Commit Graph

2380 Commits

Author SHA1 Message Date
Maximilian Hils
d93f1b77c1 fix set command to not keep old values around 2021-07-15 14:31:52 +02:00
Maximilian Hils
5b4ac96f4c
Merge pull request #4650 from mhils/prinzhorn
[WIP] Fix WebSocket/TCP injection
2021-07-15 13:18:33 +02:00
Maximilian Hils
fbb7d3e4c1 commands: only accept escaped quotes
instead of accepting quotation marks in strings, we now just accept \x22,
which is then unescaped by the str type. This greatly simplifies
the lexing and is more consistent from a user perspective.
2021-07-15 13:12:58 +02:00
Maximilian Hils
ac67403f04
Merge pull request #4681 from mhils/tls-handshake-warn
Improve TLS handshake warnings
2021-07-15 12:02:26 +02:00
Maximilian Hils
88086825e5 only warn about failed TLS handshakes if we sent a ServerHello, fix #4678 2021-07-15 11:54:03 +02:00
Maximilian Hils
533223da21 improve warning on TLS handshake errors 2021-07-15 11:34:49 +02:00
Maximilian Hils
18ca5a6369
transparent mode: re-use client SNI when connecting upstream (#4680) 2021-07-15 09:33:20 +00:00
Maximilian Hils
e63437689e handle escape sequences in mitmproxy.types 2021-07-14 13:17:31 +02:00
Alexander Prinzhorn
aee4df7c4a
remove websocket_error event, fixes #4674
Technically there is no websocket error but different close codes. Similar to how an internal server error is not an error in HTTP, but just a different status code.
2021-07-14 09:09:59 +02:00
Alexander Prinzhorn
1f7745dbb8 rename test 2021-07-14 09:04:57 +02:00
Alexander Prinzhorn
13f115451b update tests 2021-07-13 16:22:10 +02:00
Alexander Prinzhorn
793f5c5681 fix dumper test cov 2021-07-13 12:51:24 +02:00
Alexander Prinzhorn
eef6522a5e remove websocket_error event, fixes #4674 2021-07-12 16:35:25 +02:00
Alexander Prinzhorn
d4bc25fce9
separate tls_start hooks for client and server, fixes #4665, refs #4547 (#4666) 2021-07-09 20:15:38 +02:00
Maximilian Hils
ad7f1d11e4
fix #4655 (#4659) 2021-06-24 14:42:21 +00:00
Maximilian Hils
adab4d54f5
fix #4576 (#4654) 2021-06-24 14:13:56 +00:00
Maximilian Hils
af27556d38 tests++ 2021-06-23 20:24:37 +02:00
Jesper Bränn
64961232e6
Make it possible to set sequence options (#4210)
* Make it possible to set sequence options

Attempts to fix #3015 through looking at whether or not the option is
of the type Sequence[str].

Treat all deferred options as potentially Sequence options, by making the
deferred dict values a list.

* Add full test coverage to optmanager again

* Document how to set sequence options

* minor improvements

* update changelog

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2021-06-23 18:08:24 +00:00
Maximilian Hils
1858564b91 add WebSocketMessage.text 2021-06-22 17:39:55 +02:00
Maximilian Hils
2fe4a49d8f logging: don't pick up later mutations 2021-06-20 02:15:09 +02:00
Maximilian Hils
d6975e0b80 add next_layer docs + example, minor fixes 2021-06-20 02:15:09 +02:00
Maximilian Hils
159c064fb4 enable addons to hardcode client.alpn 2021-06-19 12:29:18 +02:00
Maximilian Hils
6178b4b72a raise if server address is updated on non-closed connections 2021-06-19 12:28:40 +02:00
Maximilian Hils
fb625c6868 fix h2 bug found via fuzzing 2021-06-15 10:45:26 +02:00
Maximilian Hils
76f0b8f65e fix tests 2021-06-15 10:45:26 +02:00
Maximilian Hils
fa6e8f1e9c [sans-io] add support for upstream_auth 2021-06-15 10:45:26 +02:00
Brad Dixon
4ee6bc79a0
Add json() method for HTTP Request and Response classes. (#4612)
* Add `json()` method for HTTP Request and Response classes.

* Raise errors when fetching content to decode as json.

