Commit Graph

2050 Commits

Author SHA1 Message Date
Aldo Cortesi
704c1db1b7 addon options: setheaders, stickyauth 2018-02-24 15:45:12 +13:00
Aldo Cortesi
12633adeb9 addon options: readfile, save, script 2018-02-24 15:28:43 +13:00
Aldo Cortesi
144b559b46 addon options: migrate replace, simplify taddons.context 2018-02-24 15:22:28 +13:00
Aldo Cortesi
52c8d7e0f8 addon options: shift server_replay options 2018-02-24 15:00:40 +13:00
Aldo Cortesi
74a0230788 addon options: shift keepserving and onboarding options 2018-02-24 14:53:54 +13:00
Aldo Cortesi
a12d149230 client options: migrate allowremote and clientplayback
Also triage options, and categorize them into core options (won't be migrated),
options that are hard to migrate for various reasons, and easy migrations.
2018-02-24 14:39:03 +13:00
Aldo Cortesi
42094b29ff Clean up un-necessary arguments to taddons.context
Also test coverage ++
2018-02-24 13:22:15 +13:00
Aldo Cortesi
4522a6f7b7 Start moving addon options into /addons
This takes the first few steps:

- Extends taddons to make loading addon options easier
- Removes dependencies in the test suite on options in addons
- Tweaks command-line parser autocreation to ignore nonexistent options. This
lets us load common options without over-depending on loaded addons.
2018-02-24 12:13:52 +13:00
Aldo Cortesi
16dd7f3ddf
Merge pull request #2886 from tran-tien-dat/set-cookie
Parse Set-Cookie header more permissively. Fix #2829
2018-02-24 10:49:33 +13:00
Aldo Cortesi
c471c42c7c Fix an issue with quoting and commands
Previously, quotes would disappear during editing, making it
impossible to enter command arguments with spaces.
2018-02-23 13:04:31 +13:00
Tran Tien Dat
97e534e76b Fix #2829 2018-02-21 19:58:29 +08:00
Miroslav
34dbd9adbb Flake, be happy 2018-02-20 21:45:14 +02:00
Miroslav
6c525317cc one more cleanup 2018-02-20 20:14:36 +02:00
Miroslav
aea6fd28c8 Hotkeys cleanup 2018-02-20 16:25:39 +02:00
Maximilian Hils
da4c1ee625
Merge pull request #2881 from cortesi/refreshopt
option refresh_server_playback -> server_replay_refresh
2018-02-19 22:52:19 +01:00
Aldo Cortesi
e9bdada1f5 option replay_kill_extra -> server_replay_kill_extra
Continuing effort to collect all sever replay options under a commmon prefix.
2018-02-20 09:46:47 +13:00
Aldo Cortesi
8129b93bb0 option refresh_server_playback -> server_replay_refresh
All other server playback options have this form.
2018-02-20 09:30:29 +13:00
kira0204
fb54bb3777 Testing 2018-02-19 22:45:30 +05:30
kira0204
60cd8cb0b1 Adding test 2018-02-16 22:30:29 +05:30
Maximilian Hils
26cb6b7936
Merge pull request #2847 from kira0204/key-cookie-issue
Handling empty key with value for cookies, fix #2827
2018-02-12 11:22:09 +01:00
kira0204
06f689aa34 keeping consistency, better testing 2018-02-11 17:25:44 +05:30
Maximilian Hils
cda7c8d754
Merge pull request #2851 from mhils/always-use-tls-settings
Use TLS options also for request replay
2018-02-10 12:40:39 +01:00
Maximilian Hils
e4f70b7957 use TLS options also for request replay, refs #2840 2018-02-08 13:17:33 +01:00
Miroslav
bd375c2669 Excess return was deleted 2018-02-08 00:31:57 +02:00
kira0204
4e9d4b37b3 fixing logic 2018-02-07 04:41:12 +05:30
Arushit Mudgal
91834f98cc Extend mypy checking, fix #2194 (#2819) 2018-02-03 21:37:33 +01:00
Samoilenko Roman
7733252627 don't raise when pyperclip doesn't find a clipboard, fix #2816 2018-02-03 13:53:09 +01:00
Maximilian Hils
4decb5c2e3 remove quotes around filename 2018-02-01 09:57:25 +01:00
Samoilenko Roman
4b93e16e78 Fix for #2750 and #2783 (#2809) 2018-01-25 16:07:09 +01:00
Arushit Mudgal
f41d521ce5 fix #2800 2018-01-25 16:06:19 +01:00
Samoilenko Roman
2d07678fe5 Fix #2765 (#2792) 2018-01-14 21:54:43 +01:00
Samoilenko Roman
6b22da6a34 Fix #2768 (#2778) 2018-01-14 21:54:09 +01:00
Maximilian Hils
9a43ff5da1
Merge pull request #2793 from kajojify/issue-2399
Issue 2399
2018-01-14 21:52:32 +01:00
Miroslav
267b1af835 Fix #2399 2018-01-14 13:41:15 +02:00
Maximilian Hils
d9e3fcf5ef store ClientHello extensions with client connection 2018-01-13 01:49:20 +01:00
Maximilian Hils
96a5ed9dff
Merge pull request #2790 from mhils/stateobject-improvements
stateobject: use typing, enable tuples and more complex datatypes
2018-01-13 00:35:49 +01:00
Maximilian Hils
69726f180a stateobject: use typing, enable tuples and more complex datatypes 2018-01-13 00:33:37 +01:00
Maximilian Hils
93d9640ea5 improve net.tls.ClientHello API, fix bugs, add tests 2018-01-13 00:10:47 +01:00
Maximilian Hils
fc80aa562e move ClientHello and related functions to mitmproxy.net.tls 2018-01-12 21:40:35 +01:00
Matthew Shao
137a78f22a Add test for fix#2766. 2018-01-11 09:23:50 +08:00
Matthew Shao
a6f6f8cd32 Raise a CommandError for the exception 2018-01-08 21:51:03 +08:00
Matthew Shao
633bc350d2 Fix #2760 2018-01-08 21:14:35 +08:00
Samoilenko Roman
821d76df02 Fix #2767 (#2770) 2018-01-07 23:05:39 +01:00
Maximilian Hils
15f525e86b only use annotated tags for version calculation 2018-01-07 21:18:42 +01:00
Thomas Kriechbaumer
4fb894cad4 avoid TLS/SSL ambiguity for Cert class 2018-01-07 19:55:04 +01:00
Thomas Kriechbaumer
d15e96dee1 rename TLS/SSL-related functions
SSL is an outdated protocol superseeded by TLS. Although the commonly
used library is called OpenSSL, it is no reason to still use outdated
language for function names.
2018-01-06 10:43:54 +01:00
Thomas Kriechbaumer
9aae3213b9 rename TLS/SSL-related attributes
SSL is an outdated protocol superseeded by TLS. Although the commonly
used library is called OpenSSL, it is no reason to still use outdated
language for attributes.
2018-01-06 10:43:47 +01:00
Maximilian Hils
2e2daeed89 refactor common.format_keyvals
the semantics here were really quite unclear,
now it is hopefully a bit more obvious what's happening.
Once we are Python 3.6+ exclusively, we may consider changing
the signature to accept a (order-preserving) dict instead of a list.
2018-01-05 16:45:50 +01:00
Maximilian Hils
c2adcb58f4 fix test flow timestamps to values that don't overflow in certain timezones 2018-01-05 16:45:43 +01:00
Maximilian Hils
dd7902cf7f fix #2470 2018-01-04 16:31:45 +01:00
Maximilian Hils
d38b5e8552 do not add leading zeroes to .dev version part.
wheel normalizes to no leading zeroes, and we don't want to special-case
that.
2018-01-04 15:42:09 +01:00
Maximilian Hils
d9d4d15ee0
Merge pull request #2733 from mitmproxy/pyinstaller
Update PyInstaller, add dev version info to builds.
2017-12-30 22:29:49 +01:00
Maximilian Hils
9dc3d16bf2 single-source version processing 2017-12-30 18:48:47 +01:00
Maximilian Hils
afe6e587f9
Merge pull request #2703 from mhils/test-defaultkeys
Test that default key bindings are valid commands
2017-12-30 17:37:33 +01:00
Maximilian Hils
465044c373 test that defaultkeys are valid commands 2017-12-29 23:20:03 +01:00
Maximilian Hils
6232622774 fix Flow.kill behaviour
This now just sets a kill reply instead of committing directly.
First, this seems like the more sane thing to do.
Second, we have an iffy race condition where we call Reply.commit()
before the addonmanager finishes its invocation, the proxy thread then progresses
and sets a new flow.reply attribute, and the addonmanager then gets confused
when finishing. This commit doesn't fix that, but mitigates it for Flow.kill
which is now committed by the addonmanager.
2017-12-29 22:56:29 +01:00
Thomas Kriechbaumer
59c277effd websocket: add flow kill test 2017-12-29 22:51:13 +01:00
Thomas Kriechbaumer
a35716a3a7 websocket: test killable 2017-12-28 19:50:31 +01:00
Thomas Kriechbaumer
f123fb600d websocket: docs++ and kill messages
fixes #2724
2017-12-27 22:01:28 +01:00
Maximilian Hils
ddb8f43b87 Display "*" when listening on all interfaces
The set of people who understand "0.0.0.0" (and/or "::") is a subset of
the set of people who understand "*", so we can make things easier to understand
by using the less technical notation.

