Commit Graph

2497 Commits

Author SHA1 Message Date
Denis Kasak
856a35af6d
Use original flow host instead of IP when exporting to curl/httpie. (#4307)
Use original flow host instead of IP when exporting to curl/httpie.

Unless this is done, the SNI server name will not be sent, often making
the curl/httpie command have different behaviour than the original
request (most often in the form of failing to establish a TLS
connection).

With this change, we always use the original host, fixing this failure.
However, if the original host is a domain, it may sometimes resolve to
a different IP address later on. In curl, we solve this problem by
forcing it to connect to the original IP using `--resolve`. For httpie
there is currently no easy solution (see:
https://github.com/httpie/httpie/issues/414).
2021-02-09 18:44:46 +00:00
Alexander Prinzhorn
4212a56f25
Collect all flow filter matches before modifying headers, fixes #4245 (#4246) 2021-02-09 19:37:46 +01:00
Maximilian Hils
0ab59e5524 docs++ 2021-02-05 22:04:45 +01:00
Maximilian Hils
ca578181e3 adjust tests, increase coverage 2021-02-05 08:44:17 +01:00
Maximilian Hils
dc6c5f55cd move Connections to mitmproxy.connection 2021-02-05 08:44:17 +01:00
Maximilian Hils
d68c364b35 inline/move http.make_* functions 2021-02-05 08:43:15 +01:00
Maximilian Hils
9409bf0368 move Headers/Message/Request/Response into mitmproxy.http 2021-02-05 08:43:15 +01:00
Maximilian Hils
50ae75aedf
Merge pull request #4413 from r00t-/compat_convert_fix
fix conversion of old flows failing due to missing array keys
2021-02-03 19:54:24 +01:00
Maximilian Hils
bd0e5989e2 add websocket flow conversion test 2021-02-03 19:27:15 +01:00
Maximilian Hils
faeb9678f1 test dumpfiles: .bin -> .mitm 2021-02-03 19:27:15 +01:00
Maximilian Hils
fccc153fdb
api docs++ (#4421) 2021-02-03 00:14:54 +01:00
Graham Robbins
2694b05fe9
Extract port number from authority before IDNA decode (#4410)
* Extract port from authority before IDNA decode

A UnicodeError exception may be raised if the port is present

* Update Changelog

* Test for badly formed byte input
2021-01-24 20:45:01 +01:00
Thomas B Homburg
4be69a5fc7
GraphQL content-view (#4396)
* Add GraphQL contentview

* Simpler graphql formatting

* Do not prompt for exit

* Give graphql priority over json

* Revert "Do not prompt for exit"

This reverts commit 386b38f9eb4601ae41365ace5b9689c30761a412.

* Handle batched queries

* Fix flake issues

* typing fix

* Typing fixes

* Add graphql content view test

* Fix reference

* Fixed tests

* flake

* Implement GraphQLView.render_priority

* Show query key stub value

* Code coverage

* Import PARSE_ERROR

* Test for invalid json
2021-01-22 00:29:09 +01:00
Kamil Borzym
f51019cb63
[#4235] Automatic view mode based on should_render method (#4236)
* [#4235] Automatic view based on should_render method instead of content_types property

* [#4235] Update CHENGELOG

* [#4235] Fix linter warnings

* Add an explicit test for the new forward-compatible behaviour

* wip

* contentviews: introduce render_priority (2/2)

* coverage++, lint!

* minor fixes

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2021-01-17 11:39:51 +01:00
Maximilian Hils
8dda8fc0f7 duplicate hooks: warn instead of raise
raising causes issues when using pdoc's live reloading, this should fix it.
2021-01-16 20:31:50 +01:00
Maximilian Hils
ff624d0b87 fix #4387 2021-01-06 10:47:37 +01:00
Maximilian Hils
81f8f06a11 converge on hooks, events, and commands 2021-01-05 22:00:54 +01:00
Maximilian Hils
6c0e4f1cb7 streamline event/hook/command naming conventions 2021-01-05 21:54:44 +01:00
Maximilian Hils
90df4168f8 coverage++ 2021-01-05 21:54:44 +01:00
Maximilian Hils
f9d18745c9 add MitmproxyEvent for addon events
We previously defined the list of all allowed events in mitmproxy.eventsequence,
without specifying the expected arguments at all. This commit changes our addon
event dispatch to subclasses of MitmproxyEvent, which have well-defined attributes.
2021-01-05 21:54:44 +01:00
Maximilian Hils
9186c1aeb5 add Client/Server.__str__ 2021-01-05 21:54:44 +01:00
Maximilian Hils
cca242a581 Windows: build pyinstaller onedir and use it for installer
This greatly improves startup time as pyinstaller doesn't have to
unpack everything on startup. The same also applies to macOS and Linux,
but there we 1) don't have installers to hide all the files and
2) have a filesystem that deals much better with lots of small files.

