Commit Graph

987 Commits

Author SHA1 Message Date
Aldo Cortesi
53e453f72e Use the new ODict get_first convenience function in a bunch of places. 2012-08-18 18:14:30 +12:00
Aldo Cortesi
15e234558d Further content view cleaups. 2012-08-18 17:51:34 +12:00
Aldo Cortesi
b70e91bbd4 Send tracebacks from content viewers to event log.
Also, 100% test coverage for content viewers.
2012-08-18 17:42:40 +12:00
Aldo Cortesi
e8553f966f Further simplifcation and testing of contentviews. 2012-08-18 17:29:29 +12:00
Aldo Cortesi
11c63dcb9f Huge cleanup of content viewers. 2012-08-18 17:08:17 +12:00
Sahn Lam
3189d144a5 Optional AMF decoding support
If PyAMF is installed, enable AMF decoding.
2012-08-17 18:45:26 -07:00
Maximilian Hils
b0566b9d4c add dummy cert dir 2012-08-17 19:13:56 +02:00
Maximilian Hils
ed389d8f05 use argparse instead of optparse 2012-08-17 19:11:59 +02:00
Aldo Cortesi
bbaa8bdba5 Add an HTML text outline view.
Uses html2text, from here:

https://github.com/aaronsw/html2text
2012-08-18 01:37:30 +12:00
Aldo Cortesi
1bfe847a84 Stop server playback after current playback buffer is exhausted. 2012-08-18 00:23:41 +12:00
Aldo Cortesi
20b270ae9a Server replay from current buffer. 2012-08-18 00:13:04 +12:00
Jim Lloyd
0ef18a7cba Adds --dummy-certs option to specify certdir
If --dummy-certs=CERTSDIR is provided, use CERTSDIR as the location
for generating/finding the dummy certs. And in this case, preserve
the CERTSDIR directory on exit.
2012-08-06 14:09:35 -07:00
Aldo Cortesi
32ad26f8bf Add a size() method to flow.Request and flow.Response. 2012-08-04 13:18:05 +12:00
Rob Wills
8e68426ad6 Return from Flow View behaviour
Following focus trumps the re-focusing the "current" (or just-viewed) flow.
2012-08-02 00:06:34 -07:00
Rob Wills
c985e22196 Press "F" to Follow
Following of the flow list
- ConsoleState now has a follow_focus property
-- when True it will cause focus to follow added flows
- ConsoleMaster implements toggle_follow_flows()
-- when enabling follow, also jumps to most recent flow
- StatusBar reports follow_focus state
-- adds "following" to option list when true
- Added "F" to FlowList keys
-- implementation requests ConsoleMaster to toggle_follow_flows()
2012-08-01 23:57:56 -07:00
Aldo Cortesi
87d05a95ff Handle invalid headers. 2012-07-30 12:54:50 +12:00
Aldo Cortesi
bb124e23b2 Prevent mitmproxy from treating logged info as urwid markup. 2012-07-27 10:08:10 +12:00
Aldo Cortesi
47b5fd666d Fix mitmproxy file reading. 2012-07-27 02:13:21 +12:00
Aldo Cortesi
31a092f6b4 Minor refactoring. Make stop_stream also close the associated file descriptor. 2012-07-27 00:19:18 +12:00
Aldo Cortesi
f93a621856 Only log real errors in WSGI apps. 2012-07-24 16:18:22 +12:00
Aldo Cortesi
b4e9e55c34 Be more tolerant of corrupted or truncated flows.
We load as far as possible. mitmproxy will only terminate if it was not able to
recover any flows. mitmdump will stop loading as soon as an error is
encountered, but not exit with an error.
2012-07-24 15:15:41 +12:00
Maximilian Hils
c643234c98 fix -r option, read file in binary mode 2012-07-24 03:11:28 +02:00
Chris Neasbitt
525a8f6a16 Fixed a bug causing an AttributeError when request is set to false but response not None in ProxyHandler.handle_request 2012-07-17 13:24:15 -04:00
Aldo Cortesi
e4079aa746 Add an ~a filter expression, matching an asset content type in responses.
Asset content types are Javascript, images, Flash and CSS. This is useful
because doing a quick "!~a" while auditing an app will filter out the majority
of the static asset cruft, letting you focus on what matters.
2012-07-14 16:55:21 +12:00
Aldo Cortesi
150814f6a8 Jump back to correct flow when limit is applied. 2012-07-14 15:22:44 +12:00
Aldo Cortesi
a44a76a7da Merge branch 'master' of github.com:cortesi/mitmproxy 2012-07-11 07:17:20 +12:00
Aldo Cortesi
1d09a558a7 Fix a subtle termination condition when there's an error in a WSGI app. 2012-07-11 07:16:06 +12:00
Aldo Cortesi
01b8b0d876 Refine semantics of replay_request method. 2012-07-10 23:29:33 +12:00
Aldo Cortesi
04d9ec8c3c Make WSGI apps work in transparent mode. 2012-07-10 15:53:53 +12:00
Aldo Cortesi
79af9e89c4 Test replay corner cases. Fix discovered bugs. 2012-07-09 11:18:03 +12:00
Aldo Cortesi
aab45078ad Unit test request replay thread.
This is a small patch, but is the culmination of lots of work: we can now unit
test the deep innards of mitmproxy, with coverage. There's a lot more to come
in this vein.
2012-07-09 11:03:55 +12:00
Aldo Cortesi
3749d52b66 Make mitmproxy "W" over-write, not append.
The -w options in mitmdump and mitproxy should do the same thing. Append can
have unexpected consequences if the existing file is not a mitmdump.
2012-07-09 10:28:01 +12:00
Aldo Cortesi
729fd9301f Use FlowMaster stream from mitmdump. 2012-07-09 10:26:45 +12:00
Aldo Cortesi
bbd9acf551 Use FlowMaster streaming for "W" in mitmproxy. 2012-07-09 10:22:14 +12:00
Aldo Cortesi
572e8a4962 Add streaming to FlowMaster 2012-07-09 10:18:37 +12:00
Aldo Cortesi
097b566e54 Handle new netlib.tcp.NetLibDisconnect exception. 2012-07-08 23:49:44 +12:00
Aldo Cortesi
ceb12438b6 Fix minor error in filter help. 2012-07-06 22:33:09 +12:00
Aldo Cortesi
d02bcade3a Add a domain match filter (~d regex) 2012-07-06 22:21:44 +12:00
Aldo Cortesi
c4426952ad Protect against exceptions thrown by third-party view libraries. 2012-07-06 15:43:33 +12:00
Aldo Cortesi
a7e64a1a03 mitmproxy: "W" shortcut key streams flows to file as responses arrive. 2012-07-06 14:41:10 +12:00
Aldo Cortesi
de294da2a7 Amalgamte saving "this flow" and "all flows" into a single keyboard shortcut. 2012-07-06 14:10:58 +12:00
Aldo Cortesi
40d63c9e7a Fix error when viewing extended details of SSL flow. 2012-07-06 13:33:55 +12:00
Aldo Cortesi
aa708a2d28 Fix error when serializing reverted SSL flows. 2012-07-05 11:52:56 +12:00
Aldo Cortesi
4acc9aca27 Firm up handling of Unicode data
- Modify GridEditor to know about the destination encoding of data
- Ensure that get_url always returns ASCII
2012-07-05 11:27:40 +12:00
Aldo Cortesi
837fcc65f5 Make upstream-cert the default. There's now a --no-upstream-cert option to turn it off. 2012-07-03 22:56:25 +12:00
Aldo Cortesi
fe86194cc2 Fix Python coredump (!!) on SNI IDNA decoding. 2012-07-03 22:55:02 +12:00
Aldo Cortesi
9c30e2e86d Correct handing of IDNA encoding of internationalized domain names.
- Use IDNA encoding for hostnames gleaned by upstream-cert sniffing
- Use IDNA decoding for URL display in mitmproxy and mitmdump.
2012-07-03 22:27:16 +12:00
Aldo Cortesi
ef986202ee Make server version configurable. 2012-07-03 14:12:52 +12:00
Aldo Cortesi
35d5da9f11 Move palette option getting/setting to mitmproxy.
Unbreaks mitmdump.
2012-07-03 13:42:09 +12:00
Aldo Cortesi
c664801d7d Merge pull request #48 from afh/pull/palette-option
Pull/palette option
2012-07-01 14:04:43 -07:00
Alexis Hildebrandt
a695cf177d Improve palette colors for headings 2012-07-01 09:03:20 +02:00
Alexis Hildebrandt
e41c84335d Add --palette option to select color palette 2012-07-01 08:48:30 +02:00
Aldo Cortesi
90365e270e Catch and handle SSL connection errors. 2012-07-01 12:10:32 +12:00
Aldo Cortesi
4e9d4e8ddd Tweak upstream SNI. 2012-07-01 11:53:46 +12:00
Aldo Cortesi
9985cf5473 Flush after terminal output.
Makes behaviour on the shell less mysterious.
2012-07-01 09:37:03 +12:00
Aldo Cortesi
35fdd16940 Serialize address as part of ClientConnect objects.
This is a serialization format change!
2012-07-01 00:16:30 +12:00
Aldo Cortesi
d74a341e5d Beef up logging substantially. 2012-07-01 00:15:03 +12:00
Aldo Cortesi
9fd4c37834 Merge pull request #46 from afh/pull/palettes
Color palettes
2012-06-29 21:06:20 -07:00
Aldo Cortesi
f070e4523a Handle invalid data more gracefully.
Fixes #47
2012-06-30 15:59:42 +12:00
Aldo Cortesi
16e87a81ac Stub out a transparent resolver for OSX. 2012-06-30 15:42:10 +12:00
Aldo Cortesi
38ebc81590 Add error when -T is passed on an unsupported platform. 2012-06-30 11:24:41 +12:00
Alexis Hildebrandt
0a0a6aae0b Update title palette colors for light backgrounds 2012-06-29 16:58:28 +02:00
Alexis Hildebrandt
3b80e8dd02 Add palettes for Solarized terminal color profiles 2012-06-29 12:45:02 +02:00
Alexis Hildebrandt
e287eac462 Add light palette for light backgrounds 2012-06-29 12:44:57 +02:00
Alexis Hildebrandt
3060ad5575 Replace double quotes with single quotes 2012-06-29 09:25:29 +02:00
Aldo Cortesi
47651b1ff2 Serialization and de-serialization of new cert format. 2012-06-28 14:29:15 +12:00
Aldo Cortesi
243e0efefc Adjust for new get_remote_cert API. 2012-06-28 10:02:14 +12:00
Aldo Cortesi
35ee0c098f Remove certutils from mitmproxy. 2012-06-27 16:43:33 +12:00
Aldo Cortesi
49dedd361c Fix replay. 2012-06-27 16:22:25 +12:00
Aldo Cortesi
dd55a3e0b6 Use SNI-indicated hostname for cert generation when not using upstream certs. 2012-06-27 12:12:11 +12:00
Aldo Cortesi
ceef6ee6be Enable SSL in transparent mode. 2012-06-26 23:51:38 +12:00
Aldo Cortesi
e6cdbefb3b Add transparent mode platform module for Linux. 2012-06-26 20:49:34 +12:00
Aldo Cortesi
ad893ad134 Transparent proxy command-line flag stub. 2012-06-26 20:08:24 +12:00
Aldo Cortesi
8ccfb376f3 Remove -T and -U command-line options.
They're redundant convenience options, and we need more space.