Empirical Evidence:
 - https://discourse.mitmproxy.org/t/unable-to-use-mitmproxy-on-windows/735
 - https://discourse.mitmproxy.org/t/how-to-view-the-proxy-servers-url/23
2017-12-26 20:01:37 +01:00
fate0
5661b40942 @concurrent decorator works for class methods. (#2708)
* @concurrent decorator should works for class methods
* modify test for @concurrent decorator in class.
* add docs
2017-12-26 18:44:43 +01:00
Aldo Cortesi
7d45d7f15e cuts: don't crash when retrieving header of a non-existent response 2017-12-20 11:53:44 +13:00
Aldo Cortesi
79ca2c8437 commander: command argument underlay
Display context-sensitive argument types as an "underlay" in commander.
2017-12-20 10:07:35 +13:00
Aldo Cortesi
d7ee5d8f85 commander: palette entries, highlight errors
- Add palette entries specific to commander
- Highlight errors
- Introduce an Unknown type to keep track of extra unknown arguments to
commands
2017-12-20 09:09:40 +13:00
Aldo Cortesi
3341edc9fa commander: highlight commands
Step 1 of the fancification of commander.
2017-12-20 08:21:48 +13:00
Aldo Cortesi
d98fc4f03a commands: partial parser now returns help for remaining arguments 2017-12-19 11:50:12 +13:00
Aldo Cortesi
843bad187c types: add validation to partial parser 2017-12-19 11:22:03 +13:00
Aldo Cortesi
6563feaf05 types: use new type validation mechanism in commands 2017-12-19 10:19:08 +13:00
Aldo Cortesi
cda14830d3 types: add validation functions 2017-12-19 10:19:08 +13:00
Aldo Cortesi
38b37ba7f5 types: cleanups and minor refactorings 2017-12-19 10:19:08 +13:00
Thomas Kriechbaumer
9faad6bc9c
Merge pull request #2702 from Kriechi/fix-2640
improve websocket dumps
2017-12-18 21:31:00 +01:00
Thomas Kriechbaumer
417a860f32 add tests 2017-12-18 11:20:18 +01:00
Thomas Kriechbaumer
8d836d251e fix #2640 2017-12-18 09:19:21 +01:00
Thomas Kriechbaumer
1a7ce384da websocket: support domain and url filters 2017-12-18 09:19:20 +01:00
Aldo Cortesi
b0b67fe2a7 commands: refactor types
The type system was scattered over a number of places, making it hard to
follow. This collects all command types in types.py, and completion, validation
and parsing for each type is centralised. We should use the same mechanism for
options.
2017-12-18 17:02:48 +13:00
Aldo Cortesi
7dbe4209d9
Merge pull request #2690 from cortesi/types
mitmproxy.types -> mitmproxy.coretypes
2017-12-18 08:14:07 +13:00
Aldo Cortesi
978b8d095c mitmproxy.types -> mitmproxy.coretypes
The types name is valuable, and we have a better use for it in collecting and
exposing types for options and commands.