Additionally, simplify cibuild to be a bit more reasonable.
2021-01-05 15:56:33 +01:00
Maximilian Hils
ca45548289
Merge pull request #4384 from mhils/mitmproxy.exe
mitmproxy.exe 🎉🥳
2021-01-05 08:18:11 +01:00
Maximilian Hils
6cc452db8c
Merge pull request #4381 from mhils/options-cleanup
Remove unused options, warn about nonfunctioning ones.
2021-01-05 07:52:14 +01:00
Maximilian Hils
605961c57f build mitmproxy.exe 🎉 2021-01-05 07:46:53 +01:00
Maximilian Hils
63b8685356 add console integration tests 2021-01-04 20:21:42 +01:00
Maximilian Hils
455fee1126 warn about nonfunctioning options, permanently remove unused ones.
If you are affected by this change, please do reach out by filing an issue.
2021-01-01 18:34:15 +01:00
Maximilian Hils
67a93239f4 tlsconfig: respect add_upstream_certs_to_client_chain 2021-01-01 18:31:50 +01:00
Maximilian Hils
d8c3e8a56a
Merge pull request #4379 from mhils/reverse-tcp
Reverse proxy: do not assume TLS for non-standard ports
2021-01-01 18:08:38 +01:00
Maximilian Hils
2b2b40d53e [sans-io] respect websocket option 2021-01-01 17:35:34 +01:00
Maximilian Hils
0bbb5ca345 reverse proxy: do not assume TLS for non-standard ports 2021-01-01 16:57:50 +01:00
Maximilian Hils
dfba6e81a6 alpn: str -> bytes 2020-12-30 22:52:07 +01:00
Maximilian Hils
8ac5af62f5 cert test coverage++ 2020-12-30 22:29:56 +01:00
Maximilian Hils
abbe9eeb79 sni/alpn: bytes -> str 2020-12-30 20:26:31 +01:00
Maximilian Hils
2a30172525 migrate certs.Cert to pyca/cryptography, re-add mitmcert 2020-12-30 15:20:49 +01:00
Maximilian Hils
48b166ab57 move cert serialization to cryptography 2020-12-29 23:36:12 +01:00
Maximilian Hils
3fe29b27be use cryptography to generate certificates
this fixes #4368, but we are not done here. the goal is to replace most
usages of pyOpenSSL's cert object with cryptography.
2020-12-29 01:19:58 +01:00
Maximilian Hils
74aeb3ae4c add memory leak detect script for certificate generation, refs #4368 2020-12-29 01:17:01 +01:00
Maximilian Hils
70f1d173e2 Reply: remove return value 2020-12-28 22:09:57 +01:00
Maximilian Hils
1655f54817 cleanup old proxy server 2020-12-28 14:33:10 +01:00
Maximilian Hils
a0f923aa14 coverage++ 2020-12-28 09:56:25 +01:00
Maximilian Hils
2db9a43fd6 add type annotations, test sslkeylogfile 2020-12-28 09:44:37 +01:00
Maximilian Hils
de46db53e9 minor fixes 2020-12-21 20:52:02 +01:00
Maximilian Hils
57f5d1af63 monkeypatch pyOpenSSL to accept new TLS methods 2020-12-21 16:34:37 +01:00
Maximilian Hils
8842abbb4f clean up tls bits 2020-12-21 16:20:03 +01:00
Maximilian Hils
61a2beac3c minor fixes 2020-12-20 14:17:43 +01:00
Maximilian Hils
8ce4bc7142 additional test speedups 2020-12-20 00:50:40 +01:00
Maximilian Hils
2f725e5f02 massively speed up tests by properly mocking ldap proxyauth 2020-12-20 00:34:30 +01:00
Maximilian Hils
b05c13daa6 remove old mitmproxy.net.tcp code
this is not needed anymore with sans-io
2020-12-20 00:12:21 +01:00
Maximilian Hils
1ffe406d24
Merge pull request #4359 from mhils/warn-no-nextlayer
Warn if no nextlayer addon is present
2020-12-18 03:08:21 +01:00
Thomas Kriechbaumer
47f8e1d115 asgi: refactor tests to new proxy core 2020-12-15 23:37:39 +01:00
Maximilian Hils
e0d5dea959 warn if no nextlayer addon is present 2020-12-15 23:35:43 +01:00
Thomas Kriechbaumer
df164f42e1 imports cleanup 2020-12-14 23:52:48 +01:00
Thomas Kriechbaumer
722d8f2db7 onboardingapp: test using nativ flask test client 2020-12-14 23:52:48 +01:00
Thomas Kriechbaumer
60342344e4 nuke sessions addon with sqlite an protobuf components 2020-12-14 22:14:44 +01:00
Thomas Kriechbaumer
acd985c4c9 fix extracting PEM from context.Server.certificate_list 2020-12-14 22:14:44 +01:00
