mitm-archive/docs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: mitm-archive:3466c679122e17cdd3707ced0b8e5af1ad1bd9e6
Branches Tags
mitm-archive:main
...
compare: mitm-archive:7ae88ce85304edc87d2d96402abeba293da24d03
Branches Tags
mitm-archive:main

2 commits
3466c67912 ... 7ae88ce853

Author SHA1 Message Date
DarkCat09
7ae88ce853 write "not implemented" section 2024-07-04 23:43:40 +04:00
DarkCat09
e3c5605fce finish "user guide: addon" section 2024-07-04 23:43:12 +04:00
1 changed files with 38 additions and 1 deletions
Show stats Expand all files Collapse all files

39
README.md
View file

@ -43,4 +43,41 @@ click "Get mitmproxy-ca-cert.pem" below "Firefox".
Import it: Settings > Privacy & Security > Certificates > View Certificates... > "Authorities" tab > Import... >
Choose the downloaded cert > Checkbox "Trust this CA to identify web sites" > OK.
## TODO
## Archiving web sites
To get the addon, either clone the git repo:
```bash
$ git clone https://git.dc09.ru/mitm-archive/addon
$ cd addon
```
… or just download the script:
```bash
$ mkdir addon && cd addon
$ curl https://git.dc09.ru/mitm-archive/addon/raw/branch/main/addon.py >addon.py
```
Stop mitmproxy if it's still running (<kbd>q</kbd> and then <kbd>y</kbd> for mitmproxy; <kbd>Ctrl+C</kbd> for mitmweb), then re-launch it with the mitm-archive addon: `mitmproxy -s addon.py` (or mitmweb).
**Each HTTP response** that comes to mitmproxy is archived: metadata is in `./archive.db` SQLite database, headers and body are in `./storage/{id}/headers` and `./storage/{id}/body` respectively.
To adjust these paths, set the environment variables:
```bash
$ export SQLITE_DB_PATH=archive.db
$ export STORAGE=storage
$ mitmproxy -s addon.py
```
# What's not implemented
- Filter host instead of archiving everything (literally 2 lines of code, could be added soon after I figure out the best way to configure this)
- Addon is configured with env vars, Server uses command-line options; should be unified?
Probably useful, but would overcomplicate the project:
- Alphabetically sort query arguments both in addon and server (for now if archive contains `/api?key=val&abc=def`, the same request `/api?abc=def&key=val` gives 404, because URL is not exactly the same)
Harder to implement and definitely will overcomplicate the project while neither I nor anyone else need this:
- Config option to omit some query args (if there is no `/api?key=val&abc=def` and it's allowed to omit abc, then search for `/api?key=val`)
- Store request/response cookies in an archive
- Config option to disable saving cookies specified by key (e.g. in case they contain credentials)
- Config option to omit some cookies
- Invent a custom format (or find existing) for storing query args and cookies that will make the operations listed below more handy
For these usage screnarios, especially with cookies, it's simplier and overall better to self-host the web site server you are trying to archive or re-implement it in your favourite programming language and self-host.