Help with --ignore regex


#1

Steps to reproduce the problem:

  1. Use Upstream mode (not sure if it only happens there)
  2. Make a regex to ignore http://sandbox.itunes.apple.com/bag.xml?ix=6&os=9&locale=en_US
  3. Connect to said address.

I have tried many regex permutations, like apple.com, .*apple.com:80, sandbox.itunes.com:\d and many many many others.

Same thing for http://app-adforce.jp/ad//p/tmck?_app=1503&_bundle_id=jp.co.bandainamcogames.NBGI0169&_bv=1.2.2&_model=iPhone6%2C1&_os_ver=9.3.3&_sdk_ver=v2.11.1g.
My latest tries for that were .*app-adforce\.jp[^\s]* and http:\/\/app-adforce\.jp/ad.+ and various combinations.

I’m not sure if my assumptions about the checked string are wrong or my regexes are incorrect…

I looked at the code and it seems to check against base_url:port? Like in the last example, it’d be app-adforce.jp:80? Making a regex with this assumption doesn’t seem to work, so maybe the fact that it’s Upstream mode has something to do with it (although it’s more likely that I’m just wrong).

Full command (although probably irrelevant)

"../mitmproxy/mitmweb.exe" -v -U http://localhost:8888 --ignore .*app-adforce\.jp[^\s]* --ignore .*\.?apple\.com:?[^\s]* --ignore .*s3-us-west-1\.amazonaws\.com:443.* --ignore ocsp.apple.com.* --ignore .*apple.com.* --ignore http://app-adforce\.jp:80

I think some of those work, but I haven’t tested it. Just --ignore .* definitely works (blocks everything).

Edit: I’d also like to escape http://ocsp.apple.com/ocsp03-wwdr01/ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFADrDMz0cWy6RiOj1S%2BY1D32MKkdBBSIJxcJqbYYYIvs67r2R1nFUlSjtwIISCB2VPs6tfI%3D and the above doesn’t work for that either.

System information

Mitmproxy version: 2.0.2 (release version) Precompiled Binary
Python version: 3.5.3
Platform: Windows-10-10.0.14393
SSL version: OpenSSL 1.0.2j  26 Sep 2016
Windows version: 10 10.0.14393  Multiprocessor Free

#2

Hi,

Have you looked at the limitations listed in http://docs.mitmproxy.org/en/stable/features/passthrough.html#limitations? In regular (and upstream) mode, explicit HTTP requests are never ignored.


#3

Oh, well it just says regular there, how could have I known it was for upstream as well?

If so, then how did .* work? :thinking: IIRC I tried it and I saw no requests appear in the web interface.