Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 16:17:49 +00:00
Code Issues Projects Releases Wiki Activity
526 Commits 1 Branch 67 Tags 50 MiB
4979a22d3e
Commit Graph

434 Commits

Author SHA1 Message Date
Aldo Cortesi
4ed8031172 Jazz up flow display 
- Indicate interception by coloring text, rather than adding an exclamation
mark.
- Use unicode symbol to indicate replay and for the response indicator arrow.
 2012-02-18 12:12:01 +13:00
Aldo Cortesi
08fdd23e23 Refactor the way we display flows. 
Use columns to make spacing nicer, and to ensure that long URLs don't bugger up
formatting when they spill into the next line.
 2012-02-18 11:11:59 +13:00
Heikki Hannikainen
a3509b7f22 reverse proxy mode: small comment clarification 2012-02-16 16:36:49 +02:00
Heikki Hannikainen
a82ac9eaf0 Implemented reverse proxy mode: -R upstreamhost:port makes the 
proxy accept a 'GET / HTTP/1.0' request and fill up the destination
host and port from the ones given with -R (for example,
"-R localhost:80").
 2012-02-16 16:33:27 +02:00
Aldo Cortesi
f25156a637 Better formatting for headers, help and other key-value displays. 
We now use proper Columns, rather than laying it out manually.
 2012-02-11 18:23:07 +13:00
Aldo Cortesi
3e70fa8d58 Fix a minor keypress glitch in connection view. 2012-02-11 11:31:57 +13:00
Aldo Cortesi
586472e364 Revamp the way request and response bodies are displayed. 2012-02-11 11:25:35 +13:00
Aldo Cortesi
1ad7e91527 Make filter matching act more sensibly. 2012-02-10 15:31:45 +13:00
Aldo Cortesi
5f785e26b9 Add filter for detecting flows with errors. 
Also, remove dependency on weird _is_response method.
 2012-02-10 15:22:26 +13:00
Aldo Cortesi
b14c29b25c Expand test coverage. 2012-02-10 15:04:20 +13:00
Aldo Cortesi
5326b7610a Enable editing of urlencoded form data with KVEditor. 2012-02-10 14:35:23 +13:00
Aldo Cortesi
9c985f2d20 Methods for getting and setting form urlencoded data on Request. 2012-02-10 14:27:39 +13:00
Aldo Cortesi
d9fda2b207 Add "d" for delete shortcut to flow view. 2012-02-09 17:00:37 +13:00
Aldo Cortesi
00d3395359 Add a built-in query string editor using KVEditor. 2012-02-09 16:47:32 +13:00
Aldo Cortesi
2709441d5b Add get_query and set_query methods to Request. 2012-02-09 16:40:31 +13:00
Aldo Cortesi
46bd780862 Gracefully handle invalid data format passed to -r flag. 2012-02-09 12:09:40 +13:00
Aldo Cortesi
d3dce8f943 KVEditor: make tab key do the expected thing at the end of the value set. 2012-02-09 11:36:10 +13:00
Aldo Cortesi
a1ecd25e8b KVEditor: fix crash when editing empty set. 2012-02-09 11:32:29 +13:00
Aldo Cortesi
d564086377 KVEditor: show a msg when editing an empty set of values 
Just having nothing on screen can be confusing to users.
 2012-02-09 11:30:35 +13:00
Aldo Cortesi
4914dbc971 Allow user to specify non-standard request methods when editing a flow. 
Addresses feature request in #27
 2012-02-09 09:38:11 +13:00
Aldo Cortesi
e484e667a6 Fix import missed during refactoring. 
Addresses issue #26
 2012-02-09 08:14:00 +13:00
Aldo Cortesi
46c5982d3d Fix a crash and some sizing issues in KVEditor. 
Mostly arising when editing an empty header set.
 2012-02-08 23:42:56 +13:00
Aldo Cortesi
205d2ad577 Fix attribute error. 
Should address issue #23
 2012-02-08 23:17:03 +13:00
Aldo Cortesi
5df0b9e961 Further keybinding consolidation. 
Also, move KVEditor's "i" binding to "A" to avoid clashes with global bindings.
