Commit Graph

2479 Commits

Author SHA1 Message Date
Maximilian Hils
f9ffe8279d socks5: use correct version for auth negotiation 2021-08-27 10:25:31 +02:00
Maximilian Hils
f8826b29a2 cache socks5 auth for entire connection 2021-08-25 17:23:49 +02:00
Maximilian Hils
73d809a4c7 refactor proxyauth addon
the previous version was difficult to read,
this is hopefully better now.
2021-08-25 17:23:49 +02:00
Maximilian Hils
a3eca0b859 socks5 upstream auth: use proxyauth option 2021-08-25 17:23:49 +02:00
Maximilian Hils
c0fd6cfc09
Merge pull request #4779 from mhils/mitmweb-tcp
web: add support for viewing tcp flows
2021-08-25 13:35:37 +02:00
Maximilian Hils
550e1a4ab3
fix #3506 (#4777) 2021-08-23 19:35:31 +00:00
Maximilian Hils
fca21cbf72
GSoC Mitmweb Improvements (#4763)
* Add hover menu to FlowRow

* fix linting issue

* fix linting issue

* apply suggested changes

* add dropdown submenu

* apply requested change

* replace dropdown with popper.js-based implementation

* implement actions to  the menu

* clean FlowRow arguments

* web: major upgrades

This commit brings a bunch of under-the-hood mitmweb improvements:

 - migrate large parts of the codebase to typescript
 - introduce modern react testing conventions
 - vendor react-codemirror to silence warnings
 - use esbuild for both bundles and tests
 - move from yarn to npm
 - various fixes across the board

* web: fix options ducks

* add command bar to mitmweb

* fix app.py

* fix web test failure

* include command.js to commit

* fix optionsSpec.js

* transfer the argument suggestion into popup, show available commands, highlight currently typing argument

* fix lintings issue and test

* include package-lock.json

* add response to fetchMock

* update test

* update obsolete snapshot

* display help, description and add tab autocompletion

* change command history into mitmproxy's one

* move available commands popover to command help

* fix bug related to tab completion

* change CommandBar component into typescript, autoscroll overflowed result to bottom

* convert components in common and ContentView folder into typescript, and modified test

* fix bug of not dispatching when type in the field in FilterInput component

* make formatTimeStamp function return UTC time when updating snapshot in jest

* bind "this" to functions in CodeMirror

* convert components in FlowView, Header, Modal, ValueEditor into typescript

* applied requested changes

* [web] update fontawesome

* view: add id-based flow selection

* add raw `export` command

* contentviews: ignore empty data

* console: fix cert validity order

* major mitmweb upgrades

* fix tests

* fix web tests

* minor fixes

* please the coverage gods

* web: test coverage++, adjust commandbar

* web: update dependencies

* fix tests

* web: add backend tests

* web: convert everything to TypeScript

* web: fix HTTP trailer update

* tests++

Co-authored-by: zokutyou2@gmail.com <zokutyou2@gmail.com>
2021-08-23 11:54:54 +02:00
Maximilian Hils
d55aa7ea42 tests++ 2021-08-23 11:48:27 +02:00
Maximilian Hils
7219284d44 web: fix HTTP trailer update 2021-08-23 11:22:11 +02:00
Jinjie Zhang
0c366f6436 feat: add test script for socks5auth 2021-08-23 16:55:57 +08:00
Maximilian Hils
81c911345b
improve TLS version mismatch error, fix #4758 (#4772) 2021-08-23 07:15:56 +00:00
Maximilian Hils
03606fb0c0 fix tests 2021-08-20 18:49:44 +02:00
Maximilian Hils
2945ba925b please the coverage gods 2021-08-20 15:10:14 +02:00
Maximilian Hils
8561a620c8 minor fixes 2021-08-19 19:15:51 +02:00
Maximilian Hils
3ad4949c0e fix web tests 2021-08-19 19:15:51 +02:00
Maximilian Hils
0585e690c4 fix tests 2021-08-19 10:53:46 +02:00
Maximilian Hils
b320c6aa14 Merge remote-tracking branch 'origin/main' into gsoc 2021-08-18 17:39:01 +02:00
Maximilian Hils
65aa0a6ef5 major mitmweb upgrades 2021-08-18 17:38:22 +02:00
Maximilian Hils
f9b63e973e
Remove asyncio event loop workaround for tornado (#4762)
* remove asyncio event loop workaround for tornado

