Matthias Urlichs
7b6057fa64
serverconnect hook: Set sc.request
...
The serverconnect hook script might need to examine the incoming request
in order to set up the server connection.
Example use: bind to a distinct source IPv6 address for each client.
2013-12-12 07:56:40 +01:00
Maximilian Hils
39ffe10334
add content-length 0 if we remove header for chunked encoding, fixes #186
2013-12-12 04:42:29 +01:00
Maximilian Hils
7db1430ee7
ignore missing CN in certificates. fixes #169
2013-12-12 03:24:17 +01:00
Maximilian Hils
28a234e28b
store resolved ip addresses, fixes #187
2013-12-12 02:11:22 +01:00
Aldo Cortesi
a600441e37
Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
2013-12-10 22:24:23 +13:00
Aldo Cortesi
1bbeace350
Bump version
2013-12-10 22:23:38 +13:00
Maximilian Hils
f0e96be142
ensure binary read on windows
2013-12-10 03:13:37 +01:00
Maximilian Hils
21de99cb09
add comments
2013-12-10 02:30:07 +01:00
Maximilian Hils
a78b185278
refactor ProxyHandler, remove duplicate code
2013-12-10 01:47:19 +01:00
Maximilian Hils
2be19a5620
Merge remote-tracking branch 'origin/master'
2013-12-09 19:10:40 +01:00
Maximilian Hils
4984bbb83b
remove code duplication in ProxyHandler by unifying read_transparent and read_reverse
2013-12-09 19:10:15 +01:00
Aldo Cortesi
1d536f64d5
Small workaround to make mitmproxy work again.
...
Further work is required to make scripts work again, though.
2013-12-09 22:34:47 +13:00
Maximilian Hils
3bd238de37
backport changes to fix tests
2013-12-08 15:46:11 +01:00
Maximilian Hils
a509a9037b
Merge branch 'master' into 0.10
2013-12-08 14:14:57 +01:00
Aldo Cortesi
3a1d85ab18
Merge pull request #134 from mhils/scripts_improvements
...
Support multiple scripts and script arguments. refs #76
2013-12-08 01:14:12 -08:00
Aldo Cortesi
7aeaf9d448
Merge pull request #161 from mitmproxy/external_webapp
...
External webapp
2013-12-08 01:09:46 -08:00
Aldo Cortesi
73791f986a
Merge pull request #166 from ghjc/forward-proxy
...
Added -F http[s]://server:port option that allows MITM to forward traffi...
2013-12-08 01:05:33 -08:00
Aldo Cortesi
4816cae98c
Merge pull request #170 from jsoriano/master
...
Reverse proxy works with SSL
2013-12-08 01:02:17 -08:00
Aldo Cortesi
dfcec4ffba
Merge pull request #180 from mitmproxy/add_serverconnection_scripthook
...
Add serverconnection scripthook
2013-12-08 00:55:55 -08:00
Aldo Cortesi
83f061c1a0
Merge pull request #184 from richie5um/RichS-RateDivideByZeroIssue
...
Fix divide by zero issue when timestamp start and end are the same
2013-12-08 00:54:11 -08:00
Rich Somerfield
9a986e0c1b
Fix divide by zero issue when timestamp start and end are the same
2013-11-26 14:14:51 -08:00
Maximilian Hils
d4c3b1c213
attempt to fix https://github.com/mitmproxy/netlib/issues/24
2013-11-19 04:08:16 +01:00
Maximilian Hils
675518f873
add serverconnect script hook
2013-11-18 17:25:52 +01:00
Jaime Soriano Pastor
7140323bdb
New method establish_ssl to avoid duplicated code
2013-09-26 12:38:13 +02:00
Jaime Soriano Pastor
f33d128a7f
Reverse proxy works with SSL
2013-09-26 12:23:48 +02:00
Maximilian Hils
2956c144d3
Merge branch 'master' into 0.10
2013-09-14 23:47:04 +02:00
JC
65d1ed1b3c
Added -F http[s]://server:port option that allows MITM to forward traffic to another http server upstream.
2013-08-30 17:19:58 -07:00
Aldo Cortesi
8d954d9965
Version bump.
2013-08-25 10:37:35 +12:00
Aldo Cortesi
a2643b52f9
Tweak timing display
...
- Remove elapsed time. Space is at a premium here, and this is somewhat
redundant with the rate figure. We should display complete timing information
somewhere in the detailed flow view.
- Tone down the colour. Reserve highlights for stuff that should really pop out
to the user.
- Make rate calculation more acurate. Include header sizes. Use response start
and end time, rather than request end and response end. This means that we show
actual transfer rates, not including DNS requests and so forth.
2013-08-23 10:25:44 +12:00
Maximilian Hils
bb4748fb8f
add option to expose webapp externally, remove distinct ip setting
2013-08-18 20:03:53 +02:00
Maximilian Hils
729677cd85
Merge branch 'master' into 0.10
2013-08-17 13:30:36 +02:00
Kyle Manna
41041159f6
console: Add support for displaying transfer rate
...
* Display the rate in the the response row.
* Very handy for passive performance analysis.
2013-08-13 16:33:53 -07:00
Kyle Manna
ea28496bea
console: Add support for displaying elapsed time
...
* Display the elapsed time in the the response row.
* Very handy for passive performance analysis.
2013-08-13 16:33:53 -07:00
Kyle Manna
4ede2f126a
utils: Add missing "B" for pretty_size()
...
* Add missing unit for megabytes, should print "MB".
2013-08-13 16:33:39 -07:00
Aldo Cortesi
f850bdd848
Revamp dummy cert store
...
We no longer keep these on disk. This is for a number of reasons, including
some race conditions and the fact that some valid IDNA-encoded domain names are
not valid file names on Windows.
2013-08-12 16:04:02 +12:00
Aldo Cortesi
2c4e5e0a73
Better handling of cert errors on connection.
2013-08-10 23:07:22 +12:00
Aldo Cortesi
edb10e33aa
Remove GPL notices left in source files after our change to the MIT license.
...
Thanks to Roy Shamir for reporting this.
2013-08-01 11:08:00 +12:00
Aldo Cortesi
439d9a294c
Make use of a change to netlib.tcp that clarifies error conditions for flush and close.
...
Should fix #144 .
2013-07-30 09:42:29 +12:00
Aldo Cortesi
5f0b5532bc
Show an error when attempting to decode invalid data.
2013-07-29 18:14:11 +12:00
Aldo Cortesi
d54398cc79
Repair minor user interface issue that caused brief flashes of duplicate flows in the flow list.
2013-07-29 12:38:41 +12:00
Maximilian Hils
29bcbd57d5
fix #144
...
netlib wraps IOError in NetLibDisconnect, so we need to cover this as well.
2013-07-28 21:05:17 +02:00
Aldo Cortesi
a21c989ccd
Fix startup with no state.
...
Bug introduced in previous patch.
2013-07-28 22:40:51 +12:00
Aldo Cortesi
df3d2d70ed
Terminate can be called on an unconnected server connection.
2013-07-28 18:05:04 +12:00
Aldo Cortesi
10a9e3365f
Some refactoring of the console inteface.
...
Reduce some state duplication, by removing currentflow variable.
Fixes #141
2013-07-28 18:00:49 +12:00
Aldo Cortesi
10b744ee08
Properly terminate SSL server connections.
...
Before, we had dangling SSL server connections causing resource exhaustion.
I believe this fixe #144 and #153
2013-07-28 10:50:25 +12:00
Aldo Cortesi
5c1157ddaf
Move app instantiation out of proxy.py.
2013-07-24 10:32:56 +12:00
Aldo Cortesi
64ce3b358f
Make a start on mitmproxy web app.
2013-07-23 10:28:35 +12:00
Aldo Cortesi
55f7e8d5b9
Don't take minor version into account when checking serialized data compatiblity.
2013-07-13 14:44:09 +12:00
Aldo Cortesi
c4d03d8b85
Merge pull request #137 from caujka/master
...
Handling for EOF reading error in gzipped content
2013-07-01 17:37:15 -07:00
Matthias Urlichs
d9cc6f1dd6
proxy.py: Catch channel.ask() returning None when terminating
2013-06-28 07:53:56 +02:00
Matthias Urlichs
be1377850e
Close connection when flush fails
2013-06-26 15:02:55 +02:00
Oleksandr Sheremet
0afd3fc42f
Added handling for EOF reading error in gzipped content.
2013-06-17 21:46:54 +03:00
Maximilian Hils
d462b444b7
update tests to reflect changes to options.scripts
2013-06-17 16:48:06 +02:00
Maximilian Hils
84248d431b
fix send_error behavior if there are no headers
2013-06-17 10:52:19 +02:00
Aldo Cortesi
886970040b
Revert "Use lsof instead of pfctl to find target host on OSX in transparent mode."
...
This reverts commit ffeede9b39
.
2013-06-16 16:23:36 +12:00
Aldo Cortesi
db43f1ffcc
Version bump, doc extension, URLs to github.com/mitmproxy/*
2013-06-16 13:59:01 +12:00
Maximilian Hils
fd36142018
Merge remote-tracking branch 'origin/scripts_improvements' into 0.10
2013-06-16 00:41:43 +02:00
Maximilian Hils
ba47690a03
always read files in binary mode
2013-06-16 00:23:44 +02:00
Maximilian Hils
2b4af8d475
add support for multiple scripts and script arguments. refs #76
2013-06-13 16:09:38 +02:00
Aldo Cortesi
d3beaa7382
Merge pull request #132 from ipopov/master
...
A humble pull request
2013-06-08 16:28:47 -07:00
Aldo Cortesi
1a5c27aa7d
Massage content-type before sending it to mime detection
...
Fixes #67
2013-06-09 11:26:44 +12:00
Aldo Cortesi
7ef68b5a13
Fix creation of new response when none existed before.
...
Fixes #133
2013-06-09 11:14:34 +12:00
Ivaylo Popov
ffeede9b39
Use lsof instead of pfctl to find target host on OSX in transparent mode.
2013-05-27 23:09:42 -04:00
Michael Bisbjerg
125b3e5e5b
- Quick-fix for issue #128
...
New bug: It correct-cases Content-Length for any webserver sending other casings, like CONTENT-LENGTH.
2013-05-21 15:57:14 +02:00
Aldo Cortesi
bc88930fb7
Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
2013-05-05 13:19:14 +12:00
Aldo Cortesi
9fa09cc1f9
Fix crash in client playback.
2013-05-05 13:18:52 +12:00
Aldo Cortesi
5cd7563d12
Minor coverage.
2013-04-30 09:13:33 +12:00
Jason A. Novak
f78dada550
Add error checking to ViewProtobuf
...
There are protobufs that protoc can't parse. When protoc --decode_raw
fails, it returns nothing to stdin, and writes "Failed to parse input."
to stderr. Before this commit, if protoc --decode_raw couldn't parse
the protobuf, the blank stdout output would get returned to the view;
with this commit stderr gets caught and returned to the view.
2013-04-21 12:46:37 -05:00
Aldo Cortesi
61c794e08f
Merge pull request #107 from rouli/master
...
Adding remote TCP and SSL setup timestamps
2013-04-19 17:19:26 -07:00
Aldo Cortesi
793c41a5c4
Merge pull request #112 from hamstah/protobuf-view
...
Adds a new view for protocol buffers
2013-04-19 17:18:44 -07:00
Alexis Hildebrandt
3d7f31b23d
Correct display mode highlight keys
...
Add html display mode to the help documentation.
Correct html and hex display mode highlight keys (help used 'h' for hex).
Correct json display mode highlight keys.
2013-04-16 23:54:34 +02:00
Nicolas Esteves
d4cfbbb822
Adds a new view for protocol buffers
...
The view uses protoc from the Google protocol buffer
tools. If the tool isn't installed, the view isn't
shown.
Google protobuf repo:
https://code.google.com/p/protobuf/
2013-04-06 19:21:13 +01:00
Aldo Cortesi
51b775cfd4
Merge pull request #101 from eentzel/keep-blank-params
...
Keep blank URL parameters
2013-04-04 15:55:51 -07:00
Aldo Cortesi
ca9c60d2eb
Docs.
2013-04-05 11:55:28 +13:00
Aldo Cortesi
e3fd0e838d
Add a basic built-in web app.
2013-03-25 09:20:26 +13:00
Aldo Cortesi
98e4421a90
Trim docs.
2013-03-23 15:42:25 +13:00
Aldo Cortesi
800af34763
Fix crash on intercept.
...
Fixes #106
2013-03-23 14:40:03 +13:00
Rouli
c6bf28f3f7
adding tcp and ssl setup timestamps to get better resolution on flows performance
2013-03-19 18:21:52 +02:00
Rouli
c94aadcb0e
Merge remote-tracking branch 'upstream/master'
2013-03-18 14:24:13 +02:00
Aldo Cortesi
6614498744
Update styling, GameCenter highscore tutorial.
2013-03-18 08:36:56 +13:00
Aldo Cortesi
d2d3eb6490
Un-break unit tests. Tsk tsk.
2013-03-17 17:53:48 +13:00
Aldo Cortesi
e50da8164f
Enable --host option for mitmdump
2013-03-17 17:43:31 +13:00
Aldo Cortesi
0e993bec6f
Add the --host option, which uses the value in the Host header for dispaly URLs.
...
- Can be toggled with "o" then "h" in mitmproxy
- Useful for transparent mode
2013-03-17 17:37:54 +13:00
Aldo Cortesi
790ad468e4
Fix bug that caused mis-identification of some HTTPS connections in transparent mode.
2013-03-17 14:35:36 +13:00
Aldo Cortesi
cfb5ba89ce
Introduce a filtered flow writer, and use it in dump.py
...
Fixes #104
2013-03-14 09:19:43 +13:00
Aldo Cortesi
cde66cd584
Fuzzing, and fixes for errors found with fuzzing.
2013-03-03 22:03:27 +13:00
Aldo Cortesi
7835e0c2c7
Begin some simple fuzzing with pathod.
...
Finally doing what I started writing pathod for in the first place...
2013-03-03 14:56:56 +13:00
Aldo Cortesi
e608d10f45
Remove __slots__ to make it possible to inherit from Options classes.
2013-03-03 12:26:20 +13:00
Aldo Cortesi
75b5c97095
Revert "show current filepath in status bar"
...
This reverts commit bf8367d6cf
.
This just doesn't work. We need a better solution, probably in the next release.
2013-03-03 12:18:19 +13:00
Aldo Cortesi
2465b8a376
100% unit test coverage on proxy.py. Hallelujah!
2013-03-03 12:13:33 +13:00
Aldo Cortesi
d5876a12ed
Unit test proxy option parsing.
2013-03-03 11:58:57 +13:00
Aldo Cortesi
5c6587d4a8
Move HTTP auth module to netlib.
2013-03-03 10:37:06 +13:00
Aldo Cortesi
c20d1d7d32
Extend unit tests for proxy.py to some tricky cases.
2013-03-02 22:42:36 +13:00
Aldo Cortesi
415844511c
Test cert generation errors.
2013-03-02 16:59:16 +13:00
Aldo Cortesi
a95d78438c
Test SNI for transparent mode.
2013-03-02 15:06:49 +13:00
Aldo Cortesi
10db82e9a0
Test SNI for ordinary proxy connections.
