Mitmproxy

* Upstream certs mode is now the default.
* Add a WSGI container that lets you host in-proxy web applications.
* Full transparent proxy support for Linux and OSX.
* Introduce netlib, a common codebase for mitmproxy and pathod
(http://github.com/cortesi/netlib).
* Full support for SNI.
* Color palettes for mitmproxy, tailored for light and dark terminal
backgrounds.
* Stream flows to file as responses arrive with the "W" shortcut in
mitmproxy.
* Extend the filter language, including ~d domain match operator, ~a to
match asset flows (js, images, css).
* Follow mode in mitmproxy ("F" shortcut) to "tail" flows as they arrive.
* --dummy-certs option to specify and preserve the dummy certificate
directory.
* Server replay from the current captured buffer.
* Huge improvements in content views. We now have viewers for AMF, HTML,
JSON, Javascript, images, XML, URL-encoded forms, as well as hexadecimal
and raw views.
* Add Set Headers, analogous to replacement hooks. Defines headers that are set
on flows, based on a matching pattern.
* A graphical editor for path components in mitmproxy.
* A small set of standard user-agent strings, which can be used easily in
the header editor.
* Proxy authentication to limit access to mitmproxy
* pathod: Proxy mode. You can now configure clients to use pathod as an
HTTP/S proxy.
* pathoc: Proxy support, including using CONNECT to tunnel directly to
targets.
* pathoc: client certificate support.
* pathod: API improvements, bugfixes.

15 May 2013: pathod 0.9 (version synced with mitmproxy)

* Pathod proxy mode. You can now configure clients to use pathod as an
HTTP/S proxy.
* Pathoc proxy support, including using CONNECT to tunnel directly to
targets.
* Pathoc client certificate support.
* API improvements, bugfixes.

* Detailed tutorial for Android interception. Some features that land in
this release have finally made reliable Android interception possible.
* Upstream-cert mode, which uses information from the upstream server to
generate interception certificates.
* Replacement patterns that let you easily do global replacements in flows
matching filter patterns. Can be specified on the command-line, or edited
interactively.
* Much more sophisticated and usable pretty printing of request bodies.
Support for auto-indentation of Javascript, inspection of image EXIF
data, and more.
* Details view for flows, showing connection and SSL cert information (X
keyboard shortcut).
* Server certificates are now stored and serialized in saved traffic for
later analysis. This means that the 0.8 serialization format is NOT
compatible with 0.7.
* Many other improvements, including bugfixes, and expanded scripting API,
and more sophisticated certificate handling.

* New built-in key/value editor. This lets you interactively edit URL query
strings, headers and URL-encoded form data.
* Extend script API to allow duplication and replay of flows.
* API for easy manipulation of URL-encoded forms and query strings.
* Add "D" shortcut in mitmproxy to duplicate a flow.
* Reverse proxy mode. In this mode mitmproxy acts as an HTTP server,
forwarding all traffic to a specified upstream server.
* UI improvements - use unicode characters to make GUI more compact,
improve spacing and layout throughout.
* Add support for filtering by HTTP method.
* Add the ability to specify an HTTP body size limit.
* Move to typed netstrings for serialization format - this makes 0.7
backwards-incompatible with serialized data from 0.6!

* Significant improvements in speed and responsiveness of UI.
* Many minor bugfixes and improvements.

* New scripting API that allows much more flexible and fine-grained
rewriting of traffic. See the docs for more info.
* Support for gzip and deflate content encodings. A new "z"
keybinding in mitmproxy to let us quickly encode and decode content, plus
automatic decoding for the "pretty" view mode.
* An event log, viewable with the "v" shortcut in mitmproxy, and the
"-e" command-line flag in mitmdump.
* Huge performance improvements: mitmproxy interface, loading
large numbers of flows from file.
* A new "replace" convenience method for all flow objects, that does a
universal regex-based string replacement.
* Header management has been rewritten to maintain both case and order.
* Improved stability for SSL interception.
* Default expiry time on generated SSL certs has been dropped to avoid an
OpenSSL overflow bug that caused certificates to expire in the distant
past on some systems.
* A "pretty" view mode for JSON and form submission data.
* Expanded documentation and examples.
* Countless other small improvements and bugfixes.

* An -n option to start the tools without binding to a proxy port.
* Allow scripts, hooks, sticky cookies etc. to run on flows loaded from
save files.
* Regularize command-line options for mitmproxy and mitmdump.
* Add an "SSL exception" to mitmproxy's license to remove possible
distribution issues.
* Add a --cert-wait-time option to make mitmproxy pause after a new SSL
certificate is generated. This can pave over small discrepancies in
system time between the client and server.
* Handle viewing big request and response bodies more elegantly. Only
render the first 100k of large documents, and try to avoid running the
XML indenter on non-XML data.
* BUGFIX: Make the "revert" keyboard shortcut in mitmproxy work after a
flow has been replayed.
* BUGFIX: Repair a problem that sometimes caused SSL connections to consume
100% of CPU.

* Full serialization of HTTP conversations
* Client and server replay
* On-the-fly generation of dummy SSL certificates
* mitmdump has "grown up" into a powerful tcpdump-like tool for HTTP/S
* Dozens of improvements to the mitmproxy console interface
* Python scripting hooks for programmatic modification of traffic