Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
By Sarah Gooding - Aug 22, 2025
httpclient
httpclient - HTTP accessing library. 
Copyright (C) 2000-2015 NAKAMURA, Hiroshi nahi@ruby-lang.org.
'httpclient' gives something like the functionality of libwww-perl (LWP) in Ruby. 'httpclient' formerly known as 'http-access2'.
See HTTPClient for documentation.
Features
- methods like GET/HEAD/POST/* via HTTP/1.1.
- HTTPS(SSL), Cookies, proxy, authentication(Digest, NTLM, Basic), etc.
- asynchronous HTTP request, streaming HTTP request.
- debug mode CLI.
- by contrast with net/http in standard distribution;
- Cookies support
- MT-safe
- streaming POST (POST with File/IO)
- Digest auth
- Negotiate/NTLM auth for WWW-Authenticate (requires net/ntlm module; rubyntlm gem)
- NTLM auth for Proxy-Authenticate (requires 'win32/sspi' module; rubysspi gem)
- extensible with filter interface
- you don't have to care HTTP/1.1 persistent connection (httpclient cares instead of you)
- Not supported now
- Cache
- Rather advanced HTTP/1.1 usage such as Range, deflate, etc. (of course you can set it in header by yourself)
httpclient command
Usage: 1) httpclient get https://www.google.co.jp/?q=ruby
Usage: 2) httpclient
For 1) it issues a GET request to the given URI and shows the wiredump and the parsed result. For 2) it invokes irb shell with the binding that has a HTTPClient as 'self'. You can call HTTPClient instance methods like;
get "https://www.google.co.jp/", :q => :ruby
Author
- Name:: Hiroshi Nakamura
- E-mail:: nahi@ruby-lang.org
- Project web site:: http://github.com/nahi/httpclient
License
This program is copyrighted free software by NAKAMURA, Hiroshi. You can redistribute it and/or modify it under the same terms of Ruby's license; either the dual license version in 2003, or any later version.
httpclient/session.rb is based on http-access.rb in http-access/0.0.4. Some part of it is copyrighted by Maebashi-san who made and published http-access/0.0.4. http-access/0.0.4 did not include license notice but when I asked Maebashi-san he agreed that I can redistribute it under the same terms of Ruby. Many thanks to Maebashi-san.
Install
You can install httpclient via rubygems: gem install httpclient
Usage
See HTTPClient for documentation. You can also check sample/howto.rb how to use APIs.
Bug report or Feature request
Please file a ticket at the project web site.
- find a similar ticket from https://github.com/nahi/httpclient/issues
- create a new ticket by clicking 'Create Issue' button.
- you can use github features such as pull-request if you like.
Changes
See ChangeLog
FAQs
Unknown package
We found that httpclient demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 Feb 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
By Sarah Gooding - Aug 22, 2025
Research
/Security News
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
By Kirill Boychenko - Aug 21, 2025