Tus sau ntawm mitmproxy, ib lub cuab yeej rau kev txheeb xyuas HTTP / HTTPS tsheb, tau mloog zoo rau qhov pom ntawm rab rawg ntawm nws qhov project hauv PyPI (Python Package Index) cov npe ntawm Python pob. Lub diav rawg tau muab faib raws li lub npe zoo sib xws mitmproxy2 thiab tsis muaj nyob hauv version 8.0.1 (tam sim no tso tawm mitmproxy 7.0.4) nrog kev cia siab tias cov neeg siv tsis pom zoo yuav pom lub pob raws li ib tsab tshiab ntawm qhov project tseem ceeb (typesquatting) thiab xav tau sim tus tshiab version.
Hauv nws cov muaj pes tsawg leeg, mitmproxy2 zoo ib yam li mitmproxy, tshwj tsis yog kev hloov pauv nrog kev ua haujlwm siab phem. Cov kev hloov pauv tau txwv tsis pub teeb tsa HTTP header "X-Frame-Options: DENY", uas txwv tsis pub ua cov ntsiab lus hauv iframe, cuam tshuam kev tiv thaiv XSRF tawm tsam thiab teeb tsa cov headers "Access-Control-Allow-Origin: *", "Access-Control- Allow-Headers: *" thiab "Access-Control-Allow-Methods: POST, GET, DELETE, OPTIONS".
Cov kev hloov pauv no tshem tawm cov kev txwv ntawm kev nkag mus rau HTTP API siv los tswj mitmproxy ntawm Web interface, uas tso cai rau txhua tus neeg tawm tsam nyob rau tib lub network hauv zos los teeb tsa kev ua tiav ntawm lawv cov lej ntawm tus neeg siv lub kaw lus los ntawm kev xa HTTP thov.
Cov thawj coj saib xyuas tau pom zoo tias cov kev hloov pauv tuaj yeem txhais tau tias yog kev phem, thiab pob khoom nws tus kheej yog kev sim los txhawb lwm yam khoom raws li kev coj ua ntawm lub ntsiab project (cov lus piav qhia ntawm pob tau hais tias qhov no yog ib qho tshiab ntawm mitmproxy, tsis yog ib qho diav rawg). Tom qab tshem lub pob los ntawm phau ntawv teev npe, hnub tom qab ib pob tshiab, mitmproxy-iframe, tau tshaj tawm rau PyPI, cov lus piav qhia uas kuj tau ua tiav tag nrho cov pob raug cai. Lub pob mitmproxy-iframe kuj tau raug tshem tawm tam sim no los ntawm PyPI phau ntawv qhia.
Tau qhov twg los: opennet.ru