Thomas Kriechbaumer
55a58ba8e8 fix deprecation warnings in context client/server 2020-12-14 22:14:44 +01:00
Thomas Kriechbaumer
d159897d98 nuke legacy protocol stack 2020-12-14 22:14:43 +01:00
Thomas Kriechbaumer
e6445af2cd cibuild: cleanup outdated providers 2020-12-14 20:01:32 +01:00
Thomas Kriechbaumer
c35316f85a remove pathod and pathoc 2020-12-13 20:21:11 +01:00
Maximilian Hils
a3909ee024 [sans-io] add dedicated proxy_debug option 2020-12-12 23:57:20 +01:00
Maximilian Hils
a768825fba [sans-io] docs++ 2020-12-12 21:55:58 +01:00
Maximilian Hils
8f49cde627 [sans-io] add tunnel tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
f0bdf887fc [sans-io] tests++ 2020-12-12 21:24:21 +01:00
Maximilian Hils
641b1c425b [sans-io] add mode tests, minor fixes 2020-12-12 21:24:21 +01:00
Maximilian Hils
4c75765387 [sans-io] test coverage++ 2020-12-12 21:24:21 +01:00
Maximilian Hils
64d2ac8ef3 [sans-io] add Layer tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
ed753d1a38 [sans-io] add read_sansio tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
d3bd603fb9 [sans-io] add proxyserver tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
8e7cbb3991 [sans-io] remove unused code 2020-12-12 21:24:21 +01:00
Maximilian Hils
efacbca0ca [sans-io] add clientplayback tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
1c9e9660b8 [sans-io] add next_layer tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
21293edce0 [sans-io] TLS: add handshake fuzzing 2020-12-12 21:24:21 +01:00
Maximilian Hils
de925ab397 [sans-io] fix tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
8201a90e22 [sans-io] lint! 2020-12-12 21:24:21 +01:00
Maximilian Hils
00c54e68b8 [sans-io] HTTP/2: more fuzzing, improve cancellation logic 2020-12-12 21:24:21 +01:00
Maximilian Hils
8f516bfd81 [sans-io] HTTP/2: reset half-closed streams on error 2020-12-12 21:24:21 +01:00
Maximilian Hils
66868b1186 [sans-io] HTTP/2: protocol fixes, tests++ 2020-12-12 21:24:21 +01:00
Maximilian Hils
52479e94bb [sans-io] include non-standard ports in host header, refs #4280 2020-12-12 21:24:21 +01:00
Maximilian Hils
8ae2ab2aca [sans-io] fix HTTP/2 stream cancellation 2020-12-12 21:24:20 +01:00
Maximilian Hils
d32a5d5f33 [sans-io] websockets: fix bugs, 100% test coverage 🎉 2020-12-12 21:24:20 +01:00
Maximilian Hils
a4a0428bc6 [sans-io] handle 101 switching protocols 2020-12-12 21:24:20 +01:00
Maximilian Hils
19f8cd0839 [sans-io] add websocket proof-of-concept 2020-12-12 21:24:20 +01:00
Maximilian Hils
222d5cedc8 [sans-io] HTTP/1: Add tests for HTTP -> TCP pipe behavior 2020-12-12 21:24:20 +01:00
Maximilian Hils
4f0cbec308 [sans-io] http: emit error hook when killed 2020-12-12 21:24:20 +01:00
Maximilian Hils
41f69749f2 [sans-io] enable "Secure Web Proxy" mode 2020-12-12 21:24:20 +01:00
Maximilian Hils
1d4bdeb68d [sans-io] HTTP/2: enable END_STREAM for HEADERS
Akamai really doesn't like empty DATA frames with END_STREAM set,
so we mitigate this by indicating end stream in the MessageHeaders events.
2020-12-12 21:24:20 +01:00
Maximilian Hils
3c061b7863 [sans-io] fix playbook SendData merging 2020-12-12 21:24:20 +01:00
Maximilian Hils
1112135920 [sans-io] HTTP/2: respect max_concurrency_limit 2020-12-12 21:24:20 +01:00
Maximilian Hils
485c8eb3e9 [sans-io] fix HTTP/2 -> HTTP/1 interop, limit max connections / server / client 2020-12-12 21:24:20 +01:00
Maximilian Hils
32208b14eb [sans-io] fix HTTP/2 stream concurrency 2020-12-12 21:24:20 +01:00
Maximilian Hils
553f102d6e [sans-io] playbook: fix multiple placeholders of same type 2020-12-12 21:24:20 +01:00
Maximilian Hils
9251f7820a [sans-io] fix HTTP/2 client aborts 2020-12-12 21:24:20 +01:00
