Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lack of support for unix domain sockets #53

Open
hadmut opened this issue Apr 18, 2022 · 0 comments
Open

Lack of support for unix domain sockets #53

hadmut opened this issue Apr 18, 2022 · 0 comments

Comments

@hadmut
Copy link

hadmut commented Apr 18, 2022

Hi,

it's a common practice and used in an increasing number or projects to offer HTTP interfaces, especially REST APIs, over unix domain sockets instead of regular TCP, for several reasons, most prominent security. The socket is not accessible over internet, no matter how broken firewalling and network filtering is, and unix file system rights can be applied, e.g. limit the access to owner, group or extended file permissions (acl). Daemons like snapd or docker engine offer their APIs as HTTP/REST over unix domain sockets.

Therefore, it is not just a strange thing that ruby/net-http does not just not support unix-domain sockets, but seems to completely ignore all requests to implement, e.g.

https://bugs.ruby-lang.org/issues/13719

https://bugs.ruby-lang.org/issues/17166

and even desperate attempts to workaround:

https://github.com/puppetlabs/net_http_unix

which, as a wrapper around net/http, solves the problem with just a few lines of code, but can be used in your own code, eight years old. Unfortunately, it doesn't help with all those libs directly based on net/http, such as ruby rest-client.

I wonder why the maintainers of net/http silently ignore all those requests without any comment (at least, I didn't find one), while other languages like python do handle unix domain sockets (which exist, if I remember correctly, for at least about 35 years). It's a shame that one has to prefer python over ruby for easy access to unix domain rest apis.

Is there any particular reason for not supporting http over unix domain sockets?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

1 participant