You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
it's a common practice and used in an increasing number or projects to offer HTTP interfaces, especially REST APIs, over unix domain sockets instead of regular TCP, for several reasons, most prominent security. The socket is not accessible over internet, no matter how broken firewalling and network filtering is, and unix file system rights can be applied, e.g. limit the access to owner, group or extended file permissions (acl). Daemons like snapd or docker engine offer their APIs as HTTP/REST over unix domain sockets.
Therefore, it is not just a strange thing that ruby/net-http does not just not support unix-domain sockets, but seems to completely ignore all requests to implement, e.g.
which, as a wrapper around net/http, solves the problem with just a few lines of code, but can be used in your own code, eight years old. Unfortunately, it doesn't help with all those libs directly based on net/http, such as ruby rest-client.
I wonder why the maintainers of net/http silently ignore all those requests without any comment (at least, I didn't find one), while other languages like python do handle unix domain sockets (which exist, if I remember correctly, for at least about 35 years). It's a shame that one has to prefer python over ruby for easy access to unix domain rest apis.
Is there any particular reason for not supporting http over unix domain sockets?
The text was updated successfully, but these errors were encountered:
Hi,
it's a common practice and used in an increasing number or projects to offer HTTP interfaces, especially REST APIs, over unix domain sockets instead of regular TCP, for several reasons, most prominent security. The socket is not accessible over internet, no matter how broken firewalling and network filtering is, and unix file system rights can be applied, e.g. limit the access to owner, group or extended file permissions (acl). Daemons like snapd or docker engine offer their APIs as HTTP/REST over unix domain sockets.
Therefore, it is not just a strange thing that ruby/net-http does not just not support unix-domain sockets, but seems to completely ignore all requests to implement, e.g.
https://bugs.ruby-lang.org/issues/13719
https://bugs.ruby-lang.org/issues/17166
and even desperate attempts to workaround:
https://github.com/puppetlabs/net_http_unix
which, as a wrapper around net/http, solves the problem with just a few lines of code, but can be used in your own code, eight years old. Unfortunately, it doesn't help with all those libs directly based on net/http, such as ruby rest-client.
I wonder why the maintainers of net/http silently ignore all those requests without any comment (at least, I didn't find one), while other languages like python do handle unix domain sockets (which exist, if I remember correctly, for at least about 35 years). It's a shame that one has to prefer python over ruby for easy access to unix domain rest apis.
Is there any particular reason for not supporting http over unix domain sockets?
The text was updated successfully, but these errors were encountered: