parent
443409e32b
commit
7cb6937f03
192
CHANGELOG
192
CHANGELOG
|
@ -1,3 +1,179 @@
|
||||||
|
22 February 2018: mitmproxy 3.0
|
||||||
|
|
||||||
|
** Major Changes **
|
||||||
|
|
||||||
|
* Commands: A consistent, typed mechanism that allows addons to expose actions
|
||||||
|
to users.
|
||||||
|
|
||||||
|
* Options: A typed settings store for use by mitmproxy and addons.
|
||||||
|
|
||||||
|
* Shift most of mitmproxy's own functionality into addons.
|
||||||
|
|
||||||
|
* Major improvements to mitmproxy console, including an almost complete
|
||||||
|
rewrite of the user interface, integration of commands, key bindings, and
|
||||||
|
multi-pane layouts.
|
||||||
|
|
||||||
|
* Major Improvements to mitmproxy’s web interface, mitmweb. (Matthew Shao,
|
||||||
|
GSOC)
|
||||||
|
|
||||||
|
* Major Improvements to mitmproxy’s content views and protocol layers (Ujjwal
|
||||||
|
Verma, GSOC)
|
||||||
|
|
||||||
|
* Faster JavaScript and CSS beautifiers. (Ujjwal Verma)
|
||||||
|
|
||||||
|
|
||||||
|
** Minor Changes **
|
||||||
|
|
||||||
|
* Vastly improved JavaScript test coverage (Matthew Shao)
|
||||||
|
|
||||||
|
* Options editor for mitmweb (Matthew Shao)
|
||||||
|
|
||||||
|
* Static web-based flow viewer (Matthew Shao)
|
||||||
|
|
||||||
|
* Request streaming for HTTP/1.x and HTTP/2 (Ujjwal Verma)
|
||||||
|
|
||||||
|
* Implement more robust content views using Kaitai Struct (Ujjwal Verma)
|
||||||
|
|
||||||
|
* Protobuf decoding now works without protoc being installed on the host
|
||||||
|
system (Ujjwal Verma)
|
||||||
|
|
||||||
|
* PNG, GIF, and JPEG can now be parsed without Pillow, which simplifies
|
||||||
|
mitmproxy installation and moves parsing from unsafe C to pure Python (Ujjwal Verma)
|
||||||
|
|
||||||
|
* Add parser for ICO files (Ujjwal Verma)
|
||||||
|
|
||||||
|
* Migrate WebSockets implementation to wsproto. This reduces code size and
|
||||||
|
adds WebSocket compression support. (Ujjwal Verma)
|
||||||
|
|
||||||
|
* Add “split view” to split mitmproxy’s UI into two separate panes.
|
||||||
|
|
||||||
|
* Add key binding viewer and editor
|
||||||
|
|
||||||
|
* Add a command to spawn a preconfigured Chrome browser instance from
|
||||||
|
mitmproxy
|
||||||
|
|
||||||
|
* Fully support mitmproxy under the Windows Subsystem for Linux (WSL), work
|
||||||
|
around display errors
|
||||||
|
|
||||||
|
* Add XSS scanner addon (@ddworken)
|
||||||
|
|
||||||
|
* Add ability to toggle interception (@mattweidner)
|
||||||
|
|
||||||
|
* Numerous documentation improvements (@pauloromeira, @rst0git, @rgerganov,
|
||||||
|
@fulldecent, @zhigang1992, @F1ashhimself, @vinaydargar, @jonathanrfisher1,
|
||||||
|
@BasThomas, @LuD1161, @ayamamori, @TomTasche)
|
||||||
|
|
||||||
|
* Add filters for websocket flows (@s4chin)
|
||||||
|
|
||||||
|
* Make it possible to create a response to CONNECT requests in http_connect
|
||||||
|
(@mengbiping)
|
||||||
|
|
||||||
|
* Redirect stdout in scripts to ctx.log.warn (@nikofil)
|
||||||
|
|
||||||
|
* Fix a crash when clearing the event log (@krsoninikhil)
|
||||||
|
|
||||||
|
* Store the generated certificate for each flow (@dlenski)
|
||||||
|
|
||||||
|
* Add --keep-host-header to retain the host header in reverse proxy mode
|
||||||
|
(@krsoninikhil)
|
||||||
|
|
||||||
|
* Fix setting palette options (@JordanLoehr)
|
||||||
|
|
||||||
|
* Fix a crash with brotli encoding (@whackashoe)
|
||||||
|
|
||||||
|
* Provide certificate installation instructions on mitm.it (@ritiek)
|
||||||
|
|
||||||
|
* Fix a bug where we did not properly fall back to IPv4 when IPv6 is unavailable (@titeuf87)
|
||||||
|
|
||||||
|
* Fix transparent mode on IPv6-enabled macOS systems (@Ga-ryo)
|
||||||
|
|
||||||
|
* Fix handling of HTTP messages with multiple Content-Length headers (@surajt97)
|
||||||
|
|
||||||
|
* Fix IPv6 authority form parsing in CONNECT requests (@r1b)
|
||||||
|
|
||||||
|
* Fix event log display in mitmweb (@syahn)
|
||||||
|
|
||||||
|
* Remove private key from PKCS12 file in ~/.mitmproxy (@ograff).