The coretypes module should probably be split up anyway - it contains a
threading base class, a few container objects, and the defintion of our
serialization protocol. I was tempted to rename it to "uncagegorized" for the
sake of honesty.
2017-12-17 13:31:36 +13:00
Aldo Cortesi
a289db8d75 commands: minor refactoring and command renaming 2017-12-17 11:23:15 +13:00
Aldo Cortesi
ac335057a7 Disable implicit JS test asset generation
The JS test assets depend in a brittle way on the details of the tflow()
utility functions. We shouldn't have to fix JS tests when adjusting these.

Options:
    - Manually generate the test assets in a script.
    - Define the JS assets without using tflow, so they don't unexpextedly
    vary.
2017-12-17 10:17:05 +13:00
Aldo Cortesi
2649e57691 minor: fix key bindings, adjust flow command presentation
Fixes #2681
2017-12-17 10:11:02 +13:00
Aldo Cortesi
cd913d598d command cuts: add completion
- Remove shortcuts for request, response, etc. - we don't need them if we have completion
- Restrict cuts specification to a set of prefixes
- Extend cuts to add a few more items
2017-12-17 10:11:02 +13:00
Aldo Cortesi
50a94db2cc commands: Reassess the cuts API
Make the cuts API more transparent. Cut specifications are no longer a
centrally resolved core type, and flows are now passed explicitly.
2017-12-17 10:11:02 +13:00
Aldo Cortesi
198c7b19a3 commander: test++ 2017-12-15 17:51:02 +13:00
Aldo Cortesi
a8ae006f2e command: path completion 2017-12-15 16:02:34 +13:00
Aldo Cortesi
582e6a9fa6 command: recursive command parsing
This lets us complete commands passed to commands correctly.
2017-12-15 16:02:34 +13:00
Aldo Cortesi
a436af537a
Merge pull request #2678 from mhils/console-startup-events
Fix console logging during startup
2017-12-15 16:02:19 +13:00
Maximilian Hils
3ff380054c improve eventstore truncation 2017-12-15 01:36:41 +01:00
Aldo Cortesi
1c097813c1 commands: emit types from partial parser, implement choice completion 2017-12-15 11:38:37 +13:00
Aldo Cortesi
8c0ba71fd8 commander: tab completion for command names 2017-12-15 10:07:47 +13:00
Aldo Cortesi
4d358c49fb WIP: autocompletion 2017-12-15 10:07:47 +13:00
Aldo Cortesi
0cd4a77268 commands: add a parser for partial commands
We only return Cmd and str types for the moment.
2017-12-15 10:07:47 +13:00
Aldo Cortesi
e64d5c6bb9 commands: add a Cmd argument type
This represents a command passed as an argument. Also split arguments from
command values themselves, making the command help for meta-commands much
clearer.
2017-12-15 10:07:47 +13:00
Aldo Cortesi
04e19f9171 Introduce a custom widget for command editing
The builtin urwid.Edit widget is not sufficiently flexible for what we want to
do.
2017-12-15 10:07:47 +13:00
Aldo Cortesi
dfcf62ff2b
Merge pull request #2545 from mitmproxy/wsproto
Replace our WebSocket stack with wsproto
2017-12-15 09:49:24 +13:00
Maximilian Hils
0af6e2e97f adjust tests 2017-12-14 15:44:47 +01:00
Aldo Cortesi
62561ed428
Merge pull request #2669 from cortesi/path
commands: add a Path argument type
2017-12-14 07:42:12 +13:00
Maximilian Hils
5e0e08a4d6
Merge pull request #2670 from Kriechi/fix-2664
fix #2664
2017-12-13 13:50:43 +01:00
Thomas Kriechbaumer
488ec6f3f1 fix #2664 2017-12-13 09:45:40 +01:00
Aldo Cortesi
79cf6d2a5d
Merge pull request #2668 from cortesi/commandopts
Command improvements
2017-12-13 14:42:56 +13:00
Aldo Cortesi
e63bb8cde5 commands: add a Path argument type
This is just an alias for str, and in this patch is used mostly to give an
appropriate type in help strings. More to come.

Fixes #2198
2017-12-13 14:41:46 +13:00
Aldo Cortesi
4cee1a4f96 commands: formalise a Choice type
This resolves as a string during MyPy checks, but at runtime has an additional
attribute that is a command that returns valid options.

This is very ugly and clumsy, basically because MyPy is super restrictive about
what it accepts as a type. Almost any attempt to construct these types in a
more sophisticated way fails in one way or another. I'm open to suggestions.
2017-12-13 11:08:14 +13:00
Maximilian Hils
1a45cf17b3
Merge pull request #2643 from Ga-ryo/master
Fix #2594
2017-12-12 22:40:47 +01:00
Ujjwal Verma
5214f544e7 Use wsproto for websockets 2017-12-12 22:09:46 +01:00
Thomas Kriechbaumer
130021b76d prepare WebSocket stack to move to wsproto 2017-12-12 22:09:46 +01:00
Maximilian Hils
8e9194c2b4 fix #2529 2017-12-12 16:46:35 +01:00
Maximilian Hils
0fb48bc6a7 minor improvements, add tests for ipv4-mapped addresses 2017-12-12 14:00:12 +01:00
Aldo Cortesi
4912920573
Merge branch 'master' into browser-win 2017-12-12 08:03:09 +13:00
Maximilian Hils
7654ad2d31 fix browser addon on Windows 2017-12-11 10:46:55 +01:00
Aldo Cortesi
b8cbb4dce8 commands: verify command function signatures before call (#2659)
Fixes #2652, and many other possible crashes on user input.
2017-12-11 10:03:07 +01:00
Aldo Cortesi
aeefcd08a4 browser addon: start an isolated browser attached to the proxy
A simple addon that starts an instance of Chrome attached to the current
proxy. The instance is isolated in its own user data directory, and addons are
turned off.

