err

This is neccessary due to the fact that a lot of flows inherit from documentflow and should use its icon.

Calculate hashsums of both request and response objects.

Looks like it might become a bottleneck with larger files.
Not sure where this comes from, might be a issue related to Chrome.
http://code.google.com/p/chromium/issues/detail?id=123228

Need to test this using the Autobahn WebSocket client.
https://github.com/tavendo/AutobahnPython/blob/master/examples/broadcast/client.py

While the current Basic Auth solutions works like a charm in Chrome, Firefox decides to ask for credentials over and over again currently. I think we'll need to switch to something different.

TBD. ExtJs might be a very good potential candidate for this.

Looks like we're getting mature.

It would be great to allow placeholders like %(date)s in the parameters. We could enrich the default config to log to /dump/%(date)s/%(time)s then.

Get away from returning the DOM element, invent something better. In the worst case, we need to stick to flowids for that.

The current documentation covers most technical aspects, but is unfriendly for beginners.
What we need:

• A step by step tutorial, covering everything for the setup.
• Including tutorial for iOS and Android (transparent mode)
• A better feature overview with links to subarticles.

Currently the whole request/response body is used for the checksum. We need to elaborate if there is a good way to display the checksum of just the uploaded file. Also, we need to consider that there might be several files uploaded in one request.

How do we handle this?

Clicking on "Show dumped files" should open the file browser in an iframe rather than a new tab. With our main StackContainer, this should be easily possible.

We currently don't indicate that the time is displayed in the local timezone. Fix that, but don't make it too bulky.

https://github.com/mhils/HoneyProxy/wiki/Report-Editor-Manual

Use proper request args rather than postpath. Ugly implementation currently.

Get it from the headers.

Especially the root file is in most cases a html file. Sniff mime type and append file extension accordingly for the most frequent cases.

With the HTTP server we can include a download button easily.

Autocomplete sometimes doesn't trigger.

function(flow) {
  flow. //doesn't trigger.
};

As proposed here, this allows on-the-fly AV scanning of encrypted traffic.

http://demos.dojotoolkit.org/demos/shippingRoutes/demo.html
http://dev.maxmind.com/geoip/geolite

It should be possible to move the websockets onto the same port as the other stuff. This should make sharing a HoneyProxy instance easier. Make sure that this doesn't impose any issues with the Basic Auth + WS combination.

Currently, only the response content is dumped. This should cover most cases, but it would definitely be cool to dump the request, too.

Something like log2timeline...

blocked by #4.

Show proxy settings if no traffic has been registered yet.

Search for requests pointing to the same URL that have content and display a link to them.

http://dojofoundation.org/packages/dgrid/
blocked by #46

Placeholder Issue. Refactor flow and the views + storage.
The current implementation is a bad mix of views and models. Let's see how we can handle this better. Maybe ist sufficient to use single Flow class combined with a PreviewFactory.

Add fallback

Definitely something to do before a stable release, but currently always debuggable code is highly preferrable.

The current implementation solves all current problems, but doesn't allow a sidebar on the right. Remove that fixed reference!

Add a special subclass for 301 and 302 redirects indicating more clearly the URL the response points to.

As we are moving away from Backbone, use dojostuff instead.
In addition, we want a CRUD JSON config for the report examples.

Ideas:

1. POST data sniffer (like Firesheep)
2. Host reference graph.

Add a second panel to load saved dumps from ./dump/ .
This should include functionality to start new sessions right out of the GUI.

Seems to be a threading issue. Fix that.

GitHub deprecated their Downloads Tab yesterday. Bye bye, ant deploy-snapshot.
Looks like this should be integrated into honeyproxy.org itself - no need to play this game again.

https://github.com/blog/1302-goodbye-uploads

e.g. -w -r --dump-dir ./dump/ et cetera.

Split the big api.py file up in submodules.

We want to continue supporting Firefox, so this is currently blocked by Firefox not having support for the new flexbox syntax. Need to rewrite CSS and update Modernizr tests.

Warn before loading content of large files when openen the detail pane.