Great to see us on HN, even if we don't have our 5.3 blogpost up yet :)<p>This release continues our attempts to become a bit more friendly to new users. Our docs now include a beginners guide created by our GSoC student this summer, which hopefully lowers the entry barrier a bit. We still want to improve this substantially, but hey here's a first iteration. :)<p>Happy to answer any questions!
Came across this recently as a way to proxy a local HTTP server to HTTPS, which you can do with e.g. mitmproxy --mode reverse:<a href="http://localhost:8081/" rel="nofollow">http://localhost:8081/</a> -p 8082 -q (to make local port 8081 accessible over HTTPS on local port 8082)<p>Looks like a really powerful tool, must make time to learn more about it!
We used this in an initial prototype of a black box testing framework. The idea being that you can record responses from AWS and other external systems and play them back at a mitm layer so you can write end to end tests without modifying application code and without setting up all real third party systems.<p>But we ended up switching to our mitm server since it's pretty easy to serve http and you just set http_proxy in all relevant application environments and you're done!
Congrats on the release to the maintainers. I like the way this link to mitmproxy credits contributors. What are the maintainers using for release notes?<p>I would also recommend people look at Hetty which I just learned about this week. I have no connection to it. <a href="https://github.com/dstotijn/hetty/releases" rel="nofollow">https://github.com/dstotijn/hetty/releases</a>
Off topic:<p>1. This uses python to allow easy custom scripts. If they instead had wanted to offer the same functionality in a typed language, what would have been the easiest way to do that? Golang?<p>2. The docs are very cool - they have demo “videos” that actually have selectable text, I haven’t seen that before (via <a href="https://asciinema.org" rel="nofollow">https://asciinema.org</a>)
The "native app is always best!" crowd needs to spend more time using mitmproxy for apps on their devices to realize the trade-off they're making. At least the web has ublock and a developer toolbar.
mitmproxy is great! I wish there was a way to conveniently look at non-HTTP TLS traffic, though. I saw a few documented "TCP mode" options but they don't seem to get me access to plaintext. Any ideas?
Big Big fan of mitmproxy. This is a wonderful tool, and with scripting functionality it helps achieve so much more.
I have been introducing this tool to so many developers and quality assessment teams, to not just improve day to day things but also perform privacy assessments w.r.t GDPR etc.<p>Thank you so much for your work. What is the best way to donate to your project?