Maximilian Hils
3bffcf5e2f [sans-io] fix tcp half close behavior 2020-12-12 21:24:20 +01:00
Maximilian Hils
b5f59a1297 [sans-io] test NextLayer behavior on connection close 2020-12-12 21:24:20 +01:00
Maximilian Hils
65870b729f [sans-io] improve tcp half close behavior 2020-12-12 21:24:20 +01:00
Maximilian Hils
c639fafd64 [sans-io] more testing, more bugfixes! 2020-12-12 21:24:20 +01:00
Maximilian Hils
38f006eb9a [sans-io] more http testing, more bugfixes! 2020-12-12 21:24:20 +01:00
Maximilian Hils
25999ba9d4 [sans-io] http bugfixes! 2020-12-12 21:24:20 +01:00
Maximilian Hils
74f94fe5a3 disable asyncio debug mode, fix tests 2020-12-12 21:24:20 +01:00
Maximilian Hils
3fdbff3faa [sans-io] tlsconfig: add tests 2020-12-12 21:24:19 +01:00
Maximilian Hils
decd2b8c80 [sans-io] add minimal benchmarks 2020-12-12 21:24:19 +01:00
Maximilian Hils
75b7b743c4 [sans-io] fix tls tests 2020-12-12 21:24:19 +01:00
Maximilian Hils
97285512f1 [sans-io] rely on kill message instead of subclass 2020-12-12 21:24:19 +01:00
Maximilian Hils
40fc542cf6 [sans-io] add flow killing, tests++ 2020-12-12 21:24:19 +01:00
Maximilian Hils
34d96da876 [sans-io] extend HTTP/2 fuzzing, fix found bugs 2020-12-12 21:24:19 +01:00
Maximilian Hils
0549d50a47 [sans-io] add HTTP/2 fuzzing, various other fixes 2020-12-12 21:24:19 +01:00
Maximilian Hils
87ec81e435 [sans-io] complete h1/h2 interop 2020-12-12 21:24:19 +01:00
Maximilian Hils
ffa5a69ebf [sans-io] h2 client (wip) 2020-12-12 21:24:19 +01:00
Maximilian Hils
0646a4f1ba [sans-io] h2++, typeize Placeholder 2020-12-12 21:24:19 +01:00
Maximilian Hils
21000fca2c [sans-io] close client conn on CONNECT failure 2020-12-12 21:24:19 +01:00
Maximilian Hils
b9e3b46fd8 [sans-io] add http fuzzing tests 2020-12-12 21:24:19 +01:00
Maximilian Hils
a568721e86 [sans-io] add tests for unreachable http servers 2020-12-12 21:24:19 +01:00
Maximilian Hils
f12b2b7e87 [sans-io] better sockname/peername naming, refs #3896 2020-12-12 21:24:19 +01:00
Maximilian Hils
c5cb0d2f0b [sans-io] implement support for Expect: 100-continue 2020-12-12 21:24:19 +01:00
Maximilian Hils
c00a78751e [sans-io] enable proxying by host header
This mirrors the current examples/complex/dns_spoofing.py script.
2020-12-12 21:24:19 +01:00
Maximilian Hils
3f9441ac5f [sans-io] finalize upstream proxy mode 2020-12-12 21:24:19 +01:00
Maximilian Hils
549eb8df4b [sans-io] upstream proxy tests and fixes 2020-12-12 21:24:19 +01:00
Maximilian Hils
605da3afb6 [sans-io] refactor TLS layer to be a tunnel 2020-12-12 21:24:19 +01:00
Maximilian Hils
a30a6758f3 [sans-io] fixes, fixes, fixes 2020-12-12 21:24:18 +01:00
Maximilian Hils
b2060356b6 [sans-io] wip: tls establishment semantics 2020-12-12 21:24:18 +01:00
Maximilian Hils
7efe27be74 [sans-io] refactor 2020-12-12 21:24:18 +01:00
Maximilian Hils
0740c673bd [sans-io] implement http streaming, refine error handling 2020-12-12 21:24:18 +01:00
Maximilian Hils
5671012163 [sans-io] make hooks explicit 2020-12-12 21:24:18 +01:00
Maximilian Hils
03801aecb2 [sans-io] split http layer into smaller modules 2020-12-12 21:24:18 +01:00
Maximilian Hils
9e6548e581 [sans-io] tls: handle untrusted mitmproxy certs 2020-12-12 21:24:18 +01:00
Maximilian Hils
b075b7fc15 [sans-io] tls: handle invalid clienthellos 2020-12-12 21:24:18 +01:00
Maximilian Hils
6cf0bec912 [sans-io] tls: various improvements 2020-12-12 21:24:18 +01:00
Maximilian Hils
09b6257de0 [sans-io] tls tests++ 2020-12-12 21:24:18 +01:00
Maximilian Hils
7fbe8cece7 [sans-io] tls: test alpn 2020-12-12 21:24:18 +01:00
Maximilian Hils
6ee7802bf1 [sans-io] http tests++ 2020-12-12 21:24:18 +01:00
Maximilian Hils