2013-03-02 14:52:05 +13:00
Aldo Cortesi
ba674ad551
New SNI handling mechanism.
2013-03-01 09:05:39 +13:00
Rouli
b6cae7cd2d
Merge remote-tracking branch 'upstream/master'
2013-02-28 13:28:57 +02:00
Rouli
35f36481b9
adding __str__ to make export to har nicer
2013-02-28 13:28:42 +02:00
Aldo Cortesi
0257815141
Significantly simplify server connection handling, and test.
2013-02-24 22:24:21 +13:00
Aldo Cortesi
705559d65e
Refactor to prepare for SNI fixes.
2013-02-24 17:35:24 +13:00
Aldo Cortesi
d0639e8925
Handle server disconnects better.
...
Server connections can be closed for legitimate reasons, like timeouts. If
we've already pumped data over a server connection, we reconnect on error. If
not, we treat it as a legitimate error and pass it on to the client.
Fixes #85
2013-02-24 14:04:56 +13:00
Aldo Cortesi
05e4d4468e
Test request and response kill functionality.
2013-02-23 21:59:25 +13:00
Aldo Cortesi
269780c577
Unit test dummy response functions.
2013-02-23 16:34:59 +13:00
Aldo Cortesi
f203881b0d
Remove redundant clause in controller.Reply
2013-02-23 14:13:43 +13:00
Aldo Cortesi
7800b7c910
Refactor proxy core communications to be clearer.
2013-02-23 14:10:27 +13:00
Aldo Cortesi
aaf892e3af
Significantly refactor the master/slave message passing interface.
2013-02-17 12:42:48 +13:00
Eric Entzel
6bcf29c0ed
Keep blank URL parameters
...
TODO: This should probably be configurable
2013-02-11 13:22:25 +11:00
Aldo Cortesi
782bbee8c0
Unit tests for ServerConnectionPool
2013-01-29 11:35:57 +13:00
Aldo Cortesi
2aa175a6ca
Stub implementation of a server connection pool.
2013-01-29 10:55:19 +13:00
Aldo Cortesi
6f157d936f
Merge pull request #99 from rouli/master
...
Adding helper functions to make HAR export easier
2013-01-28 13:28:49 -08:00
Rouli
330fbfe8cc
adding helper functions to make HAR export easier
2013-01-28 17:37:25 +02:00
Aldo Cortesi
a74ca40660
Unravel enormously long read_request into three distinct methods.
2013-01-28 22:26:25 +13:00
Aldo Cortesi
57f01ffb07
Test suite, remove extraneous code.
2013-01-28 21:59:03 +13:00
phil plante
68952d579e
Force flush of file content in dump
...
The dump file would be end up corrupted sometimes when working with mitmdump in a VM. Adding an explicit flush seems to have resolved the file sync issues.
2013-01-24 20:46:50 -08:00
Aldo Cortesi
25cb9471f0
Add tests for client certificate support.
2013-01-20 22:39:28 +13:00
Aldo Cortesi
294bca139c
Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
2013-01-19 17:07:27 +13:00
Chris Neasbitt
e9264a8253
Fixed a bug in format_flow in common.py. Changed the reference from timestamp to timestamp_start.
2013-01-18 23:04:11 -05:00
Aldo Cortesi
6600c589ab
Rudimentary testing for client certs.
2013-01-18 17:08:30 +13:00
Aldo Cortesi
7a79eeb143
Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
...
Conflicts:
test/test_server.py
2013-01-18 14:50:31 +13:00
Rouli
446f9f0a0f
Merge remote-tracking branch 'upstream/master'
2013-01-17 17:33:29 +02:00
Rouli
20fa6a3083
changing requests and responses to have two timestamps, one marking their initiation, and the other their complete
2013-01-17 17:32:56 +02:00
Aldo Cortesi
d0ee4d60d0
Unit tests and minor code refactoring for ServerConnection.
2013-01-05 19:44:12 -08:00
Aldo Cortesi
060e3198bc
Remove cert_wait_time flag.
...
We now cater for this by generating certs with a commencement date an hour in
the past in netlib.
2013-01-06 01:18:47 +13:00
Aldo Cortesi
891c441a6d
Use new netlib certificate store implementation.
2013-01-06 01:16:08 +13:00
Aldo Cortesi
9cfc785cd3
Unit test love - 100% for flow.py, dump.py
2013-01-05 21:56:33 +13:00
Aldo Cortesi
46ab6ed491
Minor cleanups of proxy request handling.
2013-01-04 14:19:32 +13:00
Aldo Cortesi
09f664cdea
Refactor proxy auth a bit
...
- Remove authentication scheme option. We only support basic at the moment -
we'll add the option back when we diversify.
- Add some meta variables to make printout nicer
2013-01-02 17:35:44 +13:00
Aldo Cortesi
7b3d3dc85e
Documentation, setup.py updates, styling.
2013-01-02 14:02:41 +13:00
Aldo Cortesi
e42136a6ef
Better error handling for transparent mode remote address resolution.
2013-01-01 11:24:11 +13:00
Aldo Cortesi
e2dc7ba09d
First draft of OSX transparent proxy mode.
2013-01-01 11:13:56 +13:00
Aldo Cortesi
5347cb9c26
More work on proxy auth
...
- Strip auth header if auth succeeds, so it's not passed upstream
- Actually use realm specification to BasicProxyAuth, and make it mandatory
- Cleanups and unit tests
2012-12-31 10:56:44 +13:00
Aldo Cortesi
3b84111493
Test and robustify BasicProxyAuth.parse_auth_value
...
- This is partly in preparation for moving the implementation to netlib
- Also add an unparse_auth_value for testing (and use in pathod once the move is done)
2012-12-31 10:34:25 +13:00
Aldo Cortesi
018c229ae4
Start solidifying proxy authentication
...
- Add a unit test file
- Remove some extraneous methods
- Change the auth API to make the authenticate method take a header object.
2012-12-31 09:15:56 +13:00
israel
440a9f6bda
adding some simple authetication code to limit proxy access
2012-12-30 01:41:58 -08:00
israel
935505bc4f
adding some simple authetication code to limit proxy access
2012-12-30 01:24:30 -08:00
Aldo Cortesi
3c8dcf8808
Merge pull request #82 from kanzure/show-filepath-in-statusbar
...
Show current filepath in status bar
2012-12-30 00:49:45 -08:00
Bryan Bishop
bf8367d6cf
show current filepath in status bar
...
Showing the filename is useful when looking at multiple .mitm files
simultaneously.
2012-12-26 22:14:39 -06:00
Bryan Bishop
4d250095cb
fix external viewer using shlex
...
This makes spawn_external_viewer not crash when $EDITOR or $PAGER have
spaces or multiple arguments.
In addition, spawn_external_viewer now chmods the file to read-only to
remind users who use only an $EDITOR that this function does not read
the file when the user returns.
Also, some of the redundant exception case handling for editing has been
consolidated.
fixes #79
2012-12-22 18:26:15 -06:00
Bryan Bishop
1c6139e013
remove trailing whitespace
2012-12-09 15:57:11 -06:00
Bryan Bishop
505da188eb
Show an error when $EDITOR/$PAGER are unset.
...
This catches an exception that otherwise crashes mitmproxy.
fixes cortesi/mitmproxy#71
2012-12-05 12:58:29 -08:00
Aldo Cortesi
8c976ac7f0
Substantially rewrite AMF decoding.
...
This is tricky, but we should now handle a lot more corner-cases.
2012-11-26 13:25:07 +13:00
Mathieu Mitchell
15c367ffb4
Workaround for PIL's ambiguious import method and/or easy_install PIL packaging problem.
...
PIL documents two different way to import it's modules:
* import Image (http://www.pythonware.com/library/pil/handbook/introduction.htm )
* from PIL import Image (http://www.pythonware.com/library/pil/handbook/image.htm )
The same problem was noted in Django at https://code.djangoproject.com/ticket/6054
2012-11-23 11:48:24 -05:00
Aldo Cortesi
626fc39804
Move eventlog to new Urwid container API.
2012-11-23 15:44:43 +13:00
Aldo Cortesi
57d6650e8e
Urwid 1.1 compatibility.
2012-10-29 09:30:59 +13:00
Aldo Cortesi
68f1000e42
Improve error reporting for one-shot scripts.
2012-10-11 11:12:06 +13:00
Aldo Cortesi
0d59fd7e01
Move cleanBin and hexdump into netutils.
2012-09-24 11:21:12 +12:00
Aldo Cortesi
21f74efa10
Stub out ctypes structures for OSX transparent mode.
2012-09-17 11:05:20 +12:00
Aldo Cortesi
d115b5ae70
Expand Flow.match to accept either a string or a compiled filter expression.
2012-09-14 09:41:01 +12:00
Aldo Cortesi
54cee9db7f
Catch a potential exception on connection finalization.
2012-09-14 09:40:13 +12:00
Aldo Cortesi
b7d89f6919
Don't run replace or header hooks on error.
2012-09-02 12:57:49 +12:00
Aldo Cortesi
5630d3f660
Add help entry for H global header shortcut.
2012-09-02 11:53:00 +12:00
Aldo Cortesi
9c009a872e
Add U shortcut to add user-agent strings to global Headers editor.
2012-09-02 11:50:17 +12:00
Aldo Cortesi
3fc9af63c1
Fix a crash when re-editing a path prompt after an error.
2012-08-31 13:41:08 +12:00
Aldo Cortesi
26cefc95e8
Make grid editor file reading more robust.
2012-08-31 13:33:18 +12:00
Aldo Cortesi
a33e90f081
Add a shortcut to header editor to add standard User-Agent strings.
2012-08-31 13:28:04 +12:00
Aldo Cortesi
71ae158d7b
Display "No Content" instead of a parse error when there is no content.
2012-08-30 12:51:04 +12:00
Aldo Cortesi
a2f9ca1d4d
Add application/javascript to ~a filter asset matcher.
2012-08-30 12:42:31 +12:00
Aldo Cortesi
38ddbcc314
Add a snippet to GridEditor help text explaining that we're using escaped strings.
2012-08-25 13:29:05 +12:00
Aldo Cortesi
87463049f1
Add a "R" shortcut to GridEditor, letting the user read unescaped data from file.
2012-08-25 13:25:59 +12:00
Aldo Cortesi
514e19b172
Do away with explicit encodings, and display an error message for invalid values.
2012-08-25 13:13:16 +12:00
Aldo Cortesi
c6d1fe9e59
Use Python-style escaped strings in GridEditor.
2012-08-25 12:54:34 +12:00
Aldo Cortesi
82893ffae2
Add an "r" shortcut in grid editors to read value from file.
2012-08-25 12:21:45 +12:00
Aldo Cortesi
3787f8befb
Add a graphical editor for path components (e -> p shortcut from request view screen).
2012-08-19 13:15:54 +12:00
Aldo Cortesi
a77ccc406d
Getter and setter for path component on Requests.
2012-08-19 13:03:21 +12:00
Aldo Cortesi
1b7990897e
Command-line options for header setting.
2012-08-19 00:14:16 +12:00
Aldo Cortesi
3e96015e61
Add SetHeaders, analogous to ReplaceHooks, with a graphical editor in mitmproxy (H shortcut).
...
SetHeaders defines headers that are set on flows, based on a matching pattern.
Existing headers are over-ridden.
2012-08-18 23:41:04 +12:00
Aldo Cortesi
53e453f72e
Use the new ODict get_first convenience function in a bunch of places.
2012-08-18 18:14:30 +12:00
Aldo Cortesi
15e234558d
Further content view cleaups.
2012-08-18 17:51:34 +12:00
Aldo Cortesi
b70e91bbd4
Send tracebacks from content viewers to event log.
...
Also, 100% test coverage for content viewers.
2012-08-18 17:42:40 +12:00
Aldo Cortesi
e8553f966f
Further simplifcation and testing of contentviews.
2012-08-18 17:29:29 +12:00
Aldo Cortesi
11c63dcb9f
Huge cleanup of content viewers.
2012-08-18 17:08:17 +12:00
Sahn Lam
3189d144a5
Optional AMF decoding support
...
If PyAMF is installed, enable AMF decoding.
2012-08-17 18:45:26 -07:00
Maximilian Hils
b0566b9d4c
add dummy cert dir
2012-08-17 19:13:56 +02:00
Maximilian Hils
ed389d8f05
use argparse instead of optparse
2012-08-17 19:11:59 +02:00
Aldo Cortesi
bbaa8bdba5
Add an HTML text outline view.
...
Uses html2text, from here:
https://github.com/aaronsw/html2text
2012-08-18 01:37:30 +12:00
Aldo Cortesi
1bfe847a84
Stop server playback after current playback buffer is exhausted.
2012-08-18 00:23:41 +12:00
Aldo Cortesi
20b270ae9a
Server replay from current buffer.
2012-08-18 00:13:04 +12:00
Jim Lloyd
0ef18a7cba
Adds --dummy-certs option to specify certdir
...
If --dummy-certs=CERTSDIR is provided, use CERTSDIR as the location
for generating/finding the dummy certs. And in this case, preserve
the CERTSDIR directory on exit.
2012-08-06 14:09:35 -07:00
Aldo Cortesi
32ad26f8bf
Add a size() method to flow.Request and flow.Response.
2012-08-04 13:18:05 +12:00
Rob Wills
8e68426ad6
Return from Flow View behaviour
...
Following focus trumps the re-focusing the "current" (or just-viewed) flow.
2012-08-02 00:06:34 -07:00
Rob Wills
c985e22196
Press "F" to Follow
...
Following of the flow list
- ConsoleState now has a follow_focus property
-- when True it will cause focus to follow added flows
- ConsoleMaster implements toggle_follow_flows()
-- when enabling follow, also jumps to most recent flow
- StatusBar reports follow_focus state
-- adds "following" to option list when true
- Added "F" to FlowList keys
-- implementation requests ConsoleMaster to toggle_follow_flows()
2012-08-01 23:57:56 -07:00
Aldo Cortesi
87d05a95ff
Handle invalid headers.
2012-07-30 12:54:50 +12:00
Aldo Cortesi
bb124e23b2
Prevent mitmproxy from treating logged info as urwid markup.
2012-07-27 10:08:10 +12:00
Aldo Cortesi
47b5fd666d
Fix mitmproxy file reading.
2012-07-27 02:13:21 +12:00
Aldo Cortesi
31a092f6b4
Minor refactoring. Make stop_stream also close the associated file descriptor.
2012-07-27 00:19:18 +12:00
Aldo Cortesi
f93a621856
Only log real errors in WSGI apps.
2012-07-24 16:18:22 +12:00
Aldo Cortesi
b4e9e55c34
Be more tolerant of corrupted or truncated flows.
...
We load as far as possible. mitmproxy will only terminate if it was not able to
recover any flows. mitmdump will stop loading as soon as an error is
encountered, but not exit with an error.
2012-07-24 15:15:41 +12:00
Maximilian Hils
c643234c98
fix -r option, read file in binary mode
2012-07-24 03:11:28 +02:00
Chris Neasbitt
525a8f6a16
Fixed a bug causing an AttributeError when request is set to false but response not None in ProxyHandler.handle_request
2012-07-17 13:24:15 -04:00
Aldo Cortesi
e4079aa746
Add an ~a filter expression, matching an asset content type in responses.
