03bf350924
improve next layer log message ( #7337 )
2024-11-23 02:42:06 +00:00
fd346055b7
Increase HTTP/2 default flow control window. ( #7317 )
...
* increase default flow control window
* fix tests
* fix test
* update changelog
* [autofix.ci] apply automated fixes
* simpler way to override default settings
* acknowledge settings
* document hyper-h2 workaround
* quote RFC
* [autofix.ci] apply automated fixes
* increase MAX_FRAME_SIZE
* update comment
* max out initial window size
* [autofix.ci] apply automated fixes
* increment connection control window
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2024-11-18 09:26:07 +00:00
bdeeb52911
Proper error handling for corrupted compressed body ( #7320 )
...
* Proper error handling for corrupted compressed body
* [autofix.ci] apply automated fixes
* Proper error handling for corrupted compressed body
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-11-14 17:03:26 +01:00
c10ff719f7
Fix interaction of modifyheaders addon with stream_large_bodies option ( #7286 )
...
* Fix interaction of modifyheaders addon with stream_large_bodies option
`modifyheaders` addon uses `request` and `response` hooks which, when
`stream_large_bodies` is enabled, are called after headers have already
been sent and can no longer be modified.
This commit changes `modifyheaders` addon to use
`requestheaders` and `responseheaders` hooks.
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-10-31 22:08:17 +00:00
69f455b962
Add `tun` proxy mode on Linux ( #7278 )
...
* simplify stream handling callback
* add `tun` proxy mode from mitmproxy_rs
* tun mode: tests++
* [autofix.ci] apply automated fixes
* bump mitmproxy_rs
* fix bugs
* ci: use macOS 13 for builds as 12 is being phased out
* test debugging
* bump mitmproxy_rs
* bump python version in ci, 3.13 is stable now
* nits
* is unshare to blame?
* how about this?
* coverage++
* [autofix.ci] apply automated fixes
* debüg
* debüüg
* debüüüg
* bump mitmproxy_rs
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-10-29 02:34:39 +05:30
ae882ffb00
Add support for starting a preconfigured Firefox instance via `browser.start` command. ( #7239 )
...
* add firefox linux support
* [autofix.ci] apply automated fixes
* fix nits
* add MacOS search path
* remove unnecessary import
support for version 3.9 and below was dropped
* fix tests
* coverage
* add windows search path
* changelog
* [autofix.ci] apply automated fixes
* handle case for invalid browser name
* remove socks and ftp
* remove popup
* reduce telemetry
* remove default bookmarks
* [autofix.ci] apply automated fixes
* reduce telemetry
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-10-19 12:45:51 +02:00
93649e8baf
Set `@SECLEVEL=0` if old TLS versions are requested ( #7241 )
...
* set `@SECLEVEL=0` if old TLS versions are requested
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-10-14 19:45:48 +02:00
af88265f5c
Improve HTTP detection heuristic ( #7228 )
...
* Improve HTTP checking heuristic
* fix changelog
* Fix checking
* [autofix.ci] apply automated fixes
* simplify condition
---------
Co-authored-by: Fata Nugraha <fata.nugraha@grabtaxi.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2024-10-04 15:22:26 +00:00
a44191a9b1
Add `--show-ignored-hosts` ( #6720 )
...
* Add `--show-ignored-hosts`
Maybe a bit counterintuitive, but mitmproxy is very nice even without
the MITM part. When doing `--ignore-hosts '.*'` it is not possible to
see SNI's, so add new flag to show the raw TCP/UDP streams.
Fixes #6421
* Add tests for `--show-ignored-hosts`
* Changelog for `--show-ignored-hosts`
* [autofix.ci] apply automated fixes
* fixups
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2024-10-01 15:28:28 +00:00
72a0448566
Propogate end_stream from downstream http/2 requests ( #7196 )
...
* Propogate end_stream from downstream http/2 requests
* [autofix.ci] apply automated fixes
* add test, simply patch
*) add test to check if end_stream is propogated on request / response
*) simplify the patch
* [autofix.ci] apply automated fixes
* fix linting in is_websocket
* adjust websocket test
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-09-30 18:49:25 +00:00
e1ea491ad7
expose available web columns to Python ( #7205 )
...
