Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
com.github.kevinsawicki:http-request
Advanced tools
A simple convenience library for using a HttpURLConnection to make requests and access the response.
This library is available under the MIT License.
The http-request library is available from Maven Central.
<dependency>
<groupId>com.github.kevinsawicki</groupId>
<artifactId>http-request</artifactId>
<version>5.6</version>
</dependency>
Not using Maven? Simply copy the HttpRequest class into your project, update the package declaration, and you are good to go.
Javadocs are available here.
See here for a list of known projects using this library.
This library was written to make HTTP requests simple and easy when using a HttpURLConnection
.
Libraries like Apache HttpComponents are great but sometimes
for either simplicity, or perhaps for the environment you are deploying to (Android),
you just want to use a good old-fashioned HttpURLConnection
. This library seeks
to add convenience and common patterns to the act of making HTTP requests such as
a fluid-interface for building requests and support for features such as multipart
requests.
Bottom line: The single goal of this library is to improve the usability of the
HttpURLConnection
class.
None. The goal of this library is to be a single class class with some inner static classes. The test project does require Jetty in order to test requests against an actual HTTP server implementation.
The HttpRequest
class does not throw any checked exceptions, instead all low-level
exceptions are wrapped up in a HttpRequestException
which extends RuntimeException
.
You can access the underlying exception by catching HttpRequestException
and calling
getCause()
which will always return the original IOException
.
No. The underlying HttpUrlConnection
object that each HttpRequest
object wraps has a synchronous API and therefore all methods on HttpRequest
are also synchronous.
Therefore it is important to not use an HttpRequest
object on the main thread
of your application.
Here is a simple Android example of using it from an AsyncTask:
private class DownloadTask extends AsyncTask<String, Long, File> {
protected File doInBackground(String... urls) {
try {
HttpRequest request = HttpRequest.get(urls[0]);
File file = null;
if (request.ok()) {
file = File.createTempFile("download", ".tmp");
request.receive(file);
publishProgress(file.length());
}
return file;
} catch (HttpRequestException exception) {
return null;
}
}
protected void onProgressUpdate(Long... progress) {
Log.d("MyApp", "Downloaded bytes: " + progress[0]);
}
protected void onPostExecute(File file) {
if (file != null)
Log.d("MyApp", "Downloaded file to: " + file.getAbsolutePath());
else
Log.d("MyApp", "Download failed");
}
}
new DownloadTask().execute("http://google.com");
int response = HttpRequest.get("http://google.com").code();
String response = HttpRequest.get("http://google.com").body();
System.out.println("Response was: " + response);
HttpRequest.get("http://google.com").receive(System.out);
HttpRequest request = HttpRequest.get("http://google.com", true, 'q', "baseball gloves", "size", 100);
System.out.println(request.toString()); // GET http://google.com?q=baseball%20gloves&size=100
int[] ids = new int[] { 22, 23 };
HttpRequest request = HttpRequest.get("http://google.com", true, "id", ids);
System.out.println(request.toString()); // GET http://google.com?id[]=22&id[]=23
String contentType = HttpRequest.get("http://google.com")
.accept("application/json") //Sets request header
.contentType(); //Gets response header
System.out.println("Response content type was " + contentType);
int response = HttpRequest.post("http://google.com").send("name=kevin").code();
int response = HttpRequest.get("http://google.com").basic("username", "p4ssw0rd").code();
HttpRequest request = HttpRequest.post("http://google.com");
request.part("status[body]", "Making a multipart request");
request.part("status[image]", new File("/home/kevin/Pictures/ide.png"));
if (request.ok())
System.out.println("Status was updated");
Map<String, String> data = new HashMap<String, String>();
data.put("user", "A User");
data.put("state", "CA");
if (HttpRequest.post("http://google.com").form(data).created())
System.out.println("User was created");
File output = new File("/output/request.out");
HttpRequest.get("http://google.com").receive(output);
File input = new File("/input/data.txt");
int response = HttpRequest.post("http://google.com").send(input).code();
File latest = new File("/data/cache.json");
HttpRequest request = HttpRequest.get("http://google.com");
//Copy response to file
request.receive(latest);
//Store eTag of response
String eTag = request.eTag();
//Later on check if changes exist
boolean unchanged = HttpRequest.get("http://google.com")
.ifNoneMatch(eTag)
.notModified();
HttpRequest request = HttpRequest.get("http://google.com");
//Tell server to gzip response and automatically uncompress
request.acceptGzipEncoding().uncompress(true);
String uncompressed = request.body();
System.out.println("Uncompressed response is: " + uncompressed);
HttpRequest request = HttpRequest.get("https://google.com");
//Accept all certificates
request.trustAllCerts();
//Accept all hostnames
request.trustAllHosts();
HttpRequest request = HttpRequest.get("https://google.com");
//Configure proxy
request.useProxy("localhost", 8080);
//Optional proxy basic authentication
request.proxyBasic("username", "p4ssw0rd");
int code = HttpRequest.get("http://google.com").followRedirects(true).code();
Looking to use this library with OkHttp? Read here.
HttpRequest.setConnectionFactory(new ConnectionFactory() {
public HttpURLConnection create(URL url) throws IOException {
if (!"https".equals(url.getProtocol()))
throw new IOException("Only secure requests are allowed");
return (HttpURLConnection) url.openConnection();
}
public HttpURLConnection create(URL url, Proxy proxy) throws IOException {
if (!"https".equals(url.getProtocol()))
throw new IOException("Only secure requests are allowed");
return (HttpURLConnection) url.openConnection(proxy);
}
});
FAQs
Library for making HTTP requests
We found that com.github.kevinsawicki:http-request demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.