1c80dfe17f [sans-io] tls layer++ 2020-12-12 21:24:18 +01:00
Maximilian Hils
2736c9c705 [sans-io] remove old implementations 2020-12-12 21:24:18 +01:00
Maximilian Hils
84287f928c [sans-io] improve testing story 2020-12-12 21:24:18 +01:00
Maximilian Hils
e0eb77a794 [sans-io] add transparent proxy, improve testing 2020-12-12 21:24:18 +01:00
Maximilian Hils
87a4d3efdb [sans-io] http implementation++ 2020-12-12 21:24:18 +01:00
Maximilian Hils
f76b751661 [sans-io] fix NextLayer race condition 2020-12-12 21:24:17 +01:00
Thomas Kriechbaumer
bc20b77c48 refactor websockets 2020-12-12 21:24:17 +01:00
Maximilian Hils
a860fe4a4b [sans-io] minor test improvements 2020-12-12 21:24:17 +01:00
Maximilian Hils
8938aec2c0 [sans-io] adjust tls tests 2020-12-12 21:24:17 +01:00
Maximilian Hils
b5a3343d03 [sans-io] add ALPN support to TLS layer, tests++ 2020-12-12 21:24:17 +01:00
Maximilian Hils
3f7b850268 [sans-io] test server tls 2020-12-12 21:24:17 +01:00
Maximilian Hils
4cd83ee0af [sans-io] minor test improvements 2020-12-12 21:24:17 +01:00
Maximilian Hils
c6262f9e9c [sans-io] remove hook reply
This is not desired as hooks modify the passed object itself
instead of returning a custom reply.
2020-12-12 21:24:17 +01:00
Maximilian Hils
1fa2e59734 [sans-io] add initial tls tests 2020-12-12 21:24:17 +01:00
Maximilian Hils
9ea0259bb7 [sans-io] improve ClientHello parsing, add tests 2020-12-12 21:24:17 +01:00
Ujjwal Verma
0cb06b428e Moved tests 2020-12-12 21:24:17 +01:00
Maximilian Hils
08ecb21a78
sans-io adjustments (#4342) 2020-12-12 16:09:11 +01:00
林玮 (Jade Lin)
380ac072aa
ASGIApp should ignore the HTTP flows loaded from somewhere (#4324) 2020-12-12 11:17:38 +01:00
Maximilian Hils
01f57346ee sans-io adjustments 2020-12-11 14:09:18 +01:00
Maximilian Hils
5c734b3cd6
Merge pull request #4333 from mhils/issue-4280
fix #4280
2020-12-10 09:55:29 +01:00
Maximilian Hils
009c124dc8 fix #4280 2020-12-10 09:24:28 +01:00
Maximilian Hils
c5eae9d752 drop support for Python 3.6 and 3.7
We require Python 3.8 for sans-io (#1775),
so we need to drop support for older versions.
2020-12-06 00:25:09 +01:00
Maximilian Hils
4b8fcc8650 use OpenSSL's keylog callback for SSLKEYLOGFILE, refs #3994 2020-11-27 23:49:04 +01:00
Maximilian Hils
b01d574d8b
Merge pull request #4309 from jrblixt/InformUnderscoreFormat-Issue_4054
Inform user when underscore-formatted options are used.
2020-11-26 18:39:45 +01:00
Maximilian Hils
6d8a315c5d assume keep-alive for HTTP/2 2020-11-24 14:48:22 +01:00
jrblixt
ce528a9ff3 Inform user when underscore-formatted options are used. 2020-11-24 01:37:54 -07:00
Maximilian Hils
bce8bf5f81 make individual coverage checker happy 2020-11-21 20:19:47 +01:00
Maximilian Hils
9b0c4e2338 debug: dump asyncio tasks 2020-11-21 20:06:11 +01:00
Maximilian Hils
9b7dfb0fc9 add asyncio_utils 2020-11-21 20:01:11 +01:00
Thomas Kriechbaumer
38cca379df pyupgrade --py36-plus mitmproxy/**/*.py 2020-11-20 19:25:26 +01:00
Thomas Kriechbaumer
44a1848799
Merge pull request #4292 from Kriechi/fix-4287
command-history: fail-safe file handling
2020-11-18 22:45:22 +01:00
Thomas Kriechbaumer
3c50523025 command-history: fail-safe file handling 2020-11-17 23:08:57 +01:00
Maximilian Hils
4351262c95
Merge pull request #4294 from mhils/sans-io-adjustments
Add a switch for sans-io proxy core
2020-11-17 21:58:27 +01:00
Maximilian Hils
1490d665fe lint! 2020-11-17 20:20:38 +01:00
Maximilian Hils
77758cff93 skip async tests on old python versions 2020-11-17 19:15:24 +01:00
Maximilian Hils
739b5b0b74 sans-io compat++ 2020-11-17 17:29:33 +01:00
Felix Yan
0b0a6cfef6
Replace asynctest with stdlib mock
This is an implementation of
https://github.com/mitmproxy/mitmproxy/issues/4020

