Selectively connect to upstream server based on no_upstream_cert
option. When no_upstream_cert is used during server replay, prevent
connecting to the upstream server unless absolutely necessary.
The certforward feature was implemented to support #gotofail,
which only works on unpatched iOS devices. Given that many apps don't
support iOS 7 anymore, jailbreak+ssl killswitch is usually the better option.
By removing certforward, we can make netlib a pure python module again,
which significantly simplifies distribution.
- No output to stdout on load in examples - they muck up the test suite.
- Use the odict module directly, rather than aliasing it. The small convenience
this gives to scripters is not worth it.
- Move the cookie tests from the flow test module to the protocol_http test
module.
- Fix a crash when connection timestamps don't exist yet
- Fix display of response timestamps
- Get rid of those colossal ternaries. I want a device that pokes people in the
eye every time they try to use a ternary operator.
- Split low-color and high-color specifications in palettes.
- Split off light, dark, lowlight and lowdark palettes. Lowlight and lowdark
will be the low-color base for most subsequent palettes.
- Add a small script that makes test pattern requests to pathod.
Two reasons for this. First, this removes flask and its dependencies, which are
quite sizeable. Second, pyinstaller now barfs on simplejson, which is a Flask
dependency. I just don't have time to fix this upstream, so doing what we
should be doing anyway is a no-brainer.
We support 4 different config files:
~/.mitmproxy/common.conf: Options that are common to all tools
~/.mitmproxy/mitmproxy.conf: Options for mitmproxy
~/.mitmproxy/mitmdump.conf: Options for mitmdump
~/.mitmproxy/mitmweb.conf: Options for mitmweb
Options in the tool-specific config files over-ride options in common.conf. If
a non-common option is put in common.conf, an error will be raised if a
non-supporting tool is used.
Found using fuzzing. Reproduction with pathoc, given "mitmproxy -s" and
pathod running on 9999:
get:'http://localhost:9999/p/':s'200:b\'foo\':h\'Content-Length\'=\'3\'':i58,'\x1a':r
return flow.FlowMaster.run(self)
File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/controller.py", line 111, in run
self.tick(self.masterq, 0.01)
File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/flow.py", line 613, in tick
return controller.Master.tick(self, q, timeout)
File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/controller.py", line 101, in tick
self.handle(*msg)
File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/controller.py", line 118, in handle
m(obj)
File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/flow.py", line 738, in handle_responseheaders
self.stream_large_bodies.run(f, False)
File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/flow.py", line 155, in run
r.headers, is_request, flow.request.method, code
File "/Users/aldo/mitmproxy/mitmproxy/netlib/http.py", line 401, in expected_http_body_size
raise HttpError(400 if is_request else 502, "Invalid content-length header: %s" % headers["content-length"])
netlib.http.HttpError: Invalid content-length header: ['\x1a3']
- Flatten the class hierarchy
- get_state, load_state, from_state are public
- Simplify code
- Remove __eq__ and __neq__. This fundamentally changes the semantics of
inherited objects in a way that's not part of the core function of the
class
