Maximilian Hils
e768f5ba83
use OpenSSL's hostname validation
2019-11-23 18:02:45 +01:00
Maximilian Hils
0f868e9924
update cryptography
2019-11-23 01:06:23 +01:00
Henrique
16b55f9476
Implemented feature to save command history to a file. This allows users
...
to reuse their commands the next time they open mitmproxy
2019-11-22 10:00:17 -05:00
Maximilian Hils
3550bdfe00
Merge pull request #3693 from typoon/fix-command-bar-issue-3259
...
Improve Command Bar UX
2019-11-21 14:13:08 +01:00
Maximilian Hils
fa100b9d16
lint!
2019-11-19 21:11:49 +01:00
Maximilian Hils
228e1c74c2
fix tests
2019-11-19 18:37:47 +01:00
Maximilian Hils
c7eedcbc1a
fix 'set' to only accept a single argument
2019-11-19 18:29:22 +01:00
Maximilian Hils
76e6484107
fix lexing, sort of
2019-11-19 18:21:14 +01:00
Maximilian Hils
e92b957e3a
Use Github Actions for CI ( #3713 )
...
switch to github actions for CI
2019-11-19 18:15:08 +01:00
Maximilian Hils
74f5fa6a77
wip
2019-11-18 22:03:51 +01:00
Maximilian Hils
dd556f052b
coverage++
2019-11-18 04:34:23 +01:00
Maximilian Hils
da0755106d
adjust test
2019-11-18 03:54:18 +01:00
Maximilian Hils
f75a95acea
fix vararg handling
2019-11-18 03:45:16 +01:00
Maximilian Hils
cb723c53fa
revamp command processing
...
- Display the parameter name instead of the parameter type
whenver users interact with commands. This makes it easy to
enter commands just by their signature. We may want to expose type
information in the command list, but some quick testing showed that
this are rather intuitive anyways.
- Add shift tab backward cycling for the command completion.
- Use inspect.Signature instead of homebrew argument matching solution.
This gets rid of quite a bit of cruft.
- Remove some type checking hacks in mitmproxy.types
2019-11-18 03:05:41 +01:00
Henrique
8b52ea248e
Added coverage for the changes made
2019-11-17 11:26:20 -05:00
Henrique
13fe07f48f
Brought coverage up to 94% on test_commander.py
2019-11-16 20:14:38 -05:00
Henrique
7779eef572
Various changes to address PR comments
...
Made a change to make `CommandManager.execute` the main entry point for
executing commands and made `call_strings` into a private method.
2019-11-16 17:01:47 -05:00
Henrique
79caf3a458
Fixing issues pointed during PR review
2019-11-16 09:16:50 -05:00
Maximilian Hils
8158349db5
Merge branch 'master' into master
2019-11-16 12:07:22 +01:00
Maximilian Hils
d1eec4d807
Merge pull request #3705 from mhils/issue-3469
...
Fix #3469
2019-11-16 12:06:13 +01:00
Maximilian Hils
5c0be1de4a
Merge pull request #3448 from cript0nauta/master
...
Fix command injection vulnerability when exporting to curl or httpie
2019-11-16 12:03:34 +01:00
Michael McKeirnan
a6e8b930c9
Adding raw_request and raw_response to export
...
This is a proposed change for
https://github.com/mitmproxy/mitmproxy/issues/3701 which alters the
behavior of a raw http export to include both the request and the
response. Additionally, this introduces two new export options
"raw_request" and "raw_response" which allow for exporting the raw HTTP
request or response individually.
2019-11-16 01:20:50 -08:00
Maximilian Hils
248034c528
tests++
2019-11-15 21:17:29 +01:00
Maximilian Hils
484e099eb1
test coverage++
2019-11-15 20:57:03 +01:00
Henrique M. D
021a141521
Merge branch 'master' into fix-command-bar-issue-3259
2019-11-15 13:59:57 -05:00
Henrique
8972250167
Removed the custom lexer in favor of using pyparsing.
