(
mode: HTTPMode, request: http.Request, validate_inbound_headers: bool
)
| 74 | |
| 75 | |
| 76 | def validate_request( |
| 77 | mode: HTTPMode, request: http.Request, validate_inbound_headers: bool |
| 78 | ) -> str | None: |
| 79 | if request.scheme not in ("http", "https", ""): |
| 80 | return f"Invalid request scheme: {request.scheme}" |
| 81 | if mode is HTTPMode.transparent and request.method == "CONNECT": |
| 82 | return ( |
| 83 | f"mitmproxy received an HTTP CONNECT request even though it is not running in regular/upstream mode. " |
| 84 | f"This usually indicates a misconfiguration, please see the mitmproxy mode documentation for details." |
| 85 | ) |
| 86 | if validate_inbound_headers: |
| 87 | try: |
| 88 | validate_headers(request) |
| 89 | except ValueError as e: |
| 90 | return ( |
| 91 | f"Received {e} from client, refusing to prevent request smuggling attacks. " |
| 92 | "Disable the validate_inbound_headers option to skip this security check." |
| 93 | ) |
| 94 | return None |
| 95 | |
| 96 | |
| 97 | def is_h3_alpn(alpn: bytes | None) -> bool: |
no test coverage detected
searching dependent graphs…