...
Asset content types are Javascript, images, Flash and CSS. This is useful
because doing a quick "!~a" while auditing an app will filter out the majority
of the static asset cruft, letting you focus on what matters.
2012-07-14 16:55:21 +12:00
Aldo Cortesi
150814f6a8
Jump back to correct flow when limit is applied.
2012-07-14 15:22:44 +12:00
Aldo Cortesi
a44a76a7da
Merge branch 'master' of github.com:cortesi/mitmproxy
2012-07-11 07:17:20 +12:00
Aldo Cortesi
1d09a558a7
Fix a subtle termination condition when there's an error in a WSGI app.
2012-07-11 07:16:06 +12:00
Aldo Cortesi
01b8b0d876
Refine semantics of replay_request method.
2012-07-10 23:29:33 +12:00
Aldo Cortesi
04d9ec8c3c
Make WSGI apps work in transparent mode.
2012-07-10 15:53:53 +12:00
Aldo Cortesi
79af9e89c4
Test replay corner cases. Fix discovered bugs.
2012-07-09 11:18:03 +12:00
Aldo Cortesi
aab45078ad
Unit test request replay thread.
...
This is a small patch, but is the culmination of lots of work: we can now unit
test the deep innards of mitmproxy, with coverage. There's a lot more to come
in this vein.
2012-07-09 11:03:55 +12:00
Aldo Cortesi
3749d52b66
Make mitmproxy "W" over-write, not append.
...
The -w options in mitmdump and mitproxy should do the same thing. Append can
have unexpected consequences if the existing file is not a mitmdump.
2012-07-09 10:28:01 +12:00
Aldo Cortesi
729fd9301f
Use FlowMaster stream from mitmdump.
2012-07-09 10:26:45 +12:00
Aldo Cortesi
bbd9acf551
Use FlowMaster streaming for "W" in mitmproxy.
2012-07-09 10:22:14 +12:00
Aldo Cortesi
572e8a4962
Add streaming to FlowMaster
2012-07-09 10:18:37 +12:00
Aldo Cortesi
097b566e54
Handle new netlib.tcp.NetLibDisconnect exception.
2012-07-08 23:49:44 +12:00
Aldo Cortesi
ceb12438b6
Fix minor error in filter help.
2012-07-06 22:33:09 +12:00
Aldo Cortesi
d02bcade3a
Add a domain match filter (~d regex)
2012-07-06 22:21:44 +12:00
Aldo Cortesi
c4426952ad
Protect against exceptions thrown by third-party view libraries.
2012-07-06 15:43:33 +12:00
Aldo Cortesi
a7e64a1a03
mitmproxy: "W" shortcut key streams flows to file as responses arrive.
2012-07-06 14:41:10 +12:00
Aldo Cortesi
de294da2a7
Amalgamte saving "this flow" and "all flows" into a single keyboard shortcut.
2012-07-06 14:10:58 +12:00
Aldo Cortesi
40d63c9e7a
Fix error when viewing extended details of SSL flow.
2012-07-06 13:33:55 +12:00
Aldo Cortesi
aa708a2d28
Fix error when serializing reverted SSL flows.
2012-07-05 11:52:56 +12:00
Aldo Cortesi
4acc9aca27
Firm up handling of Unicode data
...
- Modify GridEditor to know about the destination encoding of data
- Ensure that get_url always returns ASCII
2012-07-05 11:27:40 +12:00
Aldo Cortesi
837fcc65f5
Make upstream-cert the default. There's now a --no-upstream-cert option to turn it off.
2012-07-03 22:56:25 +12:00
Aldo Cortesi
fe86194cc2
Fix Python coredump (!!) on SNI IDNA decoding.
2012-07-03 22:55:02 +12:00
Aldo Cortesi
9c30e2e86d
Correct handing of IDNA encoding of internationalized domain names.
...
- Use IDNA encoding for hostnames gleaned by upstream-cert sniffing
- Use IDNA decoding for URL display in mitmproxy and mitmdump.
2012-07-03 22:27:16 +12:00
Aldo Cortesi
ef986202ee
Make server version configurable.
2012-07-03 14:12:52 +12:00
Aldo Cortesi
35d5da9f11
Move palette option getting/setting to mitmproxy.
...
Unbreaks mitmdump.
2012-07-03 13:42:09 +12:00
Aldo Cortesi
c664801d7d
Merge pull request #48 from afh/pull/palette-option
...
Pull/palette option
2012-07-01 14:04:43 -07:00
Alexis Hildebrandt
a695cf177d
Improve palette colors for headings
2012-07-01 09:03:20 +02:00
Alexis Hildebrandt
e41c84335d
Add --palette option to select color palette
2012-07-01 08:48:30 +02:00
Aldo Cortesi
90365e270e
Catch and handle SSL connection errors.
2012-07-01 12:10:32 +12:00
Aldo Cortesi
4e9d4e8ddd
Tweak upstream SNI.
2012-07-01 11:53:46 +12:00
Aldo Cortesi
9985cf5473
Flush after terminal output.
...
Makes behaviour on the shell less mysterious.
2012-07-01 09:37:03 +12:00
Aldo Cortesi
35fdd16940
Serialize address as part of ClientConnect objects.
...
This is a serialization format change!
2012-07-01 00:16:30 +12:00
Aldo Cortesi
d74a341e5d
Beef up logging substantially.
2012-07-01 00:15:03 +12:00
Aldo Cortesi
9fd4c37834
Merge pull request #46 from afh/pull/palettes
...
Color palettes
2012-06-29 21:06:20 -07:00
Aldo Cortesi
f070e4523a
Handle invalid data more gracefully.
...
Fixes #47
2012-06-30 15:59:42 +12:00
Aldo Cortesi
16e87a81ac
Stub out a transparent resolver for OSX.
2012-06-30 15:42:10 +12:00
Aldo Cortesi
38ebc81590
Add error when -T is passed on an unsupported platform.
2012-06-30 11:24:41 +12:00
Alexis Hildebrandt
0a0a6aae0b
Update title palette colors for light backgrounds
2012-06-29 16:58:28 +02:00
Alexis Hildebrandt
3b80e8dd02
Add palettes for Solarized terminal color profiles
2012-06-29 12:45:02 +02:00
Alexis Hildebrandt
e287eac462
Add light palette for light backgrounds
2012-06-29 12:44:57 +02:00
Alexis Hildebrandt
3060ad5575
Replace double quotes with single quotes
2012-06-29 09:25:29 +02:00
Aldo Cortesi
47651b1ff2
Serialization and de-serialization of new cert format.
2012-06-28 14:29:15 +12:00
Aldo Cortesi
243e0efefc
Adjust for new get_remote_cert API.
2012-06-28 10:02:14 +12:00
Aldo Cortesi
35ee0c098f
Remove certutils from mitmproxy.
2012-06-27 16:43:33 +12:00
Aldo Cortesi
49dedd361c
Fix replay.
2012-06-27 16:22:25 +12:00
Aldo Cortesi
dd55a3e0b6
Use SNI-indicated hostname for cert generation when not using upstream certs.
2012-06-27 12:12:11 +12:00
Aldo Cortesi
ceef6ee6be
Enable SSL in transparent mode.
2012-06-26 23:51:38 +12:00
Aldo Cortesi
e6cdbefb3b
Add transparent mode platform module for Linux.
2012-06-26 20:49:34 +12:00
Aldo Cortesi
ad893ad134
Transparent proxy command-line flag stub.
2012-06-26 20:08:24 +12:00
Aldo Cortesi
8ccfb376f3
Remove -T and -U command-line options.
...
They're redundant convenience options, and we need more space.
2012-06-26 19:57:59 +12:00
Aldo Cortesi
015a74fd14
We no longer store scheme on ServerConnection.
2012-06-26 18:29:12 +12:00
Aldo Cortesi
52d0536d2c
Use new TCPClient.convert_to_ssl API.
2012-06-25 15:53:26 +12:00
Aldo Cortesi
e08f91c237
Port to explicit netlib connection API.
2012-06-25 11:37:12 +12:00
Aldo Cortesi
eac3b29d5f
Factor read_response out into netlib.
2012-06-24 22:01:11 +12:00
Aldo Cortesi
4db2abc01c
read_headers now returns an ODictCaseless object.
2012-06-24 21:49:59 +12:00
Aldo Cortesi
e7c75933e7
read_http_body -> read_http_body_request/response
2012-06-23 15:08:01 +12:00
Aldo Cortesi
874649f134
Adapt for API changes in netlib.
2012-06-23 14:06:34 +12:00
Aldo Cortesi
7cb242c168
Move wsgi to netlib.
2012-06-19 10:42:55 +12:00
Aldo Cortesi
1b1ccab8b7
Extract protocol and tcp server implementations into netlib.
2012-06-19 09:58:50 +12:00
Aldo Cortesi
7b9756f48e
Refactor protocol.py to remove dependence on flow and utils.
2012-06-17 10:52:39 +12:00
Aldo Cortesi
aae8a9959c
Pull out protocol components into protocol.py
2012-06-16 21:23:32 +12:00
Aldo Cortesi
d5a0099f49
Test suite and refactoring for netlib.
2012-06-16 16:22:51 +12:00
Aldo Cortesi
18a03c063e
Simplify netlib and improve API.
2012-06-16 13:53:24 +12:00
Aldo Cortesi
4e53f1ee90
Rename our tcpserver to netlib, expand to include client network functions.
2012-06-16 13:38:10 +12:00
Aldo Cortesi
8ae64337ed
Create our own TCP server class.
...
We're going to need more control for advanced features and speed, and we can
also ditch some of the idiocies in the SocketServer module.
2012-06-16 11:40:44 +12:00
Aldo Cortesi
c7952371b7
Fix a problem in ODictCaseless that could cause duplicate headers.
2012-06-15 17:40:08 +12:00
Aldo Cortesi
8ae3270807
Basic transparent mode.
2012-06-15 09:47:04 +12:00
Aldo Cortesi
a9495dc02f
Refactor test suite to make room for transparent mode tests.
2012-06-15 09:20:10 +12:00
Aldo Cortesi
176d819559
Move server comms to OpenSSL.
2012-06-14 21:57:55 +12:00
Aldo Cortesi
8dabf88ae5
Remove ability to specify SSL ciphers.
...
We can re-introduce this if there's demand - the feature needs a bit more thought.
2012-06-14 15:29:54 +12:00
Aldo Cortesi
8a9352b3f7
First draft conversion of server to PyOpenSSL.
2012-06-13 18:16:47 +12:00
Aldo Cortesi
d032504b17
Fix an exception when replaying a flow with no response.
2012-06-10 17:10:43 +12:00
Aldo Cortesi
d60fa9918b
Localise client connection object manipulation.
...
This simplifies the call signature for a bunch of functions.
2012-06-10 16:49:59 +12:00
Aldo Cortesi
1f659948cd
Refactor request processing at mitmproxy's core.
...
Gradually cleaning up towards a state machine model.
2012-06-10 16:02:48 +12:00
Aldo Cortesi
236447c65f
Pass server HTTP version back to clients.
2012-06-10 13:29:09 +12:00
Aldo Cortesi
6ba5f0f35b
Add HTTP version to response objects.
...
Another change in the serialization format.
2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9
Refactoring of proxy.py
...
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
2012-06-10 13:17:18 +12:00
Aldo Cortesi
55ddf853cd
Add HTTP version to flow.Request
...
This is a serialization format change, that makes us incompatible with previous
versions.
2012-06-10 10:46:22 +12:00
Aldo Cortesi
a3b47e0cb5
Consolidate HTTP major and minor versions into a single variable.
2012-06-10 10:31:04 +12:00
Aldo Cortesi
8254187bf3
Add proxy.should_connection_close, and strip out unused code.
2012-06-10 10:10:46 +12:00
Aldo Cortesi
0c458e2f1a
Refactor ServerConnection API.
2012-06-10 08:13:50 +12:00
Aldo Cortesi
987f443b5d
Ignore incorrectnesses in traffic if they don't affect us.
2012-06-09 21:45:22 +12:00
Aldo Cortesi
9130cd63d3
Significant cleanup of proxy internals.
...
Dispense with the loose parsing of client requests that we had before. We now
have service modes ("proxy" and "reverse proxy" for now), and we only accept
requests that are appropriate for the mode we're in.
2012-06-09 21:27:43 +12:00
Aldo Cortesi
05492baf8d
Move from requests to human_curl.
...
It turns out that _none_ of the Python stdlib or anything that relies on it
supports CONNECT through a proxy. Beggars belief, but there you go.
2012-06-09 16:17:51 +12:00
Aldo Cortesi
22192d1a46
Nose mopup: docs, no cover pragmas, a few missing path specs.
2012-06-09 13:55:55 +12:00
Aldo Cortesi
b7b357528c
Port mitmproxy test suite entirely to nose.
2012-06-09 13:42:43 +12:00
Aldo Cortesi
903038b8de
Merge branch 'master' into develop
2012-06-07 08:44:36 +12:00
Maximilian Hils
2a194f98ec
add missing parser.add_option_group(group)
2012-06-06 01:26:19 +02:00
Aldo Cortesi
e9109812e1
Split parsing of intial line into separate protocols.
2012-06-03 06:04:57 -07:00
Aldo Cortesi
0a25c2263d
Factor out conversion to SSL connection.
2012-06-03 01:54:11 -07:00
Aldo Cortesi
491f9bdcee
Add unit tests for console/help.py
2012-06-03 01:11:07 -07:00
Aldo Cortesi
b36e37f9da
Fix a traceback that sometimes occurred when an invalid limit was entered.
2012-06-02 18:41:44 -07:00
Aldo Cortesi
ee2950cd19
Fix a crashing bug when replacing text in a flow with unicode bodies.
2012-05-25 18:10:31 -07:00
Aldo Cortesi
a0c63b6108
Fix crash when adding a Response when none existed before.
2012-05-24 16:56:18 -07:00
Paul
5f8855df55
Added a switch to send client certificates to hosts
2012-05-23 23:09:03 +02:00
Aldo Cortesi
08d6da2941
Fix AttributeError when shutting down a writing mitmdump.
2012-05-17 09:47:04 +12:00
Aldo Cortesi
0a90a3eaba
Refuse to replay a request with missing content.
2012-05-16 18:24:32 +12:00
Aldo Cortesi
b3901a7652
Add interface to mark content missing, and extend UI to indicate when content is missing.
2012-05-16 18:16:44 +12:00
Aldo Cortesi
0c2d894cea
Add the ability to flag content as missing in a request or a response.
...
We'll use this in a number of situations. First, we'll soon have response
streaming that directly pipes responses to clients. These will be content-less
from mitmproxy's perspective. Second, we'll be growing new events that fire
after headers are received, but before content is read.
2012-05-16 15:42:58 +12:00
Aldo Cortesi
12b8a43dbe
Bump version number.
2012-05-11 09:52:17 +12:00
Aldo Cortesi
d42fdc4ff6
Include a formatted exception in WSGI error page.
2012-05-07 21:34:01 +12:00
Aldo Cortesi
116fcfcf7a
Internal error page for WSGI.
...