* add script to generate all possible web columns
* remove test for now
* Make web_columns.py executable
* [autofix.ci] apply automated fixes
* add back tests
* [autofix.ci] apply automated fixes
* update changelog
* update changelog and add coauthor
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Abhishek-Bohora <abhishek.bohora16@gmail.com>
2024-09-22 19:21:41 +02:00
badb2e52dd
ruff: make mitmproxy_rs first party ( #7203 )
2024-09-22 07:27:00 +02:00
f8b742753b
Enable HTTP/3 in transparent mode by default ( #7202 )
...
* fixup raw quic handling
* enable HTTP/3 in transparent mode by default
* fix nits
2024-09-21 14:29:31 +00:00
358fca3e72
tls_version: QUIC -> QUICv1 ( #7201 )
...
* tls_version: QUIC -> QUICv1
this aligns us with what OpenSSL is returning
* tests: add quic dumpfile
2024-09-21 16:22:09 +02:00
8964deda8a
strip HTTPS records ALPN if http3 is disabled ( #7185 )
...
* strip HTTPS records ALPN if http3 is disabled
* Update strip_dns_https_records.py
* Update strip_dns_https_records.py
* [autofix.ci] apply automated fixes
* Update strip_dns_https_records.py
* [autofix.ci] apply automated fixes
* Update strip_dns_https_records.py
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-09-19 17:42:35 +00:00
b53d2bd19a
Split `mitmproxy.proxy.layers.quic` into subpackages ( #7187 )
...
* individual coverage: skip logic-free __init__ files
* split quic layer into subpackages
this commit should not introduce any functional changes
2024-09-18 22:52:51 +05:30
e7d1ad69b9
Individual coverage: skip logic-free __init__ files ( #7186 )
...
individual coverage: skip logic-free __init__ files
2024-09-18 22:37:12 +05:30
68c4e9ff35
proxy server: skip modes without listen_port when calculating conflicts ( #7177 )
...
* proxy server: skip modes without listen_port when calculating conflicts
* lint!
* docs++
2024-09-16 17:01:49 +05:30
eec3214dfc
Fix of duration in import from HAR ( #7179 )
...
* Fix of measurement unit in HAR import, duration is in milliseconds
* Update CHANGELOG.md
* Fixes of "timestamp_end" in test samples
* [autofix.ci] apply automated fixes
---------
Co-authored-by: Denis Stanishevskiy <>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-09-16 13:12:39 +02:00
9a8f761cf7
Upgrade to mitmproxy_rs 0.8 ( #7162 )
...
* upgrade to mitmproxy_rs 0.8
* [autofix.ci] apply automated fixes
* Update pyproject.toml
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-09-04 23:36:55 +02:00
46c10c030e
add 2 new endpoints for processes extraction and process image ( #7136 )
...
* add 2 new endpoints for processes extraction and process image
* [autofix.ci] apply automated fixes
* add review changes
* add tests
* [autofix.ci] apply automated fixes
* nit
* update tests
* [autofix.ci] apply automated fixes
* add fallback image and update tests
* [autofix.ci] apply automated fixes
* fix lint error
* fix tests
* [autofix.ci] apply automated fixes
* try to use base64
* still trying to fix test on win
* [autofix.ci] apply automated fixes
* nit
* [autofix.ci] apply automated fixes
* TRANSPARENT_PNG: use raw bytes to avoid base64 step
* tests: use feature-based detection
* hardening: prevent mime type sniffing
* fixup feature detection
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-09-01 20:22:51 +00:00
f2500dd0ae
Warn if TLS version is unsupported by OpenSSL ( #7139 )
...
* warn if TLS version is unsupported by OpenSSL
fix #7138
* [autofix.ci] apply automated fixes
* coverage++
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-08-31 12:32:12 +05:30
343ad7aa72
DNS resolver: add getaddrinfo fallback, fix test duration ( #7122 )
...
* dns addon: add getaddrinfo fallback, fix test duration
* fix docstring
* fix tests
* [autofix.ci] apply automated fixes
* tests++
* [autofix.ci] apply automated fixes
* debug windows
* add Windows workaround
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-08-29 00:06:58 +05:30
332f222994
optimize tnetstring parsing ( #7121 )
...
