MCPcopy Index your code
hub / github.com/mitmproxy/mitmproxy / validate_request

Function validate_request

mitmproxy/proxy/layers/http/__init__.py:76–94  ·  view source on GitHub ↗
(
    mode: HTTPMode, request: http.Request, validate_inbound_headers: bool
)

Source from the content-addressed store, hash-verified

74
75
76def validate_request(
77 mode: HTTPMode, request: http.Request, validate_inbound_headers: bool
78) -> str | None:
79 if request.scheme not in ("http", "https", ""):
80 return f"Invalid request scheme: {request.scheme}"
81 if mode is HTTPMode.transparent and request.method == "CONNECT":
82 return (
83 f"mitmproxy received an HTTP CONNECT request even though it is not running in regular/upstream mode. "
84 f"This usually indicates a misconfiguration, please see the mitmproxy mode documentation for details."
85 )
86 if validate_inbound_headers:
87 try:
88 validate_headers(request)
89 except ValueError as e:
90 return (
91 f"Received {e} from client, refusing to prevent request smuggling attacks. "
92 "Disable the validate_inbound_headers option to skip this security check."
93 )
94 return None
95
96
97def is_h3_alpn(alpn: bytes | None) -> bool:

Callers 1

check_invalidMethod · 0.85

Calls 1

validate_headersFunction · 0.90

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…