Also, 100% test coverage.
2012-04-27 15:56:42 +12:00
Aldo Cortesi
2fe54d17df
Don't specify Content-Length on empty content.
...
Sometimes, mitmproxy would specify a content-length header value of 0 when
content was empty. Some rare servers (like piratebay.org) would barf on this.
2012-04-25 14:38:20 +12:00
Aldo Cortesi
efa98d514c
Docs and comments for WSGI app example.
2012-04-24 14:58:18 +12:00
Aldo Cortesi
c8d2b2594b
Add a WSGI adapter that lets us serve a WSGI app out of mitmproxy.
...
This commit adds:
- A WSGI App adapter for mitmproxy
- An app registry in the proxy instance that lets us link WSGI apps with
(hostname, port) combinations.
- Fixes for a number of bugs discovered while creating this feature.
2012-04-24 14:52:29 +12:00
Aldo Cortesi
51789228be
Fix PKCS12 cert generation.
2012-04-15 12:48:07 +12:00
Aldo Cortesi
2162ce1ae3
Shut mitmdump down gracefully on SIGTERM.
...
This is a hack at the moment, but needs must.
2012-04-15 10:35:19 +12:00
Aldo Cortesi
8c96264304
Serialized data version check.
2012-04-11 10:10:53 +12:00
Aldo Cortesi
24a8dc408c
Minor cruft removal.
2012-04-09 11:42:56 +12:00
Aldo Cortesi
d7748cea4f
Minor name refactoring, make flow list refresh after limit is applied.
2012-04-09 10:05:13 +12:00
Aldo Cortesi
8fa96d1f3f
Add an index counter to status bar.
2012-04-09 09:48:39 +12:00
Aldo Cortesi
5553eb6371
Add some missing help entries.
2012-04-08 20:16:25 +12:00
Aldo Cortesi
4e2d19714c
Add an "f" shortcut key to load full body contents.
2012-04-08 19:44:01 +12:00
Aldo Cortesi
618a9c0e2b
Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
2012-04-08 15:15:02 +12:00
Aldo Cortesi
c1788c37a1
Wrap on any character for body text display.
2012-04-08 15:00:38 +12:00
Aldo Cortesi
7d90eb65ed
Catch all errors when using jsbeautifier.
...
Turns out there are some problems that can raise arbitrary exceptions.
2012-04-08 14:40:59 +12:00
Aldo Cortesi
a4f7728fad
XML/HTML pretty view tweaks.
2012-04-07 22:15:31 +12:00
Aldo Cortesi
f1dc3f2ab2
Integrate lxml for pretty-printing HTML and XML.
...
Tackling the pretty-printing performance problem head-on, at the cost of a
major dependency.
2012-04-07 13:47:03 +12:00
Aldo Cortesi
8385e586c0
Work around an Urwid crashing bug.
...
https://github.com/Nic0/tyrs/issues/115
2012-04-05 10:21:56 +12:00
Aldo Cortesi
5fdf710c81
Always use ODictCaseless for headers.
2012-04-04 19:46:39 +12:00
Aldo Cortesi
786e304bb9
Android configuration docs.
2012-04-04 15:58:46 +12:00
Aldo Cortesi
4da8054e21
Docs: replacements, upstream certs.
...
Also, move reverse proxy command-line flag to -P.
2012-04-04 14:17:26 +12:00
Aldo Cortesi
8110a9a3eb
Start prepping docs for 0.8
...
Also add an interactive upstream-cert option to mitmproxy, and repair help for
R shortcut.
2012-04-04 11:24:58 +12:00
Aldo Cortesi
79a0334a02
Improve revert model
...
- Flows are backed up whenever an interactive, non-script change is made.
- That backup is canonical and never changed - "V" will always revert to it.
This makes more sense than what we had previously....
2012-04-04 09:47:57 +12:00
Aldo Cortesi
ab0e10e60f
Serialize requestcount for ClientConnect objects.
2012-04-03 22:37:24 +12:00
Aldo Cortesi
b9737ed89e
Return a datetime object from SSLCert notbefore and notafter properties.
2012-04-03 22:23:07 +12:00
Aldo Cortesi
c6896d7392
Add ClientConnect info to details view.
2012-04-03 11:28:07 +12:00
Aldo Cortesi
61fab03b24
Add a details page, available from a flow view with the 'X' shortcut
...
At the moment, this shows the upstream SSL certificate details. More
fine-grained detail that doesn't fit in the flow view itself will be added.
2012-04-03 11:10:25 +12:00
Aldo Cortesi
f526e5fa12
Minor unit test bump.
2012-04-03 09:52:26 +12:00
Aldo Cortesi
4979a22d3e
Add accessor method for SSLCert object on Response.
2012-04-02 17:02:23 +12:00
Aldo Cortesi
ab1d8fa350
Expand SSL cert support
...
- Capture the remote SSL certificate
- Expose the remote cert as an attribute on Response
- Expand the certutils.SSLCert interface to expose more cert info
2012-04-02 16:21:23 +12:00
Aldo Cortesi
bb03255da0
Nicer coloring for HTTP response codes.
...
20x: green
30x: blue
40x: orange
50x: light red
other (non-standard or uncommon): dark red
2012-04-02 14:08:30 +12:00
Aldo Cortesi
c02fdb2463
Refactor proxy.Server to fix a crash when replaying with -n
2012-04-02 13:24:51 +12:00
Aldo Cortesi
f13e2213ea
Make it clearer when we fall back to Raw.
2012-04-02 11:22:01 +12:00
Aldo Cortesi
42d06a05c0
Add an option to allow clearing of display mode override.
2012-04-02 11:16:20 +12:00
Aldo Cortesi
7ed1c1c231
More sensible display mode override indicator.
2012-04-02 11:10:55 +12:00
Aldo Cortesi
c6ee813479
Only cache the calculated body of a view.
...
This simplifies the code, and loses no time.
2012-04-02 11:01:38 +12:00
Aldo Cortesi
2df2fe0e4c
Move "M" shortcut key to global scope.
...
You now don't have to be viewing a flow to change global default view.
2012-04-02 10:49:57 +12:00
Aldo Cortesi
15cc09f1b8
Start rationalizing content views.
...
We now no longer have distinction between "pretty" view and hex/raw. Instead,
we simply a default AUTO view with a global override (M) and a local override
(m).
2012-04-02 10:30:35 +12:00
Aldo Cortesi
7fef0ecdf5
Make "T" pretty view over-ride persistent when switching between flows.
...
We do this by adding a flow settings mechanism to ConsoleState. This is pretty
rough at the moment and should become more sophisticated as needed.
2012-04-02 09:30:38 +12:00
Aldo Cortesi
35f4a1c424
Tune content viewing to maintain responsiveness:
...
- Reduce display cutoff to 20k.
- Make sure that we only indent the visible part of a JS body, not the whole
thing.
2012-04-01 10:09:25 +12:00
Aldo Cortesi
585bf9423f
Fix GridEditor external edit functionality.
2012-03-30 19:51:40 +13:00
Aldo Cortesi
6dc945571d
When paging through flows in flowview, indicate when there are no more flows.
2012-03-28 10:21:48 +13:00
Aldo Cortesi
a6df72cfc8
Generate better-formed CAs.
...
If you're having trouble with your certs in Firefox, you may want to delete
your .mitmproxy directory to re-generate the CA.
2012-03-27 17:01:18 +13:00
Aldo Cortesi
e9ac4bef20
Add a variant of cleanBin that escapes newlines and tabs.
...
Use this to fix the hex display option.
2012-03-27 11:25:50 +13:00
Aldo Cortesi
a2fddb4404
Add image pretty viewer to forcing options.
2012-03-26 11:48:35 +13:00
Aldo Cortesi
d187965233
Don't auto-view request if there's no response.
...
This is confusing when flicking through many flows.
2012-03-26 11:28:52 +13:00
Aldo Cortesi
a050eeef05
Add a pretty-viewer for images.
...
This shows basic image information like dimensions, plus extracted EXIF tags
and other metadata.
2012-03-26 11:26:02 +13:00
Aldo Cortesi
b6725ee802
Add Javascript to manual pretty type over-rides.
2012-03-25 11:31:36 +13:00
Aldo Cortesi
a979e1ad50
Re-enable caching for content view calculation.
2012-03-25 11:18:33 +13:00
Aldo Cortesi
2240d2a6a5
Pretty view now indents Javascript.
...
Thanks to the JSBeautifier project, which is now included in the contrib directory.
2012-03-25 10:56:45 +13:00
Aldo Cortesi
74c51df580
Re-enable simple multipart form parsing and preview.
2012-03-25 10:10:48 +13:00
Aldo Cortesi
62e51018d0
Refactor pretty view mechanism.
...
Also start adding unit tests for this subsystem.
2012-03-24 14:20:24 +13:00
Aldo Cortesi
0d05068f91
Factor out content view apparatus into contentview.py
2012-03-24 11:21:58 +13:00
Aldo Cortesi
ed74ed24a0
Add error indications to GridEditor.
2012-03-23 13:28:33 +13:00
Aldo Cortesi
45ab22f0d9
Add modal help to GridEditor.
...
Also includes some minor refactoring and documentation stubs.
2012-03-22 14:57:57 +13:00
Aldo Cortesi
1441fade90
More work on pretty view forcing.
...
- Make this setting apply only to the currently viewed flow. I think it's more
likely that this is the behaviour the user will want, rather than globally
setting the pretty type.
- Update help.
2012-03-20 11:11:53 +13:00
Aldo Cortesi
2153835545
Refactor pretty view forcing somewhat.
...
- Use a lookup table of content types -> view modes.
- Add a urlencoded forcing. Remove "html" - at the moment it's the same as
"xmlish".
- Display type when forced.
2012-03-20 10:58:43 +13:00
Aldo Cortesi
2739cb4861
Add a simple parser for content type specifications.
2012-03-20 10:31:07 +13:00
Ulrich Petri
bc3ba4c993
Allow a flow view's pretty-printed body type auto-detection to be overridden by the user
2012-03-19 20:35:20 +01:00
Aldo Cortesi
50630d62fd
Grid editor refinements.
...
- Correct column width calculation used in keystrokes. Arrow keys should now
work as expected in multi-line fields.
- Enable multi-line editing throughout. You now need to tab or esc to exit edit
mode.
2012-03-19 10:57:27 +13:00
Aldo Cortesi
0de97ad9e0
Add column headers to GridEditor.
2012-03-19 10:42:30 +13:00
Aldo Cortesi
65e88f49d4
Specialize GridEditor into a number of subclasses.
2012-03-19 10:12:06 +13:00
Aldo Cortesi
5690e7c399
Generalize GridEditor to N columns.
...
Start adding a replacement rule editor.
2012-03-18 14:39:21 +13:00
Aldo Cortesi
18d0e840b5
KVEditor -> GridEditor
2012-03-18 09:48:27 +13:00
Aldo Cortesi
552146d015
Move mitmproxy reverse proxy shortcut to "P".
...
Also don't expose help from the help screen.
2012-03-18 09:22:43 +13:00
Aldo Cortesi
ac6987c54a
Fix unit tests.
2012-03-17 17:29:25 +13:00
Aldo Cortesi
76175672ad
Add specification of replacement patterns on the command line.
2012-03-17 17:20:34 +13:00
Aldo Cortesi
c8ae1e85b3
Hooks -> ReplaceHooks
...
It makes more sense to specialize this, which will let me build a nicer
interface for replacement hooks in mitmproxy.
2012-03-17 11:31:05 +13:00
Aldo Cortesi
08f410cacc
Add a hooks mechanism, based on filter expressions.
2012-03-16 17:13:11 +13:00
Aldo Cortesi
d138af7217
replace() methods now decode and re-encode contents before substitution.
2012-03-16 11:24:18 +13:00
Aldo Cortesi
d51b8cab0c
Add a decoded context manager.
...
This simplifies a common chore when modifying traffic - decoding the object,
modifying it, then re-encoding it with the same encoding afterwards. You can
now simply say:
with flow.decoded(request):
request.content = "bar"
2012-03-16 11:12:56 +13:00
Aldo Cortesi
8d662e6636
Set a "unique" serial number for each generated cert.
2012-03-14 11:20:25 +13:00
Aldo Cortesi
fa6305ee98
Cleanliness fixes.
...
- Remove unused code during previous commit.
- Code coverage fixes.
2012-03-12 11:25:50 +13:00
Aldo Cortesi
22d4559a7a
Use PyOpenSSL for certificate generation.
...
We no longer call external OpenSSL commands at all.
2012-03-11 14:34:17 +13:00
Aldo Cortesi
4e13ab1d05
Replace CA generation with PyOpenSSL version.
...
We no longer call an external command.
2012-03-11 13:33:22 +13:00
Aldo Cortesi
d57a1d6035
Merge remote-tracking branch 'meeee/master'
2012-03-10 13:48:13 +13:00
Aldo Cortesi
3f2d1381d0
Repair unit tests after nopop introduction.
2012-03-10 13:42:10 +13:00
Aldo Cortesi
d3aad7a185
Merge remote-tracking branch 'taiste/server-replay-pop'
2012-03-10 13:36:50 +13:00
Michael Frister
23f7214fc3
Fix SSL requests with Transfer-Encoding: chunked
...
Add size parameter to FileLike.readline, used by read_chunked.
2012-03-08 23:10:21 +01:00
Michael Frister
e67dbf6123
Handle Transfer-Encoding header values case insensitive
...
According to HTTP/1.1 RFC 2616 Section 3.6.
2012-03-08 23:09:19 +01:00
Valtteri Virtanen
93565392cd
Adds space between sentences on no-pop's help
2012-03-05 11:56:03 +02:00
Valtteri Virtanen
ed56d67cea
Adds no-pop option to server-side replay
2012-03-05 11:05:11 +02:00
Aldo Cortesi
e1356dd2b6
Create an SSL certificate class.
2012-03-05 10:22:47 +13:00
András Veres-Szentkirályi
15ad7704d2
Removed imports left unused after Py{OpenSSL,ASN1}
...
Commits 533f61f67a
and
8b841bc9e3
left some imports unused while
swithing to PyOpenSSL and PyASN1 -- this commit removes these imports.
2012-03-01 16:20:34 +01:00
Aldo Cortesi
533f61f67a
Use PyOpenSSL and PyASN1 for certificate parsing.
...
Yes, these are two more major dependencies for mitmproxy, but if we're going to
do all the cool things I want to do with SSL certs, there is no other way.
2012-03-01 21:08:44 +13:00
Aldo Cortesi
8b841bc9e3
Factor out cert operations in to certutils.py.
2012-02-29 13:20:53 +13:00
Aldo Cortesi
0bed5fae27
Rationalise upstream cert flag and variable names.
2012-02-28 11:37:48 +13:00
Aldo Cortesi
764724748b
Fix cert generation harder.
2012-02-27 15:59:29 +13:00
Aldo Cortesi
2c73e8f816
Fix problems with SANs and certificate generation.
2012-02-27 15:36:19 +13:00
Aldo Cortesi
2ba8296843
Better certificate parsing.
2012-02-27 15:21:05 +13:00
Aldo Cortesi
00942c1431
Add upstream certificate lookup.
...
