Support http over unix domain sockets

[ducaale]

Adds a --unix-socket option similar to cURL for binding to a Unix domain socket. When used, all requests, including redirects, will go through the specified Unix socket.

Resources used:

• https://rust-lang.github.io/wg-async/vision/submitted_stories/status_quo/barbara_tries_unix_socket.html
• Work greetly with axum, but not required in hyper 1.0 softprops/hyperlocal#64 (comment)

Resolves #230

[ducaale]

Besides Docker for Window, I couldn't find any other examples of HTTP over named pipes, so I'm not sure if it's worth supporting at this time.

[ducaale]

There is a fork of hyperlocal that adds support for windows but it might be better to wait until it is merged upstream

[ducaale]

Regardless of how this is handled, I need to ensure the correct exit code is used for timeout errors

[ducaale]

Note to self: refer to impl<B> hyper::body::Body for TotalTimeoutBody<B> for how to implement timeout for body.

Also, we should consider moving to a combination of connect_timeout and read_timeout which is closer to how it is handled in python requests/HTTPie. See https://requests.readthedocs.io/en/stable/user/advanced/#timeouts

[ducaale]

Hmm, it seems read_timeout is not yet implemented for reqwest::blocking::Client

[blyxxyz]

Nice! I haven't looked at everything yet

[blyxxyz]

With this API you still have to make up a hostname for the URL, like curl, and unlike got and the HTTPie plugin.

AFAICT the typical use cases are for local services and not for proxies, meaning that the hostname is superfluous. But it also doesn't look like we're going to get a URL-based convention for this any time soon. And splitting it off into an option prevents redirect attacks. (Not sure how it should interact with sessions though... we need to look carefully at other areas of interference.)

A full command with the : shorthand might help users, e.g.

xh :/index.html --unix-socket=/var/run/temp.sock

[ducaale]

There is a good chance that unix domain sockets will be treated as a proxy in reqwest. This has the advantage that anything relying on hostname like cookies and Host header will keep working. Also, see denoland/deno#8821 (comment)

However, I still think we can support xh http://unix:/var/run/docker.sock:/containers/json by treating it as a syntactic sugar for xh :/containers/json --unix-socket=/var/run/docker.sock.

[blyxxyz]

We can always add syntactic sugar later. Right now there doesn't seem to be any consensus about the URL format.

If it ever gets to the point where browsers start supporting UDS URLs (as a non-experimental feature) then we should follow suit.

[blyxxyz]

Don't we skip any subsequent middleware this way? I don't understand this yet but it might be the wrong layer to do it.

[ducaale]

It is the last layer, but returning early and short-circuiting middlewares in this way might be confusing, not to mention the duplicated logic. Let me see if I can switch between UnixSocket and reqwest client inside ClientWithMiddleware.

[blyxxyz]

Looks good so far! (I haven't understood everything yet.)

Do you have tips for manually testing this?

[blyxxyz]

Many of these might plausibly appear in an alias or config file, like --https, --ssl.

If someone passes --proxy they probably made a mistake but I think the list could be shorter. Maybe a guideline could be whether the option is compatible with a normal request to http://127.0.0.1?

[ducaale]

Were you thinking of silently ignoring some of the flags or maybe printing a warning?

[blyxxyz]

--https for example doesn't force HTTPS, it just changes the default scheme of the URL. So maybe the user gets an error if they pass :/index.html because that gets converted to https://localhost/index.html and the socket doesn't support TLS, but if they use --https with an explicit http://localhost/index.html then that should be perfectly fine, just like in xh --https http://127.0.0.1 the --https flag is useless but harmless.

[blyxxyz]

Is it OK to merely log this? I assume it leads to a harder error somewhere down the line and it's just hard to get it out of the task?

[blyxxyz]

Does this mean we have a separate timeout for each stage?

Will there be a timeout for e.g. a large file upload?

[blyxxyz]

Looks like tempfile can be used for this: https://docs.rs/tempfile/latest/tempfile/struct.Builder.html#examples-11

That way we also get cleanup

[ducaale]

Do you have tips for manually testing this?

I have been using Docker API but you can also use Bun which natively supports unix domain sockets

// bun index.js

async function* hello(times) {
  for (let i = 0; i < times; i++) {
    yield `data: hello ${i}\n\n`;
    await Bun.sleep(1000);
  }
}

const server = Bun.serve({
  unix: "/tmp/my-socket.sock",
  fetch(req){
    return new Response(hello(10), {
      headers: {
        "Content-Type": "text/event-stream",
        Connection: "keep-alive",
      }
    });
  }
});

console.log(`Listening on unix:///tmp/my-socket.sock`);

I'm noticing some decoding errors so I will have to investigate that

$ cargo r -- -v : --unix-socket=/tmp/my-socket.sock

...lines omitted

data: hello 7

data: hello 8

xh: error: error decoding response body

Caused by:
    0: request or response body error
    1: error reading a body from connection
    2: unexpected EOF during chunk size line