Commit Graph

267 Commits

Author SHA1 Message Date
Aldo Cortesi
e5776b8be3 Clean up and clarify script API 2014-01-12 13:59:32 +13:00
Aldo Cortesi
58e1b3a47f Start refactoring scripts
- Move ScriptContext into script module
- Use mock module instead of hand-rolled mock objects in tests
2014-01-12 12:49:19 +13:00
Maximilian Hils
ea2f17680b continue work on the proxyhandler 2014-01-07 02:29:10 +01:00
Maximilian Hils
b34ad82b52 first steps on tcp proxying 2014-01-05 01:03:55 +01:00
Aldo Cortesi
7d37e0ce10 Merge pull request #193 from droope/search-functionality
Search functionality
2014-01-04 14:34:20 -08:00
Aldo Cortesi
a2261e3cf0 Introduce file descriptor decorators for Request objects
Which lets us enable the apps again, now running from flow.py
2014-01-05 10:58:53 +13:00
Aldo Cortesi
1e07d9e6e7 Move app mechanism to flow.py
Disable apps while message passing is improved.
2014-01-04 14:35:11 +13:00
root
932464d0a0 test passing, UI still not working 2013-12-24 14:28:20 +13:00
Maximilian Hils
39ffe10334 add content-length 0 if we remove header for chunked encoding, fixes #186 2013-12-12 04:42:29 +01:00
Maximilian Hils
28a234e28b store resolved ip addresses, fixes #187 2013-12-12 02:11:22 +01:00
Maximilian Hils
a509a9037b Merge branch 'master' into 0.10 2013-12-08 14:14:57 +01:00
Aldo Cortesi
3a1d85ab18 Merge pull request #134 from mhils/scripts_improvements
Support multiple scripts and script arguments. refs #76
2013-12-08 01:14:12 -08:00
Aldo Cortesi
7aeaf9d448 Merge pull request #161 from mitmproxy/external_webapp
External webapp
2013-12-08 01:09:46 -08:00
Maximilian Hils
675518f873 add serverconnect script hook 2013-11-18 17:25:52 +01:00
Maximilian Hils
2956c144d3 Merge branch 'master' into 0.10 2013-09-14 23:47:04 +02:00
Aldo Cortesi
a2643b52f9 Tweak timing display
- Remove elapsed time. Space is at a premium here, and this is somewhat
redundant with the rate figure. We should display complete timing information
somewhere in the detailed flow view.
- Tone down the colour. Reserve highlights for stuff that should really pop out
to the user.
- Make rate calculation more acurate. Include header sizes. Use response start
and end time, rather than request end and response end. This means that we show
actual transfer rates, not including DNS requests and so forth.
2013-08-23 10:25:44 +12:00
Maximilian Hils
bb4748fb8f add option to expose webapp externally, remove distinct ip setting 2013-08-18 20:03:53 +02:00
Maximilian Hils
729677cd85 Merge branch 'master' into 0.10 2013-08-17 13:30:36 +02:00
Aldo Cortesi
edb10e33aa Remove GPL notices left in source files after our change to the MIT license.
Thanks to Roy Shamir for reporting this.
2013-08-01 11:08:00 +12:00
Aldo Cortesi
5f0b5532bc Show an error when attempting to decode invalid data. 2013-07-29 18:14:11 +12:00
Aldo Cortesi
5c1157ddaf Move app instantiation out of proxy.py. 2013-07-24 10:32:56 +12:00
Aldo Cortesi
55f7e8d5b9 Don't take minor version into account when checking serialized data compatiblity. 2013-07-13 14:44:09 +12:00
Maximilian Hils
2b4af8d475 add support for multiple scripts and script arguments. refs #76 2013-06-13 16:09:38 +02:00
Michael Bisbjerg
125b3e5e5b - Quick-fix for issue #128
New bug: It correct-cases Content-Length for any webserver sending other casings, like CONTENT-LENGTH.