This initiates a connection to the server to obtain certificate information to
generate interception certificates. At the moment, the information used is the
Common Name, and the list of Subject Alternative Names.
2012-02-27 15:05:45 +13:00
Aldo Cortesi
4a2964985c
Introduce a cache for flow list entries.
...
This gives a big boost to scroll performance for the flow list.
2012-02-27 10:00:44 +13:00
Aldo Cortesi
bd1d699040
Fix mitmproxy crash when passed -n flag.
2012-02-26 23:23:54 +13:00
Aldo Cortesi
3afa2c38fb
Merge remote-tracking branch 'remotes/runeh/master' into runeh
2012-02-25 13:02:12 +13:00
Rune Halvorsen
bbfdc7b7de
Use shlex to parse EDITOR.
2012-02-25 00:43:00 +01:00
Aldo Cortesi
986a41d180
Unit test++.
2012-02-25 12:19:54 +13:00
Aldo Cortesi
bcda65e453
Add mitmproxy version to status bar on Help screen.
...
Suggested by Jim Cheetham <jim.cheetham@otago.ac.nz>
2012-02-24 14:11:51 +13:00
Aldo Cortesi
5810e7c0df
Make return arrow match return code color.
...
Suggested by Jim Cheetham <jim.cheetham@otago.ac.nz>
2012-02-24 14:01:17 +13:00
Aldo Cortesi
25fa596cd6
Fix detection of URL-encoded forms.
...
Thanks to Paul Capestany <capestany@gmail.com> for reporting this.
2012-02-24 13:03:24 +13:00
Aldo Cortesi
ddc9155c24
Make "~q" filter work more intuitively.
...
It now matches any flow that has no response.
2012-02-23 17:06:09 +13:00
Aldo Cortesi
2df9c52c09
Refactor filter matching.
2012-02-23 17:03:58 +13:00
Aldo Cortesi
ee8058a2d9
Confirm when we clear a request body to add a form.
2012-02-23 16:27:08 +13:00
Aldo Cortesi
554047da85
License notifications, minor docs.
2012-02-23 15:52:01 +13:00
Aldo Cortesi
3f6619ff59
Fall-back for non-unicode terminals.
2012-02-23 12:41:01 +13:00
Aldo Cortesi
4f38b3a9c0
Documentation and screenshots.
2012-02-22 17:17:13 +13:00
Aldo Cortesi
a4270efaf2
Always return an ODict from get_query
2012-02-21 13:00:45 +13:00
Aldo Cortesi
d2f5db1f37
connection -> flow in libmitmproxy/console
...
"Flow" is the correct term here - every connection can have multiple flows.
2012-02-21 12:42:43 +13:00
Aldo Cortesi
1af26bb915
Minor docs and example script fixes.
2012-02-21 12:32:56 +13:00
Aldo Cortesi
70dff87240
Tweaks for reverse proxy mode
...
- Unify key bindings over connection and connection list view
- Add help entry
- Unset reverse proxy when a blank value is specified
2012-02-21 11:01:39 +13:00
Aldo Cortesi
dbd75e02f7
Create ODictCaseless for headers, use vanilla ODict for everything else.
2012-02-20 11:29:36 +13:00
Aldo Cortesi
18029df99c
Use ODict for request.get_form_urlencoded and set_form_urlencoded
2012-02-20 11:13:35 +13:00
Aldo Cortesi
fa11b7c9be
Use ODict for Request.get_query and Request.set_query
2012-02-20 10:44:47 +13:00
Aldo Cortesi
2616f490fe
Rename Headers class to ODict
...
ODict is an ordered dictionary class that will be useful in many other parts of
our API.
2012-02-20 10:39:00 +13:00
Aldo Cortesi
25a06c3ec1
Minor doc fixes and import cleanups.
2012-02-20 10:15:58 +13:00
Aldo Cortesi
0c3035a2b5
Start preparing for 0.7
...
Update CHANGELOG, CONTRIBUTORS, README.mkd, todo, and bump version.
2012-02-19 22:43:05 +13:00
Aldo Cortesi
86a19faf68
Fix crash when setting a limit when there are no flows.
2012-02-19 13:16:21 +13:00
Aldo Cortesi
9113277cd3
Fix bug in method filter matching.
2012-02-19 13:04:02 +13:00
Aldo Cortesi
77a33c441b
Add duplicate_flow and replay_request hooks to ScriptContext.
2012-02-19 11:29:49 +13:00
Aldo Cortesi
0434988ade
Add duplicate to connection view, and rename to "D".
2012-02-19 00:32:20 +13:00
Aldo Cortesi
d32d6bc5e3
Add "p" key binding to connection list view to copy a flow.
2012-02-19 00:17:47 +13:00
Aldo Cortesi
8ddc3b4ef2
Add API for duplicating flows.
2012-02-18 23:56:40 +13:00
Aldo Cortesi
5f1d7a0746
Missing import, plus fix body divider palette.
2012-02-18 18:54:27 +13:00
Aldo Cortesi
71ad7140be
Consolidate palettes somewhat.
2012-02-18 18:48:08 +13:00
Aldo Cortesi
7aa79b89e8
Firm up what we consider to be a valid proxy spec.
2012-02-18 16:29:02 +13:00
Aldo Cortesi
6ad8b1a15d
Firm up reverse proxy specification.
...
- Extract proxy spec parsing and unparsing functions.
- Add a status indicator in mitmproxy.
- Add the "R" keybinding for changing the reverse proxy from within mitmproxy.
2012-02-18 16:27:09 +13:00
Aldo Cortesi
a7df6e1503
Refactor reverse proxying
...
- Retain the specification from the Host header as a Request's description.
- Expand upstream proxy specifications to include the scheme. We now say https://hostname:port
- Move the "R" revert keybinding to "v" to make room for a reverse proxy
binding that matches the command-line flag.
2012-02-18 14:45:22 +13:00
Aldo Cortesi
acdc2d00b4
Repair unit tests.
2012-02-18 12:27:59 +13:00
Aldo Cortesi
14def89f50
Fix a problem in deserialization of flows with errors.
2012-02-18 12:25:22 +13:00
Aldo Cortesi
4ed8031172
Jazz up flow display
...
- Indicate interception by coloring text, rather than adding an exclamation
mark.
- Use unicode symbol to indicate replay and for the response indicator arrow.
2012-02-18 12:12:01 +13:00
Aldo Cortesi
08fdd23e23
Refactor the way we display flows.
...
Use columns to make spacing nicer, and to ensure that long URLs don't bugger up
formatting when they spill into the next line.
2012-02-18 11:11:59 +13:00
Heikki Hannikainen
a3509b7f22
reverse proxy mode: small comment clarification
2012-02-16 16:36:49 +02:00
Heikki Hannikainen
a82ac9eaf0
Implemented reverse proxy mode: -R upstreamhost:port makes the
...
proxy accept a 'GET / HTTP/1.0' request and fill up the destination
host and port from the ones given with -R (for example,
"-R localhost:80").
2012-02-16 16:33:27 +02:00
Aldo Cortesi
f25156a637
Better formatting for headers, help and other key-value displays.
...
We now use proper Columns, rather than laying it out manually.
2012-02-11 18:23:07 +13:00
Aldo Cortesi
3e70fa8d58
Fix a minor keypress glitch in connection view.
2012-02-11 11:31:57 +13:00
Aldo Cortesi
586472e364
Revamp the way request and response bodies are displayed.
2012-02-11 11:25:35 +13:00
Aldo Cortesi
1ad7e91527
Make filter matching act more sensibly.
2012-02-10 15:31:45 +13:00
Aldo Cortesi
5f785e26b9
Add filter for detecting flows with errors.
...
Also, remove dependency on weird _is_response method.
2012-02-10 15:22:26 +13:00
Aldo Cortesi
b14c29b25c
Expand test coverage.
2012-02-10 15:04:20 +13:00
Aldo Cortesi
5326b7610a
Enable editing of urlencoded form data with KVEditor.
2012-02-10 14:35:23 +13:00
Aldo Cortesi
9c985f2d20
Methods for getting and setting form urlencoded data on Request.
2012-02-10 14:27:39 +13:00
Aldo Cortesi
d9fda2b207
Add "d" for delete shortcut to flow view.
2012-02-09 17:00:37 +13:00
Aldo Cortesi
00d3395359
Add a built-in query string editor using KVEditor.
2012-02-09 16:47:32 +13:00
Aldo Cortesi
2709441d5b
Add get_query and set_query methods to Request.
2012-02-09 16:40:31 +13:00
Aldo Cortesi
46bd780862
Gracefully handle invalid data format passed to -r flag.
2012-02-09 12:09:40 +13:00
Aldo Cortesi
d3dce8f943
KVEditor: make tab key do the expected thing at the end of the value set.
2012-02-09 11:36:10 +13:00
Aldo Cortesi
a1ecd25e8b
KVEditor: fix crash when editing empty set.
2012-02-09 11:32:29 +13:00
Aldo Cortesi
d564086377
KVEditor: show a msg when editing an empty set of values
...
Just having nothing on screen can be confusing to users.
2012-02-09 11:30:35 +13:00
Aldo Cortesi
4914dbc971
Allow user to specify non-standard request methods when editing a flow.
...
Addresses feature request in #27
2012-02-09 09:38:11 +13:00
Aldo Cortesi
e484e667a6
Fix import missed during refactoring.
...
Addresses issue #26
2012-02-09 08:14:00 +13:00
Aldo Cortesi
46c5982d3d
Fix a crash and some sizing issues in KVEditor.
...
Mostly arising when editing an empty header set.
2012-02-08 23:42:56 +13:00
Aldo Cortesi
205d2ad577
Fix attribute error.
...
Should address issue #23
2012-02-08 23:17:03 +13:00
Aldo Cortesi
5df0b9e961
Further keybinding consolidation.
...
Also, move KVEditor's "i" binding to "A" to avoid clashes with global bindings.
2012-02-08 22:55:48 +13:00
Aldo Cortesi
866a93a8bc
Start consolidating keybindings.
...
I want each view to have a more coherent set of bindings. This means minimizing
the global bindings, and making some bindings accessible only from screens
related to their functionality.
2012-02-08 22:28:15 +13:00
Aldo Cortesi
e3f28e1c06
Move to context-dependent help model.
...
The all-in-one page was just getting too unwieldy.
2012-02-08 21:47:39 +13:00
Aldo Cortesi
76f2595df7
KVEditor: "e" shortcut spawns an external editor on a field.
2012-02-08 18:25:00 +13:00
Aldo Cortesi
4026aa2e5f
KVEditor: make tab behaviour nicer
...
If we tab while editing, stop editing if we are taken to the next row.
2012-02-08 17:55:17 +13:00
Aldo Cortesi
d41095c35e
"i" shortcut to insert for KVEditor.
2012-02-08 17:52:43 +13:00
Aldo Cortesi
2b6bedac0e
Add and delete for KV editor.
2012-02-08 16:55:11 +13:00
Aldo Cortesi
8b5e081233
Refine look and feel, make editor operate on copy of data.
2012-02-08 16:43:11 +13:00
Aldo Cortesi
64360f5996
Editing now works.
2012-02-08 14:58:48 +13:00
Aldo Cortesi
7e6196511f
Editable fields for KVEditor.
2012-02-08 14:07:17 +13:00
Aldo Cortesi
cdd5a53767
Refactor console.
...
Split the console implementation out into logical components.
2012-02-07 16:39:37 +13:00
Aldo Cortesi
f7b3a6d571
Expand KV mockup.
2012-02-07 12:06:31 +13:00
Aldo Cortesi
a98d287e26
Refactor keypress handling.
...
We now let views over-ride global keys, rather than the other way round.
2012-02-06 11:06:54 +13:00
Aldo Cortesi
71642eac65
Make space = page down global.
2012-02-06 10:22:51 +13:00
Aldo Cortesi
4b9ee4c31e
Very basic KV editor mockup.
2012-02-06 09:49:49 +13:00
Aldo Cortesi
5075ede6a9
Make adding a response to a response-less flow nicer.
2012-01-23 13:25:15 +13:00
Aldo Cortesi
c6150cc198
Address an issue that allows a malicious client to place certificate files in arbitrary directories.
...
Thanks to David Black (disclosure@d1b.org ) for pointing this out.
2012-01-21 14:26:36 +13:00
Aldo Cortesi
d5e3722c97
Fix an issue caused by some editors when editing a request/response body.
...
Many editors make it hard save a file without a terminating newline on the last
line. When editing message bodies, this can cause problems. For now, I just
strip the newlines off the end of the body when we return from an editor.
2012-01-21 12:43:00 +13:00
Mark E. Haase
05111f093d
Add support for filtering by HTTP method (get, post, etc.) using ~m operator.
2011-12-28 17:32:29 -05:00
Mark E. Haase
965d318164
Help docs have ~r as an example but ~r isn't valid. I think it's supposed to be ~q.
2011-12-28 16:47:30 -05:00
Aldo Cortesi
28fd3bd461
Merge branch 'master' of github.com:cortesi/mitmproxy
2011-10-26 14:49:48 +13:00
Aldo Cortesi
3b246f7e27
Simple fix for a unicode error when editing a request URL.
2011-10-26 14:49:15 +13:00
meeee
ae79fe1660
Handle missing message/reason phrase in HTTP response status line gracefully by adding an empty one.
2011-09-26 00:44:43 +03:00
Aldo Cortesi
ee71bcfbe8
Fix a rare crash when a new cert is generated during cerdir removal.
2011-09-11 09:06:46 +12:00
Aldo Cortesi
d9db1cf5b3
Change size limit cmdline flag to -Z, enable size limits for replay.
2011-09-09 17:31:36 +12:00
Aldo Cortesi
67f2610032
Add HTTP body size limit specification to command-line tools.
2011-09-09 15:27:31 +12:00
Aldo Cortesi
28daa93268
Basic infrastructure for request and response body size limits.
2011-09-09 14:49:34 +12:00
Aldo Cortesi
e5bded7dee
Improve robustness against invalid data.
2011-09-05 07:47:47 +12:00
Aldo Cortesi
4cb0e5bfb4
Merge branch 'master' of github.com:cortesi/mitmproxy
2011-09-04 10:51:09 +12:00
Aldo Cortesi
d1ff527550
Reset exit flag when proxy starts.
2011-09-04 10:50:00 +12:00
Aldo Cortesi
4ac59a7859
Fix a rare crash in sticky cookies.
2011-08-26 18:03:03 +12:00
Aldo Cortesi
8fbba59e8d
Fix a problem with sticky cookie domain matching.
...
Just like everything else cookie-related in the standard library,
cookielib.domain_match is fucked up.
2011-08-26 17:37:12 +12:00
Aldo Cortesi
45f4768a5c
Add attribution and license for tnetstring.py
2011-08-19 21:53:52 +12:00
Aldo Cortesi
a566684e32
Move to typed netstrings for serialization.
...
This change is backwards incompatible with the old serialization format!
2011-08-19 21:30:24 +12:00
Aldo Cortesi
34adc83c71
Revert changes to contrib/pyparsing.py
...
We want this module to match upstream.