Future work:

- I wasn't able to test the Windows executable path - a Windows dev should
confirm this for us.
- In future it would be nice to support other browsers like Firefox.
2017-12-10 18:26:24 +13:00
Suraj Tripathi
5067438ec1 Bug in expected_http_body_size fix (#2642)
fixes #2618
2017-11-27 19:01:32 +01:00
Maximilian Hils
4a2a718bc2 improve clientreplay addon
- always refresh UI after flow is finished (refs #2616)
 - count currently active replay
 - make replay thread daemonic so that users can exit mitmproxy
   if replay hangs. This is not perfect yet, but vastly better
   than how it has been.
2017-11-07 11:49:12 +01:00
Maximilian Hils
e6e28c2ac3 fix revert of duplicated flows 2017-11-06 15:24:54 +01:00
Maximilian Hils
7314081b82 make safecall threadsafe. 2017-10-26 21:43:59 +02:00
Maximilian Hils
4a6d838ecc fix #2563 2017-10-24 23:27:16 +02:00
Maximilian Hils
a5d74356dd simplify version output 2017-10-24 14:33:56 +02:00
Maximilian Hils
f31d5dc3eb Merge pull request #2591 from ddworken/master
Added scanning for CSS injection and iframe injection to XSS scanner
2017-10-22 18:02:28 +02:00
Maximilian Hils
4522f15c89 skip ipv6 tests on sudo-enabled travis builds 2017-10-20 16:00:25 +02:00
David Dworken
04a06eb6b5 Added scanning for CSS injection and iframe injection 2017-10-17 23:39:33 -04:00
Maximilian Hils
289ddfe988 remove html outline contentview, fix #2572 2017-09-14 15:11:24 -07:00
Maximilian Hils
930d78b554 Merge pull request #2537 from ujjwal96/content-view
JS beautifier
2017-09-04 19:49:42 +02:00
Maximilian Hils
68fab8bd92 Merge pull request #2560 from mhils/mitmproxy-net-tls
Split TLS parts from net.tcp into net.tls
2017-09-04 17:32:49 +02:00
Maximilian Hils
de006ea8ad move hostname validation into mitmproxy.net.tls 2017-09-04 14:02:43 +02:00
Maximilian Hils
0b79304e98 suppress tornado logging in tests 2017-09-03 21:22:21 +02:00
Maximilian Hils
e1877577bc make split_special_areas more flexible, refs #2537
(cherry picked from commit 31ef7f149e4553eb9403634c0eec6de4d0123386)
2017-09-03 21:02:29 +02:00
Ujjwal Verma
8030f5003d Added test 2017-09-03 21:02:29 +02:00
Ujjwal Verma
b05bf588e6 JS beautifier 2017-09-03 21:02:29 +02:00
Maximilian Hils
2b4f58eb44 split TLS parts from net.tcp into net.tls 2017-09-03 03:06:15 +02:00
Matthew Shao
a98dd1642c [web] Update test for static viewer. 2017-08-30 21:15:04 +08:00
Maximilian Hils
e1af76e71f fix strutils.split_special_areas 2017-08-26 17:04:56 +02:00
Maximilian Hils
8eb6558570 add new, faster css prettifier 🎉 2017-08-24 20:39:21 +02:00
Maximilian Hils
72ac89f666 add strutils.escape_special_areas 2017-08-24 18:57:32 +02:00
Maximilian Hils
721f7cc92e Merge pull request #2540 from mhils/relatively-static
Make it possible to run static viewer in subdirectories
2017-08-22 00:59:51 +02:00
Maximilian Hils
bf243244ce [web] make it possible to run static viewer in subdirectories 2017-08-21 23:46:48 +02:00
Maximilian Hils
ca3e98640c fix mitmweb master shutdown, tests++ 2017-08-21 21:39:40 +02:00
Maximilian Hils
fa8bc78ca8 fix tests 2017-08-21 17:35:32 +02:00
Maximilian Hils
1e379b356f move tests... 2017-08-21 17:34:13 +02:00
Maximilian Hils
7fcc945b4f Merge pull request #2510 from MatthewShao/static-viewer
[WIP][web]Static viewer converter for mitmweb
2017-08-21 15:08:25 +02:00
Matthew Shao
d008f179c3 [web] Static_viewer coverage ++. 2017-08-17 21:40:52 +08:00
Matthew Shao
af30930ae8 [web] Add tests for StaticViewer and minor fixes. 2017-08-17 11:17:15 +08:00
Maximilian Hils
a006cab5ce Merge pull request #2489 from MatthewShao/options-into-own-addon
Move console-related options into their own addon
2017-08-16 22:52:02 +02:00
Maximilian Hils
74a04f41ee improve ClientHello.alpn_protocols API 2017-08-16 14:48:46 +02:00
Matthew Shao
3f497640ab [web] Update tests. 2017-08-16 09:42:24 +08:00
Matthew Shao
56781a0b08 Add test for AddonManager.__contains__ 2017-08-08 19:43:51 +08:00
Maximilian Hils
6d9b5b0c06 Merge pull request #2502 from mhils/optmanager
Fix optmanager equality check and deepcopy
2017-08-07 16:22:33 +02:00
Maximilian Hils
cf135eab44 Merge pull request #2503 from ujjwal96/options
Improve options UX
2017-08-07 16:22:17 +02:00
Ujjwal Verma
3d79ea4358 Improve options UX 2017-08-07 00:11:44 +05:30
Maximilian Hils
aa8969b240 Merge pull request #2492 from mhils/addon-contains
Gracefully handle errors during script load
2017-08-05 20:04:23 +02:00
Matthew Shao
cd222ff4f9 Fix lint. 2017-08-05 09:17:38 +08:00
Maximilian Hils
e30750bf9e fix optmanager equality check and deepcopy 2017-08-05 02:34:00 +02:00
Maximilian Hils
a9f169ca86 gracefully handle errors during script load 2017-08-05 01:40:04 +02:00
Matthew Shao
b42f5bcb9d Update taddon and tests. 2017-08-03 18:57:54 +08:00
Thomas Kriechbaumer
0c5b56f7ce improve proxyauth tests 2017-08-02 10:03:41 +02:00
Matthew Shao
ddffcf83ec Update tests. 2017-08-01 23:01:58 +08:00
Maximilian Hils
e8f836425a add LogEntry.__eq__ 2017-08-01 13:42:37 +02:00
Maximilian Hils
864073f700 Merge pull request #2487 from mhils/no-option-processing
Remove OptManager._processed
2017-08-01 02:54:33 +02:00
Matthew Shao
2ceaa5c9ef Update tests. 2017-08-01 08:42:51 +08:00
Maximilian Hils
1b09002edc remove OptManager._processed
Instead of having the core addon do postprocessing on body_size_limit,
we add a cache to the parsing function. First, this avoids any potential issues
with options and _processed getting out of sync. As anecdotal evidence,
the previous implementation did not clear _processed when body_size_limit was
reset to None. Second, it achieves the same end result without introducing a new
concept of a "_processed" scratch space. Third, it works even if addons aren't present,
and does not require workarounds as previously present in test_http2.py.