* Update CHANGELOG.md
2021-08-18 14:12:39 +00:00
Maximilian Hils
4fb3e4c321 treat encoding names case-insensitively, fix #4735
Co-authored-by: Mattwmaster58 <mattwmaster58@gmail.com>
2021-08-10 08:11:34 +02:00
Maximilian Hils
fb53df0cc1
expose full ClientHello object in tls_clienthello hook (#4744) 2021-08-09 15:41:05 +00:00
Maximilian Hils
fcec63eebc fix tnetstread crash found via fuzzing 2021-08-08 16:12:37 +02:00
Maximilian Hils
226e31290c Merge branch 'main' into gsoc 2021-08-04 19:16:31 +02:00
Maximilian Hils
4abd00afab
Merge pull request #4731 from aaron-tan/improve-render-size
Improve rendering of size column
2021-08-04 17:26:20 +02:00
Maximilian Hils
6aa9d8658f size column: add a bit more precision 2021-08-04 17:14:42 +02:00
Maximilian Hils
53a916e39b
fix websocket regression introduced in 7.0.1 (#4733) 2021-08-04 12:59:48 +00:00
Aaron Tan
4266c4852c Improve rendering of size column 2021-08-04 21:02:43 +10:00
Maximilian Hils
416e5046bc add proxy-auth header for plain http requests, fix #4728 2021-08-03 17:02:49 +02:00
Maximilian Hils
2ad3e5c698
Merge pull request #4716 from Zheaoli/fix-unittest
fix #4705
2021-08-03 14:43:18 +02:00
Maximilian Hils
04a1ff4a42 catch TypeError when reading flows, fix #4705 2021-08-03 14:34:16 +02:00
Maximilian Hils
083987c007
minor export fixups, fix #4718, fix #4714 (#4725) 2021-08-02 18:32:01 +00:00
Brad Dixon
68cc3e721f
Fix #4614 Options and Keybinding screen: home and end crash mitmproxy (#4693)
* Fix #4614 Options and Keybinding screen: home and end crash mitmproxy

* fix flake8

* Add integration test for fix to #4614

* fix the flake8, again.
2021-08-02 19:18:22 +02:00
Maximilian Hils
703fdea1a5
asgiapp: lowercase header names, refs #4717 (#4722) 2021-08-02 14:45:40 +00:00
Maximilian Hils
648a799525
don't fail on invalid certs, fix #4713 (#4721) 2021-08-02 13:15:05 +00:00
Maximilian Hils
b57bc68c51
Merge pull request #4710 from mhils/issue-4706
Improve HTTP Stream Modification
2021-08-02 14:36:44 +02:00
Maximilian Hils
51a15be50c extend test coverage for HTTP stream modification 2021-08-02 14:31:52 +02:00
Maximilian Hils
e865484c45
don't emit WS CONT. frames when the peer does not send any, fix #4701 (#4719) 2021-08-02 12:23:56 +00:00
Manjusaka
331061c6f2
add unittest for mitmproxy.io 2021-08-01 20:57:56 +08:00
Maximilian Hils
d8f5f0efbb
perf: reuse OpenSSL context to reduce number of TLS handshakes (#4694) 2021-07-21 09:23:27 +02:00
Maximilian Hils
7fe2c11898 tlsconfig: tests++ 2021-07-20 17:12:06 +02:00
Maximilian Hils
d4899574eb use local IP address as cert subject if no other info is available 2021-07-19 15:18:58 +02:00
Maximilian Hils
34774885e0 add Cert.__repr__ to ease debugging 2021-07-19 15:18:13 +02:00
Salad Dais
2d866ce991
Allow no-op assignments to Server.address when connection open (#4687)
* Allow no-op assignments to Server.address when connection open