2013-05-21 15:57:14 +02:00
Aldo Cortesi
9fa09cc1f9 Fix crash in client playback. 2013-05-05 13:18:52 +12:00
Aldo Cortesi
5cd7563d12 Minor coverage. 2013-04-30 09:13:33 +12:00
Aldo Cortesi
61c794e08f Merge pull request #107 from rouli/master
Adding remote TCP and SSL setup timestamps
2013-04-19 17:19:26 -07:00
Aldo Cortesi
e3fd0e838d Add a basic built-in web app. 2013-03-25 09:20:26 +13:00
Rouli
c6bf28f3f7 adding tcp and ssl setup timestamps to get better resolution on flows performance 2013-03-19 18:21:52 +02:00
Rouli
c94aadcb0e Merge remote-tracking branch 'upstream/master' 2013-03-18 14:24:13 +02:00
Aldo Cortesi
6614498744 Update styling, GameCenter highscore tutorial. 2013-03-18 08:36:56 +13:00
Aldo Cortesi
0e993bec6f Add the --host option, which uses the value in the Host header for dispaly URLs.
- Can be toggled with "o" then "h" in mitmproxy
- Useful for transparent mode
2013-03-17 17:37:54 +13:00
Aldo Cortesi
cfb5ba89ce Introduce a filtered flow writer, and use it in dump.py
Fixes #104
2013-03-14 09:19:43 +13:00
Aldo Cortesi
7835e0c2c7 Begin some simple fuzzing with pathod.
Finally doing what I started writing pathod for in the first place...
2013-03-03 14:56:56 +13:00
Rouli
b6cae7cd2d Merge remote-tracking branch 'upstream/master' 2013-02-28 13:28:57 +02:00
Rouli
35f36481b9 adding __str__ to make export to har nicer 2013-02-28 13:28:42 +02:00
Aldo Cortesi
7800b7c910 Refactor proxy core communications to be clearer. 2013-02-23 14:10:27 +13:00
Aldo Cortesi
aaf892e3af Significantly refactor the master/slave message passing interface. 2013-02-17 12:42:48 +13:00
Rouli
330fbfe8cc adding helper functions to make HAR export easier 2013-01-28 17:37:25 +02:00
Aldo Cortesi
6600c589ab Rudimentary testing for client certs. 2013-01-18 17:08:30 +13:00
Rouli
446f9f0a0f Merge remote-tracking branch 'upstream/master' 2013-01-17 17:33:29 +02:00
Rouli
20fa6a3083 changing requests and responses to have two timestamps, one marking their initiation, and the other their complete 2013-01-17 17:32:56 +02:00
Aldo Cortesi
9cfc785cd3 Unit test love - 100% for flow.py, dump.py 2013-01-05 21:56:33 +13:00
Aldo Cortesi
d115b5ae70 Expand Flow.match to accept either a string or a compiled filter expression. 2012-09-14 09:41:01 +12:00
Aldo Cortesi
b7d89f6919 Don't run replace or header hooks on error. 2012-09-02 12:57:49 +12:00
Aldo Cortesi
a77ccc406d Getter and setter for path component on Requests. 2012-08-19 13:03:21 +12:00
Aldo Cortesi
3e96015e61 Add SetHeaders, analogous to ReplaceHooks, with a graphical editor in mitmproxy (H shortcut).
SetHeaders defines headers that are set on flows, based on a matching pattern.
Existing headers are over-ridden.
2012-08-18 23:41:04 +12:00
Aldo Cortesi
53e453f72e Use the new ODict get_first convenience function in a bunch of places. 2012-08-18 18:14:30 +12:00
Aldo Cortesi
1bfe847a84 Stop server playback after current playback buffer is exhausted. 2012-08-18 00:23:41 +12:00
Aldo Cortesi
32ad26f8bf Add a size() method to flow.Request and flow.Response. 2012-08-04 13:18:05 +12:00
Aldo Cortesi
31a092f6b4 Minor refactoring. Make stop_stream also close the associated file descriptor. 2012-07-27 00:19:18 +12:00
Aldo Cortesi
b4e9e55c34 Be more tolerant of corrupted or truncated flows.