refs https://github.com/mitmproxy/mitmproxy/pull/2484#pullrequestreview-53101507
2017-07-31 01:58:31 +02:00
Maximilian Hils
018668618e Merge pull request #2484 from mhils/options-into-own-addon
Enable tool-specific options
2017-07-31 00:01:15 +02:00
Maximilian Hils
f844c68e2e Merge pull request #2485 from mhils/silent-option-redeclaration
Make option redeclaration silent if signature is the same
2017-07-30 03:47:25 +02:00
Maximilian Hils
7594dac94b Merge pull request #2482 from mhils/pure-script-load
Make load_script pure
2017-07-30 02:33:00 +02:00
Maximilian Hils
6a41122990 make option redeclaration silent if signature is the same 2017-07-30 02:14:44 +02:00
Maximilian Hils
ecc01b0f02 Merge pull request #2483 from mhils/ignore-imports-with-hook-names
Gracefully ignore imports with hook names
2017-07-30 02:04:36 +02:00
Maximilian Hils
3b8e3e4aa9 make load_script pure 2017-07-30 02:03:26 +02:00
Maximilian Hils
10ef2866ca fix tflow.js creation on Windows.
Keep lineendings consistent so that running the tests does not produce
a different file on Windows.
2017-07-30 02:01:28 +02:00
Maximilian Hils
3612e7ca76 fix tool-specific cmdline
before this commit, all tools only exposed mitmdump cmdline arguments,
as run() contained a simple `cmdline.mitmdump()` invocation.
This fixes this, and also makes it possible to have cmdline arguments for
tool-specific options.
2017-07-30 01:49:56 +02:00
Maximilian Hils
ed1ab3f0b1 disentangle ProxyServer and Master classes.
The proxy server should ultimately be an addon itself and not be passed
to the Master constructor. This commit already removes the server in the majority
of instances, and also replaces a large number of ProxyConfig usages with the Options class..
2017-07-30 01:25:36 +02:00
Maximilian Hils
52da46640b add option type hints 2017-07-29 21:51:36 +02:00
Maximilian Hils
c29c5dbee8 add OptManager.items 2017-07-29 21:51:26 +02:00
Maximilian Hils
d5c9f13121 gracefully ignore imports with hook names 2017-07-29 21:47:27 +02:00
Maximilian Hils
9ffd42edea Merge pull request #2452 from mattweidner/add_intercept_toggle
Add intercept toggle feature.
2017-07-29 19:48:42 +02:00
Maximilian Hils
e79f4049aa Merge pull request #2480 from MatthewShao/mitmweb-options
Fix #2448: Improve flow_detail and verbosity options
2017-07-29 16:57:37 +02:00
Maximilian Hils
7b54ef23d5 Merge pull request #2471 from ujjwal96/traceback-fix
Fixed addon error in test suite
2017-07-29 16:54:22 +02:00
Matthew Shao
7cb14925fe Update tests for the improved verbosity options. 2017-07-28 20:34:18 +08:00
Matt Weidner
f8c5fb3d15 Extended intercept tests to include toggle feature 2017-07-27 21:11:37 -05:00
Maximilian Hils
5fb49c3b64 add console statusbar test 2017-07-27 14:42:57 +02:00
Maximilian Hils
357928b0cd Merge pull request #2460 from MatthewShao/mitmweb-options
Add default value suggester in mitmweb options
2017-07-27 13:11:16 +02:00
Matthew Shao
4ab5574e18 [web] Minor Fix for backend. 2017-07-27 11:20:37 +08:00
Matthew Shao
108ef03585 [web] Fix tests. 2017-07-26 15:57:05 +08:00
Matthew Shao
4282dc1ac4 [web] Update tests. 2017-07-26 15:16:23 +08:00
Maximilian Hils
d409a6c09a Merge pull request #2469 from Kriechi/nuke-old-openssl
nuke old openssl
2017-07-25 21:57:54 +02:00
Maximilian Hils
3262b6e705 Squashed commit of the following:
commit edfbd41200a854f0bb7bb99f8bb70af9dbb9b8e0
Author: Matt Weidner <matt.weidner@gmail.com>
Date:   Tue Jul 25 01:19:53 2017 -0500

    Extended view.load test to check for unhandled IOError exception.

commit a523b534bc59ea97ed1fd5a3e6f78112fee19b6f
Author: requires.io <support@requires.io>
Date:   Mon Jul 24 21:25:04 2017 +0200

    [requires.io] dependency update

commit c725540c6eb92c003616b649ba43bee1f14e56ac
Author: Thomas Kriechbaumer <thomas@kriechbaumer.name>
Date:   Mon Jul 24 21:01:25 2017 +0200

    update travis

commit eeb6cfb4c76e60ac1813b839f589cd489c041c6c
Author: Thomas Kriechbaumer <Kriechi@users.noreply.github.com>
Date:   Mon Jul 24 21:03:14 2017 +0200

    [requires.io] dependency update on master branch (#2435)

commit 51a2672c782ee8ba8c7d5c7116073feccb4d8430
Author: Maximilian Hils <git@maximilianhils.com>
Date:   Mon Jul 24 19:03:01 2017 +0200

    require latest mypy version (refs #2452)

commit 5685a4850af6edda7100cae900487955c8b7a3ab
Author: Maximilian Hils <git@maximilianhils.com>
Date:   Fri Jul 21 11:24:42 2017 +0200

    fix addon tracebacks

    `.tb_next` discards the first interesting frame,
    this shouldn't happen.

commit a2da9b6c02030293f3a412d16df819868c581a29
Author: Matt Weidner <matt.weidner@gmail.com>
Date:   Sat Jul 22 12:30:15 2017 -0500

    Added os.path.expanduser() before open() calls with user supplied paths

commit 05db6e32c7957f267e97c34aa8f5a3cd6cb7dbb2
Author: Matt Weidner <matt.weidner@gmail.com>
Date:   Fri Jul 21 16:25:16 2017 -0500

    Added support for the ~ path shortcut when loading flows from disk.
    for consistency. Saving flows supports using paths with the ~ shortcut.

commit b7f864b6bbd221093aeb1c384dd16038f490441a
Author: Matt Weidner <matt.weidner@gmail.com>
Date:   Fri Jul 21 16:06:38 2017 -0500