2012-06-26 19:57:59 +12:00
Aldo Cortesi
015a74fd14 We no longer store scheme on ServerConnection. 2012-06-26 18:29:12 +12:00
Aldo Cortesi
52d0536d2c Use new TCPClient.convert_to_ssl API. 2012-06-25 15:53:26 +12:00
Aldo Cortesi
e08f91c237 Port to explicit netlib connection API. 2012-06-25 11:37:12 +12:00
Aldo Cortesi
eac3b29d5f Factor read_response out into netlib. 2012-06-24 22:01:11 +12:00
Aldo Cortesi
4db2abc01c read_headers now returns an ODictCaseless object. 2012-06-24 21:49:59 +12:00
Aldo Cortesi
e7c75933e7 read_http_body -> read_http_body_request/response 2012-06-23 15:08:01 +12:00
Aldo Cortesi
874649f134 Adapt for API changes in netlib. 2012-06-23 14:06:34 +12:00
Aldo Cortesi
7cb242c168 Move wsgi to netlib. 2012-06-19 10:42:55 +12:00
Aldo Cortesi
1b1ccab8b7 Extract protocol and tcp server implementations into netlib. 2012-06-19 09:58:50 +12:00
Aldo Cortesi
7b9756f48e Refactor protocol.py to remove dependence on flow and utils. 2012-06-17 10:52:39 +12:00
Aldo Cortesi
aae8a9959c Pull out protocol components into protocol.py 2012-06-16 21:23:32 +12:00
Aldo Cortesi
d5a0099f49 Test suite and refactoring for netlib. 2012-06-16 16:22:51 +12:00
Aldo Cortesi
18a03c063e Simplify netlib and improve API. 2012-06-16 13:53:24 +12:00
Aldo Cortesi
4e53f1ee90 Rename our tcpserver to netlib, expand to include client network functions. 2012-06-16 13:38:10 +12:00
Aldo Cortesi
8ae64337ed Create our own TCP server class.
We're going to need more control for advanced features and speed, and we can
also ditch some of the idiocies in the SocketServer module.
2012-06-16 11:40:44 +12:00
Aldo Cortesi
c7952371b7 Fix a problem in ODictCaseless that could cause duplicate headers. 2012-06-15 17:40:08 +12:00
Aldo Cortesi
8ae3270807 Basic transparent mode. 2012-06-15 09:47:04 +12:00
Aldo Cortesi
a9495dc02f Refactor test suite to make room for transparent mode tests. 2012-06-15 09:20:10 +12:00
Aldo Cortesi
176d819559 Move server comms to OpenSSL. 2012-06-14 21:57:55 +12:00
Aldo Cortesi
8dabf88ae5 Remove ability to specify SSL ciphers.
We can re-introduce this if there's demand - the feature needs a bit more thought.
2012-06-14 15:29:54 +12:00
Aldo Cortesi
8a9352b3f7 First draft conversion of server to PyOpenSSL. 2012-06-13 18:16:47 +12:00
Aldo Cortesi
d032504b17 Fix an exception when replaying a flow with no response. 2012-06-10 17:10:43 +12:00
Aldo Cortesi
d60fa9918b Localise client connection object manipulation.
This simplifies the call signature for a bunch of functions.
2012-06-10 16:49:59 +12:00
Aldo Cortesi
1f659948cd Refactor request processing at mitmproxy's core.
Gradually cleaning up towards a state machine model.
2012-06-10 16:02:48 +12:00
Aldo Cortesi
236447c65f Pass server HTTP version back to clients. 2012-06-10 13:29:09 +12:00
Aldo Cortesi
6ba5f0f35b Add HTTP version to response objects.
Another change in the serialization format.
2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9 Refactoring of proxy.py
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
2012-06-10 13:17:18 +12:00
Aldo Cortesi
55ddf853cd Add HTTP version to flow.Request
This is a serialization format change, that makes us incompatible with previous
versions.
2012-06-10 10:46:22 +12:00
Aldo Cortesi
a3b47e0cb5 Consolidate HTTP major and minor versions into a single variable. 2012-06-10 10:31:04 +12:00
Aldo Cortesi
8254187bf3 Add proxy.should_connection_close, and strip out unused code. 2012-06-10 10:10:46 +12:00
Aldo Cortesi
0c458e2f1a Refactor ServerConnection API. 2012-06-10 08:13:50 +12:00
Aldo Cortesi
987f443b5d Ignore incorrectnesses in traffic if they don't affect us. 2012-06-09 21:45:22 +12:00
Aldo Cortesi
9130cd63d3 Significant cleanup of proxy internals.
Dispense with the loose parsing of client requests that we had before. We now
have service modes ("proxy" and "reverse proxy" for now), and we only accept
requests that are appropriate for the mode we're in.
2012-06-09 21:27:43 +12:00
Aldo Cortesi
05492baf8d Move from requests to human_curl.
It turns out that _none_ of the Python stdlib or anything that relies on it
supports CONNECT through a proxy. Beggars belief, but there you go.
2012-06-09 16:17:51 +12:00
Aldo Cortesi
22192d1a46 Nose mopup: docs, no cover pragmas, a few missing path specs. 2012-06-09 13:55:55 +12:00
Aldo Cortesi
b7b357528c Port mitmproxy test suite entirely to nose. 2012-06-09 13:42:43 +12:00
Aldo Cortesi
903038b8de Merge branch 'master' into develop 2012-06-07 08:44:36 +12:00
Maximilian Hils
2a194f98ec add missing parser.add_option_group(group) 2012-06-06 01:26:19 +02:00
Aldo Cortesi
e9109812e1 Split parsing of intial line into separate protocols. 2012-06-03 06:04:57 -07:00
Aldo Cortesi
0a25c2263d Factor out conversion to SSL connection. 2012-06-03 01:54:11 -07:00
Aldo Cortesi
491f9bdcee Add unit tests for console/help.py 2012-06-03 01:11:07 -07:00
Aldo Cortesi
b36e37f9da Fix a traceback that sometimes occurred when an invalid limit was entered. 2012-06-02 18:41:44 -07:00
Aldo Cortesi
ee2950cd19 Fix a crashing bug when replacing text in a flow with unicode bodies. 2012-05-25 18:10:31 -07:00
Aldo Cortesi
a0c63b6108 Fix crash when adding a Response when none existed before. 2012-05-24 16:56:18 -07:00
Paul
5f8855df55 Added a switch to send client certificates to hosts 2012-05-23 23:09:03 +02:00
Aldo Cortesi
08d6da2941 Fix AttributeError when shutting down a writing mitmdump. 2012-05-17 09:47:04 +12:00
Aldo Cortesi
0a90a3eaba Refuse to replay a request with missing content. 2012-05-16 18:24:32 +12:00
Aldo Cortesi
b3901a7652 Add interface to mark content missing, and extend UI to indicate when content is missing. 2012-05-16 18:16:44 +12:00
Aldo Cortesi
0c2d894cea Add the ability to flag content as missing in a request or a response.
We'll use this in a number of situations. First, we'll soon have response
streaming that directly pipes responses to clients. These will be content-less
from mitmproxy's perspective. Second, we'll be growing new events that fire
after headers are received, but before content is read.
2012-05-16 15:42:58 +12:00
Aldo Cortesi
12b8a43dbe Bump version number. 2012-05-11 09:52:17 +12:00
Aldo Cortesi
d42fdc4ff6 Include a formatted exception in WSGI error page. 2012-05-07 21:34:01 +12:00
Aldo Cortesi
116fcfcf7a Internal error page for WSGI.
Also, 100% test coverage.
2012-04-27 15:56:42 +12:00
Aldo Cortesi
2fe54d17df Don't specify Content-Length on empty content.
Sometimes, mitmproxy would specify a content-length header value of 0 when
content was empty. Some rare servers (like piratebay.org) would barf on this.
2012-04-25 14:38:20 +12:00
Aldo Cortesi
efa98d514c Docs and comments for WSGI app example. 2012-04-24 14:58:18 +12:00
Aldo Cortesi
c8d2b2594b Add a WSGI adapter that lets us serve a WSGI app out of mitmproxy.
This commit adds:
    - A WSGI App adapter for mitmproxy
    - An app registry in the proxy instance that lets us link WSGI apps with
    (hostname, port) combinations.
    - Fixes for a number of bugs discovered while creating this feature.
2012-04-24 14:52:29 +12:00
Aldo Cortesi
51789228be Fix PKCS12 cert generation. 2012-04-15 12:48:07 +12:00
Aldo Cortesi
2162ce1ae3 Shut mitmdump down gracefully on SIGTERM.
This is a hack at the moment, but needs must.
2012-04-15 10:35:19 +12:00
Aldo Cortesi
8c96264304 Serialized data version check. 2012-04-11 10:10:53 +12:00
Aldo Cortesi
24a8dc408c Minor cruft removal. 2012-04-09 11:42:56 +12:00
Aldo Cortesi
d7748cea4f Minor name refactoring, make flow list refresh after limit is applied. 2012-04-09 10:05:13 +12:00
Aldo Cortesi
8fa96d1f3f Add an index counter to status bar. 2012-04-09 09:48:39 +12:00
Aldo Cortesi
5553eb6371 Add some missing help entries. 2012-04-08 20:16:25 +12:00
Aldo Cortesi
4e2d19714c Add an "f" shortcut key to load full body contents. 2012-04-08 19:44:01 +12:00
Aldo Cortesi
618a9c0e2b Merge branch 'master' of ssh.github.com:cortesi/mitmproxy 2012-04-08 15:15:02 +12:00
Aldo Cortesi
c1788c37a1 Wrap on any character for body text display. 2012-04-08 15:00:38 +12:00
Aldo Cortesi
7d90eb65ed Catch all errors when using jsbeautifier.
Turns out there are some problems that can raise arbitrary exceptions.
2012-04-08 14:40:59 +12:00
Aldo Cortesi
a4f7728fad XML/HTML pretty view tweaks. 2012-04-07 22:15:31 +12:00
Aldo Cortesi
f1dc3f2ab2 Integrate lxml for pretty-printing HTML and XML.
Tackling the pretty-printing performance problem head-on, at the cost of a
major dependency.
2012-04-07 13:47:03 +12:00
Aldo Cortesi
8385e586c0 Work around an Urwid crashing bug.
https://github.com/Nic0/tyrs/issues/115
2012-04-05 10:21:56 +12:00
Aldo Cortesi
5fdf710c81 Always use ODictCaseless for headers. 2012-04-04 19:46:39 +12:00
Aldo Cortesi
786e304bb9 Android configuration docs. 2012-04-04 15:58:46 +12:00
Aldo Cortesi
4da8054e21 Docs: replacements, upstream certs.
Also, move reverse proxy command-line flag to -P.
2012-04-04 14:17:26 +12:00
Aldo Cortesi
8110a9a3eb Start prepping docs for 0.8
Also add an interactive upstream-cert option to mitmproxy, and repair help for
R shortcut.
2012-04-04 11:24:58 +12:00
Aldo Cortesi
79a0334a02 Improve revert model
- Flows are backed up whenever an interactive, non-script change is made.
- That backup is canonical and never changed - "V" will always revert to it.