2011-08-19 09:58:44 +12:00
András Veres-Szentkirályi
6f00987850
Optimized single character check
2011-08-18 23:33:14 +02:00
András Veres-Szentkirályi
9abff4f0ac
Removed unused imports
2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
e9006ae199
Optimized list appending
2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
82245298f4
Removed assignments to unused variables
2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
b1dc418a53
Replaced unnecessary lists with generators
2011-08-18 23:29:57 +02:00
Aldo Cortesi
25f12b0e5d
Add a basic Flow processor example.
2011-08-13 13:51:38 +12:00
Stephen Altamirano
4d02ae0582
First pass at implementing pretty view for multipart/form-data
2011-08-10 00:49:21 -07:00
Aldo Cortesi
8309ab0ec8
Prep for 0.6 release.
...
- Update contributors file.
- Bump version number
- Include version number in docs
2011-08-06 21:19:22 +12:00
Aldo Cortesi
f23818ceea
Add a "done" event for scripts.
...
Called exactly once after all other events.
2011-08-05 14:08:03 +12:00
Aldo Cortesi
ce48cb4deb
Make scripted rewriting of saved traffic work in mitmdump.
2011-08-05 09:41:29 +12:00
Aldo Cortesi
87623a8d75
Rip out autodecode
...
We simplify things as follows:
- If we're in "pretty" view mode, we autodecode.
- Otherwise, we display raw data, and the user can manually encode/decode
with z shortcut.
2011-08-04 10:54:42 +12:00
Aldo Cortesi
b51aac8a86
Code cleanliness - appease pychecker.
2011-08-04 10:34:34 +12:00
Aldo Cortesi
730c78ac53
Move script.Context to flow.ScriptContext
2011-08-04 10:14:44 +12:00
Aldo Cortesi
1662b8505b
Clean pydoc profile for flow.Flow
2011-08-04 09:56:44 +12:00
Aldo Cortesi
8ef208a9e2
Clean pydoc profile for flow.Response, flow.Error
2011-08-04 09:44:48 +12:00
Aldo Cortesi
7a3b871b33
Request class now has a clean pydoc profile.
2011-08-04 09:26:26 +12:00
Aldo Cortesi
0760607a7d
Further interface cleaning.
2011-08-03 23:02:33 +12:00
Aldo Cortesi
9042d3f3b9
Clean up interfaces by making some methods pseudo-private.
2011-08-03 22:48:57 +12:00
Aldo Cortesi
57c653be5f
Move all HTTP objects to flow.py
...
That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
2011-08-03 22:41:38 +12:00
Aldo Cortesi
9d0e3c8d61
Doc and help adjustments.
2011-08-03 19:15:01 +12:00
Aldo Cortesi
028d5bacc5
Make "C" clear eventlog when it has focus.
2011-08-03 17:41:13 +12:00
Aldo Cortesi
e337682d8e
Enable "|" command to run a oneshot script on a single flow.
2011-08-03 17:35:18 +12:00
Aldo Cortesi
cfc6e8777e
Add script set/unset shortcut for mitmproxy.
2011-08-03 17:14:11 +12:00
Aldo Cortesi
e3196dac4d
Move commands around to make space for "s" script shortcut.
...
New commands are:
"w" - save all flows
"W" - save this flow
"S" - server replay
2011-08-03 16:52:41 +12:00
Aldo Cortesi
179cf75862
Add script hooks, enable new engine for mitmdump.
2011-08-03 16:36:20 +12:00
Aldo Cortesi
f7e4e89b12
Move the event notification mechanism into flow.py
2011-08-03 13:33:18 +12:00
Aldo Cortesi
12d2b1f926
Rip out old script interface, start replacing with new stubs.
...
Scripts are broken for now.
2011-08-03 13:20:36 +12:00
Aldo Cortesi
62088a6661
Start stubbing out a much more powerful script architecture.
2011-08-03 11:06:29 +12:00
Aldo Cortesi
a817db5bd6
Refresh current connection when toggling autodecode.
...
Also fix the unit tests I forgot to commit...
2011-08-02 20:47:53 +12:00
Aldo Cortesi
8cc0469ee7
Tweak encoding behaviour
...
- Don't fail to identity encoding when an unknown encoding is specified.
- Don't constrain encodings. I want to try to modify traffic as little as
possible by default.
- When decoding, delete content-encoding header rather than set it to "identity"
- Refuse to decode/encode when there is an existing but unknown
content-encoding header.
2011-08-02 20:42:46 +12:00
Aldo Cortesi
bb6ec29b18
Fix encoding import crash.
2011-08-02 16:55:54 +12:00
Aldo Cortesi
1ff6a767d0
Unit test++
2011-08-02 16:52:47 +12:00
Aldo Cortesi
357502fe03
General cleanup.
...
Cut out unused variables and code, generally shut up pychecker as much as is
reasonable.
2011-08-02 16:14:33 +12:00
Aldo Cortesi
17835b9b78
Fix a rare undefined variable crash in proxy.py.
2011-08-02 15:43:35 +12:00
Aldo Cortesi
a1456742a8
Make ConnectionList key bindings work even if there are no entries.
2011-08-02 15:35:54 +12:00
Aldo Cortesi
f3742f29da
We no longer need to track clientconnections.
2011-08-02 14:56:09 +12:00
Aldo Cortesi
f3f8462ddc
Make the mitmproxy eventlog display useful information.
2011-08-02 14:17:15 +12:00
Aldo Cortesi
73a7d893e3
Give a visual indication that the eventlog has focus.
2011-08-02 11:02:23 +12:00
Aldo Cortesi
759f5d71a6
Initial key bindings and event handlers for event log.
2011-08-02 10:48:29 +12:00
Aldo Cortesi
af92153974
Start stubbing out a UI for the eventlog in mtimproxy.
2011-08-02 09:17:54 +12:00
Aldo Cortesi
9b398c03ab
Exit with error if mitmproxy can't load a file specified on cmdline.
2011-08-01 13:27:46 +12:00
Aldo Cortesi
675b3133b4
Improve performance of loading flows from a file hugely.
...
Fell into the "expensive __eq__ method" trap. Oh, Python, you little scamp.
2011-08-01 11:26:09 +12:00
Aldo Cortesi
43f1c72511
Refactor the way we calculate views of the flow list.
...
The naive approach we used before recalculated the view on every access, and
consequently had serious performance problems.
2011-08-01 11:17:01 +12:00
Aldo Cortesi
ddb5748a76
Add decoding/encoding for requests.
2011-08-01 10:43:01 +12:00
Aldo Cortesi
c89c4361c3
Merge remote-tracking branch 'alts/encoding'
2011-07-28 11:19:07 +12:00
Stephen Altamirano
78049abac1
Changes replace logic to function in both Python 2.6.x and 2.7.x
...
Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
2011-07-26 22:47:08 -07:00
Stephen Altamirano
c1eaa9f74c
Adds encode and decode methods to Response objects
2011-07-26 22:03:41 -07:00
Aldo Cortesi
e6288e2d07
Fix crash when sticky cookies are read from file.
...
Cookielib expects strings, not unicode.
2011-07-24 16:08:27 +12:00
Aldo Cortesi
0f4ae61e7d
Fix a crash in mitmdump event display.
2011-07-23 16:59:48 +12:00
Aldo Cortesi
6cd32bf96f
Unbreak mitmproxy. Oops.
2011-07-23 13:39:17 +12:00
Aldo Cortesi
3648c7953a
Extend eventlog information.
...
Also, squash an SSL-related bug revealed by the extended logging.
2011-07-23 13:37:06 +12:00
Aldo Cortesi
4043829cf2
Add an eventlog option to mitmdump
...
This shows client connections, disconnections and requests (before a complete
flow is assembled). We need to add an analogous display to mitmproxy.
2011-07-23 12:57:54 +12:00
Aldo Cortesi
689f5f0d1f
Don't turn off output if -v flag is passed more than twice.
2011-07-23 11:50:30 +12:00
Aldo Cortesi
47e1695512
Also replace strings path for requests.
2011-07-22 20:52:13 +12:00
Aldo Cortesi
6ce8b49e05
Make script pipe globally available.
2011-07-22 19:09:32 +12:00
Aldo Cortesi
1b961fc4ad
Add utility functions to search and replace strings in flows
...
This is a common task in pentesting scenarios. This commit adds the following
functions:
utils.Headers.replace
proxy.Request.replace
proxy.Response.replace
flow.Flow.replace
2011-07-22 17:48:42 +12:00
Stephen Altamirano
9c24401b18
Removes last_encoding attribute from Response. Prompts for encoding on identity responses
2011-07-21 22:09:48 -07:00
Stephen Altamirano
74d8b18408
Removes should_autodecode attribute from Response. Adds commandline option 'd' to toggle autodecode, adds togglable option 'd' to do the same
2011-07-21 20:22:13 -07:00
Aldo Cortesi
5936a48e59
Drop cert expiry time to avoid a bug in some OpenSSL versions.
2011-07-22 11:11:45 +12:00
Stephen Altamirano
aa7f8ac90b
Switches hotkeys. En/decode is now bound to 'z', kill connection now 'X'
2011-07-20 00:14:24 -07:00
Stephen Altamirano
ebfa9b2a5d
Fixes issue #10 regarding broken json printing
2011-07-19 10:51:49 -07:00
Stephen Altamirano
25b0631190
Switches hotkey to unused 'g', adds help message
2011-07-18 22:04:23 -07:00
Stephen Altamirano
1c5434d72c
Adds ability to toggle between encodings in the response view
2011-07-18 21:52:40 -07:00
Stephen Altamirano
ecd4645988
Adds encode counterparts to decode functions
2011-07-17 20:16:47 -07:00
Aldo Cortesi
b0849387b7
Add explicit notice when data has been auto-decoded.
2011-07-18 14:18:47 +12:00
Aldo Cortesi
669ce8ee7c
Correctly detect urlencoded data
...
This broke when we introduced case preservation for headers.
2011-07-17 15:31:58 +12:00
Aldo Cortesi
6df4be93e3
Fix error in anticomp commandline specification.
2011-07-17 14:36:38 +12:00
Aldo Cortesi
f756d3bec1
Make help display for options nicer.
2011-07-17 11:14:18 +12:00
Aldo Cortesi
1559ded009
Expose the anticompression flag as an option through the "o" key in mitmproxy.
2011-07-17 10:34:43 +12:00
Aldo Cortesi
ce41046786
Refine encoding support
...
- Push decoding down into the LRU cache
- Cope gracefully with corrupted data and incorrect encoding headers
2011-07-17 10:25:25 +12:00
alts
6dc0f105cc
Adds support for content encoding, namely gip and deflate
2011-07-16 02:47:06 -07:00
Aldo Cortesi
94ae720a22
Add a pretty-printing mode for urlencoded form data.
2011-07-15 16:46:54 +12:00
Aldo Cortesi
76b4c6ba82
Introduce an anti-compression command-line argument.
...
This is on by default, which means we avoid compressed content unless the -z
flag is specified.
2011-07-15 15:24:56 +12:00
Aldo Cortesi
1a963b91bb
Don't sort headers when displaying them in mitmproxy.
2011-07-14 17:20:32 +12:00
Aldo Cortesi
7e21ac0eb8
Refine path completion somewhat.
...
Make it match the behaviour of vim and mutt more closely
2011-07-14 16:54:04 +12:00
Aldo Cortesi
1c9e7b982a
Rewrite Headers object to preserve order and case.
2011-07-14 16:01:54 +12:00
Aldo Cortesi
b6e1bf63c3
Merge branch 'master' of github.com:cortesi/mitmproxy
2011-07-11 16:14:32 +12:00
Felix Wolfsteller
1a5b157c8f
Specify certificate creation waiting time argument to fix type error in proxy.py .
2011-07-09 08:07:22 +00:00
Aldo Cortesi
65fbb7bd0d
Bail out if no command was specified after | shortcut.
2011-07-08 21:41:00 +12:00
Aldo Cortesi
8e176c2086
Cast some data read from dump files to str, to prevent unicode promotion.
...
This fixes a bug that caused a traceback when de-serialized requests were
replayed. Also adds unit tests for the problem.
2011-07-01 14:20:42 +12:00
Aldo Cortesi
2a90ea69fd
Show view mode in statusbar.
...
Also make "m" keyboard shortcut available globally.
2011-06-30 14:49:11 +12:00
Aldo Cortesi
37c8d3425d
Fix edit prompt display, return code editing.
2011-06-30 14:30:48 +12:00
Aldo Cortesi
18d4c3a9e9
JSON pretty-printing.
...
Also rename the display modes ("pretty" instead of "indent"), and expand the
built-in documentation.
2011-06-30 13:27:27 +12:00
Aldo Cortesi
46ec8f52e7
Prep for 0.5 release
...
- Update CHANGELOG and CONTRIBUTORS
- Bump version
- Include Apple Gamecenter highscore setting tutorial in docs
2011-06-27 16:38:00 +12:00
Aldo Cortesi
0a642f2441
Make the certificate wait time configurable.
...
Since OpenSSL doesn't let us set certificate start times in the past, the
client and proxy machine time must be synchronized, or the client might reject
the certificate. We can bodgy over small discrepancies by waiting a few seconds
after a new certificate is generated (i.e. the first time an SSL domain is contacted).
Make this a configurable option, and turn it off by default.
2011-06-27 16:10:17 +12:00
Aldo Cortesi
f004326855
Try not to hang when user views large request & response bodies
...
Two different strategies here:
- Use a simple heuristic to detect if we're looking at XML data when indent
mode is used. On non-XML data we can hang even on small documents.
- Only view partial data for large bodies. At the moment the cutoff is
100k. I might finetune this later.
2011-06-27 15:59:17 +12:00
Aldo Cortesi
2ae7808ca9
Don't redraw the screen more often than necessary.
2011-06-27 14:01:08 +12:00
Aldo Cortesi
b04d074341
Repair a problem that sometimes caused SSL connections to peg the CPU.
2011-06-23 17:00:55 +12:00
Aldo Cortesi
0d9e0eac9a
Don't backup flows before replay.
...
This lets us revert to the original request, even after replaying an edit.
2011-06-23 14:47:34 +12:00
Yuangxuan Wang
e56793f01e
Fix urwid version parsing error when it's something like 0.9.10-pre
2011-06-20 16:18:55 +08:00
Aldo Cortesi
7d7803a4d9
Add a hideous kludge to fix not-yet-valid certificates.
...
- The OpenSSL x509 has no way to explicitly set the notBefore value on
certificates.
- If two systems have the same configured time, it's possible to return a
certificate before the validity start time has arrived.
- We "solve" this by waiting for one second when a certificate is first
generated before returning the cert. The alternative is to rewrite pretty much
all of our certificate generation, a thought too horrible to contemplate.
2011-06-11 15:16:16 +12:00
Aldo Cortesi
07110bbbf1
Anticache and refresh_server_playback options are applied before flows are loaded.
...
You can now use mitmdump to preview how these options work, by running mitmdump
against a set of saved flows, and viewing the output.
2011-05-15 12:23:34 +12:00
Aldo Cortesi
e285b17e3f
Add -r option to mitmdump and mitmproxy.
...
This option reads a set of flows from a file. I've also regularized the
mitmdump and mitmproxy command-line signatures by removing mitmproxy's old way
of specifying flow loads through naked arguments.
2011-05-15 11:54:12 +12:00
Aldo Cortesi
613e9a298e
Add a new flow loading mechanism.
...
We now simulate the normal connection flow when we load flows. That means
that we can run scripts, hooks, sticky cookies, etc.
2011-05-15 11:22:35 +12:00
Aldo Cortesi
6175d92583
Minor code cleanup - no need to recreate the master queue.
2011-05-14 12:12:03 +12:00
Aldo Cortesi
f89581be1b
Add a -n option which tells the tools not to bind a proxy.
...
This is useful when you just want to inspect or process dumps.
2011-05-14 10:44:25 +12:00
Aldo Cortesi
d917cfd916
Refactoring.
2011-03-29 10:57:50 +13:00
Aldo Cortesi
c3105153a5
Add some debugging output to help troubleshoot a performance problem.
2011-03-27 13:10:06 +13:00
Aldo Cortesi
c0bd1a39e4
unit test coverage ++
2011-03-20 18:52:16 +13:00
Aldo Cortesi
c726519e73
Add a stickyauth option.
...
This allows us to replay an HTTP Authorization header, in the same way as we
replay cookies using stickycookies. This lets us conveniently get at HTTP Basic
Auth protected resources through the proxy, but is not enough to do the same
for HTTP Digest auth. We'll put that on the todo list.
2011-03-20 17:31:54 +13:00
Aldo Cortesi
4f877cde6a
Reverse order of flows in mitmproxy.
...
It matches user expectations much better to have new flows appended to the bottom.
2011-03-20 09:31:39 +13:00
Aldo Cortesi
e22fd74d06
Revamp key generation.
...
We now create three different files in the .mitmproxy directory when a dummy CA
is made:
mitmproxy-ca.pem - the CA, including private key
mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.
mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
2011-03-18 16:45:31 +13:00
Aldo Cortesi
3fbf343985
Tweak CA and cert setup to be nice to Windows.
...
For some reason Satan's Operating System doesn't join up the certification path
if the key identifiers are set to hash. This took a few hours of trial and
error to figure out.
2011-03-18 14:48:43 +13:00
Aldo Cortesi
907536503c
Enable request and response script commandline arguments for mitmproxy.
2011-03-18 10:43:43 +13:00
Aldo Cortesi
fc9e0dcacb
Maintain focus in mitmproxy when flows are loaded from file.
2011-03-18 10:33:32 +13:00
Aldo Cortesi
0e62dd479b
Do id-based comparison rather than value-based comparison to establish flow focus.
...
This fixes a bug where focus would jump unpredictably between identical flows.
2011-03-18 10:21:59 +13:00
Aldo Cortesi
894d3cc62d
Use path_prompt rather than plain prompt where needed in mitmproxy.
2011-03-18 10:14:57 +13:00
Aldo Cortesi
89b0ac5195
Server replay shortcut in mitmproxy can now be used to interrupt a current replay.
2011-03-18 09:43:47 +13:00
Aldo Cortesi
f97c144869
Client playback shortcut in mitmproxy can now be used to interrupt a current client playback.
2011-03-18 09:38:51 +13:00
Aldo Cortesi
4893e5e5a4
We have to pass -CAcreateserial after all.
2011-03-18 09:24:04 +13:00
Aldo Cortesi
e983253ecc
Docs, minor cert tweaks.
2011-03-18 09:04:49 +13:00
Aldo Cortesi
394bd1d6b0
Interrupt interception when deleting an intercepting flow.
...
Prompting the user for this is annoying.
2011-03-15 17:53:29 +13:00
Aldo Cortesi
e3ad3790de
Fix minor styling and glitches.
2011-03-15 17:37:09 +13:00
Aldo Cortesi
6d5c32ad4b
Fix hang on shutdown.
2011-03-15 17:21:35 +13:00
Aldo Cortesi
fb28e71f0b
Do pre-processing of requests before replay.
...
This enables scripts, anticache, server playback and sticky cookies for
request replays.
2011-03-15 15:11:03 +13:00
Aldo Cortesi
fe1e2f16ff
Improve responsiveness of request and response viewing.
...
- Computing the view of a large body is expensive, so we introduce an LRU cache
to hold the latest 20 results.
- Use ListView more correctly, passing it individual urwid.Text snippets,
rather than a single large one. This hugely improves render time.
2011-03-15 13:05:33 +13:00
Aldo Cortesi
bb8adfb731
Use .stop() and .start() to restart curses around external spawns.
2011-03-14 16:09:06 +13:00
Aldo Cortesi
974cb03631
Merge branch 'master' of github.com:cortesi/mitmproxy
2011-03-14 15:56:52 +13:00
Aldo Cortesi
9b961a8236
Use raw_display instead of curses_display.
2011-03-14 15:56:25 +13:00
Aldo Cortesi
c17cf5c6a0
Fix traceback when viewing hex mode.
2011-03-14 14:34:55 +13:00
Aldo Cortesi
897bd5c2b8
We no longer use pytz.
2011-03-14 13:47:51 +13:00
Aldo Cortesi
b4fab58c61
Indicate request and response replay status separately.
2011-03-13 21:53:26 +13:00
Aldo Cortesi
6cb40d03f4
Fix a number of small UI infelicities.
...
- Make request/response view switching behave sensibly
- Avoid having an empty string appear in connection view text. This makes urwid
misbehave.
- Make it clear that intercept and cookies specifications are filters.
2011-03-13 21:16:42 +13:00
Aldo Cortesi
038a6eb1a7
I've now added all the features I want for 0.4. Bump the version number.
2011-03-13 20:42:55 +13:00
Aldo Cortesi
1e47167ac6
Fix a traceback sometimes triggered viewing a connection with no response.
2011-03-13 20:03:13 +13:00
Aldo Cortesi
8d0152f2ff
Add server replay to mitmproxy.
2011-03-13 17:11:59 +13:00
Aldo Cortesi
324d7c3955
Add client plaback to mitmproxy.
2011-03-13 16:50:11 +13:00
Aldo Cortesi
49c1532af7
Add anticache support for mitmproxy
...
Also stub out an option toggle command for anticache, killextra and norefresh
options.
2011-03-13 16:21:41 +13:00
Aldo Cortesi
ef27e2fb29
Rejigger status bar somewhat. Add indicators for various bits of state.
...
In particular, we now display limits, sticky cookie expressions and intercepts
in the bar.
2011-03-13 15:55:47 +13:00
Aldo Cortesi
18d25ec1a1
Fix stickycookie setting, indented view traceback.
2011-03-13 11:43:55 +13:00
Aldo Cortesi
0042687f0d
Remove beep functionality from mitmproxy.
...
This acts funny (sometimes works, sometimes doesn't) and isn't really useful.
2011-03-13 11:26:30 +13:00
Aldo Cortesi
c901cbbada
mitmproxy prompted input now display previously set value.
...
E.g. if you set a limit, then re-enter the limit prompt, you start with the
currently set value.
2011-03-13 11:24:49 +13:00
Aldo Cortesi
4ce393cc41
Unit tests for cmdline.py
2011-03-12 15:14:25 +13:00
Aldo Cortesi
96b10ca486
console.py 100% test coverage
2011-03-12 15:08:06 +13:00
Aldo Cortesi
fbbc43a5b2
netstring.py 100% unit test coverage.
2011-03-12 14:39:41 +13:00
Aldo Cortesi
2f457e041e
Unify mitmproxy and mitmdump commandline
...
- Extract common options into cmdline.py
- Change mitmproxy keybindings to fit command line
Some cmdline options and keybindings aren't in operation yet - just stubs
where functionality will be added in the next few commits.
2011-03-12 14:30:12 +13:00
Aldo Cortesi
40e9067b83
Handle invalid bind address specifications gracefully.
2011-03-12 13:47:37 +13:00
Aldo Cortesi
9f16a84a9e
Make mitmdump handle invalid serialized data gracefully.
2011-03-11 15:16:31 +13:00
Aldo Cortesi
7d85db0da3
Display Errors and killed connections in mitmdump.
2011-03-11 13:06:51 +13:00
Aldo Cortesi
daa9653ebe
Add --norefresh to stop refreshing server playback to mitmdump.
...
Also, make cookie parsing for refreshing more error-tolerant.
2011-03-11 11:56:10 +13:00
Aldo Cortesi
e99b1d1949
Stub out refresh for server-side replay.
2011-03-09 20:05:30 +13:00
Aldo Cortesi
03f1345385
Add an --anticache option to mitmdump.
...
This removes all headers that might cause a server to return 304-not-modified.
For now, all the new features are going into mitmdump - everything will be
ported over to mitmproxy once I have the feature set locked down.
2011-03-09 13:15:31 +13:00
Aldo Cortesi
592812467d
Move version constants to version.py, add version to serialized flows.
...
For now, we don't do anything with the serialized version info, but this should
give us some future-proofing for serialization format changes.
2011-03-09 12:36:14 +13:00
Aldo Cortesi
897c4bfc52
Think harder about timestamps. Just save seconds since the epoch as a float.
2011-03-09 12:18:08 +13:00
Aldo Cortesi
765871bd11
Store timestamps on flow components as a UTC time tuple.
...
Format is:
(tm_year,tm_mon,tm_mday,tm_hour,tm_min, tm_sec,tm_wday,tm_yday,tm_isdst)
2011-03-07 13:46:02 +13:00
Aldo Cortesi
7330f5fccf
Make mitmdump server playback also exit by default.
...
Like client playback, the --keepserving option makes mitmdump keep serving.
2011-03-06 17:08:56 +13:00
Aldo Cortesi
ec00b5a66e
Make mitmdump exit after client replay is complete by default.
...
Add an option --keepserving to make it keep serving after replay.
2011-03-06 16:54:49 +13:00
Aldo Cortesi
e794cbc0d8
Add flow_count and active_flow_count methods to flow.State.
...
Use these in unit tests where sensible.
2011-03-06 16:11:45 +13:00
Aldo Cortesi
42ffded626
Bump unit tests, rearrange mitmdump command-line options slightly.
2011-03-06 16:02:28 +13:00
Aldo Cortesi
4f02480482
Allow client replays to be replayed against server replays.
...
Useful for testing.
2011-03-06 14:48:16 +13:00
Aldo Cortesi
bad77f3470
Add client replay options to mitmdump.
2011-03-06 11:21:31 +13:00
Aldo Cortesi
5da4099ddf
Massage namespace to make room for client replay.
...
Mostly replay -> server_replay
2011-03-05 13:03:26 +13:00
Aldo Cortesi
96471fde1d
Basic client playback state structure.
2011-03-04 13:08:43 +13:00
Aldo Cortesi
6921b9ff2a
Add an indicator that sticky cookies have been applied in mitmdump.
2011-02-25 21:23:44 +13:00
Aldo Cortesi
8cade9fbbf
Move stringification funcs from proxy to dump.
2011-02-25 21:11:44 +13:00
Aldo Cortesi
3792b0084e
Add -c and -C options to mitmdump to control sticky cookies.
...
It's dumb that this needs to be two different options, but optparse doesn't
support optional arguments. It would be much nicer to just have "-c" for "all",
and "-c filter" for a specified filter.
2011-02-25 17:32:03 +13:00
Aldo Cortesi
57f96c5fe0
Minor housekeeping - unused code, nocover directives.
...
95% test coverage.
2011-02-24 15:44:08 +13:00
Aldo Cortesi
79039eb5d2
More mature sticky cookie primitive. Use it in console.py.
2011-02-24 15:26:34 +13:00
Aldo Cortesi
57947b328e
Start abstracting out sticky cookie state.
2011-02-24 10:33:39 +13:00
Aldo Cortesi
3c1db00ebb
Remove first iteration playback/record.
...
Bonus: unit test coverage goes from 70% to 94% with one commit. ;)
2011-02-23 12:40:30 +13:00
Aldo Cortesi
39207ffdd2
Add a way for users to specify header significance in server replay.
...
Also add the --rheader command-line option to mitmdump to let the user specify
an arbitrary number of significant headers. The default is to treat no headers
as significant.
2011-02-23 10:54:51 +13:00
Aldo Cortesi
c80214ba55
Minor housekeeping: bump version, clean todo.
2011-02-21 12:27:01 +13:00
Aldo Cortesi
7bc913c40d
Move script hooks into the flow primitives.
...
This lets handle scripts in corner cases like playback situations more easily.
2011-02-21 11:40:49 +13:00
Aldo Cortesi
fe99871df8
Add --kill option to mitmdump
...
If this option is passed all requests that are not part of a replayed
conversation are killed. If the option is not passed, such requests are passed
through to the server as usual.
2011-02-21 11:08:35 +13:00
Aldo Cortesi
c3e3897071
Fix a subtle Unicode problem in Response.assemble
...
If msg is Unicode, the proto string is automatically promoted to Unicode. If
the proto string is promoted to Unicode, then the FMT interpolation is also
done in Unicode. If this happens, then binary data in content will cause an
exception.
2011-02-21 10:11:50 +13:00
Aldo Cortesi
fd4dd8cb6b
First pass of playback function for mitmdump.
2011-02-21 09:54:39 +13:00
Aldo Cortesi
deb79a9c5a
Add a simple server playback state object.
...
We use a loose hash to match incoming requests with recorded flows. At the
moment, this hash is over the host, port, scheme, method, path and content of
the request. Note that headers are not included here - if we do want to include
headers, we would have to do some work to normalize them to remove variations
between user agents, header order, etc. etc.
2011-02-21 08:47:19 +13:00
Aldo Cortesi
aa16194518
Clean up and strip down netstrings module.
2011-02-20 14:03:32 +13:00
Aldo Cortesi
7ddba22f51
Certificates are now generated in a temporary per-session directory.
...
This means that certificates don't accumulate in the conf directory, users
don't have to clear certificates if the CA is regenerated, and the user can
specify a custom CA without invalid certificates being loaded inadvertently.
2011-02-20 13:29:41 +13:00
Aldo Cortesi
c2ae8285f4
Revamp SSL configuration.
...
- Move option parsing utiliities to proxy.py
- Don't have a global config object. Pass it as an argument to ProxyServer.
- Simplify certificate generation logic.
2011-02-20 12:53:42 +13:00
Aldo Cortesi
4fc807cedd
Clean up certificate generation.
...
- Use templates for config files. We can re-introduce customization of the
certificate attributes when we need them.
- Split CA and cert generation into separate functions.
- Generation methods provide an error return when generation fails.
- When the user explicitly specifies a certificate, we don't generate it, but
fail if it doesn't exist.
2011-02-20 12:17:10 +13:00
Aldo Cortesi
9c5c3c2b1a
Implement state loading that doesn't change object identity.
...
We need this to let us load state from copied Flows returned from scripts.
2011-02-20 09:36:13 +13:00
Aldo Cortesi
58fc0041fa
Stub out doc structure, add screenshots for configuring certs in Firefox.
2011-02-19 19:43:44 +13:00
Aldo Cortesi
1549ec8079
Bump test coverage to 100% for flow.py
2011-02-19 17:21:08 +13:00
Aldo Cortesi
d9c6be3d13
Fix serialization when a Request has no associated client connection.
2011-02-19 17:03:44 +13:00
Aldo Cortesi
5da27a9905
Refactor Flow primitives to remove HTTP1.0 assumption.