2019-11-15 13:07:12 -05:00
Maximilian Hils
698f7e2e17
Merge pull request #3420 from rjt-gupta/multipart-fix
...
multipart-fix
2019-11-15 19:04:47 +01:00
Maximilian Hils
01ddda75e8
improve curl/httpie export
2019-11-15 19:02:59 +01:00
Maximilian Hils
0873566ff0
Merge remote-tracking branch 'origin/master' into pr-3448
2019-11-15 18:10:42 +01:00
Michael McKeirnan
dae01ad623
Adding export raw http response
...
Adding a new export type for raw http response, and changing export raw to export
raw_request to distinguish between the two. This is a proposed change for https://github.com/mitmproxy/mitmproxy/issues/3701
2019-11-15 01:21:54 -08:00
Henrique
f2b118817e
Added a new test to test that the issue from the previous commit won't
...
happen anymore
2019-11-13 10:32:17 -05:00
Henrique
875adb2ba8
Added tests to reach 100% coverage
2019-11-13 09:32:51 -05:00
Henrique
d90262ad35
Getting 100% coverage in the lexer
2019-11-12 23:16:52 -05:00
Henrique
eee4b24e98
Fixing issues reported by the linter
2019-11-12 22:50:33 -05:00
Henrique
578eb7239c
Tests for the new lexer
2019-11-12 22:09:04 -05:00
Henrique
561d6d91d1
Fixed test to use the new method to get the lexer
2019-11-12 22:08:10 -05:00
Henrique
c7ffc22819
Fix for issues when using \ and " on the commander bar
2019-11-12 18:57:39 -05:00
Maximilian Hils
dac0bfe786
Merge pull request #3691 from mhils/sans-io-adjustments
...
Update mypy, sans-io adjustments
2019-11-12 05:04:05 +01:00
Maximilian Hils
bdc15cbe0c
update mypy
2019-11-12 04:38:13 +01:00
Maximilian Hils
f97996126f
minor improvements and sans-io adjustments
2019-11-11 18:35:06 +01:00
Maximilian Hils
8e64ac0575
Merge pull request #3679 from tomlabaude/pf_ipv6
...
Added support for IPv6 in pf.py for macOS
2019-11-07 18:32:26 +01:00
Maximilian Hils
80963966b2
make duration formatting more forgiving
2019-11-07 18:19:50 +01:00
Tom
ff628e783e
pfctl state output always have 2 lines for each socket. Adding outgoing lines in data which matches lines before incoming ones. Also adding IPv6 data and tests
2019-11-05 20:27:00 +01:00
Yoann L
3370740361
several fixes on command exports has several problems: #3676
...
* authority can usually rely on actual URL. as `:authority` headers will
break curl command. (advise if it's better to change them to Host, or if
it should be reported on curl side)
* `content-length`: 0 is added for each request. if it's found in the
curl argument list, it'll try to fetch an empty body (and crash).
also trying to guess on accept-encoding header to add the
`--compress` option when fetching potentially compressed content.
* ditto for httpie
2019-10-28 17:51:59 +01:00
Maximilian Hils
902ef59d01
Move onboardingapp from tornado to flask ( #3661 )
2019-10-06 14:41:46 +02:00
vin01
93f9e30728
Add key_size option to define rsa key size ( #3657 )
2019-09-30 19:19:52 +02:00
Thomas Kriechbaumer
ace79afefc
bump more deps
2019-09-28 23:29:13 +02:00
Thomas Kriechbaumer
53cb5bf40f
bump deps
2019-09-28 17:37:43 +02:00
Thomas Kriechbaumer
7d60dde76c
Merge pull request #3464 from rjt-gupta/url-fix
...
Non ascii characters in url
2019-09-28 11:46:58 +02:00
Thomas Kriechbaumer
76bd3ef82d
Merge pull request #3486 from rjt-gupta/unicode-filter
...
filter unicode fix
2019-09-28 11:44:15 +02:00
Thomas Kriechbaumer
26e55b0a7f
Merge pull request #3526 from pierlon/feature/allow-hosts
...
Add --allow_hosts option
2019-09-28 11:40:18 +02:00
Maximilian Hils
a08c22dcdd
Merge pull request #3631 from mhils/lint
...