 2012-02-08 22:55:48 +13:00
Aldo Cortesi
866a93a8bc Start consolidating keybindings. 
I want each view to have a more coherent set of bindings. This means minimizing
the global bindings, and making some bindings accessible only from screens
related to their functionality.
 2012-02-08 22:28:15 +13:00
Aldo Cortesi
e3f28e1c06 Move to context-dependent help model. 
The all-in-one page was just getting too unwieldy.
 2012-02-08 21:47:39 +13:00
Aldo Cortesi
76f2595df7 KVEditor: "e" shortcut spawns an external editor on a field. 2012-02-08 18:25:00 +13:00
Aldo Cortesi
4026aa2e5f KVEditor: make tab behaviour nicer 
If we tab while editing, stop editing if we are taken to the next row.
 2012-02-08 17:55:17 +13:00
Aldo Cortesi
d41095c35e "i" shortcut to insert for KVEditor. 2012-02-08 17:52:43 +13:00
Aldo Cortesi
2b6bedac0e Add and delete for KV editor. 2012-02-08 16:55:11 +13:00
Aldo Cortesi
8b5e081233 Refine look and feel, make editor operate on copy of data. 2012-02-08 16:43:11 +13:00
Aldo Cortesi
64360f5996 Editing now works. 2012-02-08 14:58:48 +13:00
Aldo Cortesi
7e6196511f Editable fields for KVEditor. 2012-02-08 14:07:17 +13:00
Aldo Cortesi
cdd5a53767 Refactor console. 
Split the console implementation out into logical components.
 2012-02-07 16:39:37 +13:00
Aldo Cortesi
f7b3a6d571 Expand KV mockup. 2012-02-07 12:06:31 +13:00
Aldo Cortesi
a98d287e26 Refactor keypress handling. 
We now let views over-ride global keys, rather than the other way round.
 2012-02-06 11:06:54 +13:00
Aldo Cortesi
71642eac65 Make space = page down global. 2012-02-06 10:22:51 +13:00
Aldo Cortesi
4b9ee4c31e Very basic KV editor mockup. 2012-02-06 09:49:49 +13:00
Aldo Cortesi
5075ede6a9 Make adding a response to a response-less flow nicer. 2012-01-23 13:25:15 +13:00
Aldo Cortesi
c6150cc198 Address an issue that allows a malicious client to place certificate files in arbitrary directories. 
Thanks to David Black (disclosure@d1b.org) for pointing this out.
 2012-01-21 14:26:36 +13:00
Aldo Cortesi
d5e3722c97 Fix an issue caused by some editors when editing a request/response body. 
Many editors make it hard save a file without a terminating newline on the last
line. When editing message bodies, this can cause problems. For now, I just
strip the newlines off the end of the body when we return from an editor.
 2012-01-21 12:43:00 +13:00
Mark E. Haase
05111f093d Add support for filtering by HTTP method (get, post, etc.) using ~m operator. 2011-12-28 17:32:29 -05:00
Mark E. Haase
965d318164 Help docs have ~r as an example but ~r isn't valid. I think it's supposed to be ~q. 2011-12-28 16:47:30 -05:00
Aldo Cortesi
28fd3bd461 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-10-26 14:49:48 +13:00
Aldo Cortesi
3b246f7e27 Simple fix for a unicode error when editing a request URL. 2011-10-26 14:49:15 +13:00
meeee
ae79fe1660 Handle missing message/reason phrase in HTTP response status line gracefully by adding an empty one. 2011-09-26 00:44:43 +03:00
Aldo Cortesi
ee71bcfbe8 Fix a rare crash when a new cert is generated during cerdir removal. 2011-09-11 09:06:46 +12:00
Aldo Cortesi
d9db1cf5b3 Change size limit cmdline flag to -Z, enable size limits for replay. 2011-09-09 17:31:36 +12:00
Aldo Cortesi
67f2610032 Add HTTP body size limit specification to command-line tools. 2011-09-09 15:27:31 +12:00
Aldo Cortesi
28daa93268 Basic infrastructure for request and response body size limits. 2011-09-09 14:49:34 +12:00
Aldo Cortesi
e5bded7dee Improve robustness against invalid data. 2011-09-05 07:47:47 +12:00
Aldo Cortesi
4cb0e5bfb4 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-09-04 10:51:09 +12:00
Aldo Cortesi
d1ff527550 Reset exit flag when proxy starts. 2011-09-04 10:50:00 +12:00
Aldo Cortesi
4ac59a7859 Fix a rare crash in sticky cookies. 2011-08-26 18:03:03 +12:00
Aldo Cortesi
8fbba59e8d Fix a problem with sticky cookie domain matching. 
