxy and pathod
|
||||
(http://github.com/cortesi/netlib).
|
||||
* Full support for SNI.
|
||||
* Color palettes for mitmproxy, tailored for light and dark terminal
|
||||
backgrounds.
|
||||
* Stream flows to file as responses arrive with the "W" shortcut in
|
||||
mitmproxy.
|
||||
* Extend the filter language, including ~d domain match operator, ~a to
|
||||
match asset flows (js, images, css).
|
||||
* Follow mode in mitmproxy ("F" shortcut) to "tail" flows as they arrive.
|
||||
* --dummy-certs option to specify and preserve the dummy certificate
|
||||
directory.
|
||||
* Server replay from the current captured buffer.
|
||||
* Huge improvements in content views. We now have viewers for AMF, HTML,
|
||||
JSON, Javascript, images, XML, URL-encoded forms, as well as hexadecimal
|
||||
and raw views.
|
||||
* Add Set Headers, analogous to replacement hooks. Defines headers that are set
|
||||
on flows, based on a matching pattern.
|
||||
* A graphical editor for path components in mitmproxy.
|
||||
* A small set of standard user-agent strings, which can be used easily in
|
||||
the header editor.
|
||||
* Proxy authentication to limit access to mitmproxy
|
||||
* pathod: Proxy mode. You can now configure clients to use pathod as an
|
||||
HTTP/S proxy.
|
||||
* pathoc: Proxy support, including using CONNECT to tunnel directly to
|
||||
targets.
|
||||
* pathoc: client certificate support.
|
||||
* pathod: API improvements, bugfixes.
|
||||
|
||||
15 May 2013: pathod 0.9 (version synced with mitmproxy)
|
||||
=======================================================
|
||||
|
||||
* Pathod proxy mode. You can now configure clients to use pathod as an
|
||||
HTTP/S proxy.
|
||||
* Pathoc proxy support, including using CONNECT to tunnel directly to
|
||||
targets.
|
||||
* Pathoc client certificate support.
|
||||
* API improvements, bugfixes.
|
||||
|
||||
|
||||
16 November 2012: pathod 0.3
|
||||
============================
|
||||
|
||||
A release focusing on shoring up our fuzzing capabilities, especially with
|
||||
pathoc.
|
||||
|
||||
* pathoc -q and -r options, output full request and response text.
|
||||
* pathod -q and -r options, add full request and response text to pathod's
|
||||
log buffer.
|
||||
* pathoc and pathod -x option, makes -q and -r options log in hex dump
|
||||
format.
|
||||
* pathoc -C option, specify response codes to ignore.
|
||||
* pathoc -T option, instructs pathoc to ignore timeouts.
|
||||
* pathoc -o option, a one-shot mode that exits after the first non-ignored
|
||||
response.
|
||||
* pathoc and pathod -e option, which explains the resulting message by
|
||||
expanding random and generated portions, and logging a reproducible
|
||||
specification.
|
||||
* Streamline the specification language. HTTP response message is now
|
||||
specified using the "r" mnemonic.
|
||||
* Add a "u" mnemonic for specifying User-Agent strings. Add a set of
|
||||
standard user-agent strings accessible through shortcuts.
|
||||
* Major internal refactoring and cleanup.
|
||||
* Many bugfixes.
|
||||
|
||||
22 August 2012: pathod 0.2
|
||||
==========================
|
||||
|
||||
* Add pathoc, a pathological HTTP client.
|
||||
* Add libpathod.test, a truss for using pathod in unit tests.
|
||||
* Add an injection operator to the specification language.
|
||||
* Allow Python escape sequences in value literals.
|
||||
* Allow execution of requests and responses from file, using the new + operator.
|
||||
* Add daemonization to Pathod, and make it more robust for public-facing use.
|
||||
* Let pathod pick an arbitrary open port if -p 0 is specified.
|
||||
* Move from Tornado to netlib, the network library written for mitmproxy.
|
||||
* Move the web application to Flask.
|
||||
* Massively expand the documentation.
|
||||
|
||||
5 April 2012: mitmproxy 0.8
|
||||
===========================
|
||||
|
||||
* Detailed tutorial for Android interception. Some features that land in
|
||||
this release have finally made reliable Android interception possible.
|
||||
* Upstream-cert mode, which uses information from the upstream server to
|
||||
generate interception certificates.
|
||||
* Replacement patterns that let you easily do global replacements in flows
|
||||
matching filter patterns. Can be specified on the command-line, or edited
|
||||
interactively.
|
||||
* Much more sophisticated and usable pretty printing of request bodies.
|
||||
Support for auto-indentation of Javascript, inspection of image EXIF
|
||||
data, and more.
|
||||
* Details view for flows, showing connection and SSL cert information (X
|
||||
keyboard shortcut).
|
||||
* Server certificates are now stored and serialized in saved traffic for
|
||||
later analysis. This means that the 0.8 serialization format is NOT
|
||||
compatible with 0.7.
|
||||
* Many other improvements, including bugfixes, and expanded scripting API,
|
||||
and more sophisticated certificate handling.
|
||||
|
||||
20 February 2012: mitmproxy 0.7
|
||||
===============================
|
||||
|
||||
* New built-in key/value editor. This lets you interactively edit URL query
|
||||
strings, headers and URL-encoded form data.
|
||||
* Extend script API to allow duplication and replay of flows.
|
||||
* API for easy manipulation of URL-encoded forms and query strings.
|
||||
* Add "D" shortcut in mitmproxy to duplicate a flow.
|
||||
* Reverse proxy mode. In this mode mitmproxy acts as an HTTP server,
|
||||
forwarding all traffic to a specified upstream server.
|
||||
* UI improvements - use unicode characters to make GUI more compact,
|
||||
improve spacing and layout throughout.
