In reverse proxy mode, mitmproxy accepts standard HTTP requests and forwards them to the specified upstream server. This is in contrast to upstream proxy mode, in which mitmproxy forwards HTTP proxy requests to an upstream proxy server.
command-line -R scheme://hostname[:port]
Here, **scheme** signifies if the proxy should use TLS to connect to the server. mitmproxy accepts both encrypted and unencrypted requests and transforms them to what the server expects. mitmdump -R https://httpbin.org -p 80 mitmdump -R https://httpbin.org -p 443 ### Host Header In reverse proxy mode, mitmproxy does not rewrite the host header. While often useful, this may lead to issues with public web servers. For example, consider the following scenario: $ python mitmdump -d -R http://example.com/ & $ curl http://localhost:8080/ >> GET https://example.com/ Host: localhost:8080 User-Agent: curl/7.35.0 [...] << 404 Not Found 345B Since the Host header doesn't match example.com, an error is returned.
There are two ways to solve this:
  1. Modify the hosts file of your OS so that example.com resolves to 127.0.0.1.
  2. Instruct mitmproxy to rewrite the host header by passing ‑‑setheader :~q:Host:example.com. However, keep in mind that absolute URLs within the returned document or HTTP redirects will cause the client application to bypass the proxy.