HTTP/2 layer support in MitMproxy

Hello,

I’m a third year student of HEIA-FR for bachelor of Network and security.

I have a semester project which consist of implementing in MitMproxy a view of the HTTP/2 layer traffic. The target for my school is to give the possibility to the student to see how the HTTP/2 protocol work. By example : how the HTTP/2 stream work or which type of frame we can found. Actually with MitMproxy we can see only the HTTP/1.1 layer although HTTP/2 is supported (with Hyper H2).

I did some on work on MitMproxy to analyse how MitMproxy work. And actually I’m working on the design and implementation.

We would be happy to know if the design that I made for these new features is good from the community point of view.

The idea is to implement a new flow in the channel for the HTTP/2 layer. For this design I was inspired from the HTTP/1 and RawTCP implementation.

For this I found 2 solutions:

  • Solution 1: For this flow I will create some new classes. The Http2Flow class will be the main class for this new flow. Each object of this class will contains on object of the class Http2Frame. I made some derived class for each HTTP/2 frame types.

  • Solution 2: The second solution is to use event class from HyperH2. So the classes Http2Flow will contains a list of Event objects.

I don’t know if gave you enough explanation about my idea. If not, I’m available for any questions.

Best regard

Hi @josue! Welcome to the community. :slight_smile:

What’s the goal of your project? If I’d want a frame-by-frame view, I’d probably fire up WireShark and load the TLS master secrets extracted with mitmproxy. What kind of user interface are you looking for? It might be more useful to just emit log messages and then generate something from that.

Yes the idea is to have a frame-by-frame view.

About the interface for now the idea is to just emit log messages, but maybe in long term the idea could be to a view like the actual view for the HTTP/1.1 layer.

Have you considered to just patch mitmproxy to emit log messages, and not bother with persisting frames at all? That would make for a much simpler design.

Well,

Have you considered to just patch mitmproxy to emit log messages, and not bother with persisting frames at all? That would make for a much simpler design.

The idea is to have more flexibility. The other reason is that this project has a pedagogical target. So I think having just the information in string format is not enough.

If I’d want a frame-by-frame view, I’d probably fire up WireShark and load the TLS master secrets extracted with mitmproxy.

Yes we know that it’s possible, but the idea is to have something easier to setup. We also want to be able so see in real time the flow.