This makes more sense than what we had previously....
2012-04-04 09:47:57 +12:00
Aldo Cortesi
ab0e10e60f Serialize requestcount for ClientConnect objects. 2012-04-03 22:37:24 +12:00
Aldo Cortesi
b9737ed89e Return a datetime object from SSLCert notbefore and notafter properties. 2012-04-03 22:23:07 +12:00
Aldo Cortesi
c6896d7392 Add ClientConnect info to details view. 2012-04-03 11:28:07 +12:00
Aldo Cortesi
61fab03b24 Add a details page, available from a flow view with the 'X' shortcut
At the moment, this shows the upstream SSL certificate details. More
fine-grained detail that doesn't fit in the flow view itself will be added.
2012-04-03 11:10:25 +12:00
Aldo Cortesi
f526e5fa12 Minor unit test bump. 2012-04-03 09:52:26 +12:00
Aldo Cortesi
4979a22d3e Add accessor method for SSLCert object on Response. 2012-04-02 17:02:23 +12:00
Aldo Cortesi
ab1d8fa350 Expand SSL cert support
- Capture the remote SSL certificate
- Expose the remote cert as an attribute on Response
- Expand the certutils.SSLCert interface to expose more cert info
2012-04-02 16:21:23 +12:00
Aldo Cortesi
bb03255da0 Nicer coloring for HTTP response codes.
20x: green
30x: blue
40x: orange
50x: light red
other (non-standard or uncommon): dark red
2012-04-02 14:08:30 +12:00
Aldo Cortesi
c02fdb2463 Refactor proxy.Server to fix a crash when replaying with -n 2012-04-02 13:24:51 +12:00
Aldo Cortesi
f13e2213ea Make it clearer when we fall back to Raw. 2012-04-02 11:22:01 +12:00
Aldo Cortesi
42d06a05c0 Add an option to allow clearing of display mode override. 2012-04-02 11:16:20 +12:00
Aldo Cortesi
7ed1c1c231 More sensible display mode override indicator. 2012-04-02 11:10:55 +12:00
Aldo Cortesi
c6ee813479 Only cache the calculated body of a view.
This simplifies the code, and loses no time.
2012-04-02 11:01:38 +12:00
Aldo Cortesi
2df2fe0e4c Move "M" shortcut key to global scope.
You now don't have to be viewing a flow to change global default view.
2012-04-02 10:49:57 +12:00
Aldo Cortesi
15cc09f1b8 Start rationalizing content views.
We now no longer have distinction between "pretty" view and hex/raw. Instead,
we simply a default AUTO view with a global override (M) and a local override
(m).
2012-04-02 10:30:35 +12:00
Aldo Cortesi
7fef0ecdf5 Make "T" pretty view over-ride persistent when switching between flows.
We do this by adding a flow settings mechanism to ConsoleState. This is pretty
rough at the moment and should become more sophisticated as needed.
2012-04-02 09:30:38 +12:00
Aldo Cortesi
35f4a1c424 Tune content viewing to maintain responsiveness:
- Reduce display cutoff to 20k.
- Make sure that we only indent the visible part of a JS body, not the whole
thing.
2012-04-01 10:09:25 +12:00
Aldo Cortesi
585bf9423f Fix GridEditor external edit functionality. 2012-03-30 19:51:40 +13:00
Aldo Cortesi
6dc945571d When paging through flows in flowview, indicate when there are no more flows. 2012-03-28 10:21:48 +13:00
Aldo Cortesi
a6df72cfc8 Generate better-formed CAs.
If you're having trouble with your certs in Firefox, you may want to delete
your .mitmproxy directory to re-generate the CA.
2012-03-27 17:01:18 +13:00
Aldo Cortesi
e9ac4bef20 Add a variant of cleanBin that escapes newlines and tabs.
Use this to fix the hex display option.
2012-03-27 11:25:50 +13:00
Aldo Cortesi
a2fddb4404 Add image pretty viewer to forcing options. 2012-03-26 11:48:35 +13:00
Aldo Cortesi
d187965233 Don't auto-view request if there's no response.
This is confusing when flicking through many flows.
2012-03-26 11:28:52 +13:00
Aldo Cortesi
a050eeef05 Add a pretty-viewer for images.
This shows basic image information like dimensions, plus extracted EXIF tags
and other metadata.
2012-03-26 11:26:02 +13:00
Aldo Cortesi
b6725ee802 Add Javascript to manual pretty type over-rides. 2012-03-25 11:31:36 +13:00
Aldo Cortesi
a979e1ad50 Re-enable caching for content view calculation. 2012-03-25 11:18:33 +13:00
Aldo Cortesi
2240d2a6a5 Pretty view now indents Javascript.
Thanks to the JSBeautifier project, which is now included in the contrib directory.
2012-03-25 10:56:45 +13:00
Aldo Cortesi
74c51df580 Re-enable simple multipart form parsing and preview. 2012-03-25 10:10:48 +13:00
Aldo Cortesi
62e51018d0 Refactor pretty view mechanism.
Also start adding unit tests for this subsystem.
2012-03-24 14:20:24 +13:00
Aldo Cortesi
0d05068f91 Factor out content view apparatus into contentview.py 2012-03-24 11:21:58 +13:00
Aldo Cortesi
ed74ed24a0 Add error indications to GridEditor. 2012-03-23 13:28:33 +13:00
Aldo Cortesi
45ab22f0d9 Add modal help to GridEditor.
Also includes some minor refactoring and documentation stubs.
2012-03-22 14:57:57 +13:00
Aldo Cortesi
1441fade90 More work on pretty view forcing.
- Make this setting apply only to the currently viewed flow. I think it's more
likely that this is the behaviour the user will want, rather than globally
setting the pretty type.
- Update help.
2012-03-20 11:11:53 +13:00
Aldo Cortesi
2153835545 Refactor pretty view forcing somewhat.
- Use a lookup table of content types -> view modes.
- Add a urlencoded forcing. Remove "html" - at the moment it's the same as
"xmlish".
- Display type when forced.
2012-03-20 10:58:43 +13:00
Aldo Cortesi
2739cb4861 Add a simple parser for content type specifications. 2012-03-20 10:31:07 +13:00
Ulrich Petri
bc3ba4c993 Allow a flow view's pretty-printed body type auto-detection to be overridden by the user 2012-03-19 20:35:20 +01:00
Aldo Cortesi
50630d62fd Grid editor refinements.
- Correct column width calculation used in keystrokes. Arrow keys should now
work as expected in multi-line fields.
- Enable multi-line editing throughout. You now need to tab or esc to exit edit
mode.
2012-03-19 10:57:27 +13:00
Aldo Cortesi
0de97ad9e0 Add column headers to GridEditor. 2012-03-19 10:42:30 +13:00
Aldo Cortesi
65e88f49d4 Specialize GridEditor into a number of subclasses. 2012-03-19 10:12:06 +13:00
Aldo Cortesi
5690e7c399 Generalize GridEditor to N columns.
Start adding a replacement rule editor.
2012-03-18 14:39:21 +13:00
Aldo Cortesi
18d0e840b5 KVEditor -> GridEditor 2012-03-18 09:48:27 +13:00
Aldo Cortesi
552146d015 Move mitmproxy reverse proxy shortcut to "P".
Also don't expose help from the help screen.
2012-03-18 09:22:43 +13:00
Aldo Cortesi
ac6987c54a Fix unit tests. 2012-03-17 17:29:25 +13:00
Aldo Cortesi
76175672ad Add specification of replacement patterns on the command line. 2012-03-17 17:20:34 +13:00
Aldo Cortesi
c8ae1e85b3 Hooks -> ReplaceHooks
It makes more sense to specialize this, which will let me build a nicer
interface for replacement hooks in mitmproxy.
2012-03-17 11:31:05 +13:00
Aldo Cortesi
08f410cacc Add a hooks mechanism, based on filter expressions. 2012-03-16 17:13:11 +13:00
Aldo Cortesi
d138af7217 replace() methods now decode and re-encode contents before substitution. 2012-03-16 11:24:18 +13:00
Aldo Cortesi
d51b8cab0c Add a decoded context manager.
This simplifies a common chore when modifying traffic - decoding the object,
modifying it, then re-encoding it with the same encoding afterwards. You can
now simply say:

with flow.decoded(request):
    request.content = "bar"
2012-03-16 11:12:56 +13:00
Aldo Cortesi
8d662e6636 Set a "unique" serial number for each generated cert. 2012-03-14 11:20:25 +13:00
Aldo Cortesi
fa6305ee98 Cleanliness fixes.
- Remove unused code during previous commit.
- Code coverage fixes.
2012-03-12 11:25:50 +13:00
Aldo Cortesi
22d4559a7a Use PyOpenSSL for certificate generation.
We no longer call external OpenSSL commands at all.
2012-03-11 14:34:17 +13:00
Aldo Cortesi
4e13ab1d05 Replace CA generation with PyOpenSSL version.
We no longer call an external command.
2012-03-11 13:33:22 +13:00
Aldo Cortesi
d57a1d6035 Merge remote-tracking branch 'meeee/master' 2012-03-10 13:48:13 +13:00
Aldo Cortesi
3f2d1381d0 Repair unit tests after nopop introduction. 2012-03-10 13:42:10 +13:00
Aldo Cortesi
d3aad7a185 Merge remote-tracking branch 'taiste/server-replay-pop' 2012-03-10 13:36:50 +13:00
Michael Frister
23f7214fc3 Fix SSL requests with Transfer-Encoding: chunked
Add size parameter to FileLike.readline, used by read_chunked.
2012-03-08 23:10:21 +01:00
Michael Frister
e67dbf6123 Handle Transfer-Encoding header values case insensitive
According to HTTP/1.1 RFC 2616 Section 3.6.
2012-03-08 23:09:19 +01:00
Valtteri Virtanen
93565392cd Adds space between sentences on no-pop's help 2012-03-05 11:56:03 +02:00
Valtteri Virtanen
ed56d67cea Adds no-pop option to server-side replay 2012-03-05 11:05:11 +02:00
Aldo Cortesi
e1356dd2b6 Create an SSL certificate class. 2012-03-05 10:22:47 +13:00
András Veres-Szentkirályi
15ad7704d2 Removed imports left unused after Py{OpenSSL,ASN1}
Commits 533f61f67a and
8b841bc9e3 left some imports unused while
swithing to PyOpenSSL and PyASN1 -- this commit removes these imports.
2012-03-01 16:20:34 +01:00
Aldo Cortesi
533f61f67a Use PyOpenSSL and PyASN1 for certificate parsing.
Yes, these are two more major dependencies for mitmproxy, but if we're going to
do all the cool things I want to do with SSL certs, there is no other way.
2012-03-01 21:08:44 +13:00
Aldo Cortesi
8b841bc9e3 Factor out cert operations in to certutils.py. 2012-02-29 13:20:53 +13:00
Aldo Cortesi
0bed5fae27 Rationalise upstream cert flag and variable names. 2012-02-28 11:37:48 +13:00
Aldo Cortesi
764724748b Fix cert generation harder. 2012-02-27 15:59:29 +13:00
Aldo Cortesi
2c73e8f816 Fix problems with SANs and certificate generation. 2012-02-27 15:36:19 +13:00
Aldo Cortesi
2ba8296843 Better certificate parsing. 2012-02-27 15:21:05 +13:00
Aldo Cortesi
00942c1431 Add upstream certificate lookup.
This initiates a connection to the server to obtain certificate information to
generate interception certificates. At the moment, the information used is the
Common Name, and the list of Subject Alternative Names.
2012-02-27 15:05:45 +13:00
Aldo Cortesi
4a2964985c Introduce a cache for flow list entries.
This gives a big boost to scroll performance for the flow list.
2012-02-27 10:00:44 +13:00
Aldo Cortesi
bd1d699040 Fix mitmproxy crash when passed -n flag. 2012-02-26 23:23:54 +13:00
Aldo Cortesi
3afa2c38fb Merge remote-tracking branch 'remotes/runeh/master' into runeh 2012-02-25 13:02:12 +13:00
Rune Halvorsen
bbfdc7b7de Use shlex to parse EDITOR. 2012-02-25 00:43:00 +01:00
Aldo Cortesi
986a41d180 Unit test++. 2012-02-25 12:19:54 +13:00
Aldo Cortesi
bcda65e453 Add mitmproxy version to status bar on Help screen.
Suggested by Jim Cheetham <jim.cheetham@otago.ac.nz>
2012-02-24 14:11:51 +13:00
Aldo Cortesi
5810e7c0df Make return arrow match return code color.
Suggested by Jim Cheetham <jim.cheetham@otago.ac.nz>
2012-02-24 14:01:17 +13:00
Aldo Cortesi
25fa596cd6 Fix detection of URL-encoded forms.
Thanks to Paul Capestany <capestany@gmail.com> for reporting this.
2012-02-24 13:03:24 +13:00
Aldo Cortesi
ddc9155c24 Make "~q" filter work more intuitively.
It now matches any flow that has no response.
2012-02-23 17:06:09 +13:00
Aldo Cortesi
2df9c52c09 Refactor filter matching. 2012-02-23 17:03:58 +13:00
Aldo Cortesi
ee8058a2d9 Confirm when we clear a request body to add a form. 2012-02-23 16:27:08 +13:00
Aldo Cortesi
554047da85 License notifications, minor docs. 2012-02-23 15:52:01 +13:00
Aldo Cortesi
3f6619ff59 Fall-back for non-unicode terminals. 2012-02-23 12:41:01 +13:00
Aldo Cortesi
4f38b3a9c0 Documentation and screenshots. 2012-02-22 17:17:13 +13:00
Aldo Cortesi
a4270efaf2 Always return an ODict from get_query 2012-02-21 13:00:45 +13:00
Aldo Cortesi
d2f5db1f37 connection -> flow in libmitmproxy/console
"Flow" is the correct term here - every connection can have multiple flows.
2012-02-21 12:42:43 +13:00
Aldo Cortesi
1af26bb915 Minor docs and example script fixes. 2012-02-21 12:32:56 +13:00
Aldo Cortesi
70dff87240 Tweaks for reverse proxy mode
- Unify key bindings over connection and connection list view
- Add help entry
- Unset reverse proxy when a blank value is specified
2012-02-21 11:01:39 +13:00
Aldo Cortesi
dbd75e02f7 Create ODictCaseless for headers, use vanilla ODict for everything else. 2012-02-20 11:29:36 +13:00
Aldo Cortesi
18029df99c Use ODict for request.get_form_urlencoded and set_form_urlencoded 2012-02-20 11:13:35 +13:00
Aldo Cortesi
fa11b7c9be Use ODict for Request.get_query and Request.set_query 2012-02-20 10:44:47 +13:00
Aldo Cortesi
2616f490fe Rename Headers class to ODict
ODict is an ordered dictionary class that will be useful in many other parts of
our API.
2012-02-20 10:39:00 +13:00
Aldo Cortesi
25a06c3ec1 Minor doc fixes and import cleanups. 2012-02-20 10:15:58 +13:00
Aldo Cortesi
0c3035a2b5 Start preparing for 0.7
Update CHANGELOG, CONTRIBUTORS, README.mkd, todo, and bump version.
2012-02-19 22:43:05 +13:00
Aldo Cortesi
86a19faf68 Fix crash when setting a limit when there are no flows. 2012-02-19 13:16:21 +13:00
Aldo Cortesi
9113277cd3 Fix bug in method filter matching. 2012-02-19 13:04:02 +13:00
Aldo Cortesi
77a33c441b Add duplicate_flow and replay_request hooks to ScriptContext. 2012-02-19 11:29:49 +13:00
Aldo Cortesi
0434988ade Add duplicate to connection view, and rename to "D". 2012-02-19 00:32:20 +13:00
Aldo Cortesi
d32d6bc5e3 Add "p" key binding to connection list view to copy a flow. 2012-02-19 00:17:47 +13:00
Aldo Cortesi
8ddc3b4ef2 Add API for duplicating flows. 2012-02-18 23:56:40 +13:00
Aldo Cortesi
5f1d7a0746 Missing import, plus fix body divider palette. 2012-02-18 18:54:27 +13:00
Aldo Cortesi
71ad7140be Consolidate palettes somewhat. 2012-02-18 18:48:08 +13:00
Aldo Cortesi
7aa79b89e8 Firm up what we consider to be a valid proxy spec. 2012-02-18 16:29:02 +13:00
Aldo Cortesi
6ad8b1a15d Firm up reverse proxy specification.
- Extract proxy spec parsing and unparsing functions.
- Add a status indicator in mitmproxy.
- Add the "R" keybinding for changing the reverse proxy from within mitmproxy.
2012-02-18 16:27:09 +13:00
Aldo Cortesi
a7df6e1503 Refactor reverse proxying
- Retain the specification from the Host header as a Request's description.
- Expand upstream proxy specifications to include the scheme. We now say https://hostname:port
- Move the "R" revert keybinding to "v" to make room for a reverse proxy
binding that matches the command-line flag.
2012-02-18 14:45:22 +13:00
Aldo Cortesi
acdc2d00b4 Repair unit tests. 2012-02-18 12:27:59 +13:00
Aldo Cortesi
14def89f50 Fix a problem in deserialization of flows with errors. 2012-02-18 12:25:22 +13:00
Aldo Cortesi
4ed8031172 Jazz up flow display
- Indicate interception by coloring text, rather than adding an exclamation
mark.
- Use unicode symbol to indicate replay and for the response indicator arrow.
2012-02-18 12:12:01 +13:00
Aldo Cortesi
08fdd23e23 Refactor the way we display flows.
Use columns to make spacing nicer, and to ensure that long URLs don't bugger up
formatting when they spill into the next line.
2012-02-18 11:11:59 +13:00
Heikki Hannikainen
a3509b7f22 reverse proxy mode: small comment clarification 2012-02-16 16:36:49 +02:00
Heikki Hannikainen
a82ac9eaf0 Implemented reverse proxy mode: -R upstreamhost:port makes the
proxy accept a 'GET / HTTP/1.0' request and fill up the destination
host and port from the ones given with -R (for example,
"-R localhost:80").
2012-02-16 16:33:27 +02:00
Aldo Cortesi
f25156a637 Better formatting for headers, help and other key-value displays.
We now use proper Columns, rather than laying it out manually.
2012-02-11 18:23:07 +13:00
Aldo Cortesi
3e70fa8d58 Fix a minor keypress glitch in connection view. 2012-02-11 11:31:57 +13:00
Aldo Cortesi
586472e364 Revamp the way request and response bodies are displayed. 2012-02-11 11:25:35 +13:00
Aldo Cortesi
1ad7e91527 Make filter matching act more sensibly. 2012-02-10 15:31:45 +13:00
Aldo Cortesi
5f785e26b9 Add filter for detecting flows with errors.
Also, remove dependency on weird _is_response method.
2012-02-10 15:22:26 +13:00
Aldo Cortesi
b14c29b25c Expand test coverage. 2012-02-10 15:04:20 +13:00
Aldo Cortesi
5326b7610a Enable editing of urlencoded form data with KVEditor. 2012-02-10 14:35:23 +13:00
Aldo Cortesi
9c985f2d20 Methods for getting and setting form urlencoded data on Request. 2012-02-10 14:27:39 +13:00
Aldo Cortesi
d9fda2b207 Add "d" for delete shortcut to flow view. 2012-02-09 17:00:37 +13:00
Aldo Cortesi
00d3395359 Add a built-in query string editor using KVEditor. 2012-02-09 16:47:32 +13:00
Aldo Cortesi
2709441d5b Add get_query and set_query methods to Request. 2012-02-09 16:40:31 +13:00
Aldo Cortesi
46bd780862 Gracefully handle invalid data format passed to -r flag. 2012-02-09 12:09:40 +13:00
Aldo Cortesi
d3dce8f943 KVEditor: make tab key do the expected thing at the end of the value set. 2012-02-09 11:36:10 +13:00
Aldo Cortesi
a1ecd25e8b KVEditor: fix crash when editing empty set. 2012-02-09 11:32:29 +13:00
Aldo Cortesi
d564086377 KVEditor: show a msg when editing an empty set of values
Just having nothing on screen can be confusing to users.
2012-02-09 11:30:35 +13:00
Aldo Cortesi
4914dbc971 Allow user to specify non-standard request methods when editing a flow.
Addresses feature request in #27
2012-02-09 09:38:11 +13:00
Aldo Cortesi
e484e667a6 Fix import missed during refactoring.
Addresses issue #26
2012-02-09 08:14:00 +13:00
Aldo Cortesi
46c5982d3d Fix a crash and some sizing issues in KVEditor.
Mostly arising when editing an empty header set.
2012-02-08 23:42:56 +13:00
Aldo Cortesi
205d2ad577 Fix attribute error.
Should address issue #23
2012-02-08 23:17:03 +13:00
Aldo Cortesi
5df0b9e961 Further keybinding consolidation.
Also, move KVEditor's "i" binding to "A" to avoid clashes with global bindings.
2012-02-08 22:55:48 +13:00
Aldo Cortesi
866a93a8bc Start consolidating keybindings.
I want each view to have a more coherent set of bindings. This means minimizing
the global bindings, and making some bindings accessible only from screens
related to their functionality.
2012-02-08 22:28:15 +13:00
Aldo Cortesi
e3f28e1c06 Move to context-dependent help model.
The all-in-one page was just getting too unwieldy.
2012-02-08 21:47:39 +13:00
Aldo Cortesi
76f2595df7 KVEditor: "e" shortcut spawns an external editor on a field. 2012-02-08 18:25:00 +13:00
Aldo Cortesi
4026aa2e5f KVEditor: make tab behaviour nicer
If we tab while editing, stop editing if we are taken to the next row.
2012-02-08 17:55:17 +13:00
Aldo Cortesi
d41095c35e "i" shortcut to insert for KVEditor. 2012-02-08 17:52:43 +13:00
Aldo Cortesi
2b6bedac0e Add and delete for KV editor. 2012-02-08 16:55:11 +13:00
Aldo Cortesi
8b5e081233 Refine look and feel, make editor operate on copy of data. 2012-02-08 16:43:11 +13:00
Aldo Cortesi
64360f5996 Editing now works. 2012-02-08 14:58:48 +13:00
Aldo Cortesi
7e6196511f Editable fields for KVEditor. 2012-02-08 14:07:17 +13:00
Aldo Cortesi
cdd5a53767 Refactor console.
Split the console implementation out into logical components.
2012-02-07 16:39:37 +13:00
Aldo Cortesi
f7b3a6d571 Expand KV mockup. 2012-02-07 12:06:31 +13:00
Aldo Cortesi
a98d287e26 Refactor keypress handling.
We now let views over-ride global keys, rather than the other way round.
2012-02-06 11:06:54 +13:00
Aldo Cortesi
71642eac65 Make space = page down global. 2012-02-06 10:22:51 +13:00
Aldo Cortesi
4b9ee4c31e Very basic KV editor mockup. 2012-02-06 09:49:49 +13:00
Aldo Cortesi
5075ede6a9 Make adding a response to a response-less flow nicer. 2012-01-23 13:25:15 +13:00
Aldo Cortesi
c6150cc198 Address an issue that allows a malicious client to place certificate files in arbitrary directories.
Thanks to David Black (disclosure@d1b.org) for pointing this out.
2012-01-21 14:26:36 +13:00
Aldo Cortesi
d5e3722c97 Fix an issue caused by some editors when editing a request/response body.
Many editors make it hard save a file without a terminating newline on the last
line. When editing message bodies, this can cause problems. For now, I just
strip the newlines off the end of the body when we return from an editor.
2012-01-21 12:43:00 +13:00
Mark E. Haase
05111f093d Add support for filtering by HTTP method (get, post, etc.) using ~m operator. 2011-12-28 17:32:29 -05:00
Mark E. Haase
965d318164 Help docs have ~r as an example but ~r isn't valid. I think it's supposed to be ~q. 2011-12-28 16:47:30 -05:00
Aldo Cortesi
28fd3bd461 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-10-26 14:49:48 +13:00
Aldo Cortesi
3b246f7e27 Simple fix for a unicode error when editing a request URL. 2011-10-26 14:49:15 +13:00
meeee
ae79fe1660 Handle missing message/reason phrase in HTTP response status line gracefully by adding an empty one. 2011-09-26 00:44:43 +03:00
Aldo Cortesi
ee71bcfbe8 Fix a rare crash when a new cert is generated during cerdir removal. 2011-09-11 09:06:46 +12:00
Aldo Cortesi
d9db1cf5b3 Change size limit cmdline flag to -Z, enable size limits for replay. 2011-09-09 17:31:36 +12:00
Aldo Cortesi
67f2610032 Add HTTP body size limit specification to command-line tools. 2011-09-09 15:27:31 +12:00
Aldo Cortesi
28daa93268 Basic infrastructure for request and response body size limits. 2011-09-09 14:49:34 +12:00
Aldo Cortesi
e5bded7dee Improve robustness against invalid data. 2011-09-05 07:47:47 +12:00
Aldo Cortesi
4cb0e5bfb4 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-09-04 10:51:09 +12:00
Aldo Cortesi
d1ff527550 Reset exit flag when proxy starts. 2011-09-04 10:50:00 +12:00
Aldo Cortesi
4ac59a7859 Fix a rare crash in sticky cookies. 2011-08-26 18:03:03 +12:00
Aldo Cortesi
8fbba59e8d Fix a problem with sticky cookie domain matching.
Just like everything else cookie-related in the standard library,
cookielib.domain_match is fucked up.
2011-08-26 17:37:12 +12:00
Aldo Cortesi
45f4768a5c Add attribution and license for tnetstring.py 2011-08-19 21:53:52 +12:00
Aldo Cortesi
a566684e32 Move to typed netstrings for serialization.
This change is backwards incompatible with the old serialization format!
2011-08-19 21:30:24 +12:00
Aldo Cortesi
34adc83c71 Revert changes to contrib/pyparsing.py
We want this module to match upstream.
2011-08-19 09:58:44 +12:00
András Veres-Szentkirályi
6f00987850 Optimized single character check 2011-08-18 23:33:14 +02:00
András Veres-Szentkirályi
9abff4f0ac Removed unused imports 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
e9006ae199 Optimized list appending 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
82245298f4 Removed assignments to unused variables 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
b1dc418a53 Replaced unnecessary lists with generators 2011-08-18 23:29:57 +02:00
Aldo Cortesi
25f12b0e5d Add a basic Flow processor example. 2011-08-13 13:51:38 +12:00
Stephen Altamirano
4d02ae0582 First pass at implementing pretty view for multipart/form-data 2011-08-10 00:49:21 -07:00
Aldo Cortesi
8309ab0ec8 Prep for 0.6 release.
- Update contributors file.
- Bump version number
- Include version number in docs
2011-08-06 21:19:22 +12:00
Aldo Cortesi
f23818ceea Add a "done" event for scripts.
Called exactly once after all other events.
2011-08-05 14:08:03 +12:00
Aldo Cortesi
ce48cb4deb Make scripted rewriting of saved traffic work in mitmdump. 2011-08-05 09:41:29 +12:00
Aldo Cortesi
87623a8d75 Rip out autodecode
We simplify things as follows:

    - If we're in "pretty" view mode, we autodecode.
    - Otherwise, we display raw data, and the user can manually encode/decode
    with z shortcut.
2011-08-04 10:54:42 +12:00
Aldo Cortesi
b51aac8a86 Code cleanliness - appease pychecker. 2011-08-04 10:34:34 +12:00
Aldo Cortesi
730c78ac53 Move script.Context to flow.ScriptContext 2011-08-04 10:14:44 +12:00
Aldo Cortesi
1662b8505b Clean pydoc profile for flow.Flow 2011-08-04 09:56:44 +12:00
Aldo Cortesi
8ef208a9e2 Clean pydoc profile for flow.Response, flow.Error 2011-08-04 09:44:48 +12:00
Aldo Cortesi
7a3b871b33 Request class now has a clean pydoc profile. 2011-08-04 09:26:26 +12:00
Aldo Cortesi
0760607a7d Further interface cleaning. 2011-08-03 23:02:33 +12:00
Aldo Cortesi
9042d3f3b9 Clean up interfaces by making some methods pseudo-private. 2011-08-03 22:48:57 +12:00
Aldo Cortesi
57c653be5f Move all HTTP objects to flow.py
That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
2011-08-03 22:41:38 +12:00
Aldo Cortesi
9d0e3c8d61 Doc and help adjustments. 2011-08-03 19:15:01 +12:00
Aldo Cortesi
028d5bacc5 Make "C" clear eventlog when it has focus. 2011-08-03 17:41:13 +12:00
Aldo Cortesi
e337682d8e Enable "|" command to run a oneshot script on a single flow. 2011-08-03 17:35:18 +12:00
Aldo Cortesi
cfc6e8777e Add script set/unset shortcut for mitmproxy. 2011-08-03 17:14:11 +12:00
Aldo Cortesi
e3196dac4d Move commands around to make space for "s" script shortcut.
New commands are:

"w" - save all flows
"W" - save this flow
"S" - server replay
2011-08-03 16:52:41 +12:00
Aldo Cortesi
179cf75862 Add script hooks, enable new engine for mitmdump. 2011-08-03 16:36:20 +12:00
Aldo Cortesi
f7e4e89b12 Move the event notification mechanism into flow.py 2011-08-03 13:33:18 +12:00
Aldo Cortesi
12d2b1f926 Rip out old script interface, start replacing with new stubs.
Scripts are broken for now.
2011-08-03 13:20:36 +12:00
Aldo Cortesi
62088a6661 Start stubbing out a much more powerful script architecture. 2011-08-03 11:06:29 +12:00
Aldo Cortesi
a817db5bd6 Refresh current connection when toggling autodecode.
Also fix the unit tests I forgot to commit...
2011-08-02 20:47:53 +12:00
Aldo Cortesi
8cc0469ee7 Tweak encoding behaviour
- Don't fail to identity encoding when an unknown encoding is specified.
- Don't constrain encodings. I want to try to modify traffic as little as
possible by default.
- When decoding, delete content-encoding header rather than set it to "identity"
- Refuse to decode/encode when there is an existing but unknown
content-encoding header.
2011-08-02 20:42:46 +12:00
Aldo Cortesi
bb6ec29b18 Fix encoding import crash. 2011-08-02 16:55:54 +12:00
Aldo Cortesi
1ff6a767d0 Unit test++ 2011-08-02 16:52:47 +12:00
Aldo Cortesi
357502fe03 General cleanup.
Cut out unused variables and code, generally shut up pychecker as much as is
reasonable.
2011-08-02 16:14:33 +12:00
Aldo Cortesi
17835b9b78 Fix a rare undefined variable crash in proxy.py. 2011-08-02 15:43:35 +12:00
Aldo Cortesi
a1456742a8 Make ConnectionList key bindings work even if there are no entries. 2011-08-02 15:35:54 +12:00
Aldo Cortesi
f3742f29da We no longer need to track clientconnections. 2011-08-02 14:56:09 +12:00
Aldo Cortesi
f3f8462ddc Make the mitmproxy eventlog display useful information. 2011-08-02 14:17:15 +12:00
Aldo Cortesi
73a7d893e3 Give a visual indication that the eventlog has focus. 2011-08-02 11:02:23 +12:00
Aldo Cortesi
759f5d71a6 Initial key bindings and event handlers for event log. 2011-08-02 10:48:29 +12:00
Aldo Cortesi
af92153974 Start stubbing out a UI for the eventlog in mtimproxy. 2011-08-02 09:17:54 +12:00
Aldo Cortesi
9b398c03ab Exit with error if mitmproxy can't load a file specified on cmdline. 2011-08-01 13:27:46 +12:00
Aldo Cortesi
675b3133b4 Improve performance of loading flows from a file hugely.
Fell into the "expensive __eq__ method" trap. Oh, Python, you little scamp.
2011-08-01 11:26:09 +12:00
Aldo Cortesi
43f1c72511 Refactor the way we calculate views of the flow list.
The naive approach we used before recalculated the view on every access, and
consequently had serious performance problems.
2011-08-01 11:17:01 +12:00
Aldo Cortesi
ddb5748a76 Add decoding/encoding for requests. 2011-08-01 10:43:01 +12:00
Aldo Cortesi
c89c4361c3 Merge remote-tracking branch 'alts/encoding' 2011-07-28 11:19:07 +12:00
Stephen Altamirano
78049abac1 Changes replace logic to function in both Python 2.6.x and 2.7.x
Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
2011-07-26 22:47:08 -07:00
Stephen Altamirano
c1eaa9f74c Adds encode and decode methods to Response objects 2011-07-26 22:03:41 -07:00
Aldo Cortesi
e6288e2d07 Fix crash when sticky cookies are read from file.
Cookielib expects strings, not unicode.
2011-07-24 16:08:27 +12:00
Aldo Cortesi
0f4ae61e7d Fix a crash in mitmdump event display. 2011-07-23 16:59:48 +12:00
Aldo Cortesi
6cd32bf96f Unbreak mitmproxy. Oops. 2011-07-23 13:39:17 +12:00
Aldo Cortesi
3648c7953a Extend eventlog information.
Also, squash an SSL-related bug revealed by the extended logging.
2011-07-23 13:37:06 +12:00
Aldo Cortesi
4043829cf2 Add an eventlog option to mitmdump
This shows client connections, disconnections and requests (before a complete
flow is assembled). We need to add an analogous display to mitmproxy.
2011-07-23 12:57:54 +12:00
Aldo Cortesi
689f5f0d1f Don't turn off output if -v flag is passed more than twice. 2011-07-23 11:50:30 +12:00
Aldo Cortesi
47e1695512 Also replace strings path for requests. 2011-07-22 20:52:13 +12:00
Aldo Cortesi
6ce8b49e05 Make script pipe globally available. 2011-07-22 19:09:32 +12:00
Aldo Cortesi
1b961fc4ad Add utility functions to search and replace strings in flows
This is a common task in pentesting scenarios. This commit adds the following
functions:

