New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mitmproxy received an absolute-form request error #2079

Closed
axot opened this Issue Mar 1, 2017 · 6 comments

Comments

Projects
None yet
3 participants
@axot

axot commented Mar 1, 2017

Steps to reproduce the problem:

tcpdump result:

CONNECT sample.domain.com:80 HTTP/1.1
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
Host: sample.domain.com:80

HTTP/1.1 200 Connection established

POST http://sample.domain.com/ajax/info/info HTTP/1.1
User-Agent: Unity/5.4.3p4 (Mac OS X 10.12.3; MacBookPro12,1)
Host: sample.domain.com
Accept-Encoding: gzip, identity
Proxy-Connection: Keep-Alive
Connection: Keep-Alive, TE
TE: identity
Content-Length: 0
Cookie: apv=1.0; abc=; abd=; abe=

HTTP/1.1 400 Bad Request
Server: mitmproxy 2.0.0
Connection: close
Content-Length: 436
Content-Type: text/html

<html>
            <head>
                <title>400 Bad Request</title>
            </head>
            <body>
            <h1>400 Bad Request</h1>
            <p>HttpException(&#x27;Mitmproxy received an absolute-form request even though it is not running in regular mode. This usually indicates a misconfiguration, please see http://docs.mitmproxy.org/en/stable/modes.html for details.&#x27;,)</p>
            </body>
        </html>HTTP/1.1 502 Bad Gateway
Server: mitmproxy 2.0.0
Connection: close
Content-Length: 479
Content-Type: text/html

<html>
            <head>
                <title>502 Bad Gateway</title>
            </head>
            <body>
            <h1>502 Bad Gateway</h1>
            <p>ProtocolException(&#x27;HTTP protocol error in client request: Mitmproxy received an absolute-form request even though it is not running in regular mode. This usually indicates a misconfiguration, please see http://docs.mitmproxy.org/en/stable/modes.html for details.&#x27;,)</p>
            </body>
        </html>
Any other comments? What have you tried so far?

I fixed this temporarily with

return protocol.Http1Layer(top_layer, http.HTTPMode.transparent)

- return protocol.Http1Layer(top_layer, http.HTTPMode.transparent)
+ return protocol.Http1Layer(top_layer, http.HTTPMode.regular)
System information

Mitmproxy version: 2.0.0 (release version)
Python version: 3.6.0
Platform: Darwin-16.4.0-x86_64-i386-64bit
SSL version: OpenSSL 1.1.0e 16 Feb 2017
Mac version: 10.12.3 ('', '', '') x86_64

@mhils

This comment has been minimized.

Member

mhils commented Mar 1, 2017

Thanks for the extensive report. This seems to be a duplicate of #848?

@mhils mhils added the kind/triage label Mar 1, 2017

@axot

This comment has been minimized.

axot commented Mar 1, 2017

Did this mean, I should change the behaviour to like this way?

CONNECT sample.domain.com:80 HTTP/1.1
POST /ajax/info/info HTTP/1.1
@Kriechi

This comment has been minimized.

Member

Kriechi commented Mar 1, 2017

Yes, this is what most clients do. They send a CONNECT with the host they need a connection to, and then they only send relative paths.

@axot

This comment has been minimized.

axot commented Mar 3, 2017

Should we add an option to disable validate_request_form ?

@mhils

This comment has been minimized.

Member

mhils commented Mar 3, 2017

So there are two things I'd love to see:

  1. First, always accept requests in absolute-form going to the same host. For example, after CONNECT example.com, we should accept GET http://example.com/foo, but not GET http://example.org/foo. This would for example fix this issue.
  2. Second, as you suggested, add a --relax-http-form-validation switch.
@mhils

This comment has been minimized.

Member

mhils commented Mar 3, 2017

I copied that to #848, let's continue there :)

@mhils mhils closed this Mar 3, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment