Commit Graph

266 Commits

Author SHA1 Message Date
David Dworken 04a06eb6b5 Added scanning for CSS injection and iframe injection 2017-10-17 23:39:33 -04:00
Suraj Tripathi 781369a326 fix #2477 (#2556) 2017-09-01 23:08:34 +02:00
Ujjwal Verma 6367dcab8e update streaming docs 2017-07-04 10:53:23 +02:00
Maximilian Hils eb5f37a7d1 fix mypy annotations 2017-05-26 16:14:20 +02:00
harsh vijay e24b4cc1b6 Extend Mypy checking to pathod
* mypy checking pathod

* initial commit , fixed errors

* tox: mypy checking to pathod

* Fixed mypy test failed

* issue was with args in custom_contentview.py

* tox: mypy checking to #2221

* follow-import=skip since we cant provide args to custom_contentview.py during mypy testing

* Lint , Typo Fixed

* code style: module import
2017-05-02 05:19:25 +05:30
harsh vijay 789fbd00d2 Fixed lint error 2017-04-29 03:54:00 +05:30
harsh vijay 6e03231d25 lint error fixed 2017-04-29 03:49:08 +05:30
harsh vijay 36118973d9 extend mypy example/simple 2017-04-29 03:26:14 +05:30
Aldo Cortesi 2a46f3851a Merge pull request #2265 from cortesi/addons
Addons and addon testing
2017-04-27 07:40:14 +12:00
Maximilian Hils ab07b79138 Merge pull request #2270 from F1ashhimself/master
Update readme for complex examples
2017-04-26 17:15:34 +02:00
Maksim Beloborodko 90a5b90b0d Update readme for complex examples 2017-04-26 17:14:41 +03:00
Maximilian Hils 87610cc8b2 fix #2250, add type info to cookie module 2017-04-26 14:17:14 +02:00
Aldo Cortesi 5327756377 Addons and addon testing
- Fix some loading sequence bugs affecting command-line script invocation
- Allow addons to over-ride existing options (with a warning). We need this for
reloading.
- Convert har_dump to new-style arguments, fix and re-instate its test suite.
- Covnert miscelaneous other exmples to new-style args.
2017-04-26 19:56:33 +12:00
Aldo Cortesi b72f139093 configure(options, updated) -> configure(updated)
Options are now available globally on ctx, so the first argument of configure
is redundant.
2017-04-26 11:01:27 +12:00
Aldo Cortesi e6eeab6094 Revamp how addons work
- Addons now nest, which means that addons can manage addons. This has a number
of salutary effects - the scripts addon no longer has to poke into the global
addons list, we no longer have to replace/remove/boot-outof parent addons when
we load scripts, and this paves the way for making our top-level tools into
addons themselves.
- All addon calls are now wrapped in a safe execution environment where
exceptions are caught, and output to stdout/stderr are intercepted and turned
into logs.
- We no longer support script arguments in sys.argv - creating an option
properly is the only way to pass arguments. This means that all scripts are
always directly controllable from interctive tooling, and that arguments are
type-checked.

