@cortesi cortesi released this Dec 25, 2016 · 219 commits to master since this release

  • All mitmproxy tools are now Python 3 only! We plan to support Python 3.5 and higher.
  • Web-Based User Interface: Mitmproxy now offically has a web-based user interface
    called mitmweb. We consider it stable for all features currently exposed
    in the UI, but it still misses a lot of mitmproxy’s options.
  • Windows Compatibility: With mitmweb, mitmproxy is now useable on Windows.
    We are also introducing an installer (kindly sponsored by BitRock) that
    simplifies setup.
  • Configuration: The config file format is now a single YAML file. In most cases,
    converting to the new format should be trivial - please see the docs for
    more information.
  • Console: Significant UI improvements - including sorting of flows by
    size, type and url, status bar improvements, much faster indentation for
    HTTP views, and more.
  • HTTP/2: Significant improvements, but is temporarily disabled by default
    due to wide-spread protocol implementation errors on some large website
  • WebSocket: The protocol implementation is now mature, and is enabled by
    default. Complete UI support is coming in the next release. Hooks for
    message interception and manipulation are available.
  • A myriad of other small improvements throughout the project.



@mhils mhils released this Oct 26, 2016 · 678 commits to master since this release

This is a bugfix-only release. All users are advised to update. 😃

  • Fix crash on shutdown (#1620)
  • Fix client replay (#1666)
  • Constrain h2 version (#1671)

0.18 will be the last release that supports both Python 2 and 3.5+. The next release will support Python 3.5+ only.


v0.18.1 (really v0.18)

@cortesi cortesi released this Oct 16, 2016 · 678 commits to master since this release

  • Python 3 Compatibility for mitmproxy and pathod (Shadab Zafar, GSoC 2016)
  • Major improvements to mitmweb (Clemens Brunner & Jason Hao, GSoC 2016)
  • Internal Core Refactor: Separation of most features into isolated Addons
  • Initial Support for WebSockets
  • Improved HTTP/2 Support
  • Reverse Proxy Mode now automatically adjusts host headers and TLS Server Name Indication
  • Improved HAR export
  • Improved export functionality for curl, python code, raw http etc.
  • Flow URLs are now truncated in the console for better visibility
  • New filters for TCP, HTTP and marked flows.
  • Mitmproxy now handles comma-separated Cookie headers
  • Merge mitmproxy and pathod documentation
  • Mitmdump now sanitizes its console output to not include control characters
  • Improved message body handling for HTTP messages:
    • .raw_content provides the message body as seen on the wire
    • .content provides the decompressed body (e.g. un-gzipped)
    • .text provides the body decompressed and decoded body
  • New HTTP Message getters/setters for cookies and form contents.
  • Add ability to view only marked flows in mitmproxy
  • Improved Script Reloader (Always use polling, watch for whole directory)
  • Use tox for testing
  • Unicode support for tnetstrings
  • Add dumpfile converters for mitmproxy versions 0.11 and 0.12
  • Numerous bugfixes


mitmproxy 0.17.1

@mhils mhils released this Apr 22, 2016 · 2075 commits to master since this release

This is a quick bugfix release for the precompiled binary distributions only, which previously failed when a filter was specified.


mitmproxy 0.17

@mhils mhils released this Apr 10, 2016 · 2075 commits to master since this release

  • Simplify repository and release structure. mitmproxy now comes as a single package, including netlib and pathod.
  • Rename the Python package from libmproxy to mitmproxy.
  • New option to add server certs to client chain (CVE-2016-2402, John Kozyrakis)
  • Enable HTTP/2 by default (Thomas Kriechbaumer)
  • Improved HAR extractor (Shadab Zafar)
  • Add icon for OSX and Windows binaries
  • Add content view for query parameters (Will Coster)
  • Initial work on Python 3 compatibility
  • locust.io export (Zohar Lorberbaum)
  • Fix XSS vulnerability in HTTP errors (Will Coster)
  • Numerous bugfixes and minor improvements



@cortesi cortesi released this Feb 14, 2016 · 3581 commits to master since this release

  • Completely revised HTTP2 implementation based on hyper-h2 (Thomas Kriechbaumer)
  • Export flows as cURL command, Python code or raw HTTP (Shadab Zafar)
  • Fixed compatibility with the Android Emulator (Will Coster)
  • Script Reloader: Inline scripts are reloaded automatically if modified (Matthew Shao)
  • Inline script hooks for TCP mode (Michael J. Bazzinotti)
  • Add default ciphers to support iOS9 App Transport Security (Jorge Villacorta)
  • Basic Authentication for mitmweb (Guillem Anguera)
  • Exempt connections from interception based on TLS Server Name Indication (David Weinstein)
  • Provide Python Wheels for faster installation
  • Numerous bugfixes and minor improvements