History

Thomas Kriechbaumer 2c1802692d options: add request_client_cert to enable mutual TLS (#7175 ) * options: add request_client_cert to enable mutual TLS This capability was already built-in but hard-coded to be disabled. Making it configurable as option (defaulting to off) enables mTLS connections between clients and mitmproxy. If true, mitmproxy will send a TLS `CertificateRequest` message to the client during the TLS handshake, upon which a client needs to present a client certificate to mitmproxy to successfully establish an mTLS connection. This option can be used together with the `client_certs` option to also establish an mTLS connection between mitmproxy and the upstream server. In this case, mitmproxy needs to have a full client cert, including matching private key, that is trusted and accepted by the upstream server. This is a common scenario with MQTT or IoT connections. Example usage: $ mitmproxy --set request_client_cert=True --set client_certs=some_directory/ With `some_directory/` containing a `mqtt.example.com.pem` x509 certificate file (including private key). This allows a client connecting using mTLS, to be intercepted by mitmproxy, which is itself establishing an mTLS connection to the `mqtt.example.com` upstream server. Restricting the client_certs using a directory and PEM files named after the upstream domain, narrows down the mTLS requirement to this single domain, while leaving all other traffic through mitmproxy untouched (normal TLS without client certs). * add CHANGELOG entry * docs++ * swap section order, re-add example --------- Co-authored-by: Maximilian Hils <git@maximilianhils.com> Co-authored-by: Maximilian Hils <github@maximilianhils.com>		2024-09-18 19:48:41 +02:00
..
gen	Feature/socks and transparent modes (#7100 )	2024-08-15 11:18:23 +02:00
src	options: add request_client_cert to enable mutual TLS (#7175 )	2024-09-18 19:48:41 +02:00
.editorconfig	[web] editor config for line endings	2016-06-17 06:26:46 +08:00
.prettierignore	Add prettier to mitmweb (#5985 )	2023-03-12 17:50:15 +01:00
README.md	Update package-lock.json, bump esbuild (#6915 )	2024-06-12 11:44:25 +00:00
eslint.config.mjs	Adopt ESLint (#7008 )	2024-07-09 11:06:05 +02:00
gulpfile.js	Update Web Dependencies (#7011 )	2024-07-13 01:20:15 +02:00
jest.config.js	Add prettier to mitmweb (#5985 )	2023-03-12 17:50:15 +01:00
package-lock.json	Update Web Dependencies (#7011 )	2024-07-13 01:20:15 +02:00
package.json	Update Web Dependencies (#7011 )	2024-07-13 01:20:15 +02:00
tsconfig.json	web: Upgrade Redux (#6926 )	2024-06-14 00:27:33 +02:00

README.md

Quick Start

Install mitmproxy as described in ../CONTRIBUTING.md
Run node --version to make sure that you have at least Node.js 18 or above. If you are on Ubuntu <= 22.04, you need to upgrade.
Run cd mitmproxy/web to change to the directory with package.json
Run npm install to install dependencies
Run npm start to start live-compilation
Run mitmweb after activating your Python virtualenv (see ../CONTRIBUTING.md).

Testing

Run npm test to run the test suite.

Code formatting

Run npm run prettier to format your code. You can also integrate prettier into your editor, see https://prettier.io/docs/en/editors.html

Architecture

There are two components:

Server: mitmproxy/tools/web
Client: web

Contributing

We very much appreciate any (small) improvements to mitmweb. Please do not include the compiled assets in mitmproxy/tools/web/static in your pull request. Refreshing them on every commit would massively increase repository size. We will update these files before every release.

Developer Tools

npm start supports live-reloading if you install a matching browser extension.
You can debug application state using the React DevTools and Redux DevTools browser extensions.