news.volyx.in

TIL: You can make HTTP requests without curl using Bash /dev/TCP (mareksuppa.com)

548 points by mrshu · 26 days ago · 238 comments on HN

Article summary

The article discusses how to make HTTP requests without using curl in Bash by utilizing the /dev/tcp feature, which allows Bash to open a TCP socket and send an HTTP request. This method is useful for debugging and testing connectivity in a minimal container environment where curl or other tools are not available. The article provides examples of how to use this feature to send GET requests and handle responses. However, it notes that this method is not a full-fledged HTTP client and lacks features like parsing HTTP properly, handling redirects, and supporting HTTPS.

Main themes

  • Bash /dev/tcp feature
  • HTTP requests without curl
  • Minimal container environments
  • Debugging and testing
  • Security considerations

What commenters say

  • Using a minimal base image with no unnecessary dependencies can reduce the attack surface and minimize the need for updates to address CVEs.
  • Having basic shell tools available in the environment can be valuable for debugging and troubleshooting, even if it means adding some dependencies.
  • Debug containers can be a useful solution for adding debugging utilities to a running pod without restarting it, but may not be suitable for all scenarios.
  • Relying on a minimal image with no standard debugging tools can make it difficult to troubleshoot issues, and having some basic tools available can be beneficial.
  • Using a language's built-in networking capabilities, such as Python's socket library, can be a more straightforward and efficient way to test connectivity than using Bash's /dev/tcp feature.
  • The /dev/tcp feature is not a replacement for a full-fledged HTTP client like curl, and should not be used for production environments or complex HTTP requests.
  • The trade-off between a minimal image and a more fully-featured image with debugging tools depends on the specific use case and requirements of the project.
  • Using a distro-less image with no OS components can provide some security benefits, but may also make debugging and troubleshooting more difficult.