* add explanatory comment in source

Co-authored-by: Salad Dais <SaladDais@users.noreply.github.com>
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-07-19 09:25:21 +00:00
Maximilian Hils
bdaa2da064 remove hook optimization to fix #4683 2021-07-15 18:15:11 +02:00
Maximilian Hils
d1d0e39f5d dumper: don't print connection errors to stderr
stderr is reserved for errors in mitmproxy itself,
not for arbitrary network connection problems.
2021-07-15 15:49:30 +02:00
Maximilian Hils
bb40ab9044 WebSocketMessage.kill() -> .drop() 2021-07-15 14:57:43 +02:00
Maximilian Hils
ede52c38c2 add tests for empty websocket messages 2021-07-15 14:56:47 +02:00
Maximilian Hils
d93f1b77c1 fix set command to not keep old values around 2021-07-15 14:31:52 +02:00
Maximilian Hils
5b4ac96f4c
Merge pull request #4650 from mhils/prinzhorn
[WIP] Fix WebSocket/TCP injection
2021-07-15 13:18:33 +02:00
Maximilian Hils
fbb7d3e4c1 commands: only accept escaped quotes
instead of accepting quotation marks in strings, we now just accept \x22,
which is then unescaped by the str type. This greatly simplifies
the lexing and is more consistent from a user perspective.
2021-07-15 13:12:58 +02:00
Maximilian Hils
ac67403f04
Merge pull request #4681 from mhils/tls-handshake-warn
Improve TLS handshake warnings
2021-07-15 12:02:26 +02:00
Maximilian Hils
88086825e5 only warn about failed TLS handshakes if we sent a ServerHello, fix #4678 2021-07-15 11:54:03 +02:00
Maximilian Hils
533223da21 improve warning on TLS handshake errors 2021-07-15 11:34:49 +02:00
Maximilian Hils
18ca5a6369
transparent mode: re-use client SNI when connecting upstream (#4680) 2021-07-15 09:33:20 +00:00
Maximilian Hils
e63437689e handle escape sequences in mitmproxy.types 2021-07-14 13:17:31 +02:00
Alexander Prinzhorn
aee4df7c4a
remove websocket_error event, fixes #4674
Technically there is no websocket error but different close codes. Similar to how an internal server error is not an error in HTTP, but just a different status code.
2021-07-14 09:09:59 +02:00
Alexander Prinzhorn
1f7745dbb8 rename test 2021-07-14 09:04:57 +02:00
Alexander Prinzhorn
13f115451b update tests 2021-07-13 16:22:10 +02:00
Alexander Prinzhorn
793f5c5681 fix dumper test cov 2021-07-13 12:51:24 +02:00
Alexander Prinzhorn
eef6522a5e remove websocket_error event, fixes #4674 2021-07-12 16:35:25 +02:00
Alexander Prinzhorn
d4bc25fce9
separate tls_start hooks for client and server, fixes #4665, refs #4547 (#4666) 2021-07-09 20:15:38 +02:00
Maximilian Hils
ad7f1d11e4
fix #4655 (#4659) 2021-06-24 14:42:21 +00:00
Maximilian Hils
adab4d54f5
fix #4576 (#4654) 2021-06-24 14:13:56 +00:00
Maximilian Hils
af27556d38 tests++ 2021-06-23 20:24:37 +02:00
Maximilian Hils
4a8870a19e Merge remote-tracking branch 'origin/main' into gsoc 2021-06-23 20:11:28 +02:00
Jesper Bränn
64961232e6
Make it possible to set sequence options (#4210)
* Make it possible to set sequence options

Attempts to fix #3015 through looking at whether or not the option is
of the type Sequence[str].

Treat all deferred options as potentially Sequence options, by making the
deferred dict values a list.

* Add full test coverage to optmanager again

* Document how to set sequence options

* minor improvements

* update changelog

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2021-06-23 18:08:24 +00:00
Maximilian Hils
1858564b91 add WebSocketMessage.text 2021-06-22 17:39:55 +02:00
Maximilian Hils
9b119c3dac web: major upgrades
This commit brings a bunch of under-the-hood mitmweb improvements:

 - migrate large parts of the codebase to typescript
 - introduce modern react testing conventions
 - vendor react-codemirror to silence warnings
 - use esbuild for both bundles and tests
 - move from yarn to npm
 - various fixes across the board
2021-06-21 17:51:47 +02:00
Maximilian Hils
2fe4a49d8f logging: don't pick up later mutations 2021-06-20 02:15:09 +02:00
Maximilian Hils
d6975e0b80 add next_layer docs + example, minor fixes 2021-06-20 02:15:09 +02:00
Maximilian Hils
159c064fb4 enable addons to hardcode client.alpn 2021-06-19 12:29:18 +02:00
Maximilian Hils
6178b4b72a raise if server address is updated on non-closed connections 2021-06-19 12:28:40 +02:00
Maximilian Hils
fb625c6868 fix h2 bug found via fuzzing 2021-06-15 10:45:26 +02:00
Maximilian Hils
76f0b8f65e fix tests 2021-06-15 10:45:26 +02:00
Maximilian Hils
fa6e8f1e9c [sans-io] add support for upstream_auth 2021-06-15 10:45:26 +02:00
Brad Dixon
4ee6bc79a0
Add json() method for HTTP Request and Response classes. (#4612)
* Add `json()` method for HTTP Request and Response classes.

* Raise errors when fetching content to decode as json.

