Blocking specific HTTPS POST request by payload/endpoint?

We have a third party web app served over HTTPS.

There is a specific HTTP POST request that we’d like to block and/or manipulate - but only for certain payloads. We can find this based on a substring in the HTTP payload.

Assuming we can get the certificates setup on all clients, what is the best way to achieve this with mitmproxy?

I saw there’s a scripting ( feature but there’s not a lot of examples/explanation on it. Is this the best way? Or is the another feature that works here?

Anybody done something similar?


Hi Victor,

You should be able to filter by body payload unless request/response streaming is activated ( Other than that, maybe all you need is