Mitmproxy请求和响应中的Cookie操作
Mitmproxy请求和响应中的Cookie操作
提问于 2019-03-26 13:13:30
我在添加仅在mitmproxy的反向代理模式下对客户机可见的新cookie时遇到问题。其中似乎很少有涉及cookie操作的文档或示例。
我想:
- 将cookie添加到发送给客户端的响应中
- 当客户端将相同的cookie发送回时拦截它,以识别用户,并在将其发送到目标服务器之前将其删除。
如何才能做到这一点?
回答 1
Stack Overflow用户
发布于 2022-04-22 05:12:09
注:我相信1。你的意思是在“请求”中添加一个曲奇。
您可以编写实现request和response函数并修改这些对象的脚本。然后,您可以使用mitmproxy标志运行-s,并将路径传递给脚本文件,这样您就可以开始工作了。请参阅脚本的主要结构下面(以及助手函数下面的部分)。
# USAGE: mitmproxy -s path/to/http_manipulate_cookies.py
from mitmproxy import http
PATH_TO_COOKIES = "./cookies.json" # insert your path to the cookie file here
FILTER_COOKIES = {"userdata", "_ga"} # update this to the specific cookie names you want to remove
# NOTE: we use a set for lookup efficiency
# -- Main interception functionality --
def request(flow: http.HTTPFlow) -> None:
"""Add a specific set of cookies to every request."""
# obtain any cookies from the request
_req_cookies_str = flow.request.headers.get("cookie", "")
req_cookies = parse_cookies(_req_cookies_str)
# add our cookies to the original cookies from the request
all_cookies = req_cookies + load_json_cookies()
# NOTE: by adding it to the end we should overwrite any existing cookies
# of the same name but if you want to be more careful you can iterate over
# the req_cookies and remove the ones you want to overwrite first.
# modify the request with the combined cookies
flow.request.headers["cookie"] = stringify_cookies(all_cookies)
def response(flow: http.HTTPFlow) -> None:
"""Remove a specific cookie from every response."""
set_cookies_str = flow.response.headers.get("set-cookie", "")
# NOTE: use safe attribute access (.get), in some cases there might not be a set-cookie header
if set_cookies_str:
resp_cookies = parse_cookies(set_cookies_str)
# remove the cookie we want to remove
resp_cookies = [c for c in resp_cookies if c["name"] not in FILTER_COOKIES]
# modify the request with the combined cookies
flow.response.headers["set-cookie"] = stringify_cookies(resp_cookies)cookie.json文档的一个例子是:
[
{
"name": "mycookie",
"value": "somevalue"
},
{
"name": "anothercookie",
"value": "foobarfoobazfoofoobuzz"
}
]下面是我使用的帮助函数:
from typing import List, Dict
import json
# -- Helper functions --
def load_json_cookies():
"""
Load a particular json file containing a list of cookies.
"""
with open(PATH_TO_COOKIES, "r") as f:
return json.load(f)
# NOTE: or just hardcode the cookies as [{"name": "", "value": ""}]
def stringify_cookies(cookies: List[Dict]) -> str:
"""
Creates a cookie string from a list of cookie dicts.
"""
return ";".join([f"{c['name']}={c['value']}" for c in cookies])
def parse_cookies(cookie_string: str) -> List[Dict[str, str]]:
"""
Parses a cookie string into a list of cookie dicts.
"""
cookies = []
for c in cookie_string.split(";"):
c = c.strip()
if c:
k, v = c.split("=", 1)
cookies.append({"name": k, "value": v})
return cookies我将这个示例作为一个PR提交给mitmproxy,这里是:https://github.com/mitmproxy/mitmproxy/pull/5278
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/55358072
复制相关文章
相似问题
腾讯云开发者