utils.Headers.replace
proxy.Request.replace
proxy.Response.replace
flow.Flow.replace
2011-07-22 17:48:42 +12:00
Stephen Altamirano
9c24401b18 Removes last_encoding attribute from Response. Prompts for encoding on identity responses 2011-07-21 22:09:48 -07:00
Stephen Altamirano
74d8b18408 Removes should_autodecode attribute from Response. Adds commandline option 'd' to toggle autodecode, adds togglable option 'd' to do the same 2011-07-21 20:22:13 -07:00
Aldo Cortesi
5936a48e59 Drop cert expiry time to avoid a bug in some OpenSSL versions. 2011-07-22 11:11:45 +12:00
Stephen Altamirano
aa7f8ac90b Switches hotkeys. En/decode is now bound to 'z', kill connection now 'X' 2011-07-20 00:14:24 -07:00
Stephen Altamirano
ebfa9b2a5d Fixes issue #10 regarding broken json printing 2011-07-19 10:51:49 -07:00
Stephen Altamirano
25b0631190 Switches hotkey to unused 'g', adds help message 2011-07-18 22:04:23 -07:00
Stephen Altamirano
1c5434d72c Adds ability to toggle between encodings in the response view 2011-07-18 21:52:40 -07:00
Stephen Altamirano
ecd4645988 Adds encode counterparts to decode functions 2011-07-17 20:16:47 -07:00
Aldo Cortesi
b0849387b7 Add explicit notice when data has been auto-decoded. 2011-07-18 14:18:47 +12:00
Aldo Cortesi
669ce8ee7c Correctly detect urlencoded data
This broke when we introduced case preservation for headers.
2011-07-17 15:31:58 +12:00
Aldo Cortesi
6df4be93e3 Fix error in anticomp commandline specification. 2011-07-17 14:36:38 +12:00
Aldo Cortesi
f756d3bec1 Make help display for options nicer. 2011-07-17 11:14:18 +12:00
Aldo Cortesi
1559ded009 Expose the anticompression flag as an option through the "o" key in mitmproxy. 2011-07-17 10:34:43 +12:00
Aldo Cortesi
ce41046786 Refine encoding support
- Push decoding down into the LRU cache
- Cope gracefully with corrupted data and incorrect encoding headers
2011-07-17 10:25:25 +12:00
alts
6dc0f105cc Adds support for content encoding, namely gip and deflate 2011-07-16 02:47:06 -07:00
Aldo Cortesi
94ae720a22 Add a pretty-printing mode for urlencoded form data. 2011-07-15 16:46:54 +12:00
Aldo Cortesi
76b4c6ba82 Introduce an anti-compression command-line argument.
This is on by default, which means we avoid compressed content unless the -z
flag is specified.
2011-07-15 15:24:56 +12:00
Aldo Cortesi
1a963b91bb Don't sort headers when displaying them in mitmproxy. 2011-07-14 17:20:32 +12:00
Aldo Cortesi
7e21ac0eb8 Refine path completion somewhat.
Make it match the behaviour of vim and mutt more closely
2011-07-14 16:54:04 +12:00
Aldo Cortesi
1c9e7b982a Rewrite Headers object to preserve order and case. 2011-07-14 16:01:54 +12:00
Aldo Cortesi
b6e1bf63c3 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-07-11 16:14:32 +12:00
Felix Wolfsteller
1a5b157c8f Specify certificate creation waiting time argument to fix type error in proxy.py . 2011-07-09 08:07:22 +00:00
Aldo Cortesi
65fbb7bd0d Bail out if no command was specified after | shortcut. 2011-07-08 21:41:00 +12:00
Aldo Cortesi
8e176c2086 Cast some data read from dump files to str, to prevent unicode promotion.
This fixes a bug that caused a traceback when de-serialized requests were
replayed. Also adds unit tests for the problem.
2011-07-01 14:20:42 +12:00
Aldo Cortesi
2a90ea69fd Show view mode in statusbar.
Also make "m" keyboard shortcut available globally.
2011-06-30 14:49:11 +12:00
Aldo Cortesi
37c8d3425d Fix edit prompt display, return code editing. 2011-06-30 14:30:48 +12:00
Aldo Cortesi
18d4c3a9e9 JSON pretty-printing.
Also rename the display modes ("pretty" instead of "indent"), and expand the
built-in documentation.
2011-06-30 13:27:27 +12:00
Aldo Cortesi
46ec8f52e7 Prep for 0.5 release
- Update CHANGELOG and CONTRIBUTORS
- Bump version
- Include Apple Gamecenter highscore setting tutorial in docs
2011-06-27 16:38:00 +12:00
Aldo Cortesi
0a642f2441 Make the certificate wait time configurable.
Since OpenSSL doesn't let us set certificate start times in the past, the
client and proxy machine time must be synchronized, or the client might reject
the certificate. We can bodgy over small discrepancies by waiting a few seconds
after a new certificate is generated (i.e. the first time an SSL domain is contacted).

Make this a configurable option, and turn it off by default.
2011-06-27 16:10:17 +12:00
Aldo Cortesi
f004326855 Try not to hang when user views large request & response bodies
Two different strategies here:

    - Use a simple heuristic to detect if we're looking at XML data when indent
    mode is used. On non-XML data we can hang even on small documents.

    - Only view partial data for large bodies. At the moment the cutoff is
    100k. I might finetune this later.
2011-06-27 15:59:17 +12:00
Aldo Cortesi
2ae7808ca9 Don't redraw the screen more often than necessary. 2011-06-27 14:01:08 +12:00
Aldo Cortesi
b04d074341 Repair a problem that sometimes caused SSL connections to peg the CPU. 2011-06-23 17:00:55 +12:00
Aldo Cortesi
0d9e0eac9a Don't backup flows before replay.
This lets us revert to the original request, even after replaying an edit.
2011-06-23 14:47:34 +12:00
Yuangxuan Wang
e56793f01e Fix urwid version parsing error when it's something like 0.9.10-pre 2011-06-20 16:18:55 +08:00
Aldo Cortesi
7d7803a4d9 Add a hideous kludge to fix not-yet-valid certificates.
- The OpenSSL x509 has no way to explicitly set the notBefore value on
certificates.