* Update http.py

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-06-15 08:39:48 +00:00
Maximilian Hils
1b13411383 update ruamel.yaml, adjust api 2021-06-13 19:59:11 +02:00
Maximilian Hils
8e52c16b4c [sans-io] add support for body_size_limit 2021-06-13 15:56:33 +02:00
Maximilian Hils
199670cad4 move body streaming into proxy core, fix #4470 2021-06-13 15:56:33 +02:00
Maximilian Hils
83a46b13b9 further simplify ALPN selection 2021-06-10 00:18:37 +02:00
Maximilian Hils
d47eb7556a fix #4630 2021-06-09 23:59:44 +02:00
Roy Tu
bd00132b65
Fix multipart forms losing boundary values on edit (#4625)
* Fix for issue #4613

* Adding tests

* Updated CHANGELOG.md

* Restoring contentviews

* Reverting contentview tests

* Adding boundary generation and tests

* Extra newline for flake8

* Janky byte fix

* Revert "Extra newline for flake8"

This reverts commit 683ba167de2264d29f318e2bab83e13cbfb8812d.

* Reverting a commit that was supposed to go to dev branch

* Update CHANGELOG.md

* Update test_http.py

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-06-09 10:26:19 +00:00
Brad Dixon
6d2b823a54
Add flow.comment command and keybinding to add a comment to a flow. (#4608)
* Add `flow.comment` command and keybinding to add a comment to a flow.

* Store comment in Flow().comment. Add ~comment flowfilter syntax.

* resolve: Pythonic flow.comment

* Be consistent and use comment variable.
2021-05-28 20:38:27 +02:00
Alexander Prinzhorn
4f60e52413
Fix parsing of certificate issuer/subject with escaped special chars (#4557)
* keyinfo typing

* Fix parsing of certificate issuer/subject with escaped special characters

* tests

* rfc4514_attribute_name and multi value test

* pyca version + mypy happy dance

* aT lEaSt tTO sPAceS BeFOre iNLinE cOMment

* fix coverage

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-05-27 09:51:01 +00:00
Brad Dixon
c6ba97eab6
Use emoji and characters as markers. Add ~marker filter syntax. (#4587)
* Use emoji and characters as markers. Add ~marker filter syntax.

* Add a test to please our CI overlords. :)
2021-05-27 11:40:41 +02:00
Maximilian Hils
b70358cbde
Merge pull request #4586 from rbdixon/meta_replay_filter
Metadata and replay filter syntax
2021-05-14 08:37:39 +02:00
Maximilian Hils
09bd608174
fix #4551 (#4594) 2021-05-11 16:03:39 +02:00
Brad Dixon
da07cb78a6 Add metadata filter syntax: ~meta 2021-05-11 09:12:47 -04:00
Brad Dixon
69f555f9bb Add replay filter syntax: ~replay, ~replayq, ~replays 2021-05-11 09:09:10 -04:00
Brad Dixon
8d8e10672e
Allow browser.start to open multiple browsers. (#4585) 2021-05-08 22:13:15 +02:00
Maximilian Hils
0ca458fd64
Merge pull request #4535 from mhils/master-main
master branch -> main branch
2021-03-30 17:03:14 +02:00
Maximilian Hils
ead33008bc master branch -> main branch 2021-03-30 15:30:45 +02:00
Maximilian Hils
eefc55f28f coverage++ 2021-03-30 13:03:41 +02:00
Maximilian Hils
f94a9a3c9d
Merge pull request #4529 from mhils/eager-sans-io
Sans-IO Improvements: Connection Strategy
2021-03-30 10:16:57 +02:00
Maximilian Hils
338cd0b00a
Merge pull request #4531 from mhils/selfconnect
Detect recursive self-connects and stop them
2021-03-30 09:39:27 +02:00
Maximilian Hils
945e4e3ef5 detect recursive self-connects and stop them (attempt 2) 2021-03-30 09:25:35 +02:00
Maximilian Hils
be20765129 detect recursive self-connects and stop them 2021-03-29 22:38:11 +02:00
HereC
de3f089bb0
Add block_list Option to set HTTP status for blocked flows/urls (#4516)
* Add block_list Option which returns a set HTTP status for a blocked flow filter:URL

* Add changelog entry

* Add blocklist to default AddOns

* Add Nginx 444 status code to list, so it is available for validation

* Add overview of blocklists

* Add allow-only, and more tests

* Fix mypy tox issue

* Finish test coverage with test for invalid filter

* Add PR feedback

* Fix type/scope error

* Fix stray blank line

* Delete concepts-blocklist.md

* Feature in overview

* Add flag to metadata for blocklisted flows.

* minor improvements

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2021-03-29 15:30:21 +00:00
Maximilian Hils
63e31de14e reuse certificate errors to avoid unnecessary connections 2021-03-29 15:07:26 +02:00