|
||||
* Add support for filtering by HTTP method.
|
||||
* Add the ability to specify an HTTP body size limit.
|
||||
* Move to typed netstrings for serialization format - this makes 0.7
|
||||
backwards-incompatible with serialized data from 0.6!
|
||||
|
||||
* Significant improvements in speed and responsiveness of UI.
|
||||
* Many minor bugfixes and improvements.
|
||||
|
||||
7 August 2011: mitmproxy 0.6
|
||||
============================
|
||||
|
||||
* New scripting API that allows much more flexible and fine-grained
|
||||
rewriting of traffic. See the docs for more info.
|
||||
* Support for gzip and deflate content encodings. A new "z"
|
||||
keybinding in mitmproxy to let us quickly encode and decode content, plus
|
||||
automatic decoding for the "pretty" view mode.
|
||||
* An event log, viewable with the "v" shortcut in mitmproxy, and the
|
||||
"-e" command-line flag in mitmdump.
|
||||
* Huge performance improvements: mitmproxy interface, loading
|
||||
large numbers of flows from file.
|
||||
* A new "replace" convenience method for all flow objects, that does a
|
||||
universal regex-based string replacement.
|
||||
* Header management has been rewritten to maintain both case and order.
|
||||
* Improved stability for SSL interception.
|
||||
* Default expiry time on generated SSL certs has been dropped to avoid an
|
||||
OpenSSL overflow bug that caused certificates to expire in the distant
|
||||
past on some systems.
|
||||
* A "pretty" view mode for JSON and form submission data.
|
||||
* Expanded documentation and examples.
|
||||
* Countless other small improvements and bugfixes.
|
||||
|
||||
27 June 2011: mitmproxy 0.5
|
||||
===========================
|
||||
|
||||
* An -n option to start the tools without binding to a proxy port.
|
||||
* Allow scripts, hooks, sticky cookies etc. to run on flows loaded from
|
||||
save files.
|
||||
* Regularize command-line options for mitmproxy and mitmdump.
|
||||
* Add an "SSL exception" to mitmproxy's license to remove possible
|
||||
distribution issues.
|
||||
* Add a --cert-wait-time option to make mitmproxy pause after a new SSL
|
||||
certificate is generated. This can pave over small discrepancies in
|
||||
system time between the client and server.
|
||||
* Handle viewing big request and response bodies more elegantly. Only
|
||||
render the first 100k of large documents, and try to avoid running the
|
||||
XML indenter on non-XML data.
|
||||
* BUGFIX: Make the "revert" keyboard shortcut in mitmproxy work after a
|
||||
flow has been replayed.
|
||||
* BUGFIX: Repair a problem that sometimes caused SSL connections to consume
|
||||
100% of CPU.
|
||||
|
||||
30 March 2011: mitmproxy 0.4
|
||||
============================
|
||||
|
||||
* Full serialization of HTTP conversations
|
||||
* Client and server replay
|
||||
* On-the-fly generation of dummy SSL certificates
|
||||
* mitmdump has "grown up" into a powerful tcpdump-like tool for HTTP/S
|
||||
* Dozens of improvements to the mitmproxy console interface
|
||||
* Python scripting hooks for programmatic modification of traffic
|
||||
|
||||
01 March 2010: mitmproxy 0.2
|
||||
============================
|
||||
|
||||
* Big speed and responsiveness improvements, thanks to Thomas Roth
|
||||
* Support urwid 0.9.9
|
||||
* Terminal beeping based on filter expressions
|
||||
* Filter expressions for terminal beeps, limits, interceptions and sticky
|
||||
cookies can now be passed on the command line.
|
||||
* Save requests and responses to file
|
||||
* Split off non-interactive dump functionality into a new tool called
|
||||
mitmdump
|
||||
* "A" will now accept all intercepted connections
|
||||
* Lots of bugfixes
|
9
setup.py
9
setup.py
@ -46,6 +46,11 @@ setup(
|
||||
"Topic :: Software Development :: Testing",
|
||||
"Typing :: Typed",
|
||||
],
|
||||
project_urls={
|
||||
'Documentation': 'https://docs.mitmproxy.org/stable/',
|
||||
'Source': 'https://github.com/mitmproxy/mitmproxy/',
|
||||
'Tracker': 'https://github.com/mitmproxy/mitmproxy/issues',
|
||||
},
|
||||
packages=find_packages(include=[
|
||||
"mitmproxy", "mitmproxy.*",
|
||||
"pathod", "pathod.*",
|
||||
@ -63,7 +68,7 @@ setup(
|
||||
# https://packaging.python.org/en/latest/requirements/#install-requires
|
||||
# It is not considered best practice to use install_requires to pin dependencies to specific versions.
|
||||
install_requires=[
|
||||
"asgiref>=3.2.10, <3.3",
|
||||
"asgiref>=3.2.10,<3.4",
|
||||
"blinker>=1.4, <1.5",
|
||||
"Brotli>=1.0,<1.1",
|
||||
"certifi>=2019.9.11", # no semver here - this should always be on the last release!
|
||||
@ -72,7 +77,7 @@ setup(
|
||||
"flask>=1.1.1,<1.2",
|
||||
"h2>=4.0,<5; python_version>='3.6.0'", # python_version only needed to make "py36+ required" message work
|
||||
"hyperframe>=6.0,<7; python_version>='3.6.0'", # python_version only needed to make "py36+ required" message work
|
||||
"kaitaistruct>=0.7,<0.9",
|
||||
"kaitaistruct>=0.7,<0.10",
|
||||
"ldap3>=2.8,<2.9",
|
||||
"msgpack>=1.0.0, <1.1.0",
|
||||
"passlib>=1.6.5, <1.8",
|
||||
|
Loading…
Reference in New Issue
Block a user