Maximilian Hils
06c6d88359
Merge pull request #1066 from fimad/master
...
Fix XSS vulnerability in HTTP errors
2016-03-31 19:36:01 +02:00
Will Coster
55bffe1782
Fix XSS vulnerability in HTTP errors
...
The make_error_response method does not properly escape characters
that end up in the response body. Since the error code can contain
user supplied values this leads to a potential XSS vulnerability.
Example:
echo '<script>alert(1)</script>' | nc localhost 8888
2016-03-31 10:22:29 -07:00
Maximilian Hils
f1c5721c8c
travis: checkout full repo for builds
2016-03-31 18:35:14 +02:00
Maximilian Hils
c788e18e03
Merge branch 'master' of https://github.com/mitmproxy/mitmproxy
2016-03-31 18:07:58 +02:00
Maximilian Hils
5552b5e782
snapshots: fix build tag
2016-03-31 18:07:47 +02:00
Maximilian Hils
de0f2cbcd3
Merge pull request #1050 from zlorb/master
...
Flow export to locust.io load test tool [http://locust.io ]
2016-03-29 18:28:09 +02:00
Zohar Lorberbaum
8016b6ab55
Merge remote-tracking branch 'mitmproxy/master'
...
# Conflicts:
# test/mitmproxy/test_flow_export.py
2016-03-28 20:08:55 -07:00
Zohar Lorberbaum
cd2ef2fe13
merge
2016-03-28 10:17:58 -07:00
Zohar Lorberbaum
37483e228f
Merge remote-tracking branch 'mitmproxy/master'
...
Merge with master
2016-03-28 10:06:02 -07:00
Zohar Lorberbaum
6d16f44ab7
Merge with master
2016-03-28 10:03:26 -07:00
Zohar Lorberbaum
e56198ae7c
cleaner target url
2016-03-28 09:51:06 -07:00
Zohar Lorberbaum
ef3d24e8c8
locust_task re-use locust_code.
2016-03-27 21:42:52 -07:00
Thomas Kriechbaumer
dfcfa6263c
add safeguard
2016-03-27 13:15:57 +02:00
Thomas Kriechbaumer
04cb099b15
improve flow export tests
2016-03-27 13:04:19 +02:00
Thomas Kriechbaumer
ec68d8b8e4
s/nocover/no cover/g
...
according to coveralls docs
2016-03-27 12:02:41 +02:00
Thomas Kriechbaumer
ab7e80085a
increase test timeout
2016-03-27 11:59:27 +02:00
Thomas Kriechbaumer
ddea3434a2
Merge pull request #1055 from MatthewShao/issue#963
...
Simplify '.content' by removing CONTENT_MISSING
2016-03-27 11:14:28 +02:00
Matthew Shao
6e4af64050
minor fix about if-else statement
2016-03-27 09:16:40 +08:00
Matthew Shao
66bd27e6f9
update comments
2016-03-26 17:49:22 +08:00
Matthew Shao
53e15f778d
update document for the removal of CONTENT_MISSING
2016-03-26 16:17:55 +08:00
Matthew Shao
08ff00f36d
replace CONTENT_MISSING with None.
2016-03-26 16:00:51 +08:00
Matthew Shao
2f285a6015
Setting CONTENT_MISSING to None
2016-03-26 11:26:42 +08:00
Zohar Lorberbaum
9f77c80a32
pep8
2016-03-25 17:29:42 -07:00
Zohar Lorberbaum
5b07e8b3af
Add UI shortcuts.
2016-03-24 20:29:53 -07:00
Zohar Lorberbaum
a44062effb
Flow export to locust.io load test tool.
2016-03-23 01:49:18 -07:00
Maximilian Hils
2d6eb28fd0
py3++
2016-03-20 23:39:57 +01:00
Maximilian Hils
403ac82a7d
netlib: request.path can be None
2016-03-20 23:22:50 +01:00
Maximilian Hils
e739517070
py3++
2016-03-20 23:14:22 +01:00
Maximilian Hils
726536689b
py3++
2016-03-20 22:58:35 +01:00
Maximilian Hils
2ce023a991
py3++
2016-03-20 22:50:03 +01:00
Thomas Kriechbaumer
d8e8dfc1c6
Merge pull request #1047 from mitmproxy/no-coverage-by-default
...
py.test: disable coverage collection by default
2016-03-20 20:40:15 +01:00
Maximilian Hils
6f902ffbb3
py3++: iteritems
2016-03-20 19:56:22 +01:00
Maximilian Hils
88d365cfe6
py3++: cStringIO
2016-03-20 19:40:03 +01:00
Maximilian Hils
43671e723f
py.test: disable coverage collection by default
2016-03-20 19:39:02 +01:00
Maximilian Hils
61a657fe56
Merge pull request #1045 from mitmproxy/py3-scripts
...
Port mitmproxy.script to Python 3
2016-03-20 11:31:56 +01:00
Thomas Kriechbaumer
d99194fccc
Merge pull request #1043 from mitmproxy/better-scripts
...
Better scripts
2016-03-19 20:33:14 +01:00
Maximilian Hils
b0a16dee20
fix script exception display
2016-03-19 20:27:03 +01:00
Maximilian Hils
4b955da94e
fix pyOpenSSL version
2016-03-19 20:09:00 +01:00
Maximilian Hils
7b4fcc8577
update pyOpenSSL
2016-03-19 20:02:30 +01:00
Maximilian Hils
c52c59f858
port mitmproxy.scripts to py3
2016-03-19 19:53:27 +01:00
Maximilian Hils
4be9074b49
fix tests on OSX
2016-03-19 19:19:36 +01:00
Maximilian Hils
fb0b17ee93
simplify tests for @concurrent
2016-03-19 03:04:55 +01:00
Maximilian Hils
7e49b8c186
add tests for mitmproxy.script.reloader
2016-03-19 03:04:55 +01:00
Maximilian Hils
898f5d10b9
improve mitmproxy.scripts semantics, clean up tests
2016-03-19 03:04:55 +01:00
Maximilian Hils
36fb8a32f4
restrict cryptography version for pyopenssl compat
2016-03-19 03:04:08 +01:00
Maximilian Hils
b90579fe45
fix dependency versions
2016-03-18 14:59:49 +01:00
Maximilian Hils
afb24d8c4c
Merge remote-tracking branch 'origin/requires-io-master'
2016-03-18 14:57:16 +01:00
Maximilian Hils
f5a6ebf584
remove code duplication
2016-03-18 14:54:42 +01:00
requires.io
c8ddd87837
[requires.io] dependency update
2016-03-18 14:52:59 +01:00
Thomas Kriechbaumer
4cd170d36c
Merge pull request #1040 from felixonmars/patch-1
...
Allow lxml 3.6
2016-03-18 09:29:58 +01:00