1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
|
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "HTTP::Tiny 3perl"
.TH HTTP::Tiny 3perl 2024-05-30 "perl v5.38.2" "Perl Programmers Reference Guide"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
HTTP::Tiny \- A small, simple, correct HTTP/1.1 client
.SH VERSION
.IX Header "VERSION"
version 0.086
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& use HTTP::Tiny;
\&
\& my $response = HTTP::Tiny\->new\->get(\*(Aqhttp://example.com/\*(Aq);
\&
\& die "Failed!\en" unless $response\->{success};
\&
\& print "$response\->{status} $response\->{reason}\en";
\&
\& while (my ($k, $v) = each %{$response\->{headers}}) {
\& for (ref $v eq \*(AqARRAY\*(Aq ? @$v : $v) {
\& print "$k: $_\en";
\& }
\& }
\&
\& print $response\->{content} if length $response\->{content};
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
This is a very simple HTTP/1.1 client, designed for doing simple
requests without the overhead of a large framework like LWP::UserAgent.
.PP
It is more correct and more complete than HTTP::Lite. It supports
proxies and redirection. It also correctly resumes after EINTR.
.PP
If IO::Socket::IP 0.25 or later is installed, HTTP::Tiny will use it instead
of IO::Socket::INET for transparent support for both IPv4 and IPv6.
.PP
Cookie support requires HTTP::CookieJar or an equivalent class.
.SH METHODS
.IX Header "METHODS"
.SS new
.IX Subsection "new"
.Vb 1
\& $http = HTTP::Tiny\->new( %attributes );
.Ve
.PP
This constructor returns a new HTTP::Tiny object. Valid attributes include:
.IP \(bu 4
\&\f(CW\*(C`agent\*(C'\fR — A user-agent string (defaults to 'HTTP\-Tiny/$VERSION'). If \f(CW\*(C`agent\*(C'\fR — ends in a space character, the default user-agent string is appended.
.IP \(bu 4
\&\f(CW\*(C`cookie_jar\*(C'\fR — An instance of HTTP::CookieJar — or equivalent class that supports the \f(CW\*(C`add\*(C'\fR and \f(CW\*(C`cookie_header\*(C'\fR methods
.IP \(bu 4
\&\f(CW\*(C`default_headers\*(C'\fR — A hashref of default headers to apply to requests
.IP \(bu 4
\&\f(CW\*(C`local_address\*(C'\fR — The local IP address to bind to
.IP \(bu 4
\&\f(CW\*(C`keep_alive\*(C'\fR — Whether to reuse the last connection (if for the same scheme, host and port) (defaults to 1)
.IP \(bu 4
\&\f(CW\*(C`max_redirect\*(C'\fR — Maximum number of redirects allowed (defaults to 5)
.IP \(bu 4
\&\f(CW\*(C`max_size\*(C'\fR — Maximum response size in bytes (only when not using a data callback). If defined, requests with responses larger than this will return a 599 status code.
.IP \(bu 4
\&\f(CW\*(C`http_proxy\*(C'\fR — URL of a proxy server to use for HTTP connections (default is \f(CW$ENV{http_proxy}\fR — if set)
.IP \(bu 4
\&\f(CW\*(C`https_proxy\*(C'\fR — URL of a proxy server to use for HTTPS connections (default is \f(CW$ENV{https_proxy}\fR — if set)
.IP \(bu 4
\&\f(CW\*(C`proxy\*(C'\fR — URL of a generic proxy server for both HTTP and HTTPS connections (default is \f(CW$ENV{all_proxy}\fR — if set)
.IP \(bu 4
\&\f(CW\*(C`no_proxy\*(C'\fR — List of domain suffixes that should not be proxied. Must be a comma-separated string or an array reference. (default is \f(CW$ENV{no_proxy}\fR —)
.IP \(bu 4
\&\f(CW\*(C`timeout\*(C'\fR — Request timeout in seconds (default is 60) If a socket open, read or write takes longer than the timeout, the request response status code will be 599.
.IP \(bu 4
\&\f(CW\*(C`verify_SSL\*(C'\fR — A boolean that indicates whether to validate the TLS/SSL certificate of an \f(CW\*(C`https\*(C'\fR — connection (default is true). Changed from false to true in version 0.083.
.IP \(bu 4
\&\f(CW\*(C`SSL_options\*(C'\fR — A hashref of \f(CW\*(C`SSL_*\*(C'\fR — options to pass through to IO::Socket::SSL
.IP \(bu 4
\&\f(CW$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}\fR \- Changes the default certificate verification behavior to not check server identity if set to 1. Only effective if \f(CW\*(C`verify_SSL\*(C'\fR is not set. Added in version 0.083.
.PP
An accessor/mutator method exists for each attribute.