...
This is a big patch removing the assumption that there's one connection per
Request/Response pair. It touches pretty much every part of mitmproxy, so
expect glitches until everything is ironed out.
2011-02-19 17:00:24 +13:00
Aldo Cortesi
cd4eea3934
First pass of script hooks for mitmdump.
...
Also stub out docs, improve mitmdump error handling.
2011-02-18 12:40:45 +13:00
Aldo Cortesi
7769e5a898
Whitespace in mitmdump output.
2011-02-17 15:56:54 +13:00
Aldo Cortesi
afa9104005
Refine verbose mitmdump output.
2011-02-17 15:10:50 +13:00
Aldo Cortesi
cbe6982c6d
Improve mitmdump text output.
2011-02-17 14:26:50 +13:00
Aldo Cortesi
ca4df062bf
Whitepsace and extraneous code.
2011-02-17 11:45:12 +13:00
Aldo Cortesi
f028dc7e1b
Add filtering to mitmdump.
2011-02-17 10:44:08 +13:00
Aldo Cortesi
f0f1fb4b55
Add file writing to mitmdump.
2011-02-17 10:18:38 +13:00
Henrik Nordstrom
7758385ac1
Extract common SSL certificate option processing
2011-02-16 15:50:44 +01:00
Aldo Cortesi
d9374ff97b
Extract common SSL certificate options into a group.
...
Use this only in mitmdump and mitmproxy for now.
2011-02-16 23:09:42 +13:00
Aldo Cortesi
f5511350eb
Tweaks and cleanups for mitmdump.
2011-02-16 23:03:46 +13:00
Aldo Cortesi
8a9f20b78c
Don't leave dangling browser connections for pipelined requests.
2011-02-16 22:37:04 +13:00
Aldo Cortesi
0dd1aa7cc7
Initial port of mitmdump to Flows.
2011-02-16 22:10:24 +13:00
Aldo Cortesi
692556cf20
Fix minor display issues in console app.
2011-02-16 21:03:55 +13:00
Aldo Cortesi
3f0b84bb49
Un-break request replay.
2011-02-16 19:37:40 +13:00
Aldo Cortesi
f009770d4c
Fix a bug in HTTP 1.1 pipelining that caused Requests to be over-written.
...
We use the ClientConnection object to tie requests, responses and errors
together. This is an HTTP 1.0 assumption, but we can fix it by just making
copies of the connection object when we handle multiple requests.
2011-02-16 19:22:19 +13:00
Aldo Cortesi
66349c9783
FlowMaster bugfixes and unit tests.
2011-02-16 16:43:35 +13:00
Aldo Cortesi
27f0765cdd
Extract flow-specific Master operations into FlowMaster.
2011-02-16 16:03:22 +13:00
Aldo Cortesi
33dac700fa
Switch over to new serialization format.
...
Remove BSON from contrib.
2011-02-16 15:10:00 +13:00
Aldo Cortesi
0c6f846861
First draft of the new serialization mechanism.
2011-02-16 14:33:04 +13:00
Aldo Cortesi
5692c7359c
Import Will McGugan's netstring module.
...
Module is in the Public Domain.
I expect to modify and extend this module, so I've imported into main library
rather than contrib. Code has been reformatted to suite our code standard,
tests have been extrated into /tests directory.
2011-02-16 11:21:06 +13:00
Henrik Nordstrom
89627a702a
drop unused protocol parameter from Response
2011-02-15 22:24:38 +01:00
Aldo Cortesi
759496e24e
Repair unit test suite.
2011-02-11 11:06:30 +13:00
Henrik Nordstrom
51cdd7b95d
Bump version
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
32adee8743
Implement a dummy CA
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
4ffaadd435
Allow specifying the accepted ciphersuites
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
061cea89da
Import cache store control into console controller
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
d11dd742d8
Simple record & playback functionality
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
4bae297fbb
Basic HTTP/1.1 Support
...
Adds support for chunked transfer encoding, and a couple other minor
protocol corrections.
Improve HTTP support
- Support intercepted requests with Host header
- Support HEAD requests proper
- Support any HTTP method including extensions, not just a couple known ones
Support expect: 100-continue and 100 Continue messages
Persistent client connections
Generalize ServerConnection a bit in preparation for keep-alive support
Correct HTTP status codes on errors forwarding the request
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
0613321aef
Optimize CONNECT responses, sent in a single packet
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
4cf3392e50
Sort header names for a predictable result
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
bd01126b2b
Move try_del to utils
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
2d8cfbafc3
Automatically update response message when editing response code
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
98b1acc51d
Add response creation to edit function on intercepted requests
2011-02-10 02:59:51 +01:00
Henrik Nordstrom
fcc39e1aaf
Terminate workers when main thread terminates
2011-02-10 02:59:51 +01:00
Aldo Cortesi
eb15ef7b80
Merge remote branch 'hno/master'
2011-02-06 18:44:35 +13:00
Aldo Cortesi
a4eaafab5a
Further fine-tuning for pretty_xmlish.
2011-02-06 16:56:13 +13:00
Aldo Cortesi
7156d1a73a
Rip out BeautifulSoup, and use a custom XML-ish prettyprinter.
2011-02-06 14:17:30 +13:00
Aldo Cortesi
44dc3a052e
Add option to tell mitmproxy which interfaces to bind to.
2011-02-06 10:52:54 +13:00
Aldo Cortesi
d0c2d9480c
Also serialize ClientConnection and flow backups.
2011-02-06 10:28:43 +13:00
Henrik Nordstrom
b35cbc0760
Fix kill() again, got broken by the change to use None
2011-02-03 23:39:28 +01:00
Henrik Nordstrom
5bf6482bd0
Merge remote-tracking branch 'origin/master'
2011-02-03 23:30:03 +01:00
Henrik Nordstrom
2f813fa748
Messages may need to stay in the controller for considerable
...
amount of time. Don't use a timeout waiting for the controller response.
Example where this happens is intercepted flows.
2011-02-03 23:28:24 +01:00
Aldo Cortesi
2ad4c5adf3
Get rid of ReplayConnection - we now have only one ClientConnection class.
2011-02-04 10:58:08 +13:00
Aldo Cortesi
2cb7429d38
Change "connection" to the less confusing "client_conn" throughout.
2011-02-03 14:51:32 +13:00
Aldo Cortesi
7924f07971
Fine-tune completion a bit.
2011-02-03 13:50:57 +13:00
Aldo Cortesi
6c89749f0a
Add timestamps to flows.
...
For now, these are only displayed on the connection view screen, with second
granularity.
2011-02-03 13:30:47 +13:00
Aldo Cortesi
673ff01acc
Fix tracking of edited state.
2011-02-03 12:28:40 +13:00
Aldo Cortesi
f6c8654f08
"Q" quits without confirmation prompt.
2011-02-03 12:20:05 +13:00
Aldo Cortesi
d8cb826361
Test suite rejiggering and cleanup.
2011-02-03 12:16:03 +13:00
Aldo Cortesi
db99da6af5
Improve script handling.
...
- Display output in external viewer when script exits with error.
- Add a "changed" indicator to show if a request can be reverted.
2011-02-02 11:44:28 +13:00
Aldo Cortesi
df9d8832fb
Use last path specified as default prompt.
2011-02-02 10:19:54 +13:00
Aldo Cortesi
405e60215c
View script debug output (stderr) in pager.
2011-02-02 10:09:16 +13:00
Aldo Cortesi
b886f808be
Add an external script API.
...
External scripts can read a flow, modify it, and then return it to mitmproxy
using a simple API.
The "|" keyboard shortcut within mitmproxy prompts the user for a script.
2011-01-31 13:26:56 +13:00
Aldo Cortesi
152b97fa0b
Restructure to make subclassing Flow unnecessary.
2011-01-31 11:44:52 +13:00
Aldo Cortesi
1619d164ff
Re-jigger flow view shortcuts so we don't over-ride global shortcuts.
2011-01-31 10:57:33 +13:00
Aldo Cortesi
74aa622fdd
Better help page statusbar text.
2011-01-30 15:31:44 +13:00
Aldo Cortesi
cf165bc32e
Next and previous flow shortcuts from within flow view.
2011-01-30 15:26:41 +13:00
Aldo Cortesi
2a39387d27
UI tweaks
...
- Make flow view state persistent (request/response, body view mode).
- Don't exit flow view mode when viewing help.
2011-01-30 14:52:51 +13:00
Aldo Cortesi
091db9cdf2
Prompt user on quit.
2011-01-28 12:55:02 +13:00
Aldo Cortesi
0742bc4fd0
Nicer statusbar messages, with timed expiry.
2011-01-28 12:18:01 +13:00
Aldo Cortesi
dfefe3cdda
Make pretty-printing more robust.
...
Also, since BeautifulSoup is so damn slow, print a statusbar message saying
that we're calculating a pretty version of the response. Maybe I should add
hangman or something, becuase on a 200k document this can take ages.
2011-01-28 12:08:25 +13:00
Aldo Cortesi
93ef691bad
Basix XML/HTML pretty-printing in flow viewer.
2011-01-27 17:26:01 +13:00
Aldo Cortesi
96e714a74c
Handle nonexistent load files gracefully.
...
Also improve IOError statusbar messages.
2011-01-27 15:20:07 +13:00
Aldo Cortesi
edab82f7d8
Add command to write request or response body to file.
2011-01-27 15:16:03 +13:00
Aldo Cortesi
345ac0f2a0
Refine flow saving shortcuts.
...
"S" to save all flows.
"s" to save just the current flow.
2011-01-27 15:03:53 +13:00
Aldo Cortesi
eb93cc22ce
Fine-tune threading and fix an exception.
2011-01-27 14:19:48 +13:00
Aldo Cortesi
efe11a0782
Kill deadlock that sometimes occurred on shutdown.
2011-01-27 13:32:24 +13:00
Aldo Cortesi
077272ec97
Switch to BSON for data serialization.
2011-01-27 10:52:42 +13:00
Aldo Cortesi
460107589c
Add tab completion for save and load path specs.
2011-01-27 10:29:37 +13:00
Aldo Cortesi
bd6c0499fb
Fix UI sync bugs introduced by flow serialization.
2011-01-26 22:17:42 +13:00
Aldo Cortesi
635f7a971d
Add saving and loading of complete flows for later replay and analysis.
2011-01-26 16:50:17 +13:00
Aldo Cortesi
29d8007678
Add serialization hooks to flows and flow component objects.
2011-01-26 14:52:03 +13:00
Aldo Cortesi
7983dbb26a
Abstract flow management out of the interactive code.
2011-01-25 15:02:48 +13:00
Aldo Cortesi
b8d8030abd
Documentation updates.
2011-01-25 10:59:50 +13:00
Aldo Cortesi
324c175d02
Fix indentation in previous patch.
2010-09-06 11:21:51 +12:00
Henrik Nordström
2e7e9f9759
Wrap read request, concatenating partial reads until whole request have been read
2010-09-06 07:18:11 +08:00
Aldo Cortesi
f457342aab
Add mitmproxy command line flags for a number of filter expressions.
...
For now, these are supported: intercept, limit, sticky cookies, beep
2010-03-01 15:42:38 +13:00
Aldo Cortesi
fbe6e0a820
Housekeeping: todo updates, move put handler_ methods together in console.py.
2010-03-01 15:08:39 +13:00
Aldo Cortesi
ba92d22e1d
Put DumpMaster in its own file.
...
It's going to become a more important part of the mitmproxy suite now.
2010-03-01 14:58:04 +13:00
Aldo Cortesi
0188cf8a1a
Just make using the user's terminal background the default.
...
This just makes sense. Later on, we'll have a config file in which users can
set the palette, so that they can over-ride the default background if they
really want.
2010-03-01 14:50:35 +13:00
Aldo Cortesi
6300a57212
Don't intercept replays - it makes no sense to do so.
2010-03-01 14:25:37 +13:00
Aldo Cortesi
639b1557a6
Don't show error if user tries to save, but specifies no path.
2010-03-01 14:20:12 +13:00
Aldo Cortesi
f030718e32
Add "A" key, to accept all intercepted connections.
2010-03-01 14:08:10 +13:00
Aldo Cortesi
a7cea1749b
Make beeping more general.
...
- The "B" key now sets a filter pattern. Whenever the filter matches, the
terminal beeps.
- The beep specification is now stored in the State object, where I want to
keep all mutable state.
- I've removed the startup flags for beeping for now. We probably want to let
users specify a number of options on startup, including interception patterns
and limits. When we do this, we should also separate out the dumping and
curses programs, because many of these options will only make sense in one of
the two.
- This isn't an exact replacement for the beep functionality I ripped out,
because specifying beeping on intercept is slightly cumbersome (you need to
re-specify the intercept pattern using B). Sorry - we'll add a better way
soon.
2010-03-01 13:56:28 +13:00
Aldo Cortesi
a40775b846
Maintain compatibility with 0.9.8.x of urwid.
...
This is the most common deployed version, so it's worth doing a bit of extra
work to make sure mitmproxy runs smoothly under it.
2010-03-01 13:37:50 +13:00
Thomas Roth
72f8111f2b
Show error if compiling of an expression fails.
2010-02-26 17:48:55 +01:00
Thomas Roth
a5f87657e1
Added beeping. --bireq and --bires enables beeping on intercepted requests/responses.
2010-02-26 14:01:38 +01:00
Aldo Cortesi
c5eb3c592d
Fix hang when a POST is made with a 0 content length.
2010-02-26 20:07:37 +13:00
Thomas Roth
0e76f0f341
Added a 'keep terminal background' option (-t), so that you can use it with your own background color. (Foreground color following.)
2010-02-26 00:20:49 +01:00
Thomas Roth
fc6f170731
Huge speed improvements if more than one request is in the queue. Speeds up every request by 0.1 seconds.
2010-02-25 17:49:21 +01:00
Thomas Roth
1909744631
Small improvement in regular expression compiler exception handling.
2010-02-25 17:45:37 +01:00
Thomas Roth
000196fe21
Added exception if starting editor fails and added vi as default editor.
2010-02-25 12:14:47 +01:00
Thomas Roth
6d41b27f53
Fixes crash on illegal regular expression for interception.
2010-02-24 23:59:54 +01:00
Thomas Roth
0fc864c419
Fixes a bug which caused a crash if you've tried to accept a connection which wasn't intercepted.
2010-02-24 23:32:56 +01:00
Thomas Roth
79d2abb23a
Fixes blocking problem with a workaround which sets a timeout of 0.1 seconds.
2010-02-24 23:25:37 +01:00
Thomas Roth
70b0bddc85
Additional fix for compatibility with Urwid >0.9.9
2010-02-24 18:52:26 +01:00
Thomas Roth
22b77e32cd
Fixes compatibility with Urwid >0.9.9
2010-02-24 18:25:24 +01:00
Aldo Cortesi
8eb8814387
Add some error handling for connection saving.
2010-02-24 16:47:34 +13:00
Aldo Cortesi
146a8c6d7c
Save a request or response to file.
...
Ideally, we'd have a nice selection widget with tab completion and the like.
Maybe later...
2010-02-24 16:30:00 +13:00
Aldo Cortesi
cb0e328709
Initial checkin.
2010-02-16 17:09:07 +13:00