diff options
29 files changed, 209 insertions, 1577 deletions
diff --git a/.appveyor.yml b/.appveyor.yml index 3ef985be..6891f1b3 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -79,6 +79,7 @@ deploy_script: ($Env:TOXENV -match "py35") -and (($Env:APPVEYOR_REPO_BRANCH -In ("master", "pyinstaller")) -or ($Env:APPVEYOR_REPO_TAG -match "true")) ) { + tox -e rtool -- decrypt release\known_hosts.enc release\known_hosts tox -e rtool -- upload-snapshot --bdist --wheel --installer } diff --git a/.travis.yml b/.travis.yml index a29d0c75..b7504097 100644 --- a/.travis.yml +++ b/.travis.yml @@ -73,6 +73,7 @@ after_success: - | if [[ $BDIST == "1" && $TRAVIS_PULL_REQUEST == "false" && ($TRAVIS_BRANCH == "pyinstaller" || $TRAVIS_BRANCH == "master" || -n $TRAVIS_TAG) ]] then + tox -e rtool -- decrypt release/known_hosts.enc release/known_hosts tox -e rtool -- upload-snapshot --bdist fi diff --git a/docs/features/passthrough.rst b/docs/features/passthrough.rst index dbaf3506..91fcb9b6 100644 --- a/docs/features/passthrough.rst +++ b/docs/features/passthrough.rst @@ -38,7 +38,7 @@ There are two important quirks to consider: - **In transparent mode, the ignore pattern is matched against the IP and ClientHello SNI host.** While we usually infer the hostname from the Host header if the ``--host`` argument is passed to mitmproxy, we do not have access to this information before the SSL handshake. If the client uses SNI however, then we treat the SNI host as an ignore target. -- **In regular mode, explicit HTTP requests are never ignored.** [#explicithttp]_ The ignore pattern is +- **In regular and upstream proxy mode, explicit HTTP requests are never ignored.** [#explicithttp]_ The ignore pattern is applied on CONNECT requests, which initiate HTTPS or clear-text WebSocket connections. Tutorial diff --git a/mitmproxy/addons/onboardingapp/static/images/favicon.ico b/mitmproxy/addons/onboardingapp/static/images/favicon.ico Binary files differnew file mode 100644 index 00000000..3c3b891c --- /dev/null +++ b/mitmproxy/addons/onboardingapp/static/images/favicon.ico diff --git a/mitmproxy/addons/onboardingapp/static/images/mitmproxy-long.png b/mitmproxy/addons/onboardingapp/static/images/mitmproxy-long.png Binary files differnew file mode 100644 index 00000000..f9397d1e --- /dev/null +++ b/mitmproxy/addons/onboardingapp/static/images/mitmproxy-long.png diff --git a/mitmproxy/addons/onboardingapp/static/mitmproxy.css b/mitmproxy/addons/onboardingapp/static/mitmproxy.css index b390976a..969bd62b 100644 --- a/mitmproxy/addons/onboardingapp/static/mitmproxy.css +++ b/mitmproxy/addons/onboardingapp/static/mitmproxy.css @@ -1,8 +1,6 @@ - #certbank div { text-align: center; - - + padding-top: 20px; } .fronttable { @@ -40,7 +38,6 @@ section { .masthead { padding: 50px 0 60px; text-align: center; - } .header { diff --git a/mitmproxy/addons/onboardingapp/templates/index.html b/mitmproxy/addons/onboardingapp/templates/index.html index fc6213ea..38aa27ed 100644 --- a/mitmproxy/addons/onboardingapp/templates/index.html +++ b/mitmproxy/addons/onboardingapp/templates/index.html @@ -4,59 +4,135 @@ <script> function changeTo(device) { if (device == "apple") { - var text = `<h3>Apple: How to install on macOS / OSX</h3> - <ul> - <li>Double-click the PEM file</li> - <li>The "Keychain Access" applications opens</li> - <li>Find the new certificate "mitmproxy" in the list</li> - <li>Double-click the "mitmproxy" entry</li> - <li>A dialog window openes up</li> - <li>Change "Secure Socket Layer (SSL)" to "Always Trust"</li> - <li>Close the dialog window (and enter your password if prompted)</li> - <li>For iOS version 10.3 or up, you need to make sure mitmproxy is enabled in<br> - Certificate Trust Settings, you can check it by going to<br> - Settings > General > About > Certificate Trust Settings</li> - <li>Done!</li> - </ul>`; + var text = `<div class = "container"> + <div> + <div class="col-md-4"> + <h3 class="text-center">How to install on macOS</h3> + <ul class="left"> + <li>Double-click the PEM file</li> + <li>The "Keychain Access" applications opens</li> + <li>Find the new certificate "mitmproxy" in the list</li> + <li>Double-click the "mitmproxy" entry</li> + <li>A dialog window openes up</li> + <li>Change "Secure Socket Layer (SSL)" to "Always Trust"</li> + <li>Close the dialog window (and enter your password if prompted)</li> + <li>Done!</li> + </ul> + </div> + <div class="col-md-4"> + <h3 class="text-center">How to install on browsers</h3> + <ul> + <li>Safari on macOS uses the macOS keychain. So installing our CA in the system is enough.</li> + <li>Chrome on macOS uses the macOS keychain. So installing our CA in the system is enough.</li> + <li>Firefox on macOS has its own CA store and needs to be installed with Firefox-specific instructions that can be found <a href="https://wiki.mozilla.org/MozillaRootCertificate#Mozilla_Firefox">HERE</a> .</li> + </ul> + </div> + <div class="col-md-4"> + <h3 class="text-center">How to install on iOS v10.3</h3> + <ul> + <li>After certificate installation, open Settings</li> + <li>Navigate to General and then About</li> + <li>Select Certificate Trust Settings</li> + <li>Each root that has been installed via a profile will be listed below the heading Enable Full Trust For Root Certificates. Toggle mitmproxy on</li> + <li>Done!</li> + </div> + </div> + </div>`; } else if (device == "windows") { - var text = `<h3>Windows: How to install on Windows</h3> - <ul> - <li>Double-click the P12 file</li> - <li>Select Store Location for Current User and click Next</li> - <li>Click Next</li> - <li>Leave the Password column blank and click Next</li> - <li>Select Place all certificates in the following store</li> - <li>Click Browse and select Trusted Root Certification Authorities</li> - <li>Click Next and then click Finish</li> - <li>Click Yes if prompted for confirmation</li> - <li>Done!</li> - </ul>`; + var text = `<div class = "container"> + <div class="row"> + <div class="col-md-4"> + <h3 class="text-center">How to install on Windows</h3> + <ul> + <li>Double-click the P12 file</li> + <li>Select Store Location for Current User and click Next</li> + <li>Click Next</li> + <li>Leave the Password column blank and click Next</li> + <li>Select Place all certificates in the following store</li> + <li>Click Browse and select Trusted Root Certification Authorities</li> + <li>Click Next and then click Finish</li> + <li>Click Yes if prompted for confirmation</li> + <li>Done!</li> + </ul> + </div> + <div class="col-md-4"> + <h3 class="text-center">How to install on browsers</h3> + <ul> + <li>Edge and IE use the Windows CA store. So installing our CA in the system is enough.</li> + <li>Chrome on Windows uses the Windows CA store. So installing our CA in the system is enough.</li> + <li>Firefox on Windows has its own CA store and needs to be installed with Firefox-specific instructions that can be found <a href="https://wiki.mozilla.org/MozillaRootCertificate#Mozilla_Firefox">HERE</a> .</li> + </ul> + </div> + <div class="col-md-4"> + <h3 class="text-center">How to install on Windows (Automated)</h3> + <ul> + <li> >>> certutil.exe -importpfx Root mitmproxy-ca-cert.p12 </li> + <li> To know more click <a href="https://technet.microsoft.com/en-us/library/cc732443.aspx">HERE</a> </li> + </ul> + </div> + </div> + </div>`; } else if (device == "android") { - var text = `<h3>Android: How to install on Android</h3> - <ul> - <li>Open your device's Settings app</li> - <li>Under "Credential storage," tap Install from storage</li> - <li>Under "Open from," tap where you saved the certificate</li> - <li>Tap the file</li> - <li>If prompted, enter the key store password and tap OK</li> - <li>Type a name for the certificate</li> - <li>Pick VPN and apps</li> - <li>Tap OK</li> - <li>Done!</li> - </ul>`; + var text = `<div class = "container"> + <div class="row"> + <div class="col-md-4"> + <h3 class="text-center">How to install on Android</h3> + <ul> + <li>Open your device's Settings app</li> + <li>Under "Credential storage," tap Install from storage</li> + <li>Under "Open from," tap where you saved the certificate</li> + <li>Tap the file</li> + <li>If prompted, enter the key store password and tap OK</li> + <li>Type a name for the certificate</li> + <li>Pick VPN and apps</li> + <li>Tap OK</li> + <li>Done!