.PP
Passing an explicit \f(CW\*(C`undef\*(C'\fR for \f(CW\*(C`proxy\*(C'\fR, \f(CW\*(C`http_proxy\*(C'\fR or \f(CW\*(C`https_proxy\*(C'\fR will
prevent getting the corresponding proxies from the environment.
.PP
Errors during request execution will result in a pseudo-HTTP status code of 599
and a reason of "Internal Exception". The content field in the response will
contain the text of the error.
.PP
The \f(CW\*(C`keep_alive\*(C'\fR parameter enables a persistent connection, but only to a
single destination scheme, host and port. If any connection-relevant
attributes are modified via accessor, or if the process ID or thread ID change,
the persistent connection will be dropped. If you want persistent connections
across multiple destinations, use multiple HTTP::Tiny objects.
.PP
See "SSL SUPPORT" for more on the \f(CW\*(C`verify_SSL\*(C'\fR and \f(CW\*(C`SSL_options\*(C'\fR attributes.
.SS get|head|put|post|patch|delete
.IX Subsection "get|head|put|post|patch|delete"
.Vb 3
\& $response = $http\->get($url);
\& $response = $http\->get($url, \e%options);
\& $response = $http\->head($url);
.Ve
.PP
These methods are shorthand for calling \f(CWrequest()\fR for the given method. The
URL must have unsafe characters escaped and international domain names encoded.
See \f(CWrequest()\fR for valid options and a description of the response.
.PP
The \f(CW\*(C`success\*(C'\fR field of the response will be true if the status code is 2XX.
.SS post_form
.IX Subsection "post_form"
.Vb 2
\& $response = $http\->post_form($url, $form_data);
\& $response = $http\->post_form($url, $form_data, \e%options);
.Ve
.PP
This method executes a \f(CW\*(C`POST\*(C'\fR request and sends the key/value pairs from a
form data hash or array reference to the given URL with a \f(CW\*(C`content\-type\*(C'\fR of
\&\f(CW\*(C`application/x\-www\-form\-urlencoded\*(C'\fR. If data is provided as an array
reference, the order is preserved; if provided as a hash reference, the terms
are sorted on key and value for consistency. See documentation for the
\&\f(CW\*(C`www_form_urlencode\*(C'\fR method for details on the encoding.
.PP
The URL must have unsafe characters escaped and international domain names
encoded. See \f(CWrequest()\fR for valid options and a description of the response.
Any \f(CW\*(C`content\-type\*(C'\fR header or content in the options hashref will be ignored.
.PP
The \f(CW\*(C`success\*(C'\fR field of the response will be true if the status code is 2XX.
.SS mirror
.IX Subsection "mirror"
.Vb 4
\& $response = $http\->mirror($url, $file, \e%options)
\& if ( $response\->{success} ) {
\& print "$file is up to date\en";
\& }
.Ve
.PP
Executes a \f(CW\*(C`GET\*(C'\fR request for the URL and saves the response body to the file
name provided. The URL must have unsafe characters escaped and international
domain names encoded. If the file already exists, the request will include an
\&\f(CW\*(C`If\-Modified\-Since\*(C'\fR header with the modification timestamp of the file. You
may specify a different \f(CW\*(C`If\-Modified\-Since\*(C'\fR header yourself in the \f(CW\*(C`$options\->{headers}\*(C'\fR hash.
.PP
The \f(CW\*(C`success\*(C'\fR field of the response will be true if the status code is 2XX
or if the status code is 304 (unmodified).
.PP
If the file was modified and the server response includes a properly
formatted \f(CW\*(C`Last\-Modified\*(C'\fR header, the file modification time will
be updated accordingly.
.SS request
.IX Subsection "request"
.Vb 2
\& $response = $http\->request($method, $url);
\& $response = $http\->request($method, $url, \e%options);
.Ve
.PP
Executes an HTTP request of the given method type ('GET', 'HEAD', 'POST',
\&'PUT', etc.) on the given URL. The URL must have unsafe characters escaped and
international domain names encoded.
.PP
\&\fBNOTE\fR: Method names are \fBcase-sensitive\fR per the HTTP/1.1 specification.
Don't use \f(CW\*(C`get\*(C'\fR when you really want \f(CW\*(C`GET\*(C'\fR. See LIMITATIONS for
how this applies to redirection.
.PP
If the URL includes a "user:password" stanza, they will be used for Basic-style
authorization headers. (Authorization headers will not be included in a
redirected request.) For example:
.PP
.Vb 1
\& $http\->request(\*(AqGET\*(Aq, \*(Aqhttp://Aladdin:open sesame@example.com/\*(Aq);
.Ve
.PP
If the "user:password" stanza contains reserved characters, they must
be percent-escaped:
.PP
.Vb 1
\& $http\->request(\*(AqGET\*(Aq, \*(Aqhttp://john%40example.com:password@example.com/\*(Aq);
.Ve
.PP
A hashref of options may be appended to modify the request.