* Use memoryview to represent tnetstring
* Allow :data: in pop to be bytes | memory view to accomodate test
* Update CHANGELOG.md
* [autofix.ci] apply automated fixes
* Use str() instead of decode() to avoid one copy
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
* Keep diff minimal
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
* Make pop only accept argument of type memory view
* cache `ord()`
---------
Co-authored-by: Michele Russo <michele.russo@huawei.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2024-08-20 19:55:47 +00:00
499e8e8742
Merge https and http3 reverse-proxy modes ( #7114 )
...
* Merge https and http3 reverse-proxy modes
* Fix existing tests
* [autofix.ci] apply automated fixes
* mypy
* Preserve http3 reverse-proxy mode
* [autofix.ci] apply automated fixes
* Add tests
* [autofix.ci] apply automated fixes
* Add CHANGELOG entry
* Remove None from transport_protocol type annotations
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-08-20 14:44:38 +00:00
ecf5132e71
QUIC: Support `STOP_SENDING` frames ( #7119 )
...
* handle QUIC `STOP_SENDING` frames
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-08-20 16:35:10 +02:00
a81a1d3555
`StopQuicStream` -> `StopSendingQuicStream`
2024-08-19 22:42:43 +02:00
b488c40f81
`start_h3_client` -> `start_h3_proxy`
...
the previous naming managed to confuse me once, so it shall not do that again
2024-08-19 22:42:43 +02:00
5b10a8aebe
testing: integrate MultiPlaybook into Playbook
2024-08-19 22:42:43 +02:00
9c6a9d06a1
http3: remove push support
2024-08-19 22:42:43 +02:00
6bb536e0ff
add addon to update the ports in alt-svc header in reverse mode ( #7093 )
...
* Add addon to update the ports in alt-svc header to the port that we're listening on
* [autofix.ci] apply automated fixes
* Add suggested changes
* Add tests
* [autofix.ci] apply automated fixes
* mypy
* style
* [autofix.ci] apply automated fixes
* Add CHANGELOG entry
* [autofix.ci] apply automated fixes
* nits
* [autofix.ci] apply automated fixes
* nit: improve option wording
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-08-17 16:20:31 +00:00
0f0c5ee250
Fix urwid deprecation warnings ( #7098 )
...
* migrate to new urwid apis
* AttrWrap -> AttrMap
2024-08-14 17:02:14 +02:00
b4bf2f2282
parametrize dual stack test to ease debugging ( #7099 )
2024-08-13 22:35:18 +05:30
46155cdee6
Handle fragmented QUIC client hello ( #7067 )
...
* Handle fragmented quic client hello
* [autofix.ci] apply automated fixes
* Add tests for fragmented client hellos
* Clear recv_buffer properly
* [autofix.ci] apply automated fixes
* Fixup
* Differentiate fragmented and invalid client hellos
* [autofix.ci] apply automated fixes
* Fix tests
* Add tests
* Fixup
* [autofix.ci] apply automated fixes
* Parametrize tests
* [autofix.ci] apply automated fixes
* Add suggested changes
* [autofix.ci] apply automated fixes
* lint
* style changes
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* add suggested changes
* Update CHANGELOG.md
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-08-13 13:58:37 +02:00
8a81214ff4
Add test to ensure that servers listen on IPv4 and IPv6 for default host ( #7084 )
...
* Update tunnelLayer docstrings
* Add tests for dual stack
* [autofix.ci] apply automated fixes
* Fixup
* Revert "Update tunnelLayer docstrings"
This reverts commit 56c6162646
2024-08-08 20:28:44 +05:30
3544cf9b8e
support full alpha tcp connection ( #7087 )
...
* support full alpha tcp connection
* [autofix.ci] apply automated fixes
* Update mitmproxy/addons/next_layer.py
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
* Update CHANGELOG.md
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
* Update test/mitmproxy/addons/test_next_layer.py
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
* Update test_next_layer.py
* Update next_layer.py
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-08-06 16:47:25 +00:00
aa73608ef6
Improve UX when users specify invalid certs ( #7073 )
...
