diff options
Diffstat (limited to 'libmproxy')
| -rw-r--r-- | libmproxy/cmdline.py | 14 | ||||
| -rw-r--r-- | libmproxy/console/flowview.py | 3 | ||||
| -rw-r--r-- | libmproxy/console/grideditor.py | 7 | ||||
| -rw-r--r-- | libmproxy/dump.py | 8 | ||||
| -rw-r--r-- | libmproxy/onboarding/templates/index.html | 11 | ||||
| -rw-r--r-- | libmproxy/protocol/http.py | 40 |
6 files changed, 54 insertions, 29 deletions
diff --git a/libmproxy/cmdline.py b/libmproxy/cmdline.py index b892f1fd..bf5add33 100644 --- a/libmproxy/cmdline.py +++ b/libmproxy/cmdline.py @@ -179,7 +179,7 @@ def get_common_options(options): stickyauth=stickyauth, stream_large_bodies=stream_large_bodies, showhost=options.showhost, - wfile=options.wfile, + outfile=options.outfile, verbosity=options.verbose, nopop=options.nopop, replay_ignore_content = options.replay_ignore_content, @@ -249,11 +249,17 @@ def common_options(parser): action="store_const", dest="verbose", default=1, const=2, help="Increase event log verbosity." ) - parser.add_argument( + outfile = parser.add_mutually_exclusive_group() + outfile.add_argument( "-w", "--wfile", - action="store", dest="wfile", default=None, + action="store", dest="outfile", type=lambda f: (f, "wb"), help="Write flows to file." ) + outfile.add_argument( + "-a", "--afile", + action="store", dest="outfile", type=lambda f: (f, "ab"), + help="Append flows to file." + ) parser.add_argument( "-z", "--anticomp", action="store_true", dest="anticomp", default=False, @@ -371,7 +377,7 @@ def common_options(parser): group = parser.add_argument_group("Onboarding App") group.add_argument( - "-a", "--noapp", + "--noapp", action="store_false", dest="app", default=True, help="Disable the mitmproxy onboarding app." ) diff --git a/libmproxy/console/flowview.py b/libmproxy/console/flowview.py index 3dceff70..1ec57a4e 100644 --- a/libmproxy/console/flowview.py +++ b/libmproxy/console/flowview.py @@ -574,9 +574,8 @@ class FlowView(common.WWrap): else: if not self.flow.response: self.flow.response = HTTPResponse( - self.flow.request, self.flow.request.httpversion, - 200, "OK", flow.ODictCaseless(), "", None + 200, "OK", flow.ODictCaseless(), "" ) self.flow.response.reply = controller.DummyReply() conn = self.flow.response diff --git a/libmproxy/console/grideditor.py b/libmproxy/console/grideditor.py index 72c1e4a0..438d0ad7 100644 --- a/libmproxy/console/grideditor.py +++ b/libmproxy/console/grideditor.py @@ -123,7 +123,6 @@ class GridWalker(urwid.ListWalker): except ValueError: self.editor.master.statusbar.message("Invalid Python-style string encoding.", 1000) return - errors = self.lst[self.focus][1] emsg = self.editor.is_error(self.focus_col, val) if emsg: @@ -322,9 +321,11 @@ class GridEditor(common.WWrap): elif key == "d": self.walker.delete_focus() elif key == "r": - self.master.path_prompt("Read file: ", "", self.read_file) + if self.walker.get_current_value() is not None: + self.master.path_prompt("Read file: ", "", self.read_file) elif key == "R": - self.master.path_prompt("Read unescaped file: ", "", self.read_file, True) + if self.walker.get_current_value() is not None: + self.master.path_prompt("Read unescaped file: ", "", self.read_file, True) elif key == "e": o = self.walker.get_current_value() if o is not None: diff --git a/libmproxy/dump.py b/libmproxy/dump.py index 0d9432c9..8f260745 100644 --- a/libmproxy/dump.py +++ b/libmproxy/dump.py @@ -36,7 +36,7 @@ class Options(object): "stickyauth", "stream_large_bodies", "verbosity", - "wfile", + "outfile", "replay_ignore_content", "replay_ignore_params", ] @@ -92,10 +92,10 @@ class DumpMaster(flow.FlowMaster): if options.stickyauth: self.set_stickyauth(options.stickyauth) - if options.wfile: - path = os.path.expanduser(options.wfile) + if options.outfile: + path = os.path.expanduser(options.outfile[0]) try: - f = file(path, "wb") + f = file(path, options.outfile[1]) self.start_stream(f, self.filt) except IOError, v: raise DumpError(v.strerror) diff --git a/libmproxy/onboarding/templates/index.html