科技回声

8 条评论

envoked8 个月前

It’s great to see that Mitmproxy is still being developed - it indirectly made my career.Back in 2011, I was using it to learn API development by intercepting mobile app requests when I discovered that Airbnb’s API was susceptible to Rails mass assignment (<a href="https://github.com/rails/rails/issues/5228">https://github.com/rails/rails/issues/5228</a>). I then used it to modify some benign attributes, reached out to the company, and it landed me an interview. Rest is history.

评论 #41748644 未加载

评论 #41749727 未加载

评论 #41749496 未加载

febusravenga8 个月前

Only slightly related ...> Chrome does not trust user-added Certificate Authorities for QUIC.Interesting. In linked issue chrome team says:> We explicitly disallow non-publicly-trusted certificates in QUIC to prevent the deployment of QUIC interception software/hardware, as that would harm the evolvability of the QUIC protocol long-term. Use-cases that rely on non-publicly-trusted certificates can use TLS+TCP instead of QUIC.I don't follow evolution of those protocols, but i am not sure how disallowing custom certificates has anything with "evolvability" of protocol ...Anyone knows are those _reasons_?

评论 #41748906 未加载

评论 #41752344 未加载

评论 #41748689 未加载

评论 #41749159 未加载

评论 #41749161 未加载

评论 #41749347 未加载

评论 #41751601 未加载

评论 #41748762 未加载

Onavo8 个月前

Do http/2 and http/3 offer any benefits if they are only supported by the reverse proxy but not the underlying web server? Most mainstream frameworks for JS/Python/Ruby don't support the newer http standards. Won't the web server be a bottleneck for the reverse proxied connection?

评论 #41747265 未加载

评论 #41746829 未加载

评论 #41746398 未加载

评论 #41747811 未加载

评论 #41747658 未加载

评论 #41746423 未加载

评论 #41747572 未加载

评论 #41749373 未加载

评论 #41746525 未加载

rnhmjoj8 个月前

Unfortunately there is still the issue[1] of fingerprinting. Until it can spoof the TLS handshake of a typical browser, you get these "Just a quick check..." or "Sorry, it looks like you're a bot" pages on about 80% of the web.[1]: <a href="https://github.com/mitmproxy/mitmproxy/issues/4575">https://github.com/mitmproxy/mitmproxy/issues/4575</a>

评论 #41776166 未加载

bluejekyll8 个月前

Thanks for the shoutout to Hickory. It’s always fun to see what people build with it. Nice work!

评论 #41747534 未加载

nilslindemann8 个月前

I wonder, can I use it like Privoxy/Proxomitron/Yarip? E.g. can I strip out script tags from specific sites, which I request with my browser (Ungoogled Chromium), using Mitmproxy as a Proxy? And how will this affect performance?

评论 #41750652 未加载

systems8 个月前

is mitmproxy an alternative to fiddler?

评论 #41753454 未加载

388 个月前

uh:<a href="https://github.com/mitmproxy/mitmproxy/issues/4170">https://github.com/mitmproxy/mitmproxy/issues/4170</a>

评论 #41746250 未加载

评论 #41747171 未加载

8 条评论

envoked8 个月前

评论 #41748644 未加载

评论 #41749727 未加载

评论 #41749496 未加载

febusravenga8 个月前

评论 #41748906 未加载

评论 #41752344 未加载

评论 #41748689 未加载

评论 #41749159 未加载

评论 #41749161 未加载

评论 #41749347 未加载

评论 #41751601 未加载

评论 #41748762 未加载

Onavo8 个月前

评论 #41747265 未加载

评论 #41746829 未加载

评论 #41746398 未加载

评论 #41747811 未加载

评论 #41747658 未加载

评论 #41746423 未加载

评论 #41747572 未加载

评论 #41749373 未加载

评论 #41746525 未加载

rnhmjoj8 个月前

评论 #41776166 未加载

bluejekyll8 个月前

Thanks for the shoutout to Hickory. It’s always fun to see what people build with it. Nice work!

评论 #41747534 未加载

nilslindemann8 个月前

评论 #41750652 未加载

systems8 个月前

is mitmproxy an alternative to fiddler?

评论 #41753454 未加载

388 个月前

uh:<a href="https://github.com/mitmproxy/mitmproxy/issues/4170">https://github.com/mitmproxy/mitmproxy/issues/4170</a>

评论 #41746250 未加载

评论 #41747171 未加载

Mitmproxy 11: Full HTTP/3 Support

8 条评论

Mitmproxy 11: Full HTTP/3 Support

8 条评论