</li> + </ul> + </div> + </div> + </div>`; } else if (device == "asterisk") { - var text = ""; + var text = `<div class = "container"> + <div class="row"> + <div class="col-md-4"> + <h3 class="text-center">How to install on Chrome on Debian/Ubuntu</h3> + <ul> + <li>Using Chrome, hit a page on your server via HTTPS and continue past the red warning page (assuming you haven't done this already)</li> + <li>Open up Chrome Settings > Show advanced settings > HTTPS/SSL > Manage Certificates</li> + <li>Click the Authorities tab and scroll down to find your certificate under the Organization Name that you gave to the certificate</li> + <li>Select it, click Edit (NOTE: in recent versions of Chrome, the button is now "Advanced" instead of "Edit"), check all the boxes and click OK. You may have to restart Chrome</li> + </ul> + </div> + <div class="col-md-4"> + <h3 class="text-center">How to install on Chrome on Linux</h3> + <ul> + <li>Open Developer Tools > Security, and select View certificate</li> + <li>Click the Details tab > Export. Choose PKCS #7, single certificate as the file format</li> + <li>Then follow my original instructions to get to the Manage Certificates page. Click the Authorities tab > Import and choose the file to which you exported the certificate, and make sure to choose PKCS #7, single certificate as the file type</li> + <li>If prompted certification store, choose Trusted Root Certificate Authorities</li> + <li>Check all boxes and click OK. Restart Chrome</li> + </ul> + </div> + <div class="col-md-4"> + <h3 class="text-center">How to install on Ubuntu (Manually)</h3> + <ul> + <li>Create a directory for extra CA certificates in /usr/share/ca-certificates: <div class="text-muted">$ sudo mkdir /usr/share/ca-certificates/extra<div></li> + <li>Copy the CA mitmproxy.crt file to this directory: <div class="text-muted">$ sudo cp mitmproxy.crt /usr/share/ca-certificates/extra/mitmproxy.crt<div></li> + <li>Let Ubuntu add the mitmproxy.crt file's path relative to /usr/share/ca-certificates to /etc/ca-certificates.conf: <div class="text-muted">$ sudo dpkg-reconfigure ca-certificates</div></li> + <li>In case of a .pem file on Ubuntu, it must first be converted to a .crt file: <div class="text-muted">$ openssl x509 -in foo.pem -inform PEM -out foo.crt</div></li> + </ul> + </div> + </div> + </div>`; } document.getElementById("dynamic").innerHTML = text; } </script> -<center> -<h2> Click to install your mitmproxy certificate: </h2> -</center> +<h2 class="text-center"> Click to install your mitmproxy certificate </h2> <div id="certbank" class="row"> <div class="col-md-3"> <a onclick="changeTo('apple')" href="/cert/pem"><i class="fa fa-apple fa-5x"></i></a> diff --git a/mitmproxy/addons/onboardingapp/templates/layout.html b/mitmproxy/addons/onboardingapp/templates/layout.html index 8726a788..f6e1b286 100644 --- a/mitmproxy/addons/onboardingapp/templates/layout.html +++ b/mitmproxy/addons/onboardingapp/templates/layout.html @@ -12,20 +12,23 @@ <link href="/static/bootstrap.min.css" rel="stylesheet"> <link href="/static/mitmproxy.css" rel="stylesheet"> <link href="/static/fontawesome/css/font-awesome.min.css" rel="stylesheet"> + <link rel="icon" href="/static/images/favicon.ico" type="image/x-icon"/> </head> <body> <div class="navbar navbar-default" role="navigation"> <div class="container"> <div class="navbar-header"> - <a class="navbar-brand" href="#">mitmproxy</a> + <a class="navbar-brand" href="#"> + <img height="20px" src="static/images/mitmproxy-long.png"/> + </a> </div> </div> </div> <div class="container"> - {% block content %} - {% end %} + {% block content %} + {% end %} </div> </body> diff --git a/mitmproxy/contrib/wsproto/__init__.py b/mitmproxy/contrib/wsproto/__init__.py deleted file mode 100644 index d0592bc5..00000000 --- a/mitmproxy/contrib/wsproto/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -from . import compat -from . import connection -from . import events -from . import extensions -from . import frame_protocol - -__all__ = [ - 'compat', - 'connection', - 'events', - 'extensions', - 'frame_protocol', -] diff --git a/mitmproxy/contrib/wsproto/compat.py b/mitmproxy/contrib/wsproto/compat.py deleted file mode 100644 index 1911f83c..00000000 --- a/mitmproxy/contrib/wsproto/compat.py +++ /dev/null @@ -1,20 +0,0 @@ -# flake8: noqa - -import sys - - -PY2 = sys.version_info.major == 2 -PY3 = sys.version_info.major == 3 - - -if PY3: - unicode = str - - def Utf8Validator(): - return None -else: - unicode = unicode - try: - from wsaccel.utf8validator import Utf8Validator - except ImportError: - from .utf8validator import Utf8Validator diff --git a/mitmproxy/contrib/wsproto/connection.py b/mitmproxy/contrib/wsproto/connection.py deleted file mode 100644 index f994cd3a..00000000 --- a/mitmproxy/contrib/wsproto/connection.py +++ /dev/null @@ -1,477 +0,0 @@ -# -*- coding: utf-8 -*- -""" -wsproto/connection -~~~~~~~~~~~~~~ - -An implementation of a WebSocket connection. -""" - -import os -import base64 -import hashlib -from collections import deque - -from enum import Enum - -import h11 - -from .events import ( - ConnectionRequested, ConnectionEstablished, ConnectionClosed, - ConnectionFailed, TextReceived, BytesReceived, PingReceived, PongReceived -) -from .frame_protocol import FrameProtocol, ParseFailed, CloseReason, Opcode - - -# RFC6455, Section 1.3 - Opening Handshake -ACCEPT_GUID = b"258EAFA5-E914-47DA-95CA-C5AB0DC85B11" - - -class ConnectionState(Enum): - """ - RFC 6455, Section 4 - Opening Handshake - """ - CONNECTING = 0 - OPEN = 1 - CLOSING = 2 - CLOSED = 3 - - -class ConnectionType(Enum): - CLIENT = 1 - SERVER = 2 - - -CLIENT = ConnectionType.CLIENT -SERVER = ConnectionType.SERVER - - -# Some convenience utilities for working with HTTP headers -def _normed_header_dict(h11_headers): - # This mangles Set-Cookie headers. But it happens that we don't care about - # any of those, so it's OK. For every other HTTP header, if there are - # multiple instances then you're allowed to join them together with - # commas. - name_to_values = {} - for name, value in h11_headers: - name_to_values.setdefault(name, []).append(value) - name_to_normed_value = {} - for name, values in name_to_values.items(): - name_to_normed_value[name] = b", ".join(values) - return name_to_normed_value - - -# We use this for parsing the proposed protocol list, and for parsing the -# proposed and accepted extension lists. For the proposed protocol list it's -# fine, because the ABNF is just 1#token. But for the extension lists, it's -# wrong, because those can contain quoted strings, which can in turn contain -# commas. XX FIXME -def _split_comma_header(value): - return [piece.decode('ascii').strip() for piece in value.split(b',')] - - -class WSConnection(object): - """ - A low-level WebSocket connection object. - - This wraps two other protocol objects, an HTTP/1.1 protocol object used - to do the initial HTTP upgrade handshake and a WebSocket frame protocol - object used to exchange messages and other control frames. - - :param conn_type: Whether this object is on the client- or server-side of - a connection. To initialise as a client pass ``CLIENT`` otherwise - pass ``SERVER``. - :type conn_type: ``ConnectionType`` - - :param host: The hostname to pass to the server when acting as a client. - :type host: ``str`` - - :param resource: The resource (aka path) to pass to the server when acting - as a client. - :type resource: ``str`` - - :param extensions: A list of extensions to use on this connection. - Extensions should be instances of a subclass of - :class:`Extension <wsproto.extensions.Extension>`. - - :param subprotocols: A list of subprotocols to request when acting as a - client, ordered by preference. This has no impact on the connection - itself. - :type subprotocol: ``list`` of ``str`` - """ - - def __init__(self, conn_type, host=None, resource=None, extensions=None, - subprotocols=None): - self.client = conn_type is ConnectionType.CLIENT - - self.host = host - self.resource = resource - - self.subprotocols = subprotocols or [] - self.extensions = extensions or [] - - self.version = b'13' - - self._state = ConnectionState.CONNECTING - self._close_reason = None - - self._nonce = None - self._outgoing = b'' - self._events = deque() - self._proto = None - - if self.client: - self._upgrade_connection = h11.Connection(h11.CLIENT) - else: - self._upgrade_connection = h11.Connection(h11.SERVER) - - if self.client: - if self.host is None: - raise ValueError( - "Host must not be None for a client-side connection.") - if self.resource is None: - raise ValueError( - "Resource must not be None for a client-side connection.") - self.initiate_connection() - - def initiate_connection(self): - self._generate_nonce() - - headers = { - b"Host": self.host.encode('ascii'), - b"Upgrade": b'WebSocket', - b"Connection": b'Upgrade', - b"Sec-WebSocket-Key": self._nonce, - b"Sec-WebSocket-Version": self.version, - } - - if self.subprotocols: - headers[b"Sec-WebSocket-Protocol"] = ", ".join(self.subprotocols) - - if self.extensions: - offers = {e.name: e.offer(self) for e in self.extensions} - extensions = [] - for name, params in offers.items(): - if params is True: - extensions.append(name.encode('ascii')) - elif params: - # py34 annoyance: doesn't support bytestring formatting - extensions.append(('%s; %s' % (name, params)) - .encode("ascii")) - if extensions: - headers[b'Sec-WebSocket-Extensions'] = b', '.join(extensions) - - upgrade = h11.Request(method=b'GET', target=self.resource, - headers=headers.items()) - self._outgoing += self._upgrade_connection.send(upgrade) - - def send_data(self, payload, final=True): - """ - Send a message or part of a message to the remote peer. - - If ``final`` is ``False`` it indicates that this is part of a longer - message. If ``final`` is ``True`` it indicates that this is either a - self-contained message or the last part of a longer message. - - If ``payload`` is of type ``bytes`` then the message is flagged as - being binary If it is of type ``str`` encoded as UTF-8 and sent as - text. - - :param payload: The message body to send. - :type payload: ``bytes`` or ``str`` - - :param final: Whether there are more parts to this message to be sent. - :type final: ``bool`` - """ - - self._outgoing += self._proto.send_data(payload, final) - - def close(self, code=CloseReason.NORMAL_CLOSURE, reason=None): - self._outgoing += self._proto.close(code, reason) - self._state = ConnectionState.CLOSING - - @property - def closed(self): - return self._state is ConnectionState.CLOSED - - def bytes_to_send(self, amount=None): - """ - Return any data that is to be sent to the remote peer. - - :param amount: (optional) The maximum number of bytes to be provided. - If ``None`` or not provided it will return all available bytes. - :type amount: ``int`` - """ - - if amount is None: - data = self._outgoing - self._outgoing = b'' - else: - data = self._outgoing[:amount] - self._outgoing = self._outgoing[amount:] - - return data - - def receive_bytes(self, data): - """ - Pass some received bytes to the connection for processing. - - :param data: The data received from the remote peer. - :type data: ``bytes`` - """ - - if data is None and self._state is ConnectionState.OPEN: - # "If _The WebSocket Connection is Closed_ and no Close control - # frame was received by the endpoint (such as could occur if the - # underlying transport connection is lost), _The WebSocket - # Connection Close Code_ is considered to be 1006." - self._events.append(ConnectionClosed(CloseReason.ABNORMAL_CLOSURE)) - self._state = ConnectionState.CLOSED - return - elif data is None: - self._state = ConnectionState.CLOSED - return - - if self._state is ConnectionState.CONNECTING: - event, data = self._process_upgrade(data) - if event is not None: - self._events.append(event) - - if self._state is ConnectionState.OPEN: - self._proto.receive_bytes(data) - - def _process_upgrade(self, data): - self._upgrade_connection.receive_data(data) - while True: - try: - event = self._upgrade_connection.next_event() - except h11.RemoteProtocolError: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Bad HTTP message"), b'' - if event is h11.NEED_DATA: - break - elif self.client and isinstance(event, (h11.InformationalResponse, - h11.Response)): - data = self._upgrade_connection.trailing_data[0] - return self._establish_client_connection(event), data - elif not self.client and isinstance(event, h11.Request): - return self._process_connection_request(event), None - else: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Bad HTTP message"), b'' - - self._incoming = b'' - return None, None - - def events(self): - """ - Return a generator that provides any events that have been generated - by protocol activity. - - :returns: generator - """ - - while self._events: - yield self._events.popleft() - - if self._proto is None: - return - - try: - for frame in self._proto.received_frames(): - if frame.opcode is Opcode.PING: - assert frame.frame_finished and frame.message_finished - self._outgoing += self._proto.pong(frame.payload) - yield PingReceived(frame.payload) - - elif frame.opcode is Opcode.PONG: - assert frame.frame_finished and frame.message_finished - yield PongReceived(frame.payload) - - elif frame.opcode is Opcode.CLOSE: - code, reason = frame.payload - self.close(code, reason) - yield ConnectionClosed(code, reason) - - elif frame.opcode is Opcode.TEXT: - yield TextReceived(frame.payload, - frame.frame_finished, - frame.message_finished) - - elif frame.opcode is Opcode.BINARY: - yield BytesReceived(frame.payload, - frame.frame_finished, - frame.message_finished) - except ParseFailed as exc: - # XX FIXME: apparently autobahn intentionally deviates from the - # spec in that on protocol errors it just closes the connection - # rather than trying to send a CLOSE frame. Investigate whether we - # should do the same. - self.close(code=exc.code, reason=str(exc)) - yield ConnectionClosed(exc.code, reason=str(exc)) - - def _generate_nonce(self): - # os.urandom may be overkill for this use case, but I don't think this - # is a bottleneck, and better safe than sorry... - self._nonce = base64.b64encode(os.urandom(16)) - - def _generate_accept_token(self, token): - accept_token = token + ACCEPT_GUID - accept_token = hashlib.sha1(accept_token).digest() - return base64.b64encode(accept_token) - - def _establish_client_connection(self, event): - if event.status_code != 101: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Bad status code from server") - headers = _normed_header_dict(event.headers) - if headers[b'connection'].lower() != b'upgrade': - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Missing Connection: Upgrade header") - if headers[b'upgrade'].lower() != b'websocket': - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Missing Upgrade: WebSocket header") - - accept_token = self._generate_accept_token(self._nonce) - if headers[b'sec-websocket-accept'] != accept_token: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Bad accept token") - - subprotocol = headers.get(b'sec-websocket-protocol', None) - if subprotocol is not None: - subprotocol = subprotocol.decode('ascii') - if subprotocol not in self.subprotocols: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "unrecognized subprotocol {!r}" - .format(subprotocol)) - - extensions = headers.get(b'sec-websocket-extensions', None) - if extensions: - accepts = _split_comma_header(extensions) - - for accept in accepts: - name = accept.split(';', 1)[0].strip() - for extension in self.extensions: - if extension.name == name: - extension.finalize(self, accept) - break - else: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "unrecognized extension {!r}" - .format(name)) - - self._proto = FrameProtocol(self.client, self.extensions) - self._state = ConnectionState.OPEN - return ConnectionEstablished(subprotocol, extensions) - - def _process_connection_request(self, event): - if event.method != b'GET': - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Request method must be GET") - headers = _normed_header_dict(event.headers) - if headers[b'connection'].lower() != b'upgrade': - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Missing Connection: Upgrade header") - if headers[b'upgrade'].lower() != b'websocket': - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Missing Upgrade: WebSocket header") - - if b'sec-websocket-version' not in headers: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Missing Sec-WebSocket-Version header") - # XX FIXME: need to check Sec-Websocket-Version, and respond with a - # 400 if it's not what we expect - - if b'sec-websocket-protocol' in headers: - proposed_subprotocols = _split_comma_header( - headers[b'sec-websocket-protocol']) - else: - proposed_subprotocols = [] - - if b'sec-websocket-key' not in headers: - return ConnectionFailed(CloseReason.PROTOCOL_ERROR, - "Missing Sec-WebSocket-Key header") - - return ConnectionRequested(proposed_subprotocols, event) - - def _extension_accept(self, extensions_header): - accepts = {} - offers = _split_comma_header(extensions_header) - - for offer in offers: - name = offer.split(';', 1)[0].strip() - for extension in self.extensions: - if extension.name == name: - accept = extension.accept(self, offer) - if accept is True: - accepts[extension.name] = True - elif accept is not False and accept is not None: - accepts[extension.name] = accept.encode('ascii') - - if accepts: - extensions = [] - for name, params in accepts.items(): - if params is True: - extensions.append(name.encode('ascii')) - else: - # py34 