For now, I've disabled testing of the har dump example - it needs to be moved
to the new argument handling, and become a class addon. I'll address that in a
separate patch.
2017-04-25 22:13:44 +12:00
Maximilian Hils 482c1579f2 proxapp -> proxapp.local
Chrome doesn't like it if there's no TLD.
2017-03-26 15:02:47 +02:00
Aldo Cortesi 65f0885bd6 addon loader: add boot_into, which replaces returning from start()
While we're here, expand test coverage for addonmanager to 100%, and promote to
individual coverage.
2017-03-25 10:48:12 +13:00
Aldo Cortesi 541c1e8b9f addons: start -> load throughout 2017-03-25 10:48:12 +13:00
Aldo Cortesi 1410cbb4b6 Remove test handlers by using taddons.RecordingMaster
This also means expanding and tweaking the recording master API, which we
reflect through the current test suite
2017-03-16 18:05:57 +13:00
Aldo Cortesi b745428b5c Enable custom options in config files
We also now ignore unknown options in config files by default, and print a
warning if verbosity is incremented.
2017-03-14 09:40:33 +13:00
Aldo Cortesi c24f7d8e12 Optmanager: handle unknown options in value sets 2017-03-14 08:32:19 +13:00
Aldo Cortesi 0c6663d0d5 Enable custom options for addons
- Add an options parameter to the start() event. This is to be used by addons
on startup to add custom options.
- Add a running() event that is called once the proxy is up and running.
- With the new paradigm we can't log during master __init__, so add a tiny
termstatus addon to print proxy status to terminal once we're running.
2017-03-14 08:32:19 +13:00
Maximilian Hils 927b5707fe fix tcp.Address leftovers
this fixes the issue described in https://github.com/mitmproxy/mitmproxy/issues/2119#issuecomment-285067292
2017-03-08 16:18:34 +01:00
Nikhil Soni 0081d9b828 Merge branch 'master' into on-issues 2017-03-03 12:58:44 +05:30
Nikhil Soni 317d183ba4 Changes dns_spoofing example to use --keep-host-header 2017-03-03 12:34:36 +05:30
David Dworken 99b584ad7d added XSS scanner example (#1907) 2017-02-27 18:22:39 +01:00
Ujjwal Verma e723a58af5 Remove pytz in hardump 2017-02-25 23:07:47 +05:30
Thomas Kriechbaumer 36352c9539 protobuf: coverage++ 2017-02-19 14:29:09 +01:00
Maximilian Hils b9e31f213f .headers["host"] -> .host_header 2017-02-18 00:13:14 +01:00
Maximilian Hils 5acdd78b15 fix typo 2017-02-14 17:45:54 +01:00
Ujjwal Verma c622622c59 Encoding fixes and tests 2017-02-05 18:59:01 +05:30
Ammonite aaff9dfd32 Reset the host header to the correct destination 2017-01-30 23:41:47 +01:00
Ammonite c2c6050df3 Store original host in flow metadata 2017-01-29 14:33:53 +01:00
Ammonite 0ca1916f1b Fix host extraction 2017-01-22 15:28:14 +01:00
Ammonite e8fc4af4c6 Follow PEP-8 and add comment 2017-01-22 14:59:46 +01:00
Ammonite 93172460aa Add blank lines for lint 2017-01-21 09:39:34 +01:00
Ammonite 8aa250d679 Change class name 2017-01-20 23:48:26 +01:00
Ammonite a55eba3b37 Get the the original header in requestheaders instead of request 2017-01-20 23:43:53 +01:00
Feei 95cca4ce75 update stream.py 2017-01-16 18:30:05 +08:00
Feei eaaec4353d update log_events.py 2017-01-16 18:11:18 +08:00
Maximilian Hils 98a079aa69 rename logging.py example. this conflicted with Python's stdlib 2016-12-19 16:21:17 +01:00
Maximilian Hils c4e9000021 fix #1858 2016-12-19 01:15:10 +01:00
Maximilian Hils 3e37cbd061 minor fixes 2016-12-10 12:06:33 +01:00
Maximilian Hils 293b79af91 remove lxml-dependent code 2016-12-10 10:19:05 +01:00
Maximilian Hils 45332006a3 mitmweb: 100% app test coverage, numerous fixes 2016-11-23 22:35:07 +01:00
Maximilian Hils 40f0193dda remove mitmweb auth
9b08279c7c removed the actual functionality.
we should not have a command line switch that does nothing. :)
2016-11-22 18:27:16 +01:00
Maximilian Hils c90405253a remove stickycookie example
The recommended way to do this is mitmproxy/addons/stickycookie.py
2016-11-21 02:46:25 +01:00
Maximilian Hils 9af8f4bb31 organize examples
This commit is largely based on work by Thiago Arrais (@thiagoarrais)
and Shane Bradfield (@l33tLumberjack). I wasn't really able to get their
PR reasonably merged onto the latest master, so I reapplied their changes
manually here and did some further improvements on that.
2016-11-21 02:28:10 +01:00
Mike Fotinakis d16a3753d7 Remove dead run_scripthooks example reference. 2016-11-17 16:33:51 -08:00
Maximilian Hils 2a2387fb32 explain host=pretty_host assignment 2016-11-09 13:11:31 +01:00