Fix CI
2019-09-05 23:20:54 +02:00
Maximilian Hils
e77f375186
lint
2019-09-05 22:08:21 +02:00
Tero Saaristo
dd3589ce34
encoding: add support for zstd (zstandard)
...
Handles zstandard-compressed bodies labeled as zstd.
2019-09-05 17:52:04 +03:00
Pierre Gordon
1b3f86e709
Verify ignore_hosts & allow_hosts are mutually exclusive
2019-04-19 13:10:39 -05:00
Pierre Gordon
8d0c800d15
Add --allow_hosts option
...
Closes #3295
2019-04-19 12:39:53 -05:00
Anthony Biondo
a8489466c1
update formatdate for cookies and tests to use GMT formatting
2019-04-16 22:11:27 -04:00
rjt-gupta
6e153b2c01
filter unicode fix
2019-02-24 01:45:45 +05:30
rjt-gupta
580ba356ad
test coverage improved
2019-02-06 03:42:07 +05:30
rjt-gupta
d08d2185ea
multipart encoder and tests
2019-02-06 03:42:07 +05:30
rjt-gupta
4df325335b
multipart-fix
2019-02-06 03:42:07 +05:30
rjt-gupta
cec8c67465
non ascii fix and tests
2019-02-03 00:49:53 +05:30
Thomas Kriechbaumer
67aa1b63f9
Merge pull request #3437 from yan12125/fix-tests-on-mojave
...
Fix a failing test on macOS Mojave
2019-01-26 14:57:41 +01:00
Matías Lang
e6da62a50a
Merge branch 'master' of https://github.com/mitmproxy/mitmproxy
2019-01-13 23:55:27 -03:00
Matías Lang
eab4174b87
Fix command injection when exporting to httpie
...
The command generated by `export.clip httpie @focus` or `export.file
httpie @focus /path/to/file` wasn't being properly escaped so it could
contain a malicious command instead of just a simple httpie call.
2019-01-13 23:45:28 -03:00
Matías Lang
d027891cec
Fix command injection when exporting to curl
...
The command generated by `export.clip curl @focus` or `export.file curl
@focus /path/to/file` wasn't being properly escaped so it could contain
a malicious command instead of just a simple curl.
2019-01-13 23:39:50 -03:00
Maximilian Hils
82bc8c7ca2
Merge pull request #3444 from BoboTiG/fix-resource-leaks
...
Fix ResourceWarning: unclosed file, prevent resource leaks
2019-01-06 17:43:47 +01:00
Mickaël Schoentgen
c03b07930c
Fix ResourceWarning: unclosed file, prevent resource leaks
...
Signed-off-by: Mickaël Schoentgen <contact@tiger-222.fr>
2019-01-06 15:06:30 +01:00
Mickaël Schoentgen
3a2d7bb119
Fix several DeprecationWarning: invalid escape sequence
...
Signed-off-by: Mickaël Schoentgen <contact@tiger-222.fr>
2019-01-05 23:37:48 +01:00
Chih-Hsuan Yen
cc33f40f29
Fix a failing test on macOS Mojave
2018-12-29 21:24:46 +08:00
Rajat Gupta
e2bcca47b1
charset in meta tags ( #3411 )
...
original contribution from @0xHJK in https://github.com/mitmproxy/mitmproxy/pull/3150
2018-12-13 15:34:12 +01:00
Rajat Gupta
db658b12ed
fix query array
...
fixes #3072
closes #3254
2018-12-03 22:05:59 +01:00
Thomas Kriechbaumer
2fb2b48a06
bump dependencies
2018-12-02 15:48:20 +01:00
Abhigyan Khaund
cda4248610
Change variable o to organization for generated certficates.