    Fixed crash when loading flows from a file that does not exist
2017-07-25 21:55:26 +02:00
Ujjwal Verma
ed0f219167 fixed addon error 2017-07-26 01:02:30 +05:30
Thomas Kriechbaumer
4855659eeb nuke old openssl 2017-07-25 10:56:24 +02:00
Thomas Kriechbaumer
a2c2b1a9cb update cert with too small key
$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
  (keep everything default, do not enter a Common Name or FQDN)
$ cat key.pem cert.pem > test/mitmproxy/data/no_common_name.pem
2017-07-25 10:56:24 +02:00
Matthew Shao
5c45a90ce9 [web] Update tests. 2017-07-24 20:36:21 +08:00
Maximilian Hils
779677bcc6 fix loading scripts with same filename 2017-07-20 15:21:09 +02:00
Thomas Kriechbaumer
74708d546b Update test_allowremote.py 2017-07-15 10:01:14 +02:00
Ujjwal Verma
fdc64be04a Allow remote addon 2017-07-15 10:01:14 +02:00
Thomas Kriechbaumer
3814f171dd Merge pull request #2427 from ujjwal96/protobuf
Kaitai parser for protobuf
2017-07-10 22:58:38 +02:00
Ujjwal Verma
3f269d2b68 Kaitai parser for protobuf 2017-07-10 01:24:43 +05:30
Maximilian Hils
062a58f848 Merge pull request #2423 from MatthewShao/mitmweb-options
[web] [WIP] Mitmweb options editor content
2017-07-05 16:25:38 +02:00
Matthew Shao
37fea267c1 Fix the test for websocket connection. 2017-07-05 18:57:19 +08:00
Matthew Shao
aa01a62df7 [web] Add keys argument for dump_dict in optmanager. 2017-07-05 08:40:21 +08:00
Ujjwal Verma
7e04ac0578 add websocket streaming option 2017-07-04 10:53:23 +02:00
Ujjwal Verma
9e1902be62 fix HTTP retry if sending a request fails once 2017-07-04 10:52:50 +02:00
Ujjwal Verma
389d37ebff websocket streaming 2017-07-04 10:52:50 +02:00
Ujjwal Verma
d4f35d7a4a request streaming for HTTP/2 2017-07-04 10:52:50 +02:00
Ujjwal Verma
47c9604aed request streaming for HTTP/1 2017-07-04 10:52:50 +02:00
Ujjwal Verma
7dfa557441 Fixes #2315 2017-06-28 19:18:57 +05:30
Maximilian Hils
d58abc9200 Merge pull request #2402 from ujjwal96/request-replay
Fixes #2197
2017-06-27 11:18:12 +02:00
Ujjwal Verma
08735ab0ae request replay test 2017-06-26 00:53:14 +05:30
Maximilian Hils
13dac9f212 Merge pull request #2411 from ujjwal96/ico-parser
ICO content view
2017-06-25 02:02:01 +02:00
Ujjwal Verma
8ca29679df Added test 2017-06-25 01:05:20 +05:30
Maximilian Hils
bde64746a9 Merge pull request #2395 from MatthewShao/mitmweb-options
[WIP] Add RESTful API for mitmweb option
2017-06-24 19:54:04 +02:00
Matthew Shao
1863326220 Minor Update for /options API of mitmweb. 2017-06-24 10:18:00 +08:00
Matthew Shao
c7ce7f84e6 Add test for POST /options API of mitmweb. 2017-06-23 10:58:59 +08:00
Matthew Shao
9687d67601 Add test for typespec_to_str. 2017-06-14 07:44:00 +08:00
Aldo Cortesi
788f0f5784 console: console.key.bind console.key.unbind commands 2017-06-14 08:34:34 +12:00
Matthew Shao
2c0f6c2023 Minor Update and add test. 2017-06-13 23:03:07 +08:00
Aldo Cortesi
4a7cafee9e console: teach keymap to understand "space"
Urwid uses " ", which is not a great user experience.
2017-06-13 15:36:00 +12:00
Aldo Cortesi
ba49b55684 console: key binding viewer
Read-only for now.
2017-06-13 11:48:08 +12:00
Aldo Cortesi
88832f92a3 view: show a message if we remove more than one flow from view 2017-06-13 11:02:32 +12:00
Aldo Cortesi
56eb0441da commands: teach parser correct annotations for variable args
We should annotate with the base type, not the resulting sequence.
2017-06-13 10:26:03 +12:00
Aldo Cortesi
d95f28e6bf config: don't crash with a config file containing only comments 2017-06-13 09:43:12 +12:00
Ujjwal Verma
6ca45856b4 Test for streaming 2017-06-12 23:46:43 +05:30
Matthew Shao
03bb0a09b9 Add tests for dump_dicts in optmanager.py. 2017-06-12 23:23:09 +08:00
Ujjwal Verma
4587b54aed tests for Proxy config 2017-06-12 01:32:58 +05:30
Aldo Cortesi
7caa7e7538 console: auto-generate context key binding help 2017-06-11 17:09:52 +12:00
Maximilian Hils
9b59937e12 always pretend to have a tty in tests 2017-06-05 00:19:52 +02:00
Thomas Kriechbaumer
020e5a5c95 Merge pull request #2367 from mhils/issue-2329
Fix #2329
2017-06-02 14:18:56 +02:00
Ujjwal Verma
619566fc9f Fixes #2230 (#2361) 2017-06-02 13:31:12 +02:00
Maximilian Hils
5e17b5f62e minor improvements 2017-06-02 00:01:37 +02:00
Maximilian Hils
2ba0791810 fix #2329 2017-06-01 23:39:49 +02:00
Ujjwal Verma
33f735ef50 Increase test coverage 2017-05-31 04:05:10 +05:30
Thomas Kriechbaumer
ef1c36194e coverage++ 2017-05-26 22:58:01 +02:00
Thomas Kriechbaumer
f5eaddb12c Merge pull request #2346 from ujjwal96/test-coverage
Tests for wbxml
2017-05-26 18:38:24 +02:00
Thomas Kriechbaumer
47b6d1823e remove old test file 2017-05-26 17:04:04 +02:00
Thomas Kriechbaumer
ee6ea31147 Merge pull request #2353 from ujjwal96/tls-parser
Using kaitai struct to parse tls client hello
2017-05-26 13:58:29 +02:00
Ujjwal Verma
6637630e3e Using kaitai struct to parse tls client hello 2017-05-26 00:41:18 +05:30
Thomas Kriechbaumer
cfed4432a0 pathod: fix leaking fds 2017-05-24 19:32:20 +02:00
Ujjwal Verma
bd8a869118 Tests for wbxml 2017-05-24 21:37:49 +05:30
Thomas Kriechbaumer
673ed5b45e pathod: properly verify certificate in tests 2017-05-24 17:40:44 +02:00
Thomas Kriechbaumer
6214c6e185 fix openssl cipher_list bytes/str deprecation 2017-05-24 16:17:04 +02:00
Thomas Kriechbaumer
e77f07a36b cleanup 2017-05-24 14:23:36 +02:00
Thomas Kriechbaumer
ae7e9efb5c fix various fd/socket leaks 2017-05-24 14:09:41 +02:00
Thomas Kriechbaumer
2faaa0b2a2 connections tests: fix leaking sockets 2017-05-24 13:21:58 +02:00
Thomas Kriechbaumer
928085c597 proxy tests: fix leaking sockets 2017-05-24 12:52:13 +02:00
Thomas Kriechbaumer
c9529ffe45 http1 tests: fix leaking sockets 2017-05-24 11:43:57 +02:00
Thomas Kriechbaumer
618044c637 http2 tests: fix leaking sockets 2017-05-24 11:43:50 +02:00
Thomas Kriechbaumer
c4f028d701 websocket tests: fix leaking sockets 2017-05-24 11:35:53 +02:00
Thomas Kriechbaumer
0bd3d0ff4c upgrade pytest and remove our pytest.raises wrapper 2017-05-24 11:35:53 +02:00
Thomas Kriechbaumer
4961d782ed fix typo 2017-05-24 11:35:53 +02:00
Thomas Kriechbaumer
b4f65049f2 auto-close file after reading 2017-05-24 11:35:53 +02:00
Maximilian Hils
5626c384ab Merge pull request #2342 from MatthewShao/jest-dev
[web] Add  _flow.js for component tests.
2017-05-22 10:00:35 +02:00
Matthew Shao
2935ff5f3a [web] Set some value as constant, so _tflow.js would not change. 2017-05-22 08:53:59 +08:00
Matthew Shao
2c38fddea5 [web] TFlow minor improved. 2017-05-21 20:59:19 +08:00
Matthew Shao
369e1f1eee [web] Fix minior lint problem. 2017-05-19 09:56:52 +08:00
Matthew Shao
50c0703424 [web] Add _tflow.js generator in test_app.py 2017-05-19 09:45:30 +08:00
Ujjwal Verma
5833b218b2 Increase net.tcp.py coverage (#2336) 2017-05-17 23:27:57 +08:00
Ujjwal Verma
37053f0efc Increased mitmproxy.controller coverage 2017-05-17 11:06:40 +05:30
Ujjwal Verma
204d06f93f Increased xml_html contentview coverage 2017-05-17 11:05:49 +05:30
Ujjwal Verma
8eea05fcaf Increase contentviews api coverage 2017-05-17 11:04:43 +05:30
Ujjwal Verma
d47de94303 Increase io.compat coverage 2017-05-12 21:09:50 +05:30
Ujjwal Verma
766c5caea8 Increased net.http.cookies.py and net.http.message.py coverage 2017-05-12 21:09:50 +05:30
charlesdhdt
9f8e83259e Fixed LDAP Auth (#2333) 2017-05-12 15:37:00 +02:00
Ujjwal Verma
3e85dfd242 Handle head request on onboarding app: Fix #2324 (#2325) 2017-05-09 20:08:42 +02:00
Maximilian Hils
d734f6bbd6 Merge pull request #2286 from charlesdhdt/master
Added LDAP Auth
2017-05-04 16:24:57 +02:00
Charles d'Hondt
154e8ac0fc fixed lint 2017-05-04 13:39:48 +02:00
Charles d'Hondt
f67d9adc31 Added ldap mock test 2017-05-04 13:25:15 +02:00
Maximilian Hils
315daa042a fix #2310 2017-05-03 17:38:17 +02:00
Aldo Cortesi
2659b52209 console: add a two-pane layout
- Replace options.console_eventlog with options.console_layout
- This can be "single", "vertical" and "horizontal"
- At the base of the primary pane is the flowlist. At the base of the secondary
pane is the event log.
- Any of the other primary windows can be opened in each of the panes.