Just like everything else cookie-related in the standard library,
cookielib.domain_match is fucked up.
 2011-08-26 17:37:12 +12:00
Aldo Cortesi
45f4768a5c Add attribution and license for tnetstring.py 2011-08-19 21:53:52 +12:00
Aldo Cortesi
a566684e32 Move to typed netstrings for serialization. 
This change is backwards incompatible with the old serialization format!
 2011-08-19 21:30:24 +12:00
Aldo Cortesi
34adc83c71 Revert changes to contrib/pyparsing.py 
We want this module to match upstream.
 2011-08-19 09:58:44 +12:00
András Veres-Szentkirályi
6f00987850 Optimized single character check 2011-08-18 23:33:14 +02:00
András Veres-Szentkirályi
9abff4f0ac Removed unused imports 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
e9006ae199 Optimized list appending 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
82245298f4 Removed assignments to unused variables 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
b1dc418a53 Replaced unnecessary lists with generators 2011-08-18 23:29:57 +02:00
Aldo Cortesi
25f12b0e5d Add a basic Flow processor example. 2011-08-13 13:51:38 +12:00
Stephen Altamirano
4d02ae0582 First pass at implementing pretty view for multipart/form-data 2011-08-10 00:49:21 -07:00
Aldo Cortesi
8309ab0ec8 Prep for 0.6 release. 
- Update contributors file.
- Bump version number
- Include version number in docs
 2011-08-06 21:19:22 +12:00
Aldo Cortesi
f23818ceea Add a "done" event for scripts. 
Called exactly once after all other events.
 2011-08-05 14:08:03 +12:00
Aldo Cortesi
ce48cb4deb Make scripted rewriting of saved traffic work in mitmdump. 2011-08-05 09:41:29 +12:00
Aldo Cortesi
87623a8d75 Rip out autodecode 
We simplify things as follows:

    - If we're in "pretty" view mode, we autodecode.
    - Otherwise, we display raw data, and the user can manually encode/decode
    with z shortcut.
 2011-08-04 10:54:42 +12:00
Aldo Cortesi
b51aac8a86 Code cleanliness - appease pychecker. 2011-08-04 10:34:34 +12:00
Aldo Cortesi
730c78ac53 Move script.Context to flow.ScriptContext 2011-08-04 10:14:44 +12:00
Aldo Cortesi
1662b8505b Clean pydoc profile for flow.Flow 2011-08-04 09:56:44 +12:00
Aldo Cortesi
8ef208a9e2 Clean pydoc profile for flow.Response, flow.Error 2011-08-04 09:44:48 +12:00
Aldo Cortesi
7a3b871b33 Request class now has a clean pydoc profile. 2011-08-04 09:26:26 +12:00
Aldo Cortesi
0760607a7d Further interface cleaning. 2011-08-03 23:02:33 +12:00
Aldo Cortesi
9042d3f3b9 Clean up interfaces by making some methods pseudo-private. 2011-08-03 22:48:57 +12:00
Aldo Cortesi
57c653be5f Move all HTTP objects to flow.py 
That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
 2011-08-03 22:41:38 +12:00
Aldo Cortesi
9d0e3c8d61 Doc and help adjustments. 2011-08-03 19:15:01 +12:00
Aldo Cortesi
028d5bacc5 Make "C" clear eventlog when it has focus. 2011-08-03 17:41:13 +12:00
Aldo Cortesi
e337682d8e Enable "|" command to run a oneshot script on a single flow. 2011-08-03 17:35:18 +12:00
Aldo Cortesi
cfc6e8777e Add script set/unset shortcut for mitmproxy. 2011-08-03 17:14:11 +12:00
Aldo Cortesi
e3196dac4d Move commands around to make space for "s" script shortcut. 