Tested to work fine here with Python 3.8.6.
2020-11-14 05:27:35 +08:00
Thomas Kriechbaumer
6289d9bca8 refactor and remove dead code 2020-11-08 13:07:44 +01:00
Thomas Kriechbaumer
488be14412
Merge pull request #4283 from Kriechi/decouple++
websocket: decouple from pathod
2020-11-07 17:15:04 +01:00
Thomas Kriechbaumer
f47bf6fe4f websocket: decouple from pathod 2020-11-07 17:04:57 +01:00
Maximilian Hils
b45147e91d
Merge pull request #4271 from jpstotz/asgi-query
asgiapp.py: fix query parameters
2020-11-07 09:48:56 +01:00
Thomas Kriechbaumer
232c71b2e0
Merge pull request #4268 from Kriechi/cleanup
detangle custom websockets implementation and replace it with mostly …
2020-11-06 22:21:24 +01:00
Thomas Kriechbaumer
c8f9823704 detangle custom websockets implementation and replace it with mostly wsproto 2020-11-06 22:08:14 +01:00
Jan Peter Stotz
66322c57e1 unit test for issue #4270 added 2020-11-06 11:32:19 +01:00
Maximilian Hils
02fad34239 update verification certs 2020-11-03 08:04:15 +01:00
Maximilian Hils
2ead32652e fix option checks 2020-11-03 07:19:05 +01:00
Maximilian Hils
f8b3874034 sync minor sans-io changes 2020-11-03 07:10:13 +01:00
Maximilian Hils
dd8d338a62 update cryptography, change test cert generation to use different CNs 2020-11-01 01:38:10 +01:00
Thomas Kriechbaumer
0f7f4ba949 various trailer-related fixes 2020-10-31 17:30:15 +01:00
Thomas Kriechbaumer
c0e846b700 fix invididual test coverage 2020-10-31 11:59:51 +01:00
Thomas Kriechbaumer
a415c218ea fix http trailer tests 2020-10-31 11:42:26 +01:00
Shiva
f4b9930b05 Added support to echo http trailers in dumper addon 2020-10-31 11:04:56 +01:00
Thomas Kriechbaumer
730ee85469
Merge branch 'master' into send-http1-trailers 2020-10-21 20:17:24 +02:00
Thomas Kriechbaumer
b167f9fd2d http2: fix missing END_STREAM flag on requests without body
fixes #4231
2020-10-17 16:59:24 +02:00
Blake Burkhart
21330f511e is_http10 and is_http11 properties to requests 2020-10-13 09:21:15 -05:00
Blake Burkhart
b17857c7ae Send http/1 request and response trailer headers 2020-10-08 20:43:28 -05:00
Miro Karvonen
abbdc31ad3 Review comment fixes, passphrase is now always required to be bytes in add_cert_file and from_store. 2020-08-31 09:01:45 +03:00
mirosyn
3ef1f966d2
Merge branch 'master' into issue-4178-passphrase 2020-08-28 17:16:12 +03:00
Miro Karvonen
adc2e8d2b6 new commandline argument --cert-passphrase added. For decrypting the private key that is provided with the --certs command 2020-08-28 16:58:20 +03:00
Chase Kelley
2aacf94a63
update raw export to not remove headers (#4181) 2020-08-28 12:41:22 +02:00
Maximilian Hils
327e933faf intercept: tests++ 2020-08-27 11:37:35 +02:00
Maximilian Hils
e31f69ff4a fix windows tests failing due to tornado bug 2020-08-27 00:25:08 +02:00
Maximilian Hils
67885320c0 add ASGI support for embedded apps
This commit replaces our WSGI implementation with a new ASGI one,
which then uses `asgiref`'s compatibility mode to still support WSGI applications.
The ASGI implementation is a bit bare-bone, but good enough for our purposes.

