mitmproxy/pathod/templates/docs_pathod.html

{% extends "docframe.html" %} {% block body %}
<div class="page-header">
    <h1>
        pathod
        <small>A pathological web daemon.</small>
    </h1>
</div>

<p>
    Pathod is a pathological HTTP daemon designed to let you craft almost any conceivable
    HTTP response, including ones that creatively violate the standards. HTTP responses
    are specified using a
    <a href="/docs/language">small, terse language</a>, which pathod shares with
    its evil twin <a href="/docs/pathoc">pathoc</a>.
</p>

<section>
    <div class="page-header">
        <h1>Getting started</h1>
    </div>

    <p>To start playing with pathod, simply fire up the daemon:</p>

    <pre class="terminal">./pathod</pre>

    <p>
        By default, the service listens on port 9999 of localhost. Pathod's documentation
        is self-hosting, and the pathod daemon exposes an interface that lets you
        play with the specifciation language, preview what responses and requests
        would look like on the wire, and view internal logs. To access all of this,
        just fire up your browser, and point it to the following URL:
    </p>

    <pre class="example">http://localhost:9999</pre>

    <p>
        The default crafting anchor point is the path <b>/p/</b>. Anything after
        this URL prefix is treated as a response specifier. So, hitting the following
        URL will generate an HTTP 200 response with 100 bytes of random data:
    </p>

    <pre class="example">http://localhost:9999/p/200:b@100</pre>

    <p>
        See the <a href="/docs/language">language documentation</a> to get (much)
        fancier. The pathod daemon also takes a range of configuration options. To
        view those, use the command-line help:
    </p>

    <pre class="terminal">./pathod --help</pre>

</section>

<section>
    <div class="page-header">
        <h1>Acting as a proxy</h1>
    </div>

    <p>
        Pathod automatically responds to both straight HTTP and proxy requests. For proxy
        requests, the upstream host is ignored, and the path portion of the URL is
        used to match anchors. This lets you test software that supports a proxy
        configuration by spoofing responses from upstream servers.
    </p>

    <p>
        By default, we treat all proxy CONNECT requests as HTTPS traffic, serving the response
        using either pathod's built-in certificates, or the cert/key pair specified
        by the user. You can over-ride this behaviour if you're testing a client
        that makes a non-SSL CONNECT request using the -C command-line option.
    </p>
</section>


<section>
    <div class="page-header">
        <h1>Anchors</h1>
    </div>

    <p>
        Anchors provide an alternative to specifying the response in the URL. Instead, you
        attach a response to a pre-configured anchor point, specified with a regex.
        When a URL matching the regex is requested, the specified response is served.
    </p>

    <pre class="terminal">./pathod -a "/foo=200"</pre>

    <p>
        Here, "/foo" is the regex specifying the anchor path, and the part after the "="
        is a response specifier.
    </p>
</section>


<section>
    <div class="page-header">
        <h1>File Access</h1>
    </div>

    <p>
        There are two operators in the <a href="/docs/language">language</a> that
        load contents from file - the <b>+</b> operator to load an entire request
        specification from file, and the <b>&gt;</b> value specifier. In pathod,
        both of these operators are restricted to a directory specified at startup,
        or disabled if no directory is specified:</p>
    <pre class="terminal">./pathod -d ~/staticdir"</pre>
</section>


<section>
    <div class="page-header">
        <h1>Internal Error Responses</h1>
    </div>

    <p>
        Pathod uses the non-standard 800 response code to indicate internal errors, to distinguish
        them from crafted responses. For example, a request to:
    </p>

    <pre class="example">http://localhost:9999/p/foo</pre>

    <p>
        ... will return an 800 response because "foo" is not a valid page specifier.
    </p>
</section>


<section>
    <div class="page-header">
        <h1>API</h1>
    </div>

    <p>
        pathod exposes a simple API, intended to make it possible to drive and inspect the
        daemon remotely for use in unit testing and the like.
    </p>

    <table class="table table-bordered">
        <tbody>
            <tr>
                <td>
                    /api/clear_log
                </td>
                <td>
                    A POST to this URL clears the log buffer.
                </td>
            </tr>
            <tr>
                <td>
                    /api/info
                </td>
                <td>
                    Basic version and configuration info.
                </td>
            </tr>
            <tr>
                <td>
                    /api/log
                </td>
                <td>
                    Returns the current log buffer. At the moment the buffer size is 500 entries - when
                    the log grows larger than this, older entries are discarded.
                    The returned data is a JSON dictionary, with the form:

                    <pre>{ 'log': [ ENTRIES ] } </pre> You can preview the JSON data
                    returned for a log entry through the built-in web interface.
                </td>
            </tr>
        </tbody>
    </table>
</section>
{% endblock %}