For now, I've bound "-" to the flow layout switch, "shift tab" to the layout
pane switch, and "P" to open the currently focused flow in whichever pane
you're in. These are just temporary  - we'll reassess the default bindings
carefully once the keybindings work is complete.
2017-05-03 14:55:02 +12:00
Aldo Cortesi
dcae79e017 console: various bugs
- Action bar now correctly gets the palette background
- Viewing connection details for a killed flow no longer crashes
- Editing options with selections no longer crashes
2017-05-02 12:56:27 +12:00
Aldo Cortesi
4e39d387d3 commands: options control
Use the new commands to bind the Options view in console.
2017-05-02 12:18:24 +12:00
Aldo Cortesi
9e58c36639 console: globally respected nav commands
Use this to bind nav keys with commands throughout.
2017-05-02 12:18:24 +12:00
Aldo Cortesi
2f52d8b9ad commands: view.setval, view.getval, view.setval.toggle
Use these to bind the last of the key for flowview. Flow views are now 100%
keybound.
2017-05-01 19:52:24 +12:00
Aldo Cortesi
7d56ec9d49 commands: flow.encode, flow.decode, flow.encode.toggle
Use this to bind "z" in flowview.
2017-05-01 18:31:22 +12:00
Aldo Cortesi
1ea4a5a48e keymap: keys can now bind to multiple contexts
Use this to map the majority of the keys in flowview.
2017-05-01 16:52:58 +12:00
Aldo Cortesi
670d1e408b command: flow.set
Use this to replace the flow edit components of flowview entirely.
2017-05-01 14:56:57 +12:00
Aldo Cortesi
685487d33c commands: view.order.options, view.marked.toggle, view.create
And use these commands to remove the last hard-coded keybindings from flow
list. This means the flow list is now 100% command-driven, which is very
exciting.
2017-04-30 22:45:31 +12:00
Aldo Cortesi
a570caccbd commands: view.load
Plus replace the flow list keybinding.
2017-04-30 22:02:29 +12:00
Aldo Cortesi
3cd93567f5 commands: support *args for commands
Use this to simplify meta-commands in console, and to create a console_choose
command that prompts the user for a choice, and then executes a command with
variable substitution.
2017-04-30 21:24:00 +12:00
Aldo Cortesi
bcbe87bb09 Move export to addon, kill Python and Locust export
Also add a "raw" export format.