* improve UX when users specify invalid certs
if we don't do this ourselves, OpenSSL will greet users with the ever-fascinating 'no shared ciphers' error during the first handshake.
* fixup test
* fix: include intermediate certs for QUIC
* [autofix.ci] apply automated fixes
* warn if `certs` has a certificate that's a CA
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-08-04 03:43:46 +05:30
b069347a26
Make `DnsResolver.resolver` and `DnsResolver.name_servers` as cached functions instead of cached properties ( #7066 )
...
* Use functool's cache instead of cache_property
* Update CHANGELOG.md
* [autofix.ci] apply automated fixes
* Fixup
* Fixup
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-08-01 21:54:16 +02:00
f86b32fc7a
Update ruff requirement from <=0.5.0,>=0.5.0 to >=0.5.0,<=0.5.5 ( #7058 )
...
Updates the requirements on [ruff](https://github.com/astral-sh/ruff ) to permit the latest version.
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.0...0.5.5 )
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-29 12:26:42 +00:00
091399f811
Add experimental option for HTTP/3 in transparent mode ( #7037 )
...
* add experimental option for HTTP/3 in transparent mode
* fix test
* fix next layer selection for raw quic
* tests++
* remove leftover constant
2024-07-25 17:29:04 +05:30
3beb3b21ff
Nextlayer: detect SSH as non-HTTP ( #7041 )
...
* nextlayer: detect SSH as non-HTTP
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-07-25 16:42:14 +05:30
4f1bc6fc9a
Do not block local mode connections ( #7036 )
...
do not block local mode connections
2024-07-25 12:15:23 +02:00
74424df839
Guard server_event against reentrancy, fix #7027 ( #7031 )
...
* guard server_event against reentrancy, fix #7027
* [autofix.ci] apply automated fixes
* attribution for excellent repros
* simplify test for compatibility with older Python versions
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-07-23 14:42:09 +05:30
317f5b9dce
Support all query types in DNS mode ( #6975 )
...
* Use mitmproxy_rust's getaddrinfo to resolve domain names
* Use mitmproxy.DnsResolver for A/AAAA queries and forward other queries to dns server
* [autofix.ci] apply automated fixes
* Add suggested changes
* [autofix.ci] apply automated fixes
* nits
* lazy-load resolver
* fix lookup of non A/AAAA records
* bump required mitmproxy_rs version
* [autofix.ci] apply automated fixes
* Add tests
* Update CHANGELOG
* [autofix.ci] apply automated fixes
* Fix tests
* [autofix.ci] apply automated fixes
* Fixup
* Fixup
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-07-16 17:31:11 +02:00
9512e99819
Fix for loading HAR that contains BOM ( #6897 )
...
* Didn't work with the file from Fiddler, because of the BOM at the beginning of the file
* Update CHANGELOG.md
* [autofix.ci] apply automated fixes
* Added sample HAR with BOM as it comes from Fiddler
* Both HAR and JSON for it
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Denis Stanishevskiy <>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-07-16 15:44:49 +02:00
71d7b3d6e7
Include Host header with CONNECT requests. Fixes #7019 . ( #7021 )
...
* Include Host header with CONNECT requests. Fixes #7019 .
* [autofix.ci] apply automated fixes
* Update CHANGELOG
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-07-16 15:43:11 +02:00
bbf5df326a
Fix decompressing fake pointers in DNS messages ( #7022 )
...
* Don't decompress fake pointers
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-07-13 16:18:03 +02:00
f77327634c
Sync consts backend-frontend ( #7016 )
...
* remove version from state and create new script to extract version
* fix lint
* [autofix.ci] apply automated fixes
* fix web/gen script to error on file permissions
* [autofix.ci] apply automated fixes
* add version to footer
* adjust tests
* [autofix.ci] apply automated fixes
* update changelog
* move version back into state
* [autofix.ci] apply automated fixes
* nits
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-07-11 09:54:22 +00:00
04433e2c22
loosen cryptography warning ( #7003 )
2024-07-05 23:24:06 +00:00
5353df5f1e
Incorporate existing SNI into allow/ignore decision, fix #5064 ( #7002 )
...
* incorporate existing SNI into allow/ignore decision, fix #5064
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-07-05 22:19:55 +00:00
Maximilian Hils