Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mitmproxy received an absolute-form request error #2079

Closed
axot opened this issue Mar 1, 2017 · 7 comments
Closed

Mitmproxy received an absolute-form request error #2079

axot opened this issue Mar 1, 2017 · 7 comments
Labels
kind/triage Unclassified issues

Comments

@axot
Copy link

axot commented Mar 1, 2017

Steps to reproduce the problem:

tcpdump result:

CONNECT sample.domain.com:80 HTTP/1.1
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
Host: sample.domain.com:80

HTTP/1.1 200 Connection established

POST http://sample.domain.com/ajax/info/info HTTP/1.1
User-Agent: Unity/5.4.3p4 (Mac OS X 10.12.3; MacBookPro12,1)
Host: sample.domain.com
Accept-Encoding: gzip, identity
Proxy-Connection: Keep-Alive
Connection: Keep-Alive, TE
TE: identity
Content-Length: 0
Cookie: apv=1.0; abc=; abd=; abe=

HTTP/1.1 400 Bad Request
Server: mitmproxy 2.0.0
Connection: close
Content-Length: 436
Content-Type: text/html

<html>
            <head>
                <title>400 Bad Request</title>
            </head>
            <body>
            <h1>400 Bad Request</h1>
            <p>HttpException(&#x27;Mitmproxy received an absolute-form request even though it is not running in regular mode. This usually indicates a misconfiguration, please see http://docs.mitmproxy.org/en/stable/modes.html for details.&#x27;,)</p>
            </body>
        </html>HTTP/1.1 502 Bad Gateway
Server: mitmproxy 2.0.0
Connection: close
Content-Length: 479
Content-Type: text/html

<html>
            <head>
                <title>502 Bad Gateway</title>
            </head>
            <body>
            <h1>502 Bad Gateway</h1>
            <p>ProtocolException(&#x27;HTTP protocol error in client request: Mitmproxy received an absolute-form request even though it is not running in regular mode. This usually indicates a misconfiguration, please see http://docs.mitmproxy.org/en/stable/modes.html for details.&#x27;,)</p>
            </body>
        </html>
Any other comments? What have you tried so far?

I fixed this temporarily with

return protocol.Http1Layer(top_layer, http.HTTPMode.transparent)

- return protocol.Http1Layer(top_layer, http.HTTPMode.transparent)
+ return protocol.Http1Layer(top_layer, http.HTTPMode.regular)
System information

Mitmproxy version: 2.0.0 (release version)
Python version: 3.6.0
Platform: Darwin-16.4.0-x86_64-i386-64bit
SSL version: OpenSSL 1.1.0e 16 Feb 2017
Mac version: 10.12.3 ('', '', '') x86_64

@mhils
Copy link
Member

mhils commented Mar 1, 2017

Thanks for the extensive report. This seems to be a duplicate of #848?

@mhils mhils added the kind/triage Unclassified issues label Mar 1, 2017
@axot
Copy link
Author

axot commented Mar 1, 2017

Did this mean, I should change the behaviour to like this way?

CONNECT sample.domain.com:80 HTTP/1.1
POST /ajax/info/info HTTP/1.1

@Kriechi
Copy link
Member

Kriechi commented Mar 1, 2017

Yes, this is what most clients do. They send a CONNECT with the host they need a connection to, and then they only send relative paths.

@axot
Copy link
Author

axot commented Mar 3, 2017

Should we add an option to disable validate_request_form ?

@mhils
Copy link
Member

mhils commented Mar 3, 2017

So there are two things I'd love to see:

  1. First, always accept requests in absolute-form going to the same host. For example, after CONNECT example.com, we should accept GET http://example.com/foo, but not GET http://example.org/foo. This would for example fix this issue.
  2. Second, as you suggested, add a --relax-http-form-validation switch.

@mhils
Copy link
Member

mhils commented Mar 3, 2017

I copied that to #848, let's continue there :)

@mhils mhils closed this as completed Mar 3, 2017
@sk3lk0
Copy link

sk3lk0 commented Dec 18, 2019

--relax-http-form-validation not working

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/triage Unclassified issues
Projects
None yet
Development

No branches or pull requests

4 participants