diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2013-01-03 08:25:24 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2013-01-03 08:25:24 +1300 |
| commit | 101f92b2566adea605b9db69dba29e575414cbba (patch) | |
| tree | eafcfac61972f7a18c069d098accc4ce2cf1cfea /doc-src/features/sticky.html | |
| parent | f578d68e555ff202a51b9f8672e540a964e31fed (diff) | |
| download | mitmproxy-101f92b2566adea605b9db69dba29e575414cbba.tar.gz mitmproxy-101f92b2566adea605b9db69dba29e575414cbba.tar.bz2 mitmproxy-101f92b2566adea605b9db69dba29e575414cbba.zip | |
Docs: move features into their own directory
Diffstat (limited to 'doc-src/features/sticky.html')
| -rw-r--r-- | doc-src/features/sticky.html | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/doc-src/features/sticky.html b/doc-src/features/sticky.html new file mode 100644 index 00000000..1b79f922 --- /dev/null +++ b/doc-src/features/sticky.html @@ -0,0 +1,62 @@ + +## Sticky cookies + +When the sticky cookie option is set, __mitmproxy__ will add the cookie most +recently set by the server to any cookie-less request. Consider a service that +sets a cookie to track the session after authentication. Using sticky cookies, +you can fire up mitmproxy, and authenticate to a service as you usually would +using a browser. After authentication, you can request authenticated resources +through mitmproxy as if they were unauthenticated, because mitmproxy will +automatically add the session tracking cookie to requests. Among other things, +this lets you script interactions with authenticated resources (using tools +like wget or curl) without having to worry about authentication. + +Sticky cookies are especially powerful when used in conjunction with [client +replay](@!urlTo("clientreplay.html")!@) - you can record the authentication +process once, and simply replay it on startup every time you need to interact +with the secured resources. + +<table class="table"> + <tbody> + <tr> + <th width="20%">command-line</th> + <td> + <ul> + <li>-t (sticky cookies on all requests)</li> + <li>-T FILTER (sticky cookies on requests matching filter</li> + </ul> + </td> + </tr> + <tr> + <th>mitmproxy shortcut</th> <td><b>t</b></td> + </tr> + </tbody> +</table> + + +## Sticky auth + +The sticky auth option is analogous to the sticky cookie option, in that HTTP +__Authorization__ headers are simply replayed to the server once they have been +seen. This is enough to allow you to access a server resource using HTTP Basic +authentication through the proxy. Note that __mitmproxy__ doesn't (yet) support +replay of HTTP Digest authentication. + +<table class="table"> + <tbody> + <tr> + <th width="20%">command-line</th> + <td> + <ul> + <li>-u (sticky auth on all requests)</li> + <li>-U FILTER (sticky auth on requests matching filter</li> + </ul> + </td> + </tr> + <tr> + <th>mitmproxy shortcut</th> <td><b>u</b></td> + </tr> + </tbody> +</table> + + |