From f47d89ff4e710f6d2df755fe526e91a5cf236cfa Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 27 Jan 2014 14:16:23 +1300 Subject: Revert "Move the doc tree out into its own repo." This reverts commit 8f88fcedd601c0033b4469b66626a83011879baf. --- doc-src/scripting/index.py | 6 ++ doc-src/scripting/inlinescripts.html | 149 +++++++++++++++++++++++++++++++++++ doc-src/scripting/libmproxy.html | 12 +++ 3 files changed, 167 insertions(+) create mode 100644 doc-src/scripting/index.py create mode 100644 doc-src/scripting/inlinescripts.html create mode 100644 doc-src/scripting/libmproxy.html (limited to 'doc-src/scripting') diff --git a/doc-src/scripting/index.py b/doc-src/scripting/index.py new file mode 100644 index 00000000..b8312083 --- /dev/null +++ b/doc-src/scripting/index.py @@ -0,0 +1,6 @@ +from countershape import Page + +pages = [ + Page("inlinescripts.html", "Inline Scripts"), + Page("libmproxy.html", "libmproxy"), +] diff --git a/doc-src/scripting/inlinescripts.html b/doc-src/scripting/inlinescripts.html new file mode 100644 index 00000000..7ab1c101 --- /dev/null +++ b/doc-src/scripting/inlinescripts.html @@ -0,0 +1,149 @@ +__mitmproxy__ has a powerful scripting API that allows you to modify flows +on-the-fly or rewrite previously saved flows locally. + +The mitmproxy scripting API is event driven - a script is simply a Python +module that exposes a set of event methods. Here's a complete mitmproxy script +that adds a new header to every HTTP response before it is returned to the +client: + +$!example("examples/add_header.py")!$ + +The first argument to each event method is an instance of ScriptContext that +lets the script interact with the global mitmproxy state. The __response__ +event also gets an instance of Flow, which we can use to manipulate the +response itself. + +We can now run this script using mitmdump or mitmproxy as follows: + +
+> mitmdump -s add_header.py
+
+ +The new header will be added to all responses passing through the proxy. + + + +## Events + +### start(ScriptContext, argv) + +Called once on startup, before any other events. + + +### clientconnect(ScriptContext, ClientConnect) + +Called when a client initiates a connection to the proxy. Note that +a connection can correspond to multiple HTTP requests. + + +### serverconnect(ScriptContext, ServerConnection) + +Called when the proxy initiates a connection to the target server. Note that +a connection can correspond to multiple HTTP requests. + +### request(ScriptContext, Flow) + +Called when a client request has been received. The __Flow__ object is +guaranteed to have a non-None __request__ attribute. + + +### response(ScriptContext, Flow) + +Called when a server response has been received. The __Flow__ object is +guaranteed to have non-None __request__ and __response__ attributes. + + +### error(ScriptContext, Flow) + +Called when a flow error has occurred, e.g. invalid server responses, or +interrupted connections. This is distinct from a valid server HTTP error +response, which is simply a response with an HTTP error code. The __Flow__ +object is guaranteed to have non-None __request__ and __error__ attributes. + + +### clientdisconnect(ScriptContext, ClientDisconnect) + +Called when a client disconnects from the proxy. + +### done(ScriptContext) + +Called once on script shutdown, after any other events. + + +## API + +The main classes you will deal with in writing mitmproxy scripts are: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
libmproxy.flow.ClientConnectionDescribes a client connection.
libmproxy.flow.ClientDisconnectionDescribes a client disconnection.
libmproxy.flow.ErrorA communications error.
libmproxy.flow.FlowA collection of objects representing a single HTTP transaction.
libmproxy.flow.HeadersHTTP headers for a request or response.
libmproxy.flow.ODictA dictionary-like object for managing sets of key/value data. There + is also a variant called CaselessODict that ignores key case for some + calls (used mainly for headers).
libmproxy.flow.ResponseAn HTTP response.
libmproxy.flow.RequestAn HTTP request.
libmproxy.flow.ScriptContext A handle for interacting with mitmproxy's from within scripts.
libmproxy.certutils.SSLCertExposes information SSL certificates.
+ +The canonical API documentation is the code. You can view the API documentation +using pydoc (which is installed with Python by default), like this: + +
+> pydoc libmproxy.flow.Request
+
+ + +## Running scripts in parallel + +We have a single flow primitive, so when a script is handling something, other requests block. +While that's a very desirable behaviour under some circumstances, scripts can be run threaded by using the libmproxy.script.concurrent decorator. + +$!example("examples/nonblocking.py")!$ + +## Running scripts on saved flows + +Sometimes, we want to run a script on __Flow__ objects that are already +complete. This happens when you start a script, and then load a saved set of +flows from a file (see the "scripted data transformation" example on the +[mitmdump](@!urlTo("mitmdump.html")!@) page). It also happens when you run a +one-shot script on a single flow through the _|_ (pipe) shortcut in mitmproxy. + +In this case, there are no client connections, and the events are run in the +following order: __start__, __request__, __response__, __error__, __done__. If +the flow doesn't have a __response__ or __error__ associated with it, the +matching event will be skipped. diff --git a/doc-src/scripting/libmproxy.html b/doc-src/scripting/libmproxy.html new file mode 100644 index 00000000..e2d2ff6a --- /dev/null +++ b/doc-src/scripting/libmproxy.html @@ -0,0 +1,12 @@ + +All of mitmproxy's basic functionality is exposed through the __libmproxy__ +library. The example below shows a simple implementation of the "sticky cookie" +functionality included in the interactive mitmproxy program. Traffic is +monitored for __cookie__ and __set-cookie__ headers, and requests are rewritten +to include a previously seen cookie if they don't already have one. In effect, +this lets you log in to a site using your browser, and then make subsequent +requests using a tool like __curl__, which will then seem to be part of the +authenticated session. + +$!example("examples/stickycookies")!$ + -- cgit v1.2.3