* Update http.py

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-06-15 08:39:48 +00:00
Maximilian Hils
1b13411383 update ruamel.yaml, adjust api 2021-06-13 19:59:11 +02:00
Maximilian Hils
8e52c16b4c [sans-io] add support for body_size_limit 2021-06-13 15:56:33 +02:00
Maximilian Hils
199670cad4 move body streaming into proxy core, fix #4470 2021-06-13 15:56:33 +02:00
Maximilian Hils
83a46b13b9 further simplify ALPN selection 2021-06-10 00:18:37 +02:00
Maximilian Hils
d47eb7556a fix #4630 2021-06-09 23:59:44 +02:00
Roy Tu
bd00132b65
Fix multipart forms losing boundary values on edit (#4625)
* Fix for issue #4613

* Adding tests

* Updated CHANGELOG.md

* Restoring contentviews

* Reverting contentview tests

* Adding boundary generation and tests

* Extra newline for flake8

* Janky byte fix

* Revert "Extra newline for flake8"

This reverts commit 683ba167de2264d29f318e2bab83e13cbfb8812d.

* Reverting a commit that was supposed to go to dev branch

* Update CHANGELOG.md

* Update test_http.py

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-06-09 10:26:19 +00:00
Brad Dixon
6d2b823a54
Add flow.comment command and keybinding to add a comment to a flow. (#4608)
* Add `flow.comment` command and keybinding to add a comment to a flow.

* Store comment in Flow().comment. Add ~comment flowfilter syntax.

* resolve: Pythonic flow.comment

* Be consistent and use comment variable.
2021-05-28 20:38:27 +02:00
Alexander Prinzhorn
4f60e52413
Fix parsing of certificate issuer/subject with escaped special chars (#4557)
* keyinfo typing

* Fix parsing of certificate issuer/subject with escaped special characters

* tests

* rfc4514_attribute_name and multi value test

* pyca version + mypy happy dance

* aT lEaSt tTO sPAceS BeFOre iNLinE cOMment

* fix coverage

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-05-27 09:51:01 +00:00
Brad Dixon
c6ba97eab6
Use emoji and characters as markers. Add ~marker filter syntax. (#4587)
* Use emoji and characters as markers. Add ~marker filter syntax.

* Add a test to please our CI overlords. :)
2021-05-27 11:40:41 +02:00
Maximilian Hils
b70358cbde
Merge pull request #4586 from rbdixon/meta_replay_filter
Metadata and replay filter syntax
2021-05-14 08:37:39 +02:00
Maximilian Hils
09bd608174
fix #4551 (#4594) 2021-05-11 16:03:39 +02:00
Brad Dixon
da07cb78a6 Add metadata filter syntax: ~meta 2021-05-11 09:12:47 -04:00
Brad Dixon
69f555f9bb Add replay filter syntax: ~replay, ~replayq, ~replays 2021-05-11 09:09:10 -04:00
Brad Dixon
8d8e10672e
Allow browser.start to open multiple browsers. (#4585) 2021-05-08 22:13:15 +02:00
Maximilian Hils
0ca458fd64
Merge pull request #4535 from mhils/master-main
master branch -> main branch
2021-03-30 17:03:14 +02:00
Maximilian Hils
ead33008bc master branch -> main branch 2021-03-30 15:30:45 +02:00
Maximilian Hils
eefc55f28f coverage++ 2021-03-30 13:03:41 +02:00
Maximilian Hils
f94a9a3c9d
Merge pull request #4529 from mhils/eager-sans-io
Sans-IO Improvements: Connection Strategy
2021-03-30 10:16:57 +02:00
Maximilian Hils
338cd0b00a
Merge pull request #4531 from mhils/selfconnect
Detect recursive self-connects and stop them
2021-03-30 09:39:27 +02:00
Maximilian Hils
945e4e3ef5 detect recursive self-connects and stop them (attempt 2) 2021-03-30 09:25:35 +02:00
Maximilian Hils
be20765129 detect recursive self-connects and stop them 2021-03-29 22:38:11 +02:00
HereC
de3f089bb0
Add block_list Option to set HTTP status for blocked flows/urls (#4516)
* Add block_list Option which returns a set HTTP status for a blocked flow filter:URL

* Add changelog entry

* Add blocklist to default AddOns

* Add Nginx 444 status code to list, so it is available for validation

* Add overview of blocklists

* Add allow-only, and more tests

* Fix mypy tox issue

* Finish test coverage with test for invalid filter

* Add PR feedback

* Fix type/scope error

* Fix stray blank line

* Delete concepts-blocklist.md

* Feature in overview

* Add flag to metadata for blocklisted flows.

* minor improvements

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2021-03-29 15:30:21 +00:00
Maximilian Hils
63e31de14e reuse certificate errors to avoid unnecessary connections 2021-03-29 15:07:26 +02:00
Maximilian Hils
d3f3725479 wait for TLS ClientHello when connection_strategy=eager 2021-03-29 15:07:26 +02:00