The Python and Locust exports are hard to maintain, their tests are extremely
brittle, they didn't have full test coverage, and are by my guess very rarely
used. I feel the Locust export should certainly be an externally maintained
addon. The Python/requests export can come back if someone cares enough, and it
can be structured in a way we can maintain.
2017-04-30 17:53:30 +12:00
Aldo Cortesi
befbe88d96 commands: cut.clip copies cuts to system clipboard 2017-04-30 14:42:37 +12:00
Aldo Cortesi
ed62bbad1d Add help text to --commands output 2017-04-30 14:20:21 +12:00
Aldo Cortesi
075d452a6d cut: more flexible cut specification based on attribute paths
Also support certificate types, which are converted to ASCII-encoded PEM format.
2017-04-30 14:05:45 +12:00
Aldo Cortesi
7ffb2c7981 cut: use csv module to encode multi-values for saving
Also add q.text, q.raw_content, s.text, s.raw_content selectors
2017-04-30 11:48:32 +12:00
Aldo Cortesi
4b568f99d6 Introduce cuts: a flow dissector
This PR introduces the cuts addon, a flow dissector that  allows you to select
and operate on specific components of flows. It also adds the first consumer
for cuts - the cuts.save command.

Save the content of the focus to /tmp/foo:

    cuts.save s.content|@focus /tmp/foo

Save the URL and response content-type headers for all flows currently shown to
file, comma-separated, one flow per line:

    cuts.save s.url,q.header[content-type]|@focus /tmp/foo

We also use this to replace the body save shortcut in the console flowlist.
2017-04-29 23:32:31 +12:00
Aldo Cortesi
d439b34511 command: script.run
Plus the flowlist binding adjustments.
2017-04-29 13:24:19 +12:00
Aldo Cortesi
1d5eedcc9c command: flow.revert
Plus matching binding in flowlist.
2017-04-29 11:48:25 +12:00
Aldo Cortesi
f908ea220f commands: "replay.client.file" and "replay.server.file" 2017-04-29 11:34:50 +12:00
Aldo Cortesi
a92017a6c1 Rework client and server replay
- Add client.replay [flows], client.replay.stop
- Add server.replay [flows], server.replay.stop
- The corresponding options for file loading are only read on startup, further
changes are ignored. In interactive contexts, replay is started with the
commands, not through option changes.
- Deprecate flow.replay, use replay.client instead
2017-04-29 11:02:36 +12:00
Aldo Cortesi
7317ea134e command: flow.kill, flow.replay
Plus the matching bindings in the flow list.
2017-04-29 09:58:32 +12:00
Aldo Cortesi
f21a970f29 commands: marking
Add "view.mark [flows] bool" and "view.mark.toggle [flows]". Use this to rebind
marking keys in flowlist.
2017-04-29 09:14:44 +12:00
Aldo Cortesi
217addbf31 commands: view.go
bind G to "view.go -1"
bind g to "view.go 0"
2017-04-29 08:40:38 +12:00
Aldo Cortesi
0b090f7ae1 Commands, core update event
This patch:

- Introduces a core update() event that should be invoked whenever flows are
changed outside of the normal lifecycle.
- Extend view.resolve to know about @all, which matches all flows in the view.
- Add a core flow.resume comand, which resumes flows and broadcasts an update event.
- Define flow list bindings for:

A -> flow.resume @all
a -> flow.resume @focus
d -> view.remove @focus
z -> view.remove @all
2017-04-29 08:01:00 +12:00
Charles d'Hondt
65202f5f1c Added ldapsss vef 2017-04-28 17:00:21 +02:00
Charles d'Hondt
6d3837fd54 fix 2017-04-28 16:44:50 +02:00
Charles d'Hondt
29c1f303d6 Fixed typo 2017-04-28 16:23:32 +02:00
Charles d'Hondt
5fb18ad275 Added LDAP Auth 2017-04-28 16:19:27 +02:00
Aldo Cortesi
6af1a49464 commands: add a command.command decorator
Use this for our built-ins and the console commands.
2017-04-28 15:07:52 +12:00
Aldo Cortesi
7ff84673fd Support unary flow command arguments
Use this to add a console.view.flow command and bind "enter" in flowlist.
2017-04-28 14:05:35 +12:00
Aldo Cortesi
cfae95f5c3 console: start migrating hotkeys to keymap
This shifts a set of flow list keys to keymaps. Much more to come.
2017-04-28 12:10:48 +12:00
Aldo Cortesi
ce01cb9c09 command: partials
Support partial commands in console.command, use it to keybind "i" for
intercept, which prompts the user with ":set intercept=".
2017-04-28 11:24:28 +12:00
Aldo Cortesi
8a07059cf4 commands: add the core command addon, and the command "set"
The set command sets an option using the same syntax as commandline --set.
2017-04-28 10:41:44 +12:00
Aldo Cortesi
be1b76b975 console: add a keymap
This sketches out a keymap system for consone, and adds the first few top-level
commands and mappings.
2017-04-28 10:21:15 +12:00
Aldo Cortesi
18edc11145 console: interactive command browser
Simple browser that lets users view and select commands interactively.
Key binding for this is still to be sorted out.
2017-04-28 07:43:58 +12:00
Aldo Cortesi
fde1159ae3 Test coverage ++ 2017-04-27 18:43:44 +12:00
Aldo Cortesi
97000aa85c command: save.file flowspec path -> None
Our first user-facing command. The following commands do the obvious things:

save.file @marked /tmp/flows
save.file @focus /tmp/flows
save.file @hidden /tmp/flows
save.file "~m get" /tmp/flows
2017-04-27 17:05:00 +12:00
Aldo Cortesi
b7afcb5dc2 addons.streamfile -> addons.save
Options:

    streamfile -> save_stream_file
    streamfile_filter -> save_stream_filter
2017-04-27 15:58:54 +12:00