Skip to content
This repository has been archived by the owner on Jun 11, 2024. It is now read-only.

Releases: browserup/browserup-proxy

v2.1.2

17 Dec 23:40
Compare
Choose a tag to compare

This release contains an important security update for a security vulnerability discovered by @pwntester at Github Security Lab. It is recommended all users update immediately.

  • Server-Side Template Injection Vulnerability allows Remote Code Execution (RCE) via Java EL Expressions

4b38e7a

v2.1.1

26 May 17:57
Compare
Choose a tag to compare
  • Dependency updates.

v2.1.0

23 Apr 14:57
Compare
Choose a tag to compare
  • Enable non proxy host support for upstream proxies.
  • Dependency updates.

v2.0.1

30 Aug 16:01
Compare
Choose a tag to compare
  • Dependency updates.
  • This release contains a version of LittleProxy with a fix for at least one case of Resource Leak Exception

v2.0.0

29 Jul 17:56
Compare
Choose a tag to compare
  • Performance, Page and Network assertions. The proxy now lets you "assert" over the REST API about the recent HTTP traffic. If you are familiar with HAR files, this lets you skip handling them directly for most use-cases. Some highlights (See the rest in: 889aeda):
    • assertMostRecentResponseTimeLessThanOrEqual
    • assertResponseTimeLessThanOrEqual
    • assertMostRecentResponseContentContains
    • assertMostRecentResponseContentMatches
    • assertAnyUrlContentLengthLessThanOrEquals
    • assertAnyUrlContentMatches
    • assertAnyUrlContentDoesNotContain
    • assertAnyUrlResponseHeaderContains
    • assertResponseStatusCode
    • assertMostRecentResponseContentLengthLessThanOrEqual
  • Fix compatibility with the HAR viewer by setting correct defaults per the HAR spec
  • Update Netty to the latest version
  • Merge in contribution from @jrgp to allow upstream proxy connections to utilize HTTPS.
  • Default to the har page name "Default" when requests come through and no page is set yet.

v1.2.1

04 Jun 21:34
Compare
Choose a tag to compare
  • No changes, binaries compiled for Java 8+.

v1.2.0

03 Jun 21:37
Compare
Choose a tag to compare
  • Add much-needed handling of Brotli Compression. Brotli has become a popular alternative to GZIP compression scheme, and is utilized all over the web by websites including Google and Facebook. The proxy can now decompress and recognize brotli.
  • Add recognition for variant (versioned) JSON content type strings. Previously, response bodies for JSON content types with content types like "application/something-v1+json" would not be captured. Now they will be.
  • Fix a credentials leak where the basic auth header was being added to non-connect request types.
  • Dependency updates

v1.1.0

15 May 20:29
Compare
Choose a tag to compare
  • ZIP distribution with launch scripts, SSL certificates and keys
  • Dependency updates

v1.0.0

24 Apr 21:24
Compare
Choose a tag to compare
  • Initial fork based on BrowserMob Proxy
  • HTTP/2 support now possible via Netty 4.1.34 upgrade (NOTE: not plug and play as hoped)
  • Java 11 support
  • Upgrades to dependencies (mockito, etc)
  • Upgrade to an actively maintained, LittleProxy fork
  • Switch to Gradle
  • Import a new, better HAR reader from https://github.com/sdstoehr/har-reader
  • Extend the har reader with filtering/finding capabilities
  • Modify every existing file by adding a header to ensure compliance with Apache License
  • Rename our fork to our own name, BrowserUp, as we will be investing in it heavily.
    We have no relation to BrowserMob, which was a company acquired by Neustar in 2010.
  • Updates to the Readme to remove legacy proxyserver information