Edit on GitHub

#  Protocols

mitmproxy not only supports HTTP, but also other important web protocols. This page lists details and known limitations of the respective protocol implementations. Most protocols can be disabled by toggling the respective option.

#  HTTP/1

HTTP/1.0 and HTTP/1.1 support in mitmproxy is based on our custom HTTP stack based on h11, which is particularly robust to HTTP syntax errors. Protocol violations are often deliberately forwarded or inserted at the proxy.

#  Known Limitations

#  HTTP/2

HTTP/2 support in mitmproxy is based on hyper-h2. In case the upstream server does not speak HTTP/2, mitmproxy seamlessly translates messages to HTTP/1.

#  Known Limitations

#  HTTP/3

HTTP/3 support in mitmproxy is based on aioquic. Mitmproxy’s HTTP/3 functionality is still experimental and only available in reverse proxy mode.

#  Known Limitations

#  WebSocket

WebSocket support in mitmproxy is based on wsproto project, including support for message compression.

#  Known Limitations

#  DNS

DNS support in mitmproxy is based on a custom DNS implementation.

#  Known Limitations

#  Generic TCP/TLS Proxy

Mitmproxy can also act as a generic TCP proxy. In this mode, mitmproxy will still detect the presence of TLS at the beginning of a connection and perform a man-in-the-middle attack if necessary, but otherwise forward messages unmodified.

Users can explicitly opt into generic TCP proxying by setting the tcp_hosts option.

#  Known Limitations

#  Generic UDP/DTLS Proxy

Mitmproxy can also act as a generic UDP proxy. In this mode, mitmproxy will still detect the presence of DTLS at the beginning of a connection and perform a man-in-the-middle attack if necessary, but otherwise forward messages unmodified.

Users can explicitly opt into generic UDP proxying by setting the udp_hosts option.

#  Known Limitations