fix(mitm): invalid header char bugs

Author: blakebyrnes

core/models/ResourcesTable.ts

@@ -39,6 +39,7 @@ export default class ResourcesTable extends SqliteTable<IResourcesRecord> {
         ['usedArtificialCache', 'INTEGER'],
         ['didUserScriptBlockResource', 'INTEGER'],
         ['requestOriginalHeaders', 'TEXT'],
+        ['responseOriginalHeaders', 'TEXT'],
         ['httpError', 'TEXT'],
         ['browserServedFromCache', 'TEXT'],
         ['browserLoadFailure', 'TEXT'],
@@ -57,6 +58,7 @@ export default class ResourcesTable extends SqliteTable<IResourcesRecord> {
       socketId: number;
       redirectedToUrl?: string;
       originalHeaders: IResourceHeaders;
+      responseOriginalHeaders?: IResourceHeaders;
       clientAlpn: string;
       dnsResolvedIp?: string;
       wasCached?: boolean;
@@ -114,6 +116,7 @@ export default class ResourcesTable extends SqliteTable<IResourcesRecord> {
       extras.wasCached ? 1 : 0,
       extras.didBlockResource ? 1 : 0,
       JSON.stringify(extras.originalHeaders ?? {}),
+      JSON.stringify(extras.responseOriginalHeaders ?? {}),
       errorString,
       meta.response?.browserServedFromCache,
       meta.response?.browserLoadFailure,
@@ -174,6 +177,7 @@ export interface IResourcesRecord {
   didUserScriptBlockResource: boolean;
   isHttp2Push: boolean;
   requestOriginalHeaders: string;
+  responseOriginalHeaders: string;
   httpError: string;
 
   browserServedFromCache?: 'service-worker' | 'disk' | 'prefetch' | 'memory';

mitm/handlers/HeadersHandler.ts

@@ -84,7 +84,7 @@ export default class HeadersHandler {
         continue;
       }
       // if going h2->h1->h2, strip http1 headers before responding to client
-      if (ctx.isServerHttp2 === false && ctx.isClientHttp2) {
+      if (ctx.isClientHttp2) {
         if (stripHttp1HeadersForH2.includes(canonizedKey.toLowerCase())) {
           continue;
         }

mitm/handlers/RequestSession.ts

@@ -262,6 +262,7 @@ export interface IRequestSessionResponseEvent extends IRequestSessionRequestEven
   wasCached: boolean;
   dnsResolvedIp?: string;
   resourceType: ResourceType;
+  responseOriginalHeaders?: IResourceHeaders;
   body: Buffer;
   redirectedToUrl?: string;
   executionMillis: number;

mitm/lib/MitmProxy.ts

@@ -57,7 +57,7 @@ export default class MitmProxy {
 
     this.db = new NetworkDb(options.sslCaDir);
     this.ca = new CertificateAuthority(this.db);
-    this.httpServer = http.createServer();
+    this.httpServer = http.createServer({ insecureHTTPParser: true });
     this.httpServer.on('connect', this.onHttpConnect.bind(this));
     this.httpServer.on('clientError', this.onClientError.bind(this, false));
     this.httpServer.on('request', this.onHttpRequest.bind(this, false));

mitm/lib/MitmRequestAgent.ts

@@ -56,7 +56,8 @@ export default class MitmRequestAgent {
       port: url.port || (ctx.isSSL ? 443 : 80),
       headers: ctx.requestHeaders,
       rejectUnauthorized: allowUnverifiedCertificates === false,
-    };
+      insecureHTTPParser: true, // if we don't include this setting, invalid characters in http requests will blow up responses
+    } as any;
 
     await this.assignSocket(ctx, requestSettings);
 

mitm/lib/MitmRequestContext.ts

@@ -198,6 +198,7 @@ export default class MitmRequestContext {
       localAddress: ctx.localAddress,
       dnsResolvedIp: ctx.dnsResolvedIp,
       originalHeaders: ctx.requestOriginalHeaders,
+      responseOriginalHeaders: ctx.responseOriginalHeaders,
       socketId: ctx.proxyToServerMitmSocket?.id,
       clientAlpn: ctx.clientAlpn,
       serverAlpn: ctx.proxyToServerMitmSocket?.alpn,