We load as far as possible. mitmproxy will only terminate if it was not able to
recover any flows. mitmdump will stop loading as soon as an error is
encountered, but not exit with an error.
2012-07-24 15:15:41 +12:00
Aldo Cortesi
01b8b0d876 Refine semantics of replay_request method. 2012-07-10 23:29:33 +12:00
Aldo Cortesi
aab45078ad Unit test request replay thread.
This is a small patch, but is the culmination of lots of work: we can now unit
test the deep innards of mitmproxy, with coverage. There's a lot more to come
in this vein.
2012-07-09 11:03:55 +12:00
Aldo Cortesi
572e8a4962 Add streaming to FlowMaster 2012-07-09 10:18:37 +12:00
Aldo Cortesi
aa708a2d28 Fix error when serializing reverted SSL flows. 2012-07-05 11:52:56 +12:00
Aldo Cortesi
4acc9aca27 Firm up handling of Unicode data
- Modify GridEditor to know about the destination encoding of data
- Ensure that get_url always returns ASCII
2012-07-05 11:27:40 +12:00
Aldo Cortesi
9c30e2e86d Correct handing of IDNA encoding of internationalized domain names.
- Use IDNA encoding for hostnames gleaned by upstream-cert sniffing
- Use IDNA decoding for URL display in mitmproxy and mitmdump.
2012-07-03 22:27:16 +12:00
Aldo Cortesi
35fdd16940 Serialize address as part of ClientConnect objects.
This is a serialization format change!
2012-07-01 00:16:30 +12:00
Aldo Cortesi
d74a341e5d Beef up logging substantially. 2012-07-01 00:15:03 +12:00
Aldo Cortesi
47651b1ff2 Serialization and de-serialization of new cert format. 2012-06-28 14:29:15 +12:00
Aldo Cortesi
243e0efefc Adjust for new get_remote_cert API. 2012-06-28 10:02:14 +12:00
Aldo Cortesi
35ee0c098f Remove certutils from mitmproxy. 2012-06-27 16:43:33 +12:00
Aldo Cortesi
874649f134 Adapt for API changes in netlib. 2012-06-23 14:06:34 +12:00
Aldo Cortesi
1b1ccab8b7 Extract protocol and tcp server implementations into netlib. 2012-06-19 09:58:50 +12:00
Aldo Cortesi
7b9756f48e Refactor protocol.py to remove dependence on flow and utils. 2012-06-17 10:52:39 +12:00
Aldo Cortesi
c7952371b7 Fix a problem in ODictCaseless that could cause duplicate headers. 2012-06-15 17:40:08 +12:00
Aldo Cortesi
d032504b17 Fix an exception when replaying a flow with no response. 2012-06-10 17:10:43 +12:00
Aldo Cortesi
236447c65f Pass server HTTP version back to clients. 2012-06-10 13:29:09 +12:00
Aldo Cortesi
6ba5f0f35b Add HTTP version to response objects.
Another change in the serialization format.
2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9 Refactoring of proxy.py
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
2012-06-10 13:17:18 +12:00
Aldo Cortesi
55ddf853cd Add HTTP version to flow.Request
This is a serialization format change, that makes us incompatible with previous
versions.
2012-06-10 10:46:22 +12:00
Aldo Cortesi
b7b357528c Port mitmproxy test suite entirely to nose. 2012-06-09 13:42:43 +12:00
Aldo Cortesi
ee2950cd19 Fix a crashing bug when replacing text in a flow with unicode bodies. 2012-05-25 18:10:31 -07:00
Aldo Cortesi
0a90a3eaba Refuse to replay a request with missing content. 2012-05-16 18:24:32 +12:00
Aldo Cortesi
0c2d894cea Add the ability to flag content as missing in a request or a response.
We'll use this in a number of situations. First, we'll soon have response
streaming that directly pipes responses to clients. These will be content-less
from mitmproxy's perspective. Second, we'll be growing new events that fire
after headers are received, but before content is read.
2012-05-16 15:42:58 +12:00
Aldo Cortesi
2fe54d17df Don't specify Content-Length on empty content.