|
||||||
|
|
||||||
|
* Add LDAP as a proxy authentication backend (@charlesdhdt)
|
||||||
|
|
||||||
|
* Use mypy to check the whole codebase (@iharsh234)
|
||||||
|
|
||||||
|
* Fix a crash when duplicating flows (@iharsh234)
|
||||||
|
|
||||||
|
* Fix testsuite when the path contains a “.” (@felixonmars)
|
||||||
|
|
||||||
|
* Store proxy authentication with flows (@lymanZerga11)
|
||||||
|
|
||||||
|
* Match ~d and ~u filters against pretty_host (@dequis)
|
||||||
|
|
||||||
|
* Update WBXML content view (@davidpshaw)
|
||||||
|
|
||||||
|
* Handle HEAD requests for mitm.it to support Chrome in transparent mode on
|
||||||
|
iOS (@tomlabaude)
|
||||||
|
|
||||||
|
* Update dns spoofing example to use --keep-host-header (@krsoninikhil)
|
||||||
|
|
||||||
|
* Call error handler on HTTPException (@tarnacious)
|
||||||
|
|
||||||
|
* Make it possible to remove TLS from upstream HTTP connections
|
||||||
|
|
||||||
|
* Update to pyOpenSSL 17.5, cryptography 2.1.4, and OpenSSL 1.1.0g
|
||||||
|
|
||||||
|
* Make it possible to retroactively increase log verbosity.
|
||||||
|
|
||||||
|
* Make logging from addons thread-safe
|
||||||
|
|
||||||
|
* Tolerate imports in user scripts that match hook names (`from mitmproxy
|
||||||
|
import log`)
|
||||||
|
|
||||||
|
* Update mitmweb to React 16, which brings performance improvements
|
||||||
|
|
||||||
|
* Fix a bug where reverting duplicated flows crashes mitmproxy
|
||||||
|
|
||||||
|
* Fix a bug where successive requests are sent to the wrong host after a
|
||||||
|
request has been redirected.
|
||||||
|
|
||||||
|
* Fix a bug that binds outgoing connections to the wrong interface
|
||||||
|
|
||||||
|
* Fix a bug where custom certificates are ignored in reverse proxy mode
|
||||||
|
|
||||||
|
* Fix import of flows that have been created with mitmproxy 0.17
|
||||||
|
|
||||||
|
* Fix formatting of (IPv6) IP addresses in a number of places
|
||||||
|
|
||||||
|
* Fix replay for HTTP/2 flows
|
||||||
|
|
||||||
|
* Decouple mitmproxy version and flow file format version
|
||||||
|
|
||||||
|
* Fix a bug where “mitmdump -nr” does not exit automatically
|
||||||
|
|
||||||
|
* Fix a crash when exporting flows to curl
|
||||||
|
|
||||||
|
* Fix formatting of sticky cookies
|
||||||
|
|
||||||
|
* Improve script reloading reliability by polling the filesystem instead of using watchdog
|
||||||
|
|
||||||
|
* Fix a crash when refreshing Set-Cookie headers
|
||||||
|
|
||||||
|
* Add connection indicator to mitmweb to alert users when the proxy server stops running
|
||||||
|
|
||||||
|
* Add support for certificates with cyrillic domains
|
||||||
|
|
||||||
|
* Simplify output of mitmproxy --version
|
||||||
|
|
||||||
|
* Add Request.make to simplify request creation in scripts
|
||||||
|
|
||||||
|
* Pathoc: Include a host header on CONNECT requests
|
||||||
|
|
||||||
|
* Remove HTML outline contentview (#2572)
|
||||||
|
|
||||||
|
* Remove Python and Locust export (#2465)
|
||||||
|
|
||||||
|
* Remove emojis from tox.ini because flake8 cannot parse that. :(
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
28 April 2017: mitmproxy 2.0.2
|
28 April 2017: mitmproxy 2.0.2
|
||||||
|
|
||||||
* Fix mitmweb's Content-Security-Policy to work with Chrome 58+
|
* Fix mitmweb's Content-Security-Policy to work with Chrome 58+
|
||||||
|
@ -18,7 +194,7 @@
|
||||||
|
|
||||||
* HTTP/2 is now enabled by default.