The major changes are:

  - We now support ASGI apps.
  - Instead of taking connections out of mitmproxy's normal processing,
    we now just set flow.response and let things continue as usual.
    This allows users to see responses in mitmproxy, use the response hook
    to modify app responses, etc. Also important for us,
    this makes the new implementation work for shenanigans like sans-io.
2020-08-13 17:22:31 +02:00
Maximilian Hils
20f6f823ac revamp onboarding app
- improve and simplify layout
- revise install instructions
- ditch fontawesome to reduce file size
2020-08-13 08:12:49 +02:00
Alexander Prinzhorn
2fe8f3a218 Use @charset to decode CSS files if available 2020-08-06 15:01:23 +02:00
Thomas Kriechbaumer
04d2b0ab35
Merge pull request #4097 from rbdixon/fix_compat_flow_no_response
Fix incompatibility reading version 7 files when flow has no response.
2020-07-22 18:47:36 +02:00
Maximilian Hils
647eab557b lint! 2020-07-22 18:28:40 +02:00
Brad Dixon
742a5d812d Add test case for flow with no response. 2020-07-22 10:05:03 -04:00
Tom Hacohen
5fd702934c Add a msgpack content viewer. 2020-07-22 16:47:08 +03:00
Maximilian Hils
46fbba639d
Merge pull request #4088 from mhils/http-authority
HTTPRequest -> http.Request, add request.authority
2020-07-19 11:43:43 +02:00
Maximilian Hils
366014d0a3
Merge pull request #4069 from mplattner/maplocal-addon
MapLocal addon
2020-07-18 14:24:45 +02:00
Maximilian Hils
fb743c7da7 map local: minor fixes 2020-07-18 14:12:45 +02:00
Martin Plattner
c98f12c4f3 map addons: fix tests 2020-07-17 19:55:34 +02:00
Martin Plattner
b3c809c45a map local: improve candidate generation (url dec.) 2020-07-17 17:29:36 +02:00
Martin Plattner
627a03c8e0 move parse_spec to util.spec 2020-07-17 14:56:33 +02:00
Maximilian Hils
06734f498d fix flaky test socket 2020-07-16 22:13:48 +02:00
Thomas Kriechbaumer
04abe6b85b match HTTP-WebSocket handshake flow with ~websocket
fixes #3990
2020-07-16 17:49:47 +02:00
Maximilian Hils
5af57cfa99 HTTPRequest -> http.Request, add request.authority 2020-07-16 16:55:15 +02:00
Maximilian Hils
e39b52b159
Merge pull request #3989 from nikitastupin/master
Add minimal TCP interception and modification!
2020-07-15 21:55:43 +02:00
Nikita Stupin
7d9e3dd9a3 Add tests for TCP flow interception 2020-07-15 22:36:00 +03:00
Martin Plattner
257c178bbe map local: fix tests 2020-07-10 20:44:23 +02:00
Maximilian Hils
fe1b76bdef refactor spec parsing, map_local candidate generation 2020-07-10 13:23:13 +02:00
Martin Plattner
41c99810ef maplocal addon: improve tests 2020-07-08 23:52:22 +02:00
Martin Plattner
53644de820 maplocal addon: add some tests 2020-07-08 01:34:48 +02:00
Martin Plattner
1b6b3cd96c add MapLocal addon draft 2020-07-07 16:12:23 +02:00
Thomas Kriechbaumer
46a0f69485
Merge pull request #4042 from sanlengjingvv/develop
support HTTP/2 trailers
2020-07-06 17:14:17 +02:00
Thomas Kriechbaumer
c0f62cc559 fix missing message body and end_stream for trailers 2020-07-06 17:04:16 +02:00
gorogoroumaru
0e998e9b52
Fix typespec_to_str funcion to process typing.Optional[int] (#4066)
* Fix typespec_to_str funcion to process typing.Optional[int]