Sometimes, mitmproxy would specify a content-length header value of 0 when
content was empty. Some rare servers (like piratebay.org) would barf on this.
2012-04-25 14:38:20 +12:00
Aldo Cortesi
c8d2b2594b Add a WSGI adapter that lets us serve a WSGI app out of mitmproxy.
This commit adds:
    - A WSGI App adapter for mitmproxy
    - An app registry in the proxy instance that lets us link WSGI apps with
    (hostname, port) combinations.
    - Fixes for a number of bugs discovered while creating this feature.
2012-04-24 14:52:29 +12:00
Aldo Cortesi
8c96264304 Serialized data version check. 2012-04-11 10:10:53 +12:00
Aldo Cortesi
79a0334a02 Improve revert model
- Flows are backed up whenever an interactive, non-script change is made.
- That backup is canonical and never changed - "V" will always revert to it.

This makes more sense than what we had previously....
2012-04-04 09:47:57 +12:00
Aldo Cortesi
ab0e10e60f Serialize requestcount for ClientConnect objects. 2012-04-03 22:37:24 +12:00
Aldo Cortesi
4979a22d3e Add accessor method for SSLCert object on Response. 2012-04-02 17:02:23 +12:00
Aldo Cortesi
ab1d8fa350 Expand SSL cert support
- Capture the remote SSL certificate
- Expose the remote cert as an attribute on Response
- Expand the certutils.SSLCert interface to expose more cert info
2012-04-02 16:21:23 +12:00
Aldo Cortesi
62e51018d0 Refactor pretty view mechanism.
Also start adding unit tests for this subsystem.
2012-03-24 14:20:24 +13:00
Aldo Cortesi
ed74ed24a0 Add error indications to GridEditor. 2012-03-23 13:28:33 +13:00
Aldo Cortesi
5690e7c399 Generalize GridEditor to N columns.
Start adding a replacement rule editor.
2012-03-18 14:39:21 +13:00
Aldo Cortesi
c8ae1e85b3 Hooks -> ReplaceHooks
It makes more sense to specialize this, which will let me build a nicer
interface for replacement hooks in mitmproxy.
2012-03-17 11:31:05 +13:00
Aldo Cortesi
08f410cacc Add a hooks mechanism, based on filter expressions. 2012-03-16 17:13:11 +13:00
Aldo Cortesi
d138af7217 replace() methods now decode and re-encode contents before substitution. 2012-03-16 11:24:18 +13:00
Aldo Cortesi
d51b8cab0c Add a decoded context manager.
This simplifies a common chore when modifying traffic - decoding the object,
modifying it, then re-encoding it with the same encoding afterwards. You can
now simply say:

with flow.decoded(request):
    request.content = "bar"
2012-03-16 11:12:56 +13:00
Aldo Cortesi
8d662e6636 Set a "unique" serial number for each generated cert. 2012-03-14 11:20:25 +13:00
Valtteri Virtanen
ed56d67cea Adds no-pop option to server-side replay 2012-03-05 11:05:11 +02:00
Aldo Cortesi
986a41d180 Unit test++. 2012-02-25 12:19:54 +13:00
Aldo Cortesi
25fa596cd6 Fix detection of URL-encoded forms.
Thanks to Paul Capestany <capestany@gmail.com> for reporting this.
2012-02-24 13:03:24 +13:00
Aldo Cortesi
2df9c52c09 Refactor filter matching. 2012-02-23 17:03:58 +13:00
Aldo Cortesi
554047da85 License notifications, minor docs. 2012-02-23 15:52:01 +13:00
Aldo Cortesi
4f38b3a9c0 Documentation and screenshots. 2012-02-22 17:17:13 +13:00
Aldo Cortesi
a4270efaf2 Always return an ODict from get_query 2012-02-21 13:00:45 +13:00
Aldo Cortesi
dbd75e02f7 Create ODictCaseless for headers, use vanilla ODict for everything else. 2012-02-20 11:29:36 +13:00
Aldo Cortesi
18029df99c Use ODict for request.get_form_urlencoded and set_form_urlencoded 2012-02-20 11:13:35 +13:00