{"id":23591476,"url":"https://github.com/dvob/http-server","last_synced_at":"2025-10-12T05:12:24.489Z","repository":{"id":65447667,"uuid":"252572468","full_name":"dvob/http-server","owner":"dvob","description":"Simple HTTP server to debug HTTP clients","archived":false,"fork":false,"pushed_at":"2025-07-21T19:13:24.000Z","size":60,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-09-29T09:34:48.037Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dvob.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-04-02T21:52:00.000Z","updated_at":"2025-07-21T19:13:28.000Z","dependencies_parsed_at":"2025-05-17T10:35:47.954Z","dependency_job_id":null,"html_url":"https://github.com/dvob/http-server","commit_stats":null,"previous_names":["dsbrng25b/http-server"],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/dvob/http-server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvob%2Fhttp-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvob%2Fhttp-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvob%2Fhttp-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvob%2Fhttp-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dvob","download_url":"https://codeload.github.com/dvob/http-server/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dvob%2Fhttp-server/sbom","scorecard":{"id":357453,"data":{"date":"2025-08-11","repo":{"name":"github.com/dvob/http-server","commit":"f3f0a2e4aa36779fa9e454109360bf68c61b526f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Maintained","score":0,"reason":"1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/dvob/http-server/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/dvob/http-server/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/dvob/http-server/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/dvob/http-server/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/dvob/http-server/main.yml/main?enable=pin","Warn: goCommand not pinned by hash: .github/workflows/main.yml:26","Warn: goCommand not pinned by hash: .github/workflows/main.yml:27","Warn: goCommand not pinned by hash: .github/workflows/main.yml:50","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   3 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.1.3 not signed: https://api.github.com/repos/dvob/http-server/releases/123450048","Warn: release artifact v0.1.2 not signed: https://api.github.com/repos/dvob/http-server/releases/123448974","Warn: release artifact v0.1.1 not signed: https://api.github.com/repos/dvob/http-server/releases/119472023","Warn: release artifact v0.1.0 not signed: https://api.github.com/repos/dvob/http-server/releases/91015943","Warn: release artifact v0.0.9 not signed: https://api.github.com/repos/dvob/http-server/releases/42839450","Warn: release artifact v0.1.3 does not have provenance: https://api.github.com/repos/dvob/http-server/releases/123450048","Warn: release artifact v0.1.2 does not have provenance: https://api.github.com/repos/dvob/http-server/releases/123448974","Warn: release artifact v0.1.1 does not have provenance: https://api.github.com/repos/dvob/http-server/releases/119472023","Warn: release artifact v0.1.0 does not have provenance: https://api.github.com/repos/dvob/http-server/releases/91015943","Warn: release artifact v0.0.9 does not have provenance: https://api.github.com/repos/dvob/http-server/releases/42839450"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T09:56:38.716Z","repository_id":65447667,"created_at":"2025-08-18T09:56:38.716Z","updated_at":"2025-08-18T09:56:38.716Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279010342,"owners_count":26084738,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-12T02:00:06.719Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-27T07:39:10.098Z","updated_at":"2025-10-12T05:12:24.453Z","avatar_url":"https://github.com/dvob.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# http-server\nThis started as a very basic HTTP server which I regularly use to debug HTTP-Clients, Loadbalancers and so forth.\n\nFor version 0.1.x I started to cleanup the code and make the configuration more versatile.\nSee `http-server -h` for available options.\n\n## Usage\n```\nhttp-server [OPTIONS] [CONFIG]\n```\n\n* Accept requests on `0.0.0.0:80` and return\n```\nhttp-server\n```\n\n* Listen on port `8080`:\n```\nhttp-server -addr :8080\n```\n\n## Handler Configuration\nBy default the server just returns the status code `200` and sends `ok` in the response body. But you can configure in detail what action should be performed.\n\nThere are two things you can configure for each path:\n* A number of ***middleware***\n* One ***handler***\n\nA request then runs through each middleware in the order in which the middlewares are specified and at the end a handler produces the response.\nIn the following example a request would first run through the `log` and `json` middleware and then the `static` handler would produce the response.\n```\nhttp-server log json static\n```\nIt's recommended to always use single quotes for the config. They are not needed but if you later use more complex configurations the quoting of the shell can easily mess up your configuration.\n\nYou can specify a paths as follows. In the following example requests to `/info` would run through the `log` middleware and then the `info` handler would return some information about the host and the request.\nEvery other request (`/`) would be sent through the  `log` middleware and then return the `static` handler would return a static response (`ok`).\n```\nhttp-server '/info: log info /: log static'\n```\n\nYou can also configure the indidual handlers. The following example returns `foo` on the path `/foo` and a `404` not found error with the text `here is nothing` on every other path.\n```\nhttp-server '/foo: log static{body: foo} /: log static{body: \"here is nothing\", code: 404}'\n```\n\n## TLS\nIf you enable TLS the `http-server` changes it's default port to `:443`.\n\n### Let's Encrypt\nIf you use the `-tls-hosts` option the server will automatically perform the ACME with Let's Encrypt for the specified hosts:\n```\nhttp-server -tls-hosts www.myhost1.com,myhost1.com\n```\n\n### Certifictes\nGenerate TLS certificate and key:\n```\noenssl req -x509 -newkey rsa:4096 -keyout tls.key -out tls.crt -days 365 -nodes -subj '/CN=simple-server' -extensions v3_req -config \u003c( echo -e \"[req]\\ndistinguished_name=req\\n[v3_req]\\nsubjectAltName = @alt_names\\n[alt_names]\\nDNS.1 = localhost\\nDNS.2 = simple-server.local\\nIP.1 = 127.0.0.1\" )\n```\nAlternatively you could use [pcert](https://github.com/dvob/pcert) to create a certificate in a much simpler way:\n```\npcert create tls --subject \"/CN=simple-server\" --dns localhost --dns simple-server.local --ip 127.0.0.1\n```\n\nAnd then use the following options:\n```\nhttp-server -tls-cert tls.crt -tls-key tls.key\n```\n\n## Docker\n* Run\n```\ndocker run -p 8080:8080 --rm dvob/http-server\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdvob%2Fhttp-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdvob%2Fhttp-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdvob%2Fhttp-server/lists"}