2018-11-11 10:58:14 +05:30
Abcdefghijklmnopqrstuvwxyzxyz
d4f4cfe225
Add Organization field for the generated certificate ( #3376 )
...
add organization field for the generated certificate
2018-11-09 09:06:04 +01:00
Jessica Favin
0cbbcffd89
test_dumper.py - Add sio_err everywhere + adjust test_simple
2018-11-04 17:24:34 +01:00
Jessica Favin
312f922316
Fix test_dumper.py - Dumper constructor
2018-11-04 16:26:51 +01:00
Jessica Favin
ade136dc4d
Update test_dumper.py
2018-11-04 16:06:17 +01:00
Maximilian Hils
28551e9655
use skip_windows decorator consistently
2018-10-23 15:24:59 +02:00
Fred Miller
bf3570b3b9
Skip file permission test on Windows
2018-10-23 08:53:51 +08:00
Fred Miller
f16621a38b
Make private keys readable only by the owner
2018-10-22 22:53:58 +08:00
Miroslav
ed9e3d5137
keys.yaml priority over defaultkeys.py. Test for this.
2018-09-29 15:54:17 +03:00
Maximilian Hils
e15619f34e
Merge pull request #3319 from mhils/issue-3316
...
Fix #3316
2018-09-07 10:34:55 +02:00
Maximilian Hils
1b6a8d6acd
fix #3316
2018-09-07 10:24:28 +02:00
David Kremer
dcd8ba34ab
[test/xss_scanner] add fixtures in tests
...
The previous version of that script made a repetitive use
of the pytest builtin fixture, with always
the same arguments.
This is a small refactoring and cleanup, mainly adding the 'function'
scope to ensure proper cleaning and using the @pytest.fixture
decorator where I could.
2018-08-15 19:47:55 +02:00
madt1m
a52451900c
session: implemented changes requested after PR review.
2018-08-05 21:57:55 +02:00
madt1m
e9c2b12dab
tests: Full coverage. Everything working, ready for review
2018-08-03 16:32:50 +02:00
madt1m
4e0c10b88b
tests: 97% coverage reached. Session opportunely patched after emerged defects.
2018-08-02 05:55:35 +02:00
Pietro Francesco Tirenna
9c949bd2f8
Merge pull request #3252 from madt1m/session-db
...
Session - Hybrid DB
2018-07-24 16:26:10 +02:00
madt1m
8c7793b91a
session: temporary DB is now stored in temporary dir
2018-07-24 15:57:11 +02:00
madt1m
68eb07b668
session: modified schema. Now SessionDB uses tempfile module for temp session
2018-07-24 11:58:33 +02:00
madt1m
e727446f14
benchmark: some improvements - limit to queue size
2018-07-23 21:18:24 +02:00
madt1m
8ab82ad9a3
benchmark: new protobuf serialization performance profiler
2018-07-22 12:47:54 +02:00
Aldo Cortesi
ec092fdc12
Merge pull request #3245 from madt1m/protobuf-serialization-clean
...
Shifting to Protobuf Serialization - Cleaned
2018-07-21 16:13:25 +12:00
madt1m
3b5cdf7f67
test_linting: removed some unused local variables
2018-07-20 18:15:27 +02:00
madt1m
fad8e7c99b
tests: SessionDB fully tested
2018-07-20 16:58:11 +02:00
Miroslav
dcb3de40b1
Some refactoring. New test case.
2018-07-19 16:56:34 +03:00
Pietro Francesco Tirenna
d5da74645b
protobuf: tests implemented, full coverage
2018-07-17 19:23:01 +02:00
Miroslav
ffbd7c20e5
Command history implementation
2018-07-17 18:37:45 +03:00
Thomas Kriechbaumer
3cd3765270
Merge pull request #3211 from cortesi/tcheck
...
Add typechecking of Any values for state object
2018-06-17 08:45:03 +02:00
Aldo Cortesi
77b49aa8de
Add typechecking of Any values for state object
...
An ugly solution for an ugly little problem. This patch uses JSON's type
checker to validate Any values in stateobject, in order to avoid a circular
import.
Fixes #3180
2018-06-17 10:22:17 +12:00
Aldo Cortesi
9ff4f55614
Merge pull request #3202 from madt1m/view-cleanup
...
View Cleanup - Initial steps
2018-06-17 09:20:34 +12:00
Aldo Cortesi
9463fee764
cibuild: permit non-dev versions on maintenance branches
...
Cater for the corner case where commits are incorporated on a maintenance
branch. We should be able to test these without adding a dev suffix to the tool
versions.