b/libmproxy/onboarding/templates/index.html index 50cfd5db..65fda5d2 100644 --- a/libmproxy/onboarding/templates/index.html +++ b/libmproxy/onboarding/templates/index.html @@ -1,5 +1,5 @@ {% extends "frame.html" %} -{% block body %} +{% block body %} <center> <h2> Click to install the mitmproxy certificate: </h2> @@ -23,4 +23,13 @@ </div> </div> +<hr/> +<div class="text-center"> + Other mitmproxy users cannot intercept your connection. +</div> +<div class="text-center text-muted"> + This page is served by your local mitmproxy instance. The certificate you are about to install has been uniquely generated on mitmproxy's first run and is not shared + between mitmproxy installations. +</div> + {% endblock %} diff --git a/libmproxy/protocol/http.py b/libmproxy/protocol/http.py index b32a55ed..d3945579 100644 --- a/libmproxy/protocol/http.py +++ b/libmproxy/protocol/http.py @@ -422,17 +422,19 @@ class HTTPRequest(HTTPMessage): raise http.HttpError(400, "Invalid request form") return request_line + # This list is adopted legacy code. + # We probably don't need to strip off keep-alive. + _headers_to_strip_off = ['Proxy-Connection', + 'Keep-Alive', + 'Connection', + 'Transfer-Encoding', + 'Upgrade'] + def _assemble_headers(self): headers = self.headers.copy() - for k in ['Proxy-Connection', - 'Keep-Alive', - 'Connection', - 'Transfer-Encoding']: + for k in self._headers_to_strip_off: del headers[k] - if headers["Upgrade"] == ["h2c"]: - # Suppress HTTP2 https://http2.github.io/http2-spec/index.html#discover-http - del headers["Upgrade"] - if not 'host' in headers and self.scheme and self.host and self.port: + if 'host' not in headers and self.scheme and self.host and self.port: headers["Host"] = [utils.hostport(self.scheme, self.host, self.port)] @@ -753,11 +755,13 @@ class HTTPResponse(HTTPMessage): return 'HTTP/%s.%s %s %s' % \ (self.httpversion[0], self.httpversion[1], self.code, self.msg) + _headers_to_strip_off = ['Proxy-Connection', + 'Alternate-Protocol', + 'Alt-Svc'] + def _assemble_headers(self, preserve_transfer_encoding=False): headers = self.headers.copy() - for k in ['Proxy-Connection', - 'Alternate-Protocol', - 'Alt-Svc']: + for k in self._headers_to_strip_off: del headers[k] if not preserve_transfer_encoding: del headers['Transfer-Encoding'] @@ -1042,7 +1046,7 @@ class HTTPHandler(ProtocolHandler): # call the appropriate script hook - this is an opportunity for an # inline script to set flow.stream = True flow = self.c.channel.ask("responseheaders", flow) - if flow == KILL: + if flow is None or flow == KILL: raise KillSignal() else: # now get the rest of the request body, if body still needs to be @@ -1085,11 +1089,11 @@ class HTTPHandler(ProtocolHandler): # sent through to the Master. flow.request = req request_reply = self.c.channel.ask("request", flow) - self.process_server_address(flow) # The inline script may have changed request.host - if request_reply is None or request_reply == KILL: raise KillSignal() + self.process_server_address(flow) # The inline script may have changed request.host + if isinstance(request_reply, HTTPResponse): flow.response = request_reply else: @@ -1201,7 +1205,7 @@ class HTTPHandler(ProtocolHandler): <head> <title>%d %s</title> </head> - <body %s</body> + <body>%s</body> </html> """ % (code, response, message) self.c.client_conn.wfile.write("HTTP/1.1 %s %s\r\n" % (code, response)) @@ -1400,6 +1404,12 @@ class HTTPHandler(ProtocolHandler): # In practice, nobody issues a CONNECT request to send unencrypted HTTP requests afterwards. # If we don't delegate to TCP mode, we should always negotiate a SSL connection. + # + # FIXME: + # Turns out the previous statement isn't entirely true. Chrome on Windows CONNECTs to :80 + # if an explicit proxy is configured and a websocket connection should be established. + # We don't support websocket at the moment, so it fails anyway, but we should come up with + # a better solution to this if we start to support WebSockets. should_establish_ssl = ( address.port in self.c.config.ssl_ports or |