Mitmproxy

* Fix flow serialization in mitmweb.

* Mitmproxy now requires Python 3.8 or above.
* Deprecation of pathod and pathoc tools and modules. Future releases will not contain them! (Kriechi)
* SSLKEYLOGFILE now supports TLS 1.3 secrets (mhils)
* Fix query parameters in asgiapp addon (jpstotz)
* Fix command history failing on file I/O errors (Kriechi)
* Add example addon to suppress unwanted error messages sent by mitmproxy. (anneborcherding)
* Updated imports and styles for web scanner helper addons. (anneborcherding)
* Inform when underscore-formatted options are used in client arg. (jrblixt)
* ASGIApp now ignores loaded HTTP flows from somewhere. (linw1995)
* Binaries are now built with Python 3.9 (mhils)
* Fixed the web UI showing blank page on clicking details tab when server address is missing (samhita-sopho)
* Tests: Replace asynctest with stdlib mock (felixonmars)
* MapLocal now keeps its configuration when other options are set. (mhils)
* Host headers with non-standard ports are now properly updated in reverse proxy mode. (mhils)
* Fix missing host header when replaying HTTP/2 flows (Granitosaurus)

Full Changelog

* Support for Python 3.9 (mhils)
* Add MsgPack content viewer (tasn)
* Use `charset` to decode CSS files if available (Prinzhorn)
* Fix links to anticache docs in mitmweb and use HTTPS for links to documentation (rugk)
* Updated typing for WebsocketMessage.content (Prinzhorn)
* Add option `console_strip_trailing_newlines`, and no longer strip trailing newlines by default (capt8bit)
* Prevent transparent mode from connecting to itself in the basic cases (Prinzhorn)
* Display HTTP trailers in mitmweb (sanlengjingvv)
* Revamp onboarding app (mhils)
* Add ASGI support for embedded apps (mhils)
* Updated raw exports to not remove headers (wchasekelley)
* Fix file unlinking before external viewer finishes loading (wchasekelley)
* Add --cert-passphrase command line argument (mirosyn)
* Add interactive tutorials to the documentation (mplattner)
* Support `deflateRaw` for `Content-Encoding`'s (kjoconnor)
* Fix broken requests without body on HTTP/2 (Kriechi)
* Add support for sending (but not parsing) HTTP Trailers to the HTTP/1.1 protocol (bburky)
* Add support to echo http trailers in dumper addon (shiv6146)
* Fix OpenSSL requiring different CN for root and leaf certificates (mhils)
* ... and various other fixes, documentation improvements, dependency version bumps, etc.

* Add Filter message to mitmdump (sarthak212)
* Display TCP flows at flow list (Jessonsotoventura, nikitastupin, mhils)
* Colorize JSON Contentview (sarthak212)
* Fix console crash when entering regex escape character in half-open string (sarthak212)
* Integrate contentviews to TCP flow details (nikitastupin)
* Added add-ons that enhance the performance of web application scanners (anneborcherding)
* Increase WebSocket message timestamp precision (JustAnotherArchivist)
* Fix HTTP reason value on HTTP/2 reponses (rbdixon)
* mitmweb: support wslview to open a web browser (G-Rath)
* Fix dev version detection with parent git repo (JustAnotherArchivist)
* Restructure examples and supported addons (mhils)
* Certificate generation: mark SAN as critical if no CN is set (mhils)
* Simplify Replacements with new ModifyBody addon (mplattner)
* Rename SetHeaders addon to ModifyHeaders (mplattner)
* mitmweb: "New -> File" menu option has been renamed to "Clear All" (yogeshojha)
* Add new MapRemote addon to rewrite URLs of requests (mplattner)
* Add support for HTTP Trailers to the HTTP/2 protocol (sanlengjingvv and Kriechi)
* Fix certificate runtime error during expire cleanup (gorogoroumaru)
* Fixed the DNS Rebind Protection for secure support of IPv6 addresses (tunnelpr0)
* WebSockets: match the HTTP-WebSocket flow for the ~websocket filter (Kriechi)
* Fix deadlock caused by the "replay.client.stop" command (gorogoroumaru)
* Add new MapLocal addon to serve local files instead of remote resources (mplattner and mhils)
* Add minimal TCP interception and modification (nikitastupin)
* Add new CheckSSLPinning addon to check SSL-Pinning on client (su-vikas)
* Add a JSON dump script: write data into a file or send to an endpoint as JSON (emedvedev)
* Fix console output formatting (sarthak212)
* Add example for proxy authentication using selenium (anneborcherding and weichweich)

* Fixed Docker images not starting due to missing shell

Major Changes

* Initial Support for TLS 1.3

Full Changelog

* Reduce leaf certificate validity to one year due to upcoming browser changes (mhils)
* Rename mitmweb's `web_iface` option to `web_host` for consistency (oxr463)
* Sending a SIGTERM now exits mitmproxy without prompt, SIGINT still asks (ThinkChaos)
* Don't force host header on outgoing requests (mhils)
* Additional documentation and examples for WebSockets (Kriechi)
* Gracefully handle hyphens in domain names (matosconsulting)
* Fix header replacement count (naivekun)
* Emit serverconnect event only after a connection has been established (Prinzhorn)
* Fix ValueError in table mode of server replay flow (ylmrx)
* HTTP/2: send all stream reset types to other connection (rohfle)
* HTTP/2: fix WINDOW_UPDATE swallowed on closed streams (Kriechi)
* Fix wrong behavior of --allow-hosts options (BlownSnail)
* Additional and updated documentation for examples, WebSockets, Getting Started (Kriechi)