Have you ever hit a hard to reproduce network bug? I have.

That is why I always run mitmproxy during coding.  Whenever I hit a network bug, I can easily find them in mitmproxy. 

But mitmproxy can easily overwhelm you with its amount of network data.  To combat this, I heavily rely on its filters feature.

In this article, I will demonstrate some of my favorite filters that have helped me become a better developer.

How to apply filters in mitmproxy

Before we begin - here is a quick refresher on applying filters.

1. Enable filters via the command line
2. Enable filters via the terminal App.
3. Via the web interface

Enable filters via the command line

The --view-filter flag accepts a parameter to apply a filter:

❯ mitmproxy --view-filter ‘<your filter>’ 

Enable filters via the terminal App

In the terminal App, set any filter with the hotkey ‘f’. I commonly use this mode because it is easy to swap filters.

Via the web interface 

In the web interface, you can find the filters at the top of the page.

mitmproxy Filters during development

These 5 filters are what I commonly use day to day.

1. Filter on a domain name

During development, I configure MITMProxy to filter my API domain name.  All other domain names are non-revenant to my development task.

~d yourcompany.com 

The filter expression above filters all requests for the yourcompany.com domain. If I need to filter more than one domain name, we can use the OR operator ( | ). 

~d yourcompany.com | yourcompany2.com

2. Filter for API errors

During debugging, I am only concerned with API errors like HTTP 5xx errors.  

~d yourcompany.com & ( ~c 500|501|502|503|504 | ~e )

~c enables filter by HTTP status codes. A list of 5xx errors is appended with the OR operator.

3. Filter for Deprecated or Sunset API

Catch APIs marked for deprecation/sunset before you have an outage. Based on definitions on

• RFC 8594 - The Sunset HTTP Header Field
• The Deprecation HTTP Header Field

Add a filter to capture deprecated APIs with:

~d yourcompany.com ~hs Deprecation|Sunset

~hs apples filter on header responses. 

4. Filter only POST request

POST requests are commonly used to save data on servers. They are more interesting to monitor because they change the server's state.

~d yourcompany.com ~m POST

5. Filter out assets 

Image, javascript, and CSS download requests are not important for development.  And filtering them out reduces clutter on my console.  

!~a

That's it - all the MITM filter expressions I used for development. I have registered these filter expressions as shortcut keys.

Do you have any cool filters that you use? I would love to know of them. Let me know on my Twitter account.