.PP
Valid options are:
.IP \(bu 4
\&\f(CW\*(C`headers\*(C'\fR — A hashref containing headers to include with the request. If the value for a header is an array reference, the header will be output multiple times with each value in the array. These headers over-write any default headers.
.IP \(bu 4
\&\f(CW\*(C`content\*(C'\fR — A scalar to include as the body of the request OR a code reference that will be called iteratively to produce the body of the request
.IP \(bu 4
\&\f(CW\*(C`trailer_callback\*(C'\fR — A code reference that will be called if it exists to provide a hashref of trailing headers (only used with chunked transfer-encoding)
.IP \(bu 4
\&\f(CW\*(C`data_callback\*(C'\fR — A code reference that will be called for each chunks of the response body received.
.IP \(bu 4
\&\f(CW\*(C`peer\*(C'\fR — Override host resolution and force all connections to go only to a specific peer address, regardless of the URL of the request. This will include any redirections! This options should be used with extreme caution (e.g. debugging or very special circumstances). It can be given as either a scalar or a code reference that will receive the hostname and whose response will be taken as the address.
.PP
The \f(CW\*(C`Host\*(C'\fR header is generated from the URL in accordance with RFC 2616. It
is a fatal error to specify \f(CW\*(C`Host\*(C'\fR in the \f(CW\*(C`headers\*(C'\fR option. Other headers
may be ignored or overwritten if necessary for transport compliance.
.PP
If the \f(CW\*(C`content\*(C'\fR option is a code reference, it will be called iteratively
to provide the content body of the request. It should return the empty
string or undef when the iterator is exhausted.
.PP
If the \f(CW\*(C`content\*(C'\fR option is the empty string, no \f(CW\*(C`content\-type\*(C'\fR or
\&\f(CW\*(C`content\-length\*(C'\fR headers will be generated.
.PP
If the \f(CW\*(C`data_callback\*(C'\fR option is provided, it will be called iteratively until
the entire response body is received. The first argument will be a string
containing a chunk of the response body, the second argument will be the
in-progress response hash reference, as described below. (This allows
customizing the action of the callback based on the \f(CW\*(C`status\*(C'\fR or \f(CW\*(C`headers\*(C'\fR
received prior to the content body.)
.PP
Content data in the request/response is handled as "raw bytes". Any
encoding/decoding (with associated headers) are the responsibility of the
caller.
.PP
The \f(CW\*(C`request\*(C'\fR method returns a hashref containing the response. The hashref
will have the following keys:
.IP \(bu 4
\&\f(CW\*(C`success\*(C'\fR — Boolean indicating whether the operation returned a 2XX status code
.IP \(bu 4
\&\f(CW\*(C`url\*(C'\fR — URL that provided the response. This is the URL of the request unless there were redirections, in which case it is the last URL queried in a redirection chain
.IP \(bu 4
\&\f(CW\*(C`status\*(C'\fR — The HTTP status code of the response
.IP \(bu 4
\&\f(CW\*(C`reason\*(C'\fR — The response phrase returned by the server
.IP \(bu 4
\&\f(CW\*(C`content\*(C'\fR — The body of the response. If the response does not have any content or if a data callback is provided to consume the response body, this will be the empty string
.IP \(bu 4
\&\f(CW\*(C`headers\*(C'\fR — A hashref of header fields. All header field names will be normalized to be lower case. If a header is repeated, the value will be an arrayref; it will otherwise be a scalar string containing the value
.IP \(bu 4
\&\f(CW\*(C`protocol\*(C'\fR \- If this field exists, it is the protocol of the response such as HTTP/1.0 or HTTP/1.1
.IP \(bu 4
\&\f(CW\*(C`redirects\*(C'\fR If this field exists, it is an arrayref of response hash references from redirects in the same order that redirections occurred. If it does not exist, then no redirections occurred.
.PP
On an error during the execution of the request, the \f(CW\*(C`status\*(C'\fR field will
contain 599, and the \f(CW\*(C`content\*(C'\fR field will contain the text of the error.
.SS www_form_urlencode
.IX Subsection "www_form_urlencode"
.Vb 2
\& $params = $http\->www_form_urlencode( $data );
\& $response = $http\->get("http://example.com/query?$params");
.Ve
.PP
This method converts the key/value pairs from a data hash or array reference
into a \f(CW\*(C`x\-www\-form\-urlencoded\*(C'\fR string. The keys and values from the data
reference will be UTF\-8 encoded and escaped per RFC 