In reverse proxy mode, mitmproxy accepts standard HTTP requests and forwards
them to the specified upstream server. This is in contrast to
upstream proxy mode, in which
mitmproxy forwards HTTP proxy requests to an upstream proxy server.
command-line | -R scheme://hostname[:port] |
Here, **scheme** signifies if the proxy should use TLS to connect to the server.
mitmproxy accepts both encrypted and unencrypted requests and transforms them to what the server
expects.
mitmdump -R https://httpbin.org -p 80
mitmdump -R https://httpbin.org -p 443
### Host Header
In reverse proxy mode, mitmproxy does not rewrite the host header. While often useful, this
may lead to issues with public web servers. For example, consider the following scenario:
$ python mitmdump -d -R http://example.com/ &
$ curl http://localhost:8080/
>> GET https://example.com/
Host: localhost:8080
User-Agent: curl/7.35.0
[...]
<< 404 Not Found 345B
Since the Host header doesn't match example.com, an error is returned.
There are two ways to solve this:
- Modify the hosts file of your OS so that example.com resolves to 127.0.0.1.
-
Instruct mitmproxy to rewrite the host header by passing ‑‑setheader :~q:Host:example.com.
However, keep in mind that absolute URLs within the returned document or HTTP redirects will cause the client application
to bypass the proxy.