2018-06-16 15:09:34 +12:00
Aldo Cortesi
85526e5370
cibuild: Match Travis env variable behaviour
...
Whenever TRAVIS_TAG is non-empty, TRAVIS_BRANCH is over-ridden to match the
TRAVIS_TAG value. Adjust our tests to reflect this, and add a sanity check that
fails hard if this constraint is ever not met.
See https://github.com/travis-ci/travis-ci/issues/4745
2018-06-16 10:23:33 +12:00
Aldo Cortesi
bf791ba1d5
cibuild: refactor to handle v prefix for release tag names
2018-06-16 09:48:21 +12:00
madt1m
af54c26014
fixed exception type; full coverage on view
2018-06-13 17:39:46 +02:00
madt1m
40faf2c662
Added tests for new primitives
2018-06-13 15:57:21 +02:00
madt1m
773c953514
View API slightly extended; codebase cleaned in some points
2018-06-13 11:56:14 +02:00
Thomas Kriechbaumer
be26958ea8
improve websocket frame masking api
2018-06-11 13:28:28 +02:00
Maximilian Hils
09ff5df2fb
Such CI, Very Wow. ( #3182 )
2018-06-02 21:37:44 +02:00
Maximilian Hils
aa0cb2ba2f
add missing await
2018-05-28 22:27:27 +02:00
Aldo Cortesi
a38d2d7b0e
addons/block: teach block about IPv6 scope suffixes
...
Fixes #3160
2018-05-27 10:48:23 +12:00
Aldo Cortesi
ec2ae19e22
optmanager: tweaks and cleanups
2018-05-27 10:43:14 +12:00
Aldo Cortesi
e59ba13417
Use deferral mechanism for cfg file options
...
Fixes #3162
2018-05-27 10:12:24 +12:00
Aldo Cortesi
b6e1c4bb9d
cibuild: tweak docker tag, only upload prod builds to pypi
2018-05-25 12:46:56 +12:00
Aldo Cortesi
ff92962c51
cibuild: start building version awareness
2018-05-25 10:50:48 +12:00
Aldo Cortesi
fdf0d9974e
cibuild: more accurate PR test, better dump output
2018-05-24 22:58:33 +12:00
Aldo Cortesi
e9b19dba8a
cibuild: fix docker upload condition, expand tests
2018-05-24 22:32:31 +12:00
Aldo Cortesi
c91b511bc7
cibuild: extract upload conditions
2018-05-24 22:18:01 +12:00
Aldo Cortesi
0afff3a952
cibuild: add docker tag calculation to environ
2018-05-24 21:59:45 +12:00
Aldo Cortesi
bae4a3393f
release: include release directory in coverage
...
With lots of exclusions for now
2018-05-24 19:03:15 +12:00
Aldo Cortesi
8fceaca6b8
cibuild: Consolidate build environment and add tests
2018-05-24 11:06:43 +12:00
Aldo Cortesi
064929b559
clientreplay: fix racy tests harder
2018-05-18 09:51:56 +12:00
Thomas Kriechbaumer
976ab0c466
websocket: inject messages via flow
2018-05-16 21:50:15 +02:00
Thomas Kriechbaumer
9979be6487
fix py36/37 escaping issues
...
closes #3122
https://bugs.python.org/issue16285
https://bugs.python.org/issue12910
21024f0662
2018-05-14 10:41:46 +02:00
Aldo Cortesi
58ff51da10
command: handle string without terminal escaped char
...
Fixes #2810
2018-05-12 14:02:20 +12:00
Aldo Cortesi
88fe26997c
script: revamp ephemeral script running
...
Fixes 2838
2018-05-12 12:35:24 +12:00
Aldo Cortesi
482043cdcf
commands: handle type errors on startup
...
fixes #3088
fixes #2787
2018-05-12 11:10:14 +12:00
Aldo Cortesi
6dff8c58ad
commands: if no explicit return type is specified, assume None
...
This is going to be a super common error for addon authors, so we might as well
handle it.
2018-05-12 10:15:08 +12:00
Aldo Cortesi
8c63a8818d
keymap: read keys from CONFDIR/keys.yaml by default
2018-05-10 16:06:52 +12:00
Aldo Cortesi
9830e5b597
cadir -> confdir
...