- If two systems have the same configured time, it's possible to return a
certificate before the validity start time has arrived.

- We "solve" this by waiting for one second when a certificate is first
generated before returning the cert. The alternative is to rewrite pretty much
all of our certificate generation, a thought too horrible to contemplate.
2011-06-11 15:16:16 +12:00
Aldo Cortesi
07110bbbf1 Anticache and refresh_server_playback options are applied before flows are loaded.
You can now use mitmdump to preview how these options work, by running mitmdump
against a set of saved flows, and viewing the output.
2011-05-15 12:23:34 +12:00
Aldo Cortesi
e285b17e3f Add -r option to mitmdump and mitmproxy.
This option reads a set of flows from a file. I've also regularized the
mitmdump and mitmproxy command-line signatures by removing mitmproxy's old way
of specifying flow loads through naked arguments.
2011-05-15 11:54:12 +12:00
Aldo Cortesi
613e9a298e Add a new flow loading mechanism.
We now simulate the normal connection flow when we load flows. That means
that we can run scripts, hooks, sticky cookies, etc.
2011-05-15 11:22:35 +12:00
Aldo Cortesi
6175d92583 Minor code cleanup - no need to recreate the master queue. 2011-05-14 12:12:03 +12:00
Aldo Cortesi
f89581be1b Add a -n option which tells the tools not to bind a proxy.
This is useful when you just want to inspect or process dumps.
2011-05-14 10:44:25 +12:00
Aldo Cortesi
d917cfd916 Refactoring. 2011-03-29 10:57:50 +13:00
Aldo Cortesi
c3105153a5 Add some debugging output to help troubleshoot a performance problem. 2011-03-27 13:10:06 +13:00
Aldo Cortesi
c0bd1a39e4 unit test coverage ++ 2011-03-20 18:52:16 +13:00
Aldo Cortesi
c726519e73 Add a stickyauth option.
This allows us to replay an HTTP Authorization header, in the same way as we
replay cookies using stickycookies. This lets us conveniently get at HTTP Basic
Auth protected resources through the proxy, but is not enough to do the same
for HTTP Digest auth. We'll put that on the todo list.
2011-03-20 17:31:54 +13:00
Aldo Cortesi
4f877cde6a Reverse order of flows in mitmproxy.
It matches user expectations much better to have new flows appended to the bottom.
2011-03-20 09:31:39 +13:00
Aldo Cortesi
e22fd74d06 Revamp key generation.
We now create three different files in the .mitmproxy directory when a dummy CA
is made:

mitmproxy-ca.pem - the CA, including private key

mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.

mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
2011-03-18 16:45:31 +13:00
Aldo Cortesi
3fbf343985 Tweak CA and cert setup to be nice to Windows.
For some reason Satan's Operating System doesn't join up the certification path
if the key identifiers are set to hash. This took a few hours of trial and
error to figure out.
2011-03-18 14:48:43 +13:00
Aldo Cortesi
907536503c Enable request and response script commandline arguments for mitmproxy. 2011-03-18 10:43:43 +13:00
Aldo Cortesi
fc9e0dcacb Maintain focus in mitmproxy when flows are loaded from file. 2011-03-18 10:33:32 +13:00
Aldo Cortesi
0e62dd479b Do id-based comparison rather than value-based comparison to establish flow focus.
This fixes a bug where focus would jump unpredictably between identical flows.
2011-03-18 10:21:59 +13:00
Aldo Cortesi
894d3cc62d Use path_prompt rather than plain prompt where needed in mitmproxy. 2011-03-18 10:14:57 +13:00
Aldo Cortesi
89b0ac5195 Server replay shortcut in mitmproxy can now be used to interrupt a current replay. 2011-03-18 09:43:47 +13:00
Aldo Cortesi
f97c144869 Client playback shortcut in mitmproxy can now be used to interrupt a current client playback. 2011-03-18 09:38:51 +13:00
Aldo Cortesi
4893e5e5a4 We have to pass -CAcreateserial after all. 2011-03-18 09:24:04 +13:00
Aldo Cortesi
e983253ecc Docs, minor cert tweaks. 2011-03-18 09:04:49 +13:00
Aldo Cortesi
394bd1d6b0 Interrupt interception when deleting an intercepting flow.
Prompting the user for this is annoying.
2011-03-15 17:53:29 +13:00
Aldo Cortesi
e3ad3790de Fix minor styling and glitches. 2011-03-15 17:37:09 +13:00
Aldo Cortesi
6d5c32ad4b Fix hang on shutdown. 2011-03-15 17:21:35 +13:00
Aldo Cortesi
fb28e71f0b Do pre-processing of requests before replay.
This enables scripts, anticache, server playback and sticky cookies for
request replays.
2011-03-15 15:11:03 +13:00
Aldo Cortesi
fe1e2f16ff Improve responsiveness of request and response viewing.
- Computing the view of a large body is expensive, so we introduce an LRU cache
to hold the latest 20 results.

- Use ListView more correctly, passing it individual urwid.Text snippets,
rather than a single large one. This hugely improves render time.
2011-03-15 13:05:33 +13:00
Aldo Cortesi
bb8adfb731 Use .stop() and .start() to restart curses around external spawns. 2011-03-14 16:09:06 +13:00
Aldo Cortesi
974cb03631 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-03-14 15:56:52 +13:00
Aldo Cortesi
9b961a8236 Use raw_display instead of curses_display. 2011-03-14 15:56:25 +13:00
Aldo Cortesi
c17cf5c6a0 Fix traceback when viewing hex mode. 2011-03-14 14:34:55 +13:00
Aldo Cortesi
897bd5c2b8 We no longer use pytz. 2011-03-14 13:47:51 +13:00
Aldo Cortesi
b4fab58c61 Indicate request and response replay status separately. 2011-03-13 21:53:26 +13:00
Aldo Cortesi
6cb40d03f4 Fix a number of small UI infelicities.
- Make request/response view switching behave sensibly
- Avoid having an empty string appear in connection view text. This makes urwid
misbehave.
- Make it clear that intercept and cookies specifications are filters.
2011-03-13 21:16:42 +13:00
Aldo Cortesi
038a6eb1a7 I've now added all the features I want for 0.4. Bump the version number. 2011-03-13 20:42:55 +13:00
Aldo Cortesi
1e47167ac6 Fix a traceback sometimes triggered viewing a connection with no response. 2011-03-13 20:03:13 +13:00
Aldo Cortesi
8d0152f2ff Add server replay to mitmproxy. 2011-03-13 17:11:59 +13:00
Aldo Cortesi
324d7c3955 Add client plaback to mitmproxy. 2011-03-13 16:50:11 +13:00
Aldo Cortesi
49c1532af7 Add anticache support for mitmproxy
Also stub out an option toggle command for anticache, killextra and norefresh
options.
2011-03-13 16:21:41 +13:00
Aldo Cortesi
ef27e2fb29 Rejigger status bar somewhat. Add indicators for various bits of state.
In particular, we now display limits, sticky cookie expressions and intercepts
in the bar.
2011-03-13 15:55:47 +13:00
Aldo Cortesi
18d25ec1a1 Fix stickycookie setting, indented view traceback. 2011-03-13 11:43:55 +13:00
Aldo Cortesi
0042687f0d Remove beep functionality from mitmproxy.
This acts funny (sometimes works, sometimes doesn't) and isn't really useful.
2011-03-13 11:26:30 +13:00
Aldo Cortesi
c901cbbada mitmproxy prompted input now display previously set value.
E.g. if you set a limit, then re-enter the limit prompt, you start with the
currently set value.
2011-03-13 11:24:49 +13:00
Aldo Cortesi
4ce393cc41 Unit tests for cmdline.py 2011-03-12 15:14:25 +13:00
Aldo Cortesi
96b10ca486 console.py 100% test coverage 2011-03-12 15:08:06 +13:00
Aldo Cortesi
fbbc43a5b2 netstring.py 100% unit test coverage. 2011-03-12 14:39:41 +13:00
Aldo Cortesi
2f457e041e Unify mitmproxy and mitmdump commandline
- Extract common options into cmdline.py
- Change mitmproxy keybindings to fit command line

Some cmdline options and keybindings aren't in operation yet - just stubs
where functionality will be added in the next few commits.
2011-03-12 14:30:12 +13:00
Aldo Cortesi
40e9067b83 Handle invalid bind address specifications gracefully. 2011-03-12 13:47:37 +13:00
Aldo Cortesi
9f16a84a9e Make mitmdump handle invalid serialized data gracefully. 2011-03-11 15:16:31 +13:00
Aldo Cortesi
7d85db0da3 Display Errors and killed connections in mitmdump. 2011-03-11 13:06:51 +13:00