* Add test

* Add test

Co-authored-by: gorogoroumaru <zokutyou2@gmail.com>
2020-07-05 11:20:39 +02:00
Maximilian Hils
65318603ae
Merge pull request #4058 from Vane11ope/vane11ope/fix
List was not cycled right for tab auto-completion
2020-07-05 04:04:44 +02:00
Vane11ope
ecf076cb24 Add tests for list completer 2020-07-05 10:40:48 +09:00
Maximilian Hils
0ee0cf5668 minor addon improvements, fix tests 2020-07-04 11:19:23 +02:00
Martin Plattner
89fad1e2b1 add mapremote addon to modify request URLs 2020-07-03 14:27:37 +02:00
Thomas Kriechbaumer
ebb061796c unify HTTP trailers APIs 2020-07-02 18:31:47 +02:00
sanlengjingvv
d589f13a1d fix lint error 2020-07-02 18:46:38 +08:00
Martin Plattner
a782bb47a7 fix linting error 2020-07-02 12:42:14 +02:00
sanlengjingvv
22eb492a13 update FLOW_FORMAT_VERSION version
fix error when dump flow with http trailers
add testcase for http trailers
2020-07-02 18:32:12 +08:00
Martin Plattner
aee1b81260 fix test coverage 2020-07-01 23:51:55 +02:00
Martin Plattner
2a408c9379 refactor modify addons
Use a universal ModifySpec class to represent rules.
ModifyHeaders now supports reading the header value from a  file.
2020-07-01 13:25:28 +02:00
Martin Plattner
0a12479399 modify addons: cleanup redundant code and error handling 2020-06-30 16:20:06 +02:00
Martin Plattner
48dcc6e073 revert modify headers parameter order 2020-06-30 14:57:46 +02:00
Martin Plattner
b263b0dece replacements addon: rename to ModifyBody 2020-06-26 20:10:57 +02:00
Martin Plattner
96e756ead0 remove not needed replacement code 2020-06-26 19:04:22 +02:00
Martin Plattner
b608b0ef3e replacements addon: improve namings 2020-06-26 18:58:17 +02:00
Maximilian Hils
8783630ac3 minor: rename pytest fixture
tctx clashes with an omnipresent fixture on sans-io and my IDE
is not smart enough to figure out which one is which.
2020-06-26 01:01:25 +02:00
Martin Plattner
781e0a2e7c rename SetHeaders addon to ModifyHeaders 2020-06-25 18:08:48 +02:00
Martin Plattner
ccf7182a11 setheaders addon: removal of existing headers 2020-06-25 16:46:24 +02:00
Martin Plattner
b6c70950c3 setheaders addon: change pattern order 2020-06-25 15:33:42 +02:00
Maximilian Hils
ed68e0a1ba
Merge pull request #4040 from mhils/restructure-examples
Restructure examples
2020-06-23 20:21:48 +02:00
Maximilian Hils
08895e9ba6 restructure examples
- restructure examples (fix #4031)
 - remove example dependencies from setup.py,
   we do not need special dependencies for our supported addons.
 - unify how we generate docs from code
 - improve example docs
2020-06-23 16:00:14 +02:00
Brad Dixon
75ec05c85e HTTP2 response reason is None, render as '' in property.
Fixes an error triggered when displaying an HTTP2 response loaded
from a file.
2020-06-08 09:09:09 -04:00
anneborcherding
7fdcbb09e6
added add-ons that enhance the performance of web application scanners. (#3961)
* added add-ons that enhance the performance of web application scanners.

Co-authored-by: weichweich <14820950+weichweich@users.noreply.github.com>
2020-05-04 10:37:13 +02:00
root
4dd9abd6a9 add test for console error 2020-05-01 16:07:29 +05:30
Maximilian Hils
3c1a184c5d
Merge pull request #3929 from sarthak212/colorizejson
colorize json
2020-04-19 17:44:17 +02:00
Maximilian Hils
ca74ec3c77 json contentview: minor improvements 2020-04-19 16:51:16 +02:00
root
454f1779f0 colorize json 2020-04-19 12:49:09 +02:00
Maximilian Hils
8cd5e2d25b lint, mypy, tests++ 2020-04-12 01:50:34 +02:00
Maximilian Hils
b5e3f736c0 minor improvements, tests++ 2020-04-09 08:25:22 +02:00
Kevin Cui
4d2cb321d6 #3911 Support keybinding for different contexts with different commands 2020-04-07 16:10:26 +02:00
Maximilian Hils
fbe296aaba
Merge pull request #3893 from matosconsulting/mitmenhancedhostcheck
#3885 handle hyphens in domain name, enhance validation checks
2020-04-06 22:39:56 +02:00