We store a lot more than just the CAs in our configuration directory. Clarify
the option name.
2018-05-10 11:40:33 +12:00
Aldo Cortesi
3438912236
console keybindings: define YAML-based format for console key binding persistence
2018-05-10 11:30:51 +12:00
Aldo Cortesi
7d9b626d2e
clientplayback: try to fix flaky replay test
2018-05-08 16:33:41 +12:00
Aldo Cortesi
af1a4ffdcd
Ditch the addon stdout wrapper
...
This results in a 30% improvement in our core request throughput.
Fixes #3102
2018-05-08 14:26:41 +12:00
Aldo Cortesi
717fbaa990
optmanager: refactor for coverage and clarity
2018-05-08 14:24:41 +12:00
Aldo Cortesi
1b0eed19d1
benchmarks: quick-run scripts for mitmproxy and mitmdump
2018-05-08 11:08:37 +12:00
Aldo Cortesi
9b51393b6d
benchmark: keep track of requests/responses seen by proxy
2018-05-08 11:00:20 +12:00
Aldo Cortesi
f7d7e31f06
options: add the concept of deferred settings
...
We've had a perpetual sequencing problem with addon startup. Users need to be
able to specify options to addons on the command-line, before addons are
actually loaded. This is only exacerbated with the new async core, where load
order can't be relied on.
This patch introduces deferred options. Options passed with "--set" on the
command line are deferred if they are unknown, and are automatically applied by
the addon manager once matching addons are registered and their options are defined.
2018-05-08 10:56:00 +12:00
Maximilian Hils
752a367436
remove leftover processing_complete
2018-05-06 15:47:12 +02:00
Aldo Cortesi
60acbd79b9
Remove allowremote addon, add an improved take called block
...
We now have two options: block_global blocks global networks, block_private
blocks private networks. The block_global option is true by default, and
block_private is false by default. The addon name is "block" so the options are
correctly prefixed.
Also make option documentation precise, reduce verbosity of logs.
2018-05-06 12:43:25 +12:00
Aldo Cortesi
c53bc39c95
Merge pull request #3099 from Kriechi/fix-3024
...
fix #3024
2018-05-06 11:27:14 +12:00
Thomas Kriechbaumer
54e2daa21e
fix #3024
2018-05-05 14:38:02 +02:00
Aldo Cortesi
6bd2d5059b
Remove custom events
...
These were always weird, and were added to support exit when processing
completed to mitmdump. We now have better ways to do this.
2018-05-03 09:42:51 +12:00
Aldo Cortesi
f380a77dee
Remove the tick event
...
Mitmproxy: the tickless wonder.
2018-05-02 14:29:15 +12:00
Aldo Cortesi
38ff8109fb
taddons: remove has_event
...
We no longer use this anywhere, so ditch it.
2018-05-02 11:31:28 +12:00
Aldo Cortesi
22a4b1d5d4
Redesign keepserving
...
- Instead of listening for a pseudo-event, we periodically check whether client
replay, server replay or file reading is active.
- Adjust server replay not to
use tick.
- Adjust readfile to expose a command to check whether reading is in progress.
2018-05-02 11:26:40 +12:00
Aldo Cortesi
00d790fe84
commands: clarify command call interface, fix web app replay
2018-05-02 08:36:15 +12:00
Aldo Cortesi
6d27b28b85
client replay: expad and consolidate tests
2018-05-01 08:47:26 +12:00
Aldo Cortesi
236a2fb6fd
client replay: re-design
...
Re-design the way client replay works. Before, we would fire up a thread,
replay, wait for the thread to complete, get the next flow, and repeat the
procedure. Now, we have one replay thread that starts when the addon starts,
which pops flows off a thread-safe queue. This is much cleaner, removes the
need for busy tick, and sets the scene for optimisations like server connection
reuse down the track.
2018-04-30 17:17:03 +12:00
Aldo Cortesi
28d53d5a24
client replay: move all client replay-related code into addon
2018-04-27 16:34:56 +12:00