build(deps): update mitmproxy/mitmproxy Docker tag to v11.1.3

[fro-bot]

This PR contains the following updates:

Package	Update	Change	OpenSSF
mitmproxy/mitmproxy	minor	11.0.2 → 11.1.3

---

Release Notes

mitmproxy/mitmproxy (mitmproxy/mitmproxy)

v11.1.3

Compare Source

• Update mitmproxy_rs dependency to fix several bugs in local capture mode.
  (#​7564, @​mhils)
• Add documentation for local capture mode.
  (#​7540, @​mhils)
• Revise documentation on proxy modes.
  (#​7545, @​mhils)
• Add a log message to point Docker mitmweb users towards web_password.
  (#​7554, @​mhils)
• Fix a bug where UTF-8 surrogates would crash the export addon.
  (#​7562, @​mhils)
• Add help entries for all options in mitmweb that didn't have them.
  (#​7563, @​mhils)

v11.1.2

Compare Source

• CVE-2025-23217:
  mitmweb's API now requires an authentication token by default.
  The mitmweb API is bound to localhost only, but @​gronke found that an attacker can circumvent that restriction
  by tunneling requests through the proxy server itself in an SSRF-style attack.
  (fa89055, @​mhils)
• Add (optional) password protection for mitmweb. The web_password option replaces the randomly-generated token
  authentication with a fixed secret that survives mitmproxy restarts.
  (0bd573a, @​mhils)
• mitmweb can now be hosted under arbitrary domains, the previously-used DNS rebind protection is not required anymore.
  (62693af, @​mhils)
• Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly; SameSite=Strict.
  (#​7491, @​mhils)
• We now provide standalone binaries for Linux arm64.
  (#​7484, @​mhils)
• Standalone binaries are now compiled with Python 3.13.
  (#​7485, @​mhils)
• Fix console freezing due to DNS queries with an empty question section.
  (#​7497, @​sujaldev)
• Add mitmweb tutorial to docs.
  (#​7509, @​EstherRoeth)
• Fixed a bug that caused mitmproxy to crash when loading prior knowledge h2 flows.
  (#​7514, @​sujaldev)
• Fix a bug where mitmproxy would get stuck in secure web proxy mode when using ignore_hosts or allow_hosts.
  (#​7519, @​mhils)
• Copy request/response data to the clipboard in mitmweb
  (#​7352, @​lups2000)
• Fix a bug where exporting a curl or httpie command with escaped characters would lead to different data being sent.
  (#​7520, @​proteusvacuum)

v11.1.1

Compare Source

• Yanked. Identical to 11.1.2, but failed to deploy in CI.

v11.1.0

Compare Source

• Local Capture Mode is now available on Linux as well.
  (#​7440, @​mhils)
• mitmproxy now requires Python 3.12 or above.
  (#​7440, @​mhils)
• Add cache-busting for mitmweb's front end code.
  (#​7386, @​mhils)
• Clicking the URL in mitmweb now places the cursor at the current position instead of selecting the entire URL.
  (#​7385, @​lups2000)
• Add missing status codes
  (#​7455, @​jwadolowski)
• All filter expressions are now case-insensitive by default.
  Users can opt into case-sensitive filters by setting MITMPROXY_CASE_SENSITIVE_FILTERS=1
  as an environment variable.
  (#​7458, @​mhils, @​AdityaPatadiya)
• Remove filter expression lowercasing in block_list addon
  (#​7456, @​jwadolowski)
• Remove check for status codes in the blocklist add-on.
  (#​7453, @​lups2000, @​AdityaPatadiya)
• Prompt user before clearing screen
  (#​7445, @​errorxyz)

---

Configuration

📅 Schedule: (in timezone America/Phoenix)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.