|
* HTTP/2 is now enabled by default.
|
||||||
|
|
||||||
* Image ContentView: Parse images with Kaitai Struct (kaitai.io) instead of Pillow.
|
* Image ContentView: Parse images with Kaitai Struct (kaitai.io) instead of Pillow.
|
||||||
This simplifies installation, reduces binary size, and allows parsing in pure Python.
|
This simplifies installation, reduces binary size, and allows parsing in pure Python.
|
||||||
|
|
||||||
* Web: Add missing flow filters.
|
* Web: Add missing flow filters.
|
||||||
|
@ -27,7 +203,7 @@
|
||||||
|
|
||||||
* Check the mitmproxy CA for expiration and warn the user to regenerate it if necessary.
|
* Check the mitmproxy CA for expiration and warn the user to regenerate it if necessary.
|
||||||
|
|
||||||
* Testing: Tremendous improvements, enforced 100% coverage for large parts of the
|
* Testing: Tremendous improvements, enforced 100% coverage for large parts of the
|
||||||
codebase, increased overall coverage.
|
codebase, increased overall coverage.
|
||||||
|
|
||||||
* Enforce individual coverage: one source file -> one test file with 100% coverage.
|
* Enforce individual coverage: one source file -> one test file with 100% coverage.
|
||||||
|
@ -42,13 +218,13 @@
|
||||||
* All mitmproxy tools are now Python 3 only! We plan to support Python 3.5 and higher.
|
* All mitmproxy tools are now Python 3 only! We plan to support Python 3.5 and higher.
|
||||||
|
|
||||||
* Web-Based User Interface: Mitmproxy now offically has a web-based user interface
|
* Web-Based User Interface: Mitmproxy now offically has a web-based user interface
|
||||||
called mitmweb. We consider it stable for all features currently exposed
|
called mitmweb. We consider it stable for all features currently exposed
|
||||||
in the UI, but it still misses a lot of mitmproxy’s options.
|
in the UI, but it still misses a lot of mitmproxy’s options.
|
||||||
|
|
||||||
* Windows Compatibility: With mitmweb, mitmproxy is now useable on Windows.
|
* Windows Compatibility: With mitmweb, mitmproxy is now useable on Windows.
|
||||||
We are also introducing an installer (kindly sponsored by BitRock) that
|
We are also introducing an installer (kindly sponsored by BitRock) that
|
||||||
simplifies setup.
|
simplifies setup.
|
||||||
|
|
||||||
* Configuration: The config file format is now a single YAML file. In most cases,
|
* Configuration: The config file format is now a single YAML file. In most cases,
|
||||||
converting to the new format should be trivial - please see the docs for
|
converting to the new format should be trivial - please see the docs for
|
||||||
more information.
|
more information.
|
||||||
|
@ -61,7 +237,7 @@
|
||||||
due to wide-spread protocol implementation errors on some large website
|
due to wide-spread protocol implementation errors on some large website
|
||||||
|
|
||||||
* WebSocket: The protocol implementation is now mature, and is enabled by
|
* WebSocket: The protocol implementation is now mature, and is enabled by
|
||||||
default. Complete UI support is coming in the next release. Hooks for
|
default. Complete UI support is coming in the next release. Hooks for
|
||||||
message interception and manipulation are available.
|
message interception and manipulation are available.
|
||||||
|
|
||||||
* A myriad of other small improvements throughout the project.
|
* A myriad of other small improvements throughout the project.
|
||||||
|
|
Loading…
Reference in New Issue