New commands are:

"w" - save all flows
"W" - save this flow
"S" - server replay
 2011-08-03 16:52:41 +12:00
Aldo Cortesi
179cf75862 Add script hooks, enable new engine for mitmdump. 2011-08-03 16:36:20 +12:00
Aldo Cortesi
f7e4e89b12 Move the event notification mechanism into flow.py 2011-08-03 13:33:18 +12:00
Aldo Cortesi
12d2b1f926 Rip out old script interface, start replacing with new stubs. 
Scripts are broken for now.
 2011-08-03 13:20:36 +12:00
Aldo Cortesi
62088a6661 Start stubbing out a much more powerful script architecture. 2011-08-03 11:06:29 +12:00
Aldo Cortesi
a817db5bd6 Refresh current connection when toggling autodecode. 
Also fix the unit tests I forgot to commit...
 2011-08-02 20:47:53 +12:00
Aldo Cortesi
8cc0469ee7 Tweak encoding behaviour 
- Don't fail to identity encoding when an unknown encoding is specified.
- Don't constrain encodings. I want to try to modify traffic as little as
possible by default.
- When decoding, delete content-encoding header rather than set it to "identity"
- Refuse to decode/encode when there is an existing but unknown
content-encoding header.
 2011-08-02 20:42:46 +12:00
Aldo Cortesi
bb6ec29b18 Fix encoding import crash. 2011-08-02 16:55:54 +12:00
Aldo Cortesi
1ff6a767d0 Unit test++ 2011-08-02 16:52:47 +12:00
Aldo Cortesi
357502fe03 General cleanup. 
Cut out unused variables and code, generally shut up pychecker as much as is
reasonable.
 2011-08-02 16:14:33 +12:00
Aldo Cortesi
17835b9b78 Fix a rare undefined variable crash in proxy.py. 2011-08-02 15:43:35 +12:00
Aldo Cortesi
a1456742a8 Make ConnectionList key bindings work even if there are no entries. 2011-08-02 15:35:54 +12:00
Aldo Cortesi
f3742f29da We no longer need to track clientconnections. 2011-08-02 14:56:09 +12:00
Aldo Cortesi
f3f8462ddc Make the mitmproxy eventlog display useful information. 2011-08-02 14:17:15 +12:00
Aldo Cortesi
73a7d893e3 Give a visual indication that the eventlog has focus. 2011-08-02 11:02:23 +12:00
Aldo Cortesi
759f5d71a6 Initial key bindings and event handlers for event log. 2011-08-02 10:48:29 +12:00
Aldo Cortesi
af92153974 Start stubbing out a UI for the eventlog in mtimproxy. 2011-08-02 09:17:54 +12:00
Aldo Cortesi
9b398c03ab Exit with error if mitmproxy can't load a file specified on cmdline. 2011-08-01 13:27:46 +12:00
Aldo Cortesi
675b3133b4 Improve performance of loading flows from a file hugely. 
Fell into the "expensive __eq__ method" trap. Oh, Python, you little scamp.
 2011-08-01 11:26:09 +12:00
Aldo Cortesi
43f1c72511 Refactor the way we calculate views of the flow list. 
The naive approach we used before recalculated the view on every access, and
consequently had serious performance problems.
 2011-08-01 11:17:01 +12:00
Aldo Cortesi
ddb5748a76 Add decoding/encoding for requests. 2011-08-01 10:43:01 +12:00
Aldo Cortesi
c89c4361c3 Merge remote-tracking branch 'alts/encoding' 2011-07-28 11:19:07 +12:00
Stephen Altamirano
78049abac1 Changes replace logic to function in both Python 2.6.x and 2.7.x 
Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
 2011-07-26 22:47:08 -07:00
Stephen Altamirano
c1eaa9f74c Adds encode and decode methods to Response objects 2011-07-26 22:03:41 -07:00
Aldo Cortesi
e6288e2d07 Fix crash when sticky cookies are read from file. 
