Mitmproxy

Major Changes

* Initial Support for TLS 1.3

Full Changelog

* Reduce leaf certificate validity to one year due to upcoming browser changes (mhils)
* Rename mitmweb's `web_iface` option to `web_host` for consistency (oxr463)
* Sending a SIGTERM now exits mitmproxy without prompt, SIGINT still asks (ThinkChaos)
* Don't force host header on outgoing requests (mhils)
* Additional documentation and examples for WebSockets (Kriechi)
* Gracefully handle hyphens in domain names (matosconsulting)
* Fix header replacement count (naivekun)
* Emit serverconnect event only after a connection has been established (Prinzhorn)
* Fix ValueError in table mode of server replay flow (ylmrx)
* HTTP/2: send all stream reset types to other connection (rohfle)
* HTTP/2: fix WINDOW_UPDATE swallowed on closed streams (Kriechi)
* Fix wrong behavior of --allow-hosts options (BlownSnail)
* Additional and updated documentation for examples, WebSockets, Getting Started (Kriechi)

* Fixed precompiled Linux binaries to not crash in table mode
* Display webp images in mitmweb (cixtor)

Major Changes

* Added new Table UI (Jessonsotoventura)
* Added EKU extension to certificates. This fixes support for macOS Catalina (vin01)

Security Fixes

* Fixed command injection vulnerabilities when exporting flows as curl/httpie commands (cript0nauta)
* Do not echo unsanitized user input in HTTP error responses (fimad)

Full Changelog

* Moved to GitHub CI for Continuous Integration, dropping support for old Linux and macOS releases. (3728)
* Vastly improved command parsing, in particular for setting flow filters (typoon)
* Added a new flow export for raw responses (mckeimic)
* URLs are now edited in an external editor (Jessonsotoventura)
* mitmproxy now has a command history (typoon)
* Added terminal like keyboard shortcuts for the command bar (ctrl+w, ctrl+a, ctrl+f, ...) (typoon)
* Fixed issue with improper handling of non-ascii characters in URLs (rjt-gupta)
* Filtering can now use unicode characters (rjt-gupta)
* Fixed issue with user keybindings not being able to override default keybindings
* Improved installation instructions
* Added support for IPV6-only environments (sethb157)
* Fixed bug with server replay (rjt-gupta)
* Fixed issue with duplicate error responses (ccssrryy)
* Users can now set a specific external editor using $MITMPROXY_EDITOR (rjt-gupta)
* Config file can now be called `config.yml` or `config.yaml` (ylmrx)
* Fixed crash on `view.focus.[next|prev]` (ylmrx)
* Updated documentation to help using mitmproxy certificate on Android (jannst)
* Added support to parse IPv6 entries from `pfctl` on MacOS. (tomlabaude)
* Fixed instructions on how to build the documentation (jannst)
* Added a new `--allow-hosts` option (pierlon)
* Added support for zstd content-encoding (tsaaristo)
* Fixed issue where the replay server would corrupt the Date header (tonyb486)
* Improve speed for WebSocket interception (MathieuBordere)
* Fixed issue with parsing JPEG files. (lusceu)
* Improve example code style (BoboTiG)
* Fixed issue converting void responses to HAR (worldmind)
* Color coded http status codes in mitmweb (arun-94)
* Added organization to generated certificates (Abcdefghijklmnopqrstuvwxyzxyz)
* Errors are now displayed on sys.stderr (JessicaFavin)
* Fixed issue with replay timestamps (rjt-gupta)
* Fixed copying in mitmweb on macOS (XZzYassin)

* Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, atx)
* Reduce certificate lifetime to two years to be conformant with
the current CA/Browser Forum Baseline Requirements. (muffl0n)
(https://cabforum.org/2017/03/17/ballot-193-825-day-certificate-lifetimes/)
* Update cryptography to version 2.3.

* Add support for IPv6 transparent mode on Windows (3174)
* Add Docker images for ARMv7 - Raspberry Pi (3190)
* Major overhaul of our release workflow - you probably won't notice it, but for us it's a big thing!
* Fix the Python version detection on Python 3.5, we now show a more intuitive error message (3188)
* Fix application shutdown on Windows (3172)
* Fix IPv6 scope suffixes in block addon (3164)
* Fix options update when added (3157)
* Fix "Edit Flow" button in mitmweb (3136)

* Skipped!