Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-21 22:58:24 +00:00
Code Issues Projects Releases Wiki Activity
9,687 Commits 1 Branch 67 Tags 50 MiB
Python 83.2%
TypeScript 10.2%
JavaScript 5.1%
Less 0.7%
HTML 0.4%
Other 0.3%
b06fb6d157
Go to file
Maximilian Hils b06fb6d157 security: reject whitespace in HTTP/1 header names 
This commit fixes GHSA-gcx2-gvj7-pxv3 by making mitmproxy
reject header names that contain whitespace characters by default.
A new `validate_inbound_headers` option is provided to turn this behavior
off at the expense of allowing HTTP smuggling vulnerabilities.
2022-03-19 17:20:32 +01:00
.github CI: use python 3.10 (#5195) 2022-03-19 15:37:11 +01:00
docs fix compatibility with Python <3.10 2022-03-15 19:50:06 +01:00
examples an ntlm upstream addon for http \ https (#5100) 2022-03-15 20:44:09 +00:00
mitmproxy security: reject whitespace in HTTP/1 header names 2022-03-19 17:20:32 +01:00
release docker: use Python 3.10 2022-03-19 15:38:30 +01:00
test security: reject whitespace in HTTP/1 header names 2022-03-19 17:20:32 +01:00
web web: display WS/WSS as method 2022-03-19 14:44:02 +01:00
.gitattributes test dumpfiles: .bin -> .mitm 2021-02-03 19:27:15 +01:00
.gitignore minor sans-io adjustments 2020-04-05 00:51:36 +02:00
CHANGELOG.md Fixed encoding guessing: only search for meta tags in HTML bodies (#4566) 2022-03-17 14:25:26 +00:00
codecov.yml fix codecov report threshold (#4534) 2021-03-30 09:15:12 +00:00
CONTRIBUTING.md StackOverflow -> GitHub Discussions (part 2) 2021-11-16 11:02:57 +01:00
LICENSE GPLv3 -> MIT 2013-03-18 08:37:42 +13:00
MANIFEST.in remove pathod and pathoc 2020-12-13 20:21:11 +01:00
README.md StackOverflow -> GitHub Discussions 2021-11-16 10:26:38 +01:00
SECURITY.md Create SECURITY.md 2021-09-13 16:34:33 +02:00
setup.cfg fix vt code detection on Windows 2022-03-19 17:20:32 +01:00
setup.py vendor click.style instead of depending on click (#5188) 2022-03-16 17:02:53 +00:00
tox.ini [requires.io] dependency update on main branch (#5189) 2022-03-16 17:16:40 +01:00

README.md

mitmproxy

Continuous Integration Status Coverage Status Latest Version Supported Python versions

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.

mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.

mitmweb is a web-based interface for mitmproxy.

Installation

The installation instructions are here. If you want to install from source, see CONTRIBUTING.md.

Documentation & Help

General information, tutorials, and precompiled binaries can be found on the mitmproxy website.

mitmproxy.org

The documentation for mitmproxy is available on our website:

mitmproxy documentation stable mitmproxy documentation dev

If you have questions on how to use mitmproxy, please use GitHub Discussions!

mitmproxy discussions

Contributing

As an open source project, mitmproxy welcomes contributions of all forms.

Dev Guide

Also, please feel free to join our developer Slack!

Slack Developer Chat