Cookielib expects strings, not unicode.
 2011-07-24 16:08:27 +12:00
Aldo Cortesi
0f4ae61e7d Fix a crash in mitmdump event display. 2011-07-23 16:59:48 +12:00
Aldo Cortesi
6cd32bf96f Unbreak mitmproxy. Oops. 2011-07-23 13:39:17 +12:00
Aldo Cortesi
3648c7953a Extend eventlog information. 
Also, squash an SSL-related bug revealed by the extended logging.
 2011-07-23 13:37:06 +12:00
Aldo Cortesi
4043829cf2 Add an eventlog option to mitmdump 
This shows client connections, disconnections and requests (before a complete
flow is assembled). We need to add an analogous display to mitmproxy.
 2011-07-23 12:57:54 +12:00
Aldo Cortesi
689f5f0d1f Don't turn off output if -v flag is passed more than twice. 2011-07-23 11:50:30 +12:00
Aldo Cortesi
47e1695512 Also replace strings path for requests. 2011-07-22 20:52:13 +12:00
Aldo Cortesi
6ce8b49e05 Make script pipe globally available. 2011-07-22 19:09:32 +12:00
Aldo Cortesi
1b961fc4ad Add utility functions to search and replace strings in flows 
This is a common task in pentesting scenarios. This commit adds the following
functions:

utils.Headers.replace
proxy.Request.replace
proxy.Response.replace
flow.Flow.replace
 2011-07-22 17:48:42 +12:00
Stephen Altamirano
9c24401b18 Removes last_encoding attribute from Response. Prompts for encoding on identity responses 2011-07-21 22:09:48 -07:00
Stephen Altamirano
74d8b18408 Removes should_autodecode attribute from Response. Adds commandline option 'd' to toggle autodecode, adds togglable option 'd' to do the same 2011-07-21 20:22:13 -07:00
Aldo Cortesi
5936a48e59 Drop cert expiry time to avoid a bug in some OpenSSL versions. 2011-07-22 11:11:45 +12:00
Stephen Altamirano
aa7f8ac90b Switches hotkeys. En/decode is now bound to 'z', kill connection now 'X' 2011-07-20 00:14:24 -07:00
Stephen Altamirano
ebfa9b2a5d Fixes issue #10 regarding broken json printing 2011-07-19 10:51:49 -07:00
Stephen Altamirano
25b0631190 Switches hotkey to unused 'g', adds help message 2011-07-18 22:04:23 -07:00
Stephen Altamirano
1c5434d72c Adds ability to toggle between encodings in the response view 2011-07-18 21:52:40 -07:00
Stephen Altamirano
ecd4645988 Adds encode counterparts to decode functions 2011-07-17 20:16:47 -07:00
Aldo Cortesi
b0849387b7 Add explicit notice when data has been auto-decoded. 2011-07-18 14:18:47 +12:00
Aldo Cortesi
669ce8ee7c Correctly detect urlencoded data 
This broke when we introduced case preservation for headers.
 2011-07-17 15:31:58 +12:00
Aldo Cortesi
6df4be93e3 Fix error in anticomp commandline specification. 2011-07-17 14:36:38 +12:00
Aldo Cortesi
f756d3bec1 Make help display for options nicer. 2011-07-17 11:14:18 +12:00
Aldo Cortesi
1559ded009 Expose the anticompression flag as an option through the "o" key in mitmproxy. 2011-07-17 10:34:43 +12:00
Aldo Cortesi
ce41046786 Refine encoding support 
- Push decoding down into the LRU cache
- Cope gracefully with corrupted data and incorrect encoding headers
 2011-07-17 10:25:25 +12:00
alts
6dc0f105cc Adds support for content encoding, namely gip and deflate 2011-07-16 02:47:06 -07:00
Aldo Cortesi
94ae720a22 Add a pretty-printing mode for urlencoded form data. 2011-07-15 16:46:54 +12:00
Aldo Cortesi
76b4c6ba82 Introduce an anti-compression command-line argument. 
This is on by default, which means we avoid compressed content unless the -z
flag is specified.
 2011-07-15 15:24:56 +12:00
Aldo Cortesi
1a963b91bb Don't sort headers when displaying them in mitmproxy. 2011-07-14 17:20:32 +12:00
Aldo Cortesi
7e21ac0eb8 Refine path completion somewhat. 
Make it match the behaviour of vim and mutt more closely
 2011-07-14 16:54:04 +12:00
Aldo Cortesi
1c9e7b982a Rewrite Headers object to preserve order and case. 2011-07-14 16:01:54 +12:00
Aldo Cortesi
b6e1bf63c3 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-07-11 16:14:32 +12:00
Felix Wolfsteller
1a5b157c8f Specify certificate creation waiting time argument to fix type error in proxy.py . 2011-07-09 08:07:22 +00:00
Aldo Cortesi
65fbb7bd0d Bail out if no command was specified after | shortcut. 2011-07-08 21:41:00 +12:00
Aldo Cortesi
8e176c2086 Cast some data read from dump files to str, to prevent unicode promotion. 
This fixes a bug that caused a traceback when de-serialized requests were
replayed. Also adds unit tests for the problem.
 2011-07-01 14:20:42 +12:00
Aldo Cortesi
2a90ea69fd Show view mode in statusbar. 
Also make "m" keyboard shortcut available globally.
 2011-06-30 14:49:11 +12:00
Aldo Cortesi
37c8d3425d Fix edit prompt display, return code editing. 2011-06-30 14:30:48 +12:00
Aldo Cortesi
18d4c3a9e9 JSON pretty-printing. 
Also rename the display modes ("pretty" instead of "indent"), and expand the
built-in documentation.
 2011-06-30 13:27:27 +12:00
Aldo Cortesi
46ec8f52e7 Prep for 0.5 release 
- Update CHANGELOG and CONTRIBUTORS
- Bump version
- Include Apple Gamecenter highscore setting tutorial in docs
 2011-06-27 16:38:00 +12:00
Aldo Cortesi
0a642f2441 Make the certificate wait time configurable. 
Since OpenSSL doesn't let us set certificate start times in the past, the
client and proxy machine time must be synchronized, or the client might reject
the certificate. We can bodgy over small discrepancies by waiting a few seconds
after a new certificate is generated (i.e. the first time an SSL domain is contacted).

Make this a configurable option, and turn it off by default.
 2011-06-27 16:10:17 +12:00
Aldo Cortesi
f004326855 Try not to hang when user views large request & response bodies 
Two different strategies here:

    - Use a simple heuristic to detect if we're looking at XML data when indent
    mode is used. On non-XML data we can hang even on small documents.

    - Only view partial data for large bodies. At the moment the cutoff is
    100k. I might finetune this later.
 2011-06-27 15:59:17 +12:00
Aldo Cortesi
2ae7808ca9 Don't redraw the screen more often than necessary. 2011-06-27 14:01:08 +12:00
Aldo Cortesi
b04d074341 Repair a problem that sometimes caused SSL connections to peg the CPU. 2011-06-23 17:00:55 +12:00
Aldo Cortesi
0d9e0eac9a Don't backup flows before replay. 
This lets us revert to the original request, even after replaying an edit.
 2011-06-23 14:47:34 +12:00
Yuangxuan Wang
e56793f01e Fix urwid version parsing error when it's something like 0.9.10-pre 2011-06-20 16:18:55 +08:00
Aldo Cortesi
7d7803a4d9 Add a hideous kludge to fix not-yet-valid certificates. 
- The OpenSSL x509 has no way to explicitly set the notBefore value on
certificates.

- If two systems have the same configured time, it's possible to return a
certificate before the validity start time has arrived.

- We "solve" this by waiting for one second when a certificate is first
generated before returning the cert. The alternative is to rewrite pretty much
all of our certificate generation, a thought too horrible to contemplate.
 2011-06-11 15:16:16 +12:00
Aldo Cortesi
07110bbbf1 Anticache and refresh_server_playback options are applied before flows are loaded. 
You can now use mitmdump to preview how these options work, by running mitmdump
against a set of saved flows, and viewing the output.
 2011-05-15 12:23:34 +12:00