annoyance: doesn't support bytestring formatting - params = params.decode("ascii") - extensions.append(('%s; %s' % (name, params)) - .encode("ascii")) - return b', '.join(extensions) - - return None - - def accept(self, event, subprotocol=None): - request = event.h11request - request_headers = _normed_header_dict(request.headers) - - nonce = request_headers[b'sec-websocket-key'] - accept_token = self._generate_accept_token(nonce) - - headers = { - b"Upgrade": b'WebSocket', - b"Connection": b'Upgrade', - b"Sec-WebSocket-Accept": accept_token, - } - - if subprotocol is not None: - if subprotocol not in event.proposed_subprotocols: - raise ValueError( - "unexpected subprotocol {!r}".format(subprotocol)) - headers[b'Sec-WebSocket-Protocol'] = subprotocol - - extensions = request_headers.get(b'sec-websocket-extensions', None) - if extensions: - accepts = self._extension_accept(extensions) - if accepts: - headers[b"Sec-WebSocket-Extensions"] = accepts - - response = h11.InformationalResponse(status_code=101, - headers=headers.items()) - self._outgoing += self._upgrade_connection.send(response) - self._proto = FrameProtocol(self.client, self.extensions) - self._state = ConnectionState.OPEN - - def ping(self, payload=None): - """ - Send a PING message to the peer. - - :param payload: an optional payload to send with the message - """ - - payload = bytes(payload or b'') - self._outgoing += self._proto.ping(payload) - - def pong(self, payload=None): - """ - Send a PONG message to the peer. - - This method can be used to send an unsolicted PONG to the peer. - It is not needed otherwise since every received PING causes a - corresponding PONG to be sent automatically. - - :param payload: an optional payload to send with the message - """ - - payload = bytes(payload or b'') - self._outgoing += self._proto.pong(payload) diff --git a/mitmproxy/contrib/wsproto/events.py b/mitmproxy/contrib/wsproto/events.py deleted file mode 100644 index 73ce27aa..00000000 --- a/mitmproxy/contrib/wsproto/events.py +++ /dev/null @@ -1,81 +0,0 @@ -# -*- coding: utf-8 -*- -""" -wsproto/events -~~~~~~~~~~ - -Events that result from processing data on a WebSocket connection. -""" - - -class ConnectionRequested(object): - def __init__(self, proposed_subprotocols, h11request): - self.proposed_subprotocols = proposed_subprotocols - self.h11request = h11request - - def __repr__(self): - path = self.h11request.target - - headers = dict(self.h11request.headers) - host = headers[b'host'] - version = headers[b'sec-websocket-version'] - subprotocol = headers.get(b'sec-websocket-protocol', None) - extensions = [] - - fmt = '<%s host=%s path=%s version=%s subprotocol=%r extensions=%r>' - return fmt % (self.__class__.__name__, host, path, version, - subprotocol, extensions) - - -class ConnectionEstablished(object): - def __init__(self, subprotocol=None, extensions=None): - self.subprotocol = subprotocol - self.extensions = extensions - if self.extensions is None: - self.extensions = [] - - def __repr__(self): - return '<ConnectionEstablished subprotocol=%r extensions=%r>' % \ - (self.subprotocol, self.extensions) - - -class ConnectionClosed(object): - def __init__(self, code, reason=None): - self.code = code - self.reason = reason - - def __repr__(self): - return '<%s code=%r reason="%s">' % (self.__class__.__name__, - self.code, self.reason) - - -class ConnectionFailed(ConnectionClosed): - pass - - -class DataReceived(object): - def __init__(self, data, frame_finished, message_finished): - self.data = data - # This has no semantic content, but is provided just in case some - # weird edge case user wants to be able to reconstruct the - # fragmentation pattern of the original stream. You don't want it: - self.frame_finished = frame_finished - # This is the field that you almost certainly want: - self.message_finished = message_finished - - -class TextReceived(DataReceived): - pass - - -class BytesReceived(DataReceived): - pass - - -class PingReceived(object): - def __init__(self, payload): - self.payload = payload - - -class PongReceived(object): - def __init__(self, payload): - self.payload = payload diff --git a/mitmproxy/contrib/wsproto/extensions.py b/mitmproxy/contrib/wsproto/extensions.py deleted file mode 100644 index 0e0d2018..00000000 --- a/mitmproxy/contrib/wsproto/extensions.py +++ /dev/null @@ -1,259 +0,0 @@ -# type: ignore - -# -*- coding: utf-8 -*- -""" -wsproto/extensions -~~~~~~~~~~~~~~ - -WebSocket extensions. -""" - -import zlib - -from .frame_protocol import CloseReason, Opcode, RsvBits - - -class Extension(object): - name = None - - def enabled(self): - return False - - def offer(self, connection): - pass - - def accept(self, connection, offer): - pass - - def finalize(self, connection, offer): - pass - - def frame_inbound_header(self, proto, opcode, rsv, payload_length): - return RsvBits(False, False, False) - - def frame_inbound_payload_data(self, proto, data): - return data - - def frame_inbound_complete(self, proto, fin): - pass - - def frame_outbound(self, proto, opcode, rsv, data, fin): - return (rsv, data) - - -class PerMessageDeflate(Extension): - name = 'permessage-deflate' - - DEFAULT_CLIENT_MAX_WINDOW_BITS = 15 - DEFAULT_SERVER_MAX_WINDOW_BITS = 15 - - def __init__(self, client_no_context_takeover=False, - client_max_window_bits=None, server_no_context_takeover=False, - server_max_window_bits=None): - self.client_no_context_takeover = client_no_context_takeover - if client_max_window_bits is None: - client_max_window_bits = self.DEFAULT_CLIENT_MAX_WINDOW_BITS - self.client_max_window_bits = client_max_window_bits - self.server_no_context_takeover = server_no_context_takeover - if server_max_window_bits is None: - server_max_window_bits = self.DEFAULT_SERVER_MAX_WINDOW_BITS - self.server_max_window_bits = server_max_window_bits - - self._compressor = None - self._decompressor = None - # This refers to the current frame - self._inbound_is_compressible = None - # This refers to the ongoing message (which might span multiple - # frames). Only the first frame in a fragmented message is flagged for - # compression, so this carries that bit forward. - self._inbound_compressed = None - - self._enabled = False - - def _compressible_opcode(self, opcode): - return opcode in (Opcode.TEXT, Opcode.BINARY, Opcode.CONTINUATION) - - def enabled(self): - return self._enabled - - def offer(self, connection): - parameters = [ - 'client_max_window_bits=%d' % self.client_max_window_bits, - 'server_max_window_bits=%d' % self.server_max_window_bits, - ] - - if self.client_no_context_takeover: - parameters.append('client_no_context_takeover') - if self.server_no_context_takeover: - parameters.append('server_no_context_takeover') - - return '; '.join(parameters) - - def finalize(self, connection, offer): - bits = [b.strip() for b in offer.split(';')] - for bit in bits[1:]: - if bit.startswith('client_no_context_takeover'): - self.client_no_context_takeover = True - elif bit.startswith('server_no_context_takeover'): - self.server_no_context_takeover = True - elif bit.startswith('client_max_window_bits'): - self.client_max_window_bits = int(bit.split('=', 1)[1].strip()) - elif bit.startswith('server_max_window_bits'): - self.server_max_window_bits = int(bit.split('=', 1)[1].strip()) - - self._enabled = True - - def _parse_params(self, params): - client_max_window_bits = None - server_max_window_bits = None - - bits = [b.strip() for b in params.split(';')] - for bit in bits[1:]: - if bit.startswith('client_no_context_takeover'): - self.client_no_context_takeover = True - elif bit.startswith('server_no_context_takeover'): - self.server_no_context_takeover = True - elif bit.startswith('client_max_window_bits'): - if '=' in bit: - client_max_window_bits = int(bit.split('=', 1)[1].strip()) - else: - client_max_window_bits = self.client_max_window_bits - elif bit.startswith('server_max_window_bits'): - if '=' in bit: - server_max_window_bits = int(bit.split('=', 1)[1].strip()) - else: - server_max_window_bits = self.server_max_window_bits - - return client_max_window_bits, server_max_window_bits - - def accept(self, connection, offer): - client_max_window_bits, server_max_window_bits = \ - self._parse_params(offer) - - self._enabled = True - - parameters = [] - - if self.client_no_context_takeover: - parameters.append('client_no_context_takeover') - if client_max_window_bits is not None: - parameters.append('client_max_window_bits=%d' % - client_max_window_bits) - self.client_max_window_bits = client_max_window_bits - if self.server_no_context_takeover: - parameters.append('server_no_context_takeover') - if server_max_window_bits is not None: - parameters.append('server_max_window_bits=%d' % - server_max_window_bits) - self.server_max_window_bits = server_max_window_bits - - return '; '.join(parameters) - - def frame_inbound_header(self, proto, opcode, rsv, payload_length): - if rsv.rsv1 and opcode.iscontrol(): - return CloseReason.PROTOCOL_ERROR - elif rsv.rsv1 and opcode is Opcode.CONTINUATION: - return CloseReason.PROTOCOL_ERROR - - self._inbound_is_compressible = self._compressible_opcode(opcode) - - if self._inbound_compressed is None: - self._inbound_compressed = rsv.rsv1 - if self._inbound_compressed: - assert self._inbound_is_compressible - if proto.client: - bits = self.server_max_window_bits - else: - bits = self.client_max_window_bits - if self._decompressor is None: - self._decompressor = zlib.decompressobj(-int(bits)) - - return RsvBits(True, False, False) - - def frame_inbound_payload_data(self, proto, data): - if not self._inbound_compressed or not self._inbound_is_compressible: - return data - - try: - return self._decompressor.decompress(bytes(data)) - except zlib.error: - return CloseReason.INVALID_FRAME_PAYLOAD_DATA - - def frame_inbound_complete(self, proto, fin): - if not fin: - return - elif not self._inbound_is_compressible: - return - elif not self._inbound_compressed: - return - - try: - data = self._decompressor.decompress(b'\x00\x00\xff\xff') - data += self._decompressor.flush() - except zlib.error: - return CloseReason.INVALID_FRAME_PAYLOAD_DATA - - if proto.client: - no_context_takeover = self.server_no_context_takeover - else: - no_context_takeover = self.client_no_context_takeover - - if no_context_takeover: - self._decompressor = None - - self._inbound_compressed = None - - return data - - def frame_outbound(self, proto, opcode, rsv, data, fin): - if not self._compressible_opcode(opcode): - return (rsv, data) - - if opcode is not Opcode.CONTINUATION: - rsv = RsvBits(True, *rsv[1:]) - - if self._compressor is None: - assert opcode is not Opcode.CONTINUATION - if proto.client: - bits = self.client_max_window_bits - else: - bits = self.server_max_window_bits - self._compressor = zlib.compressobj(zlib.Z_DEFAULT_COMPRESSION, - zlib.DEFLATED, -int(bits)) - - data = self._compressor.compress(bytes(data)) - - if fin: - data += self._compressor.flush(zlib.Z_SYNC_FLUSH) - data = data[:-4] - - if proto.client: - no_context_takeover = self.client_no_context_takeover - else: - no_context_takeover = self.server_no_context_takeover - - if no_context_takeover: - self._compressor = None - - return (rsv, data) - - def __repr__(self): - descr = ['client_max_window_bits=%d' % self.client_max_window_bits] - if self.client_no_context_takeover: - descr.append('client_no_context_takeover') - descr.append('server_max_window_bits=%d' % self.server_max_window_bits) - if self.server_no_context_takeover: - descr.append('server_no_context_takeover') - - descr = '; '.join(descr) - - return '<%s %s>' % (self.__class__.__name__, descr) - - -#: SUPPORTED_EXTENSIONS maps all supported extension names to their class. -#: This can be used to iterate all supported extensions of wsproto, instantiate -#: new extensions based on their name, or check if a given extension is -#: supported or not. -SUPPORTED_EXTENSIONS = { - PerMessageDeflate.name: PerMessageDeflate -} diff --git a/mitmproxy/contrib/wsproto/frame_protocol.py b/mitmproxy/contrib/wsproto/frame_protocol.py deleted file mode 100644 index 30f146c6..00000000 --- a/mitmproxy/contrib/wsproto/frame_protocol.py +++ /dev/null @@ -1,581 +0,0 @@ -# type: ignore - -# -*- coding: utf-8 -*- -""" -wsproto/frame_protocol -~~~~~~~~~~~~~~ - -WebSocket frame protocol implementation. -""" - -import os -import itertools -import struct -from codecs import getincrementaldecoder -from collections import namedtuple - -from enum import Enum, IntEnum - -from .compat import unicode, Utf8Validator - -try: - from wsaccel.xormask import XorMaskerSimple -except ImportError: - class XorMaskerSimple: - def __init__(self, masking_key): - self._maskbytes = itertools.cycle(bytearray(masking_key)) - - def process(self, data): - maskbytes = self._maskbytes - return bytearray(b ^ next(maskbytes) for b in bytearray(data)) - - -class XorMaskerNull: - def process(self, data): - return data - - -# RFC6455, Section 5.2 - Base Framing Protocol - -# Payload length constants -PAYLOAD_LENGTH_TWO_BYTE = 126 -PAYLOAD_LENGTH_EIGHT_BYTE = 127 -MAX_PAYLOAD_NORMAL = 125 -MAX_PAYLOAD_TWO_BYTE = 2 ** 16 - 1 -MAX_PAYLOAD_EIGHT_BYTE = 2 ** 64 - 1 -MAX_FRAME_PAYLOAD = MAX_PAYLOAD_EIGHT_BYTE - -# MASK and PAYLOAD LEN are packed into a byte -MASK_MASK = 0x80 -PAYLOAD_LEN_MASK = 0x7f - -# FIN, RSV[123] and OPCODE are packed into a single byte -FIN_MASK = 0x80 -RSV1_MASK = 0x40 -RSV2_MASK = 0x20 -RSV3_MASK = 0x10 -OPCODE_MASK = 0x0f - - -class Opcode(IntEnum): - """ - RFC 6455, Section 5.2 - Base Framing Protocol - """ - CONTINUATION = 0x0 - TEXT = 0x1 - BINARY = 0x2 - CLOSE = 0x8 - PING = 0x9 - PONG = 0xA - - def iscontrol(self): - return bool(self & 0x08) - - -class CloseReason(IntEnum): - """ - RFC 6455, Section 7.4.1 - Defined Status Codes - """ - NORMAL_CLOSURE = 1000 - GOING_AWAY = 1001 - PROTOCOL_ERROR = 1002 - UNSUPPORTED_DATA = 1003 - NO_STATUS_RCVD = 1005 - ABNORMAL_CLOSURE = 1006 - INVALID_FRAME_PAYLOAD_DATA = 1007 - POLICY_VIOLATION = 1008 - MESSAGE_TOO_BIG = 1009 - MANDATORY_EXT = 1010 - INTERNAL_ERROR = 1011 - SERVICE_RESTART = 1012 - TRY_AGAIN_LATER = 1013 - TLS_HANDSHAKE_FAILED = 1015 - - -# RFC 6455, Section 7.4.1 - Defined Status Codes -LOCAL_ONLY_CLOSE_REASONS = ( - CloseReason.NO_STATUS_RCVD, - CloseReason.ABNORMAL_CLOSURE, - CloseReason.TLS_HANDSHAKE_FAILED, -) - - -# RFC 6455, Section 7.4.2 - Status Code Ranges -MIN_CLOSE_REASON = 1000 -MIN_PROTOCOL_CLOSE_REASON = 1000 -MAX_PROTOCOL_CLOSE_REASON = 2999 -MIN_LIBRARY_CLOSE_REASON = 3000 -MAX_LIBRARY_CLOSE_REASON = 3999 -MIN_PRIVATE_CLOSE_REASON = 4000 -MAX_PRIVATE_CLOSE_REASON = 4999 -MAX_CLOSE_REASON = 4999 - - -NULL_MASK = struct.pack("!I", 0) - - -class ParseFailed(Exception): - def __init__(self, msg, code=CloseReason.PROTOCOL_ERROR): - super(ParseFailed, self).__init__(msg) - self.code = code - - -Header = namedtuple("Header", "fin rsv opcode payload_len masking_key".split()) - - -Frame = namedtuple("Frame", - "opcode payload frame_finished message_finished".split()) - - -RsvBits = namedtuple("RsvBits", "rsv1 rsv2 rsv3".split()) - - -def _truncate_utf8(data, nbytes): - if len(data) <= nbytes: - return data - - # Truncate - data = data[:nbytes] - # But we might have cut a codepoint in half, in which case we want to - # discard the partial character so the data is at least - # well-formed. This is a little inefficient since it processes the - # whole message twice when in theory we could just peek at the last - # few characters, but since this is only used for close messages (max - # length = 125 bytes) it really doesn't matter. - data = data.decode("utf-8", errors="ignore").encode("utf-8") - return data - - -class Buffer(object): - def __init__(self, initial_bytes=None): - self.buffer = bytearray() - self.bytes_used = 0 - if initial_bytes: - self.feed(initial_bytes) - - def feed(self, new_bytes): - self.buffer += new_bytes - - def consume_at_most(self, nbytes): - if not nbytes: - return bytearray() - - data = self.buffer[self.bytes_used:self.bytes_used + nbytes] - self.bytes_used += len(data) - return data - - def consume_exactly(self, nbytes): - if len(self.buffer) - self.bytes_used < nbytes: - return None - - return self.consume_at_most(nbytes) - - def commit(self): - # In CPython 3.4+, del[:n] is amortized O(n), *not* quadratic - del self.buffer[:self.bytes_used] - self.bytes_used = 0 - - def rollback(self): - self.bytes_used = 0 - - def __len__(self): - return len(self.buffer) - - -class MessageDecoder(object): - def __init__(self): - self.opcode = None - self.validator = None - self.decoder = None - - def process_frame(self, frame): - assert not frame.opcode.iscontrol() - - if self.opcode is None: - if frame.opcode is Opcode.CONTINUATION: - raise ParseFailed("unexpected CONTINUATION") - self.opcode = frame.opcode - elif frame.opcode is not Opcode.CONTINUATION: - raise ParseFailed("expected CONTINUATION, got %r" % frame.opcode) - - if frame.opcode is Opcode.TEXT: - self.validator = Utf8Validator() - self.decoder = getincrementaldecoder("utf-8")() - - finished = frame.frame_finished and frame.message_finished - - if self.decoder is not None: - data = self.decode_payload(frame.payload, finished) - else: - data = frame.payload - - frame = Frame(self.opcode, data, frame.frame_finished, finished) - - if finished: - self.opcode = None - self.decoder = None - - return frame - - def decode_payload(self, data, finished): - if self.validator is not None: - results = self.validator.validate(bytes(data)) - if not results[0] or (finished and not results[1]): - raise ParseFailed(u'encountered invalid UTF-8 while processing' - ' text message at payload octet index %d' % - results[3], - CloseReason.INVALID_FRAME_PAYLOAD_DATA) - - try: - return self.decoder.decode(data, finished) - except UnicodeDecodeError as exc: - raise ParseFailed(str(exc), CloseReason.INVALID_FRAME_PAYLOAD_DATA) - - -class FrameDecoder(object): - def __init__(self, client, extensions=None): - self.client = client - self.extensions = extensions or [] - - self.buffer = Buffer() - - self.header = None - self.effective_opcode = None - self.masker = None - self.payload_required = 0 - self.payload_consumed = 0 - - def receive_bytes(self, data): - self.buffer.feed(data) - - def process_buffer(self): - if not self.header: - if not self.parse_header(): - return None - - if len(self.buffer) < self.payload_required: - return None - - payload_remaining = self.header.payload_len - self.payload_consumed - payload = self.buffer.consume_at_most(payload_remaining) - if not payload and self.header.payload_len > 0: - return None - self.buffer.commit() - - self.payload_consumed += len(payload) - finished = self.payload_consumed == self.header.payload_len - - payload = self.masker.process(payload) - - for extension in self.extensions: - payload = extension.frame_inbound_payload_data(self, payload) - if isinstance(payload, CloseReason): - raise ParseFailed("error in extension", payload) - - if finished: - final = bytearray() - for extension in self.extensions: - result = extension.frame_inbound_complete(self, - self.header.fin) - if isinstance(result, CloseReason): - raise ParseFailed("error in extension", result) - if result is not None: - final += result - payload += final - - frame = Frame(self.effective_opcode, payload, finished, - self.header.fin) - - if finished: - self.header = None - self.effective_opcode = None - self.masker = None - else: - self.effective_opcode = Opcode.CONTINUATION - - return frame - - def parse_header(self): - data = self.buffer.consume_exactly(2) - if data is None: - self.buffer.rollback() - return False - - fin = bool(data[0] & FIN_MASK) - rsv = RsvBits(bool(data[0] & RSV1_MASK), - bool(data[0] & RSV2_MASK), - bool(data[0] & RSV3_MASK)) - opcode = data[0] & OPCODE_MASK - try: - opcode = Opcode(opcode) - except ValueError: - raise ParseFailed("Invalid opcode {:#x}".format(opcode)) - - if opcode.iscontrol() and not fin: - raise ParseFailed("Invalid attempt to fragment control frame") - - has_mask = bool(data[1] & MASK_MASK) - payload_len = data[1] & PAYLOAD_LEN_MASK - payload_len = self.parse_extended_payload_length(opcode, payload_len) - if payload_len is None: - self.buffer.rollback() - return False - - self.extension_processing(opcode, rsv, payload_len) - - if has_mask and self.client: - raise ParseFailed("client received unexpected masked frame") - if not has_mask and not self.client: - raise ParseFailed("server received unexpected unmasked frame") - if has_mask: - masking_key = self.buffer.consume_exactly(4) - if masking_key is None: - self.buffer.rollback() - return False - self.masker = XorMaskerSimple(masking_key) - else: - self.masker = XorMaskerNull() - - self.buffer.commit() - self.header = Header(fin, rsv, opcode, payload_len, None) - self.effective_opcode = self.header.opcode - if self.header.opcode.iscontrol(): - self.payload_required = payload_len - else: - self.payload_required = 0 - self.payload_consumed = 0 - return True - - def parse_extended_payload_length(self, opcode, payload_len): - if opcode.iscontrol() and payload_len > MAX_PAYLOAD_NORMAL: - raise ParseFailed("Control frame with payload len > 125") - if payload_len == PAYLOAD_LENGTH_TWO_BYTE: - data = self.buffer.consume_exactly(2) - if data is None: - return None - (payload_len,) = struct.unpack("!H", data) - if payload_len <= MAX_PAYLOAD_NORMAL: - raise ParseFailed( - "Payload length used 2 bytes when 1 would have sufficed") - elif payload_len == PAYLOAD_LENGTH_EIGHT_BYTE: - data = self.buffer.consume_exactly(8) - if data is None: - return None - (payload_len,) = struct.unpack("!Q", data) - if payload_len <= MAX_PAYLOAD_TWO_BYTE: - raise ParseFailed( - "Payload length used 8 bytes when 2 would have sufficed") - if payload_len >> 63: - # I'm not sure why this is illegal, but that's what the RFC - # says, so... - raise ParseFailed("8-byte payload length with non-zero MSB") - - return payload_len - - def extension_processing(self, opcode, rsv, payload_len): - rsv_used = [False, False, False] - for extension in self.extensions: - result = extension.frame_inbound_header(self, opcode, rsv, - payload_len) - if isinstance(result, CloseReason): - raise ParseFailed("error in extension", result) - for bit, used in enumerate(result): - if used: - rsv_used[bit] = True - for expected, found in zip(rsv_used, rsv): - if found and not expected: - raise ParseFailed("Reserved bit set unexpectedly") - - -class FrameProtocol(object): - class State(Enum): - HEADER = 1 - PAYLOAD = 2 - FRAME_COMPLETE = 3 - FAILED = 4 - - def __init__(self, client, extensions): - self.client = client - self.extensions = [ext for ext in extensions if ext.enabled()] - - # Global state - self._frame_decoder = FrameDecoder(self.client, self.extensions) - self._message_decoder = MessageDecoder() - self._parse_more = self.parse_more_gen() - - self._outbound_opcode = None - - def _process_close(self, frame): - data = frame.payload - - if not data: - # "If this Close control frame contains no status code, _The - # WebSocket Connection Close Code_ is considered to be 1005" - data = (CloseReason.NO_STATUS_RCVD, "") - elif len(data) == 1: - raise ParseFailed("CLOSE with 1 byte payload") - else: - (code,) = struct.unpack("!H", data[:2]) - if code < MIN_CLOSE_REASON or code > MAX_CLOSE_REASON: - raise ParseFailed("CLOSE with invalid code") - try: - code = CloseReason(code) - except ValueError: - pass - if code in LOCAL_ONLY_CLOSE_REASONS: - raise ParseFailed( - "remote CLOSE with local-only reason") - if not isinstance(code, CloseReason) and \ - code <= MAX_PROTOCOL_CLOSE_REASON: - raise ParseFailed( - "CLOSE with unknown reserved code") - validator = Utf8Validator() - if validator is not None: - results = validator.validate(bytes(data[2:])) - if not (results[0] and results[1]): - raise ParseFailed(u'encountered invalid UTF-8 while' - ' processing close message at payload' - ' octet index %d' % - results[3], - CloseReason.INVALID_FRAME_PAYLOAD_DATA) - try: - reason = data[2:].decode("utf-8") - except UnicodeDecodeError as exc: - raise ParseFailed( - "Error decoding CLOSE reason: " + str(exc), - CloseReason.INVALID_FRAME_PAYLOAD_DATA) - data = (code, reason) - - return Frame(frame.opcode, data, frame.frame_finished, - frame.message_finished) - - def parse_more_gen(self): - # Consume as much as we can from self._buffer, yielding events, and - # then yield None when we need more data. Or raise ParseFailed. - - # XX FIXME this should probably be refactored so that we never see - # disabled extensions in the first place... - self.extensions = [ext for ext in self.extensions if ext.enabled()] - closed = False - - while not closed: - frame = self._frame_decoder.process_buffer() - - if frame is not None: - if not frame.opcode.iscontrol(): - frame = self._message_decoder.process_frame(frame) - elif frame.opcode == Opcode.CLOSE: - frame = self._process_close(frame) - closed = True - - yield frame - - def receive_bytes(self, data): - self._frame_decoder.receive_bytes(data) - - def received_frames(self): - for event in self._parse_more: - if event is None: - break - else: - yield event - - def close(self, code=None, reason=None): - payload = bytearray() - if code is None and reason is not None: - raise TypeError("cannot specify a reason without a code") - if code in LOCAL_ONLY_CLOSE_REASONS: - code = CloseReason.NORMAL_CLOSURE - if code is not None: - payload += bytearray(struct.pack('!H', code)) - if reason is not None: - payload += _truncate_utf8(reason.encode('utf-8'), - MAX_PAYLOAD_NORMAL - 2) - - return self._serialize_frame(Opcode.CLOSE, payload) - - def ping(self, payload=b''): - return self._serialize_frame(Opcode.PING, payload) - - def pong(self, payload=b''): - return self._serialize_frame(Opcode.PONG, payload) - - def send_data(self, payload=b'', fin=True): - if isinstance(payload, (bytes, bytearray, memoryview)): - opcode = Opcode.BINARY - elif isinstance(payload, unicode): - opcode = Opcode.TEXT - payload = payload.encode('utf-8') - else: - raise ValueError('Must provide bytes or text') - - if self._outbound_opcode is None: - self._outbound_opcode = opcode - elif self._outbound_opcode is not opcode: - raise TypeError('Data type mismatch inside message') - else: - opcode = Opcode.CONTINUATION - - if fin: - self._outbound_opcode = None - - return self._serialize_frame(opcode, payload, fin) - - def _make_fin_rsv_opcode(self, fin, rsv, opcode): - fin = int(fin) << 7 - rsv = (int(rsv.rsv1) << 6) + (int(rsv.rsv2) << 5) + \ - (int(rsv.rsv3) << 4) - opcode = int(opcode) - - return fin | rsv | opcode - - def _serialize_frame(self, opcode, payload=b'', fin=True): - rsv = RsvBits(False, False, False) - for extension in reversed(self.extensions): - rsv, payload = extension.frame_outbound(self, opcode, rsv, payload, - fin) - - fin_rsv_opcode = self._make_fin_rsv_opcode(fin, rsv, opcode) - - payload_length = len(payload) - quad_payload = False - if payload_length <= MAX_PAYLOAD_NORMAL: - first_payload = payload_length - second_payload = None - elif payload_length <= MAX_PAYLOAD_TWO_BYTE: - first_payload = PAYLOAD_LENGTH_TWO_BYTE - second_payload = payload_length - else: - first_payload = PAYLOAD_LENGTH_EIGHT_BYTE - second_payload = payload_length - quad_payload = True - - if self.client: - first_payload |= 1 << 7 - - header = bytearray([fin_rsv_opcode, first_payload]) - if second_payload is not None: - if opcode.iscontrol(): - raise ValueError("payload too long for control frame") - if quad_payload: - header += bytearray(struct.pack('!Q', second_payload)) - else: - header += bytearray(struct.pack('!H', second_payload)) - - if self.client: - # "The masking key is a 32-bit value chosen at random by the - # client. When preparing a masked frame, the client MUST pick a - # fresh masking key from the set of allowed 32-bit values. The - # masking key needs to be unpredictable; thus, the masking key - # MUST be derived from a strong source of entropy, and the masking - # key for a given frame MUST NOT make it simple for a server/proxy - # to predict the masking key for a subsequent frame. The - # unpredictability of the masking key is essential to prevent - # authors of malicious applications from selecting the bytes that - # appear on the wire." - # -- https://tools.ietf.org/html/rfc6455#section-5.3 - masking_key = os.urandom(4) - masker = XorMaskerSimple(masking_key) - return header + masking_key + masker.process(payload) - - return header + payload diff --git a/mitmproxy/proxy/protocol/websocket.py b/mitmproxy/proxy/protocol/websocket.py index 92f99518..2d8458a5 100644 --- a/mitmproxy/proxy/protocol/websocket.py +++ b/mitmproxy/proxy/protocol/websocket.py @@ -2,10 +2,10 @@ import socket from OpenSSL import SSL -from mitmproxy.contrib import wsproto -from mitmproxy.contrib.wsproto import events -from mitmproxy.contrib.wsproto.connection import ConnectionType, WSConnection -from mitmproxy.contrib.wsproto.extensions import PerMessageDeflate +import wsproto +from wsproto import events +from wsproto.connection import ConnectionType, WSConnection +from wsproto.extensions import PerMessageDeflate from mitmproxy import exceptions from mitmproxy import flow diff --git a/mitmproxy/tools/console/grideditor/col.py b/mitmproxy/tools/console/grideditor/col.py deleted file mode 100644 index 3331f3e7..00000000 --- a/mitmproxy/tools/console/grideditor/col.py +++ /dev/null @@ -1,67 +0,0 @@ -import typing - -import urwid - -from mitmproxy.tools.console import signals -from mitmproxy.tools.console.grideditor import base -from mitmproxy.utils import strutils - -strbytes = typing.Union[str, bytes] - - -class Column(base.Column): - def Display(self, data): - return Display(data) - - def Edit(self, data): - return Edit(data) - - def blank(self): - return "" - - def keypress(self, key, editor): - if key in ["m_select"]: - editor.walker.start_edit() - else: - return key - - -class Display(base.Cell): - def __init__(self, data: strbytes) -> None: - self.data = data - if isinstance(data, bytes): - escaped = strutils.bytes_to_escaped_str(data) - else: - escaped = data.encode() - w = urwid.Text(escaped, wrap="any") - super().__init__(w) - - def get_data(self) -> strbytes: - return self.data - - -class Edit(base.Cell): - def __init__(self, data: strbytes) -> None: - if isinstance(data, bytes): - escaped = strutils.bytes_to_escaped_str(data) - else: - escaped = data.encode() - self.type = type(data) # type: typing.Type - w = urwid.Edit(edit_text=escaped, wrap="any", multiline=True) - w = urwid.AttrWrap(w, "editfield") - super().__init__(w) - - def get_data(self) -> strbytes: - txt = self._w.get_text()[0].strip() - try: - if self.type == bytes: - return strutils.escaped_str_to_bytes(txt) - else: - return txt.decode() - except ValueError: - signals.status_message.send( - self, - message="Invalid Python-style string encoding.", - expire=1000 - ) - raise diff --git a/mitmproxy/tools/console/grideditor/col_text.py b/mitmproxy/tools/console/grideditor/col_text.py index f0ac06f8..32518670 100644 --- a/mitmproxy/tools/console/grideditor/col_text.py +++ b/mitmproxy/tools/console/grideditor/col_text.py @@ -21,7 +21,7 @@ class Column(col_bytes.Column): return TEdit(data, self.encoding_args) def blank(self): - return u"" + return "" # This is the same for both edit and display. diff --git a/mitmproxy/tools/console/grideditor/col_viewany.py b/mitmproxy/tools/console/grideditor/col_viewany.py new file mode 100644 index 00000000..f5d35eee --- /dev/null +++ b/mitmproxy/tools/console/grideditor/col_viewany.py @@ -0,0 +1,33 @@ +""" +A display-only column that displays any data type. +""" + +import typing + +import urwid +from mitmproxy.tools.console.grideditor import base +from mitmproxy.utils import strutils + + +class Column(base.Column): + def Display(self, data): + return Display(data) + + Edit = Display + + def blank(self): + return "" + + +class Display(base.Cell): + def __init__(self, data: typing.Any) -> None: + self.data = data + if isinstance(data, bytes): + data = strutils.bytes_to_escaped_str(data) + if not isinstance(data, str): + data = repr(data) + w = urwid.Text(data, wrap="any") + super().__init__(w) + + def get_data(self) -> typing.Any: + return self.data diff --git a/mitmproxy/tools/console/grideditor/editors.py b/mitmproxy/tools/console/grideditor/editors.py index b5d16737..fbe48a1a 100644 --- a/mitmproxy/tools/console/grideditor/editors.py +++ b/mitmproxy/tools/console/grideditor/editors.py @@ -1,13 +1,14 @@ +import typing from mitmproxy import exceptions +from mitmproxy.net.http import Headers from mitmproxy.tools.console import layoutwidget +from mitmproxy.tools.console import signals from mitmproxy.tools.console.grideditor import base -from mitmproxy.tools.console.grideditor import col -from mitmproxy.tools.console.grideditor import col_text from mitmproxy.tools.console.grideditor import col_bytes from mitmproxy.tools.console.grideditor import col_subgrid -from mitmproxy.tools.console import signals -from mitmproxy.net.http import Headers +from mitmproxy.tools.console.grideditor import col_text +from mitmproxy.tools.console.grideditor import col_viewany class QueryEditor(base.FocusEditor): @@ -67,7 +68,6 @@ class RequestFormEditor(base.FocusEditor): class PathEditor(base.FocusEditor): # TODO: Next row on enter? - title = "Edit Path Components" columns = [ col_text.Column("Component"), @@ -175,11 +175,22 @@ class OptionsEditor(base.GridEditor, layoutwidget.LayoutWidget): class DataViewer(base.GridEditor, layoutwidget.LayoutWidget): title = None # type: str - def __init__(self, master, vals): + def __init__( + self, + master, + vals: typing.Union[ + typing.List[typing.List[typing.Any]], + typing.List[typing.Any], + str, + ]) -> None: if vals: + # Whatever vals is, make it a list of rows containing lists of column values. + if isinstance(vals, str): + vals = [vals] if not isinstance(vals[0], list): vals = [[i] for i in vals] - self.columns = [col.Column("")] * len(vals[0]) + + self.columns = [col_viewany.Column("")] * len(vals[0]) super().__init__(master, vals, self.callback) def callback(self, vals): diff --git a/mitmproxy/version.py b/mitmproxy/version.py index 3073c3d3..44ec32d4 100644 --- a/mitmproxy/version.py +++ b/mitmproxy/version.py @@ -48,7 +48,7 @@ def get_version(dev: bool = False, build: bool = False, refresh: bool = False) - # Add suffix for non-tagged releases if tag_dist > 0: - mitmproxy_version += ".dev{tag_dist:04}".format(tag_dist=tag_dist) + mitmproxy_version += ".dev{tag_dist}".format(tag_dist=tag_dist) # The wheel build tag (we use the commit) must start with a digit, so we include "0x" mitmproxy_version += "-0x{commit}".format(commit=commit) diff --git a/mitmproxy/websocket.py b/mitmproxy/websocket.py index a37edb54..66257852 100644 --- a/mitmproxy/websocket.py +++ b/mitmproxy/websocket.py @@ -1,7 +1,8 @@ import time from typing import List, Optional -from mitmproxy.contrib import wsproto +from wsproto.frame_protocol import CloseReason +from wsproto.frame_protocol import Opcode from mitmproxy import flow from mitmproxy.net import websockets @@ -17,7 +18,7 @@ class WebSocketMessage(serializable.Serializable): def __init__( self, type: int, from_client: bool, content: bytes, timestamp: Optional[int]=None, killed: bool=False ) -> None: - self.type = wsproto.frame_protocol.Opcode(type) # type: ignore + self.type = Opcode(type) # type: ignore """indicates either TEXT or BINARY (from wsproto.frame_protocol.Opcode).""" self.from_client = from_client """True if this messages was sent by the client.""" @@ -37,10 +38,10 @@ class WebSocketMessage(serializable.Serializable): def set_state(self, state): self.type, self.from_client, self.content, self.timestamp, self.killed = state - self.type = wsproto.frame_protocol.Opcode(self.type) # replace enum with bare int + self.type = Opcode(self.type) # replace enum with bare int def __repr__(self): - if self.type == wsproto.frame_protocol.Opcode.TEXT: + if self.type == Opcode.TEXT: return "text message: {}".format(repr(self.content)) else: return "binary message: {}".format(strutils.bytes_to_escaped_str(self.content)) @@ -66,7 +67,7 @@ class WebSocketFlow(flow.Flow): """A list containing all WebSocketMessage's.""" self.close_sender = 'client' """'client' if the client initiated connection closing.""" - self.close_code = wsproto.frame_protocol.CloseReason.NORMAL_CLOSURE + self.close_code = CloseReason.NORMAL_CLOSURE """WebSocket close code.""" self.close_message = '(message missing)' """WebSocket close message.""" diff --git a/release/.gitignore b/release/.gitignore index 2247d5f9..905eec6e 100644 --- a/release/.gitignore +++ b/release/.gitignore @@ -1,2 +1,3 @@ /build /dist +known_hosts diff --git a/release/known_hosts.enc b/release/known_hosts.enc new file mode 100644 index 00000000..585ee678 --- /dev/null +++ b/release/known_hosts.enc @@ -0,0 +1 @@ +gAAAAABaTif138dCP2-G3sAJxqh5icnwM0Zy7qh4HFCxeKQBMiVDr4nJyf9T82U677M_QKWRJmp_PsbnrshHXPylq0FuHwak7Yx7kdiLue6d85VQ7_kkMs-MlPM7_Xn54_zyuj1c0b3TVAuix2xHfFLdSd_mCxygFukLzf47OyYbno7lMY_-q0HZfVPz3PBZdk95wDcbYprmgEkVJZd64Tu_LG1JDDiz56LlqADMA4znMcSAoRmbVtHu-II09HMcX3TkmcqJsNv-IVHMs4fxW_DFsq9w5ARggL6ANMfhnFQPyMtgVHjGLkSjOMRshLkQUBVYx8yWEGaQOkP0doVtDS3fZ-MKc6OJC_NSs6gkm1rswjVsQsmgZGPIqjcVf9oCbFYcw0m-JrfB1irdsLoGzpfJaSGxveC7XqOd9ArBpCHFPVO-6ilu-E1qZelvL0HiplrFvJCMEev1U2YvznC1BWKpy81vJfH--64QKZ35yQBHMV_VoH-wi80EfWtz4ISvCMQWdjRAvhLHKHSYYhUSIgBZvCCQcPySdFpbDtwsQnzIqC8MQKG787w1FiYAwzdIHTWZuanENaPMALo0t0GgMSqPV4UUyw7dto8XSMqoUXOCuZNYjunVh7AzAKS7oMUYjDs38o92sWh5sZUpPfv2WYIiecTiQw4uPae7PdSwMhkI3WIOsSb8LURnG484vvgFc2jMpQThw-BHJx7tGYC0yFLouRH2O7m9x6xgiCiVA_u_BdOj_2PFufvOCaB9wno5Vo7C1hUERGWqoBZH0htBqxYci27hh8GFwkvj6OjFUyV_kk920cBYBDG4jS4bTrTzn_znJ9TNw2XkP98nA8cwlRYhDQG9FypJG0WwYkft3TVLSQ3Hq7t0nhvhSZvXts-3LR4S0_Hm0QgFUpUc-VHViinwK8_vQH3ZjvVlEWiXnzPdpAujjX_tQXsi13UE1Zp90wGeLrmdxGXq2K76Shytu8IwTcLNZ7m0jh8KmmfNwn6oZv-czqNmC4hh0OqRDFBrv3nnjDg2Vw74uKSZmXgtZlF_Zj9hPqxVWzj7lJUcyRqABBFbBH6lTSWPHLrzQ4eTex5dnOkXC8c3hRYDUt06xUkmDqaLK0rGFcfNXawZj1YqpUJW0qaNgbtBZRsSs92kblkETxCzcwxOfupmAhWdSkmCoxt019crodz3heREcyN2xcD9qHvdY49_FD3l3U6UhrWvmkDkzyLMd7VmRPWqlW0lkzrwav8e92leIq-xKFcvbnWgSdSCWWbXvIVJKcQ6hML3jX4oY7SoBs33U1Q0HfC7SuS5lqTASuRIOVCfIGeFfRwlIfEszbWg_WDoUjR6StaVq9tbtIC3mimWND82Z9r1NfUNxr8kFYIpH_6hbxhcW26HNBKr4wLxWFFE9l1QZORPM3s6z-lT4LzUPCkFExd_eYFx3X6yUJ3cHZhkQQzCLQqG7jQqvcMwDIfM-MXkJnttLfpBq0yiq0-mc-SEas5uy27iSJgbXnsV7G3YiKEelKW_uWP2bw-rQGG_AXMGNGF2A_aREsvGrEqPnyeHAxfS1bBcnqslpIzEwr9vyyJ5v_bxfHFQC4bwYMUvPGkjHVFc0Wrk7ss9P5Kd1bzh46H7OfroUbocmYBmHMMWEg-LvsG0RZil3KWh_CSyIIPETkDjuC3W7teT-wZK0zbTEaKCuz99Dg-tjzT6fP25ipoI70cX5R3KPwrLP3XNODRTsg_Jh7IpaXo9O3o8yLV9R6_rST_1KKJwzR2MMIXIvKaJQD9w2DZIaYx3tcVsXGCDnU4Tw2hhdB5wMCl3vHx83UHfjLxnc1tJ6ObpQUjwHM1SgHK8wLW409SVHphBbSjSilX5mIaR1S1SOTK53iFj5z6asZHY9JgDj11rng1uLKeirbrNZDnUme3NNYU-HX8Ret6oOesn3374uIHux1giqgR8VsPdkcMhvunx2oTP9R2fRBTSQ8sKNqDznRC8_qlQaRC94RnWO6VRNXVBT24cXq7HTepNp4f02UvUqQRyaIUmyn2S02mjLFECDm1iMxRhuacCKbI-WSKwJcm-7p39_Uh7m_nTl2VTseeQ-3NS6i-BiGmCHt3iDxR1Fkm31b50kWW3jCe6fcwMDeu3I_8mkQs_7mCFUjSDbvFUr2Y45a5guRlw63_KUW_mNN9td9hk8POWfxWEGhcZ9eRXh_eEdEaYZmviZdHi0I8pV52CqiEO-ZrnMw-w4rSpUQeRn9oKwp3GgB9j51RNlLqK9LTp-jfSGGi5GM-ab9sPgFCJLQ-HvHdGu0tQsF2wTD3qbJwNqapx28yNVfY6e8F2jOWjmP-zzFez8VNXcfoS--Ji_zI-VqsDx-cfz3DccWEjL6vjQOvaQTRwzhI7
\ No newline at end of file diff --git a/release/rtool.py b/release/rtool.py index 4a07885c..9050107e 100755 --- a/release/rtool.py +++ b/release/rtool.py @@ -299,11 +299,15 @@ def upload_snapshot(host, port, user, private_key, private_key_password, wheel, """ Upload snapshot to snapshot server """ + cnopts = pysftp.CnOpts( + knownhosts=join(RELEASE_DIR, 'known_hosts') + ) with pysftp.Connection(host=host, port=port, username=user, private_key=private_key, - private_key_pass=private_key_password) as sftp: + private_key_pass=private_key_password, + cnopts=cnopts) as sftp: dir_name = "snapshots/v{}".format(get_version()) sftp.makedirs(dir_name) with sftp.cd(dir_name): @@ -81,6 +81,7 @@ setup( "sortedcontainers>=1.5.4, <1.6", "tornado>=4.3, <4.6", "urwid>=1.3.1, <1.4", + "wsproto>=0.11.0,<0.12.0", ], extras_require={ ':sys_platform == "win32"': [ diff --git a/test/mitmproxy/test_version.py b/test/mitmproxy/test_version.py index f8d646dc..6e36ffd8 100644 --- a/test/mitmproxy/test_version.py +++ b/test/mitmproxy/test_version.py @@ -27,7 +27,7 @@ def test_get_version(): assert version.get_version(True, True) == "3.0.0" m.return_value = b"tag-2-cafecafe" - assert version.get_version(True, True) == "3.0.0.dev0002-0xcafecaf" + assert version.get_version(True, True) == "3.0.0.dev2-0xcafecaf" m.side_effect = subprocess.CalledProcessError(-1, 'git describe --tags --long') assert version.get_version(True, True) == "3.0.0" @@ -56,7 +56,7 @@ deps = -rrequirements.txt pyinstaller==3.3.1 twine==1.9.1 - pysftp==0.2.8 + pysftp==0.2.9 commands = mitmdump --version diff --git a/web/src/js/filt/filt.js b/web/src/js/filt/filt.js index 26058649..19a41af2 100644 --- a/web/src/js/filt/filt.js +++ b/web/src/js/filt/filt.js @@ -1929,7 +1929,7 @@ module.exports = (function() { function body(regex){ regex = new RegExp(regex, "i"); function bodyFilter(flow){ - return True; + return true; } bodyFilter.desc = "body filters are not implemented yet, see https://github.com/mitmproxy/mitmweb/issues/10"; return bodyFilter; @@ -1937,7 +1937,7 @@ module.exports = (function() { function requestBody(regex){ regex = new RegExp(regex, "i"); function requestBodyFilter(flow){ - return True; + return true; } requestBodyFilter.desc = "body filters are not implemented yet, see https://github.com/mitmproxy/mitmweb/issues/10"; return requestBodyFilter; @@ -1945,7 +1945,7 @@ module.exports = (function() { function responseBody(regex){ regex = new RegExp(regex, "i"); function responseBodyFilter(flow){ - return True; + return true; } responseBodyFilter.desc = "body filters are not implemented yet, see https://github.com/mitmproxy/mitmweb/issues/10"; return responseBodyFilter; @@ -2104,4 +2104,4 @@ module.exports = (function() { SyntaxError: peg$SyntaxError, parse: peg$parse }; -})();
\ No newline at end of file +})(); diff --git a/web/src/js/filt/filt.peg b/web/src/js/filt/filt.peg index 12959474..e4b151ad 100644 --- a/web/src/js/filt/filt.peg +++ b/web/src/js/filt/filt.peg @@ -1,4 +1,4 @@ -// PEG.js filter rules - see http://pegjs.majda.cz/online +// PEG.js filter rules - see https://pegjs.org/ { var flowutils = require("../flow/utils.js"); @@ -72,7 +72,7 @@ function responseCode(code){ function body(regex){ regex = new RegExp(regex, "i"); function bodyFilter(flow){ - return True; + return true; } bodyFilter.desc = "body filters are not implemented yet, see https://github.com/mitmproxy/mitmweb/issues/10"; return bodyFilter; @@ -80,7 +80,7 @@ function body(regex){ function requestBody(regex){ regex = new RegExp(regex, "i"); function requestBodyFilter(flow){ - return True; + return true; } requestBodyFilter.desc = "body filters are not implemented yet, see https://github.com/mitmproxy/mitmweb/issues/10"; return requestBodyFilter; @@ -88,7 +88,7 @@ function requestBody(regex){ function responseBody(regex){ regex = new RegExp(regex, "i"); function responseBodyFilter(flow){ - return True; + return true; } responseBodyFilter.desc = "body filters are not implemented yet, see https://github.com/mitmproxy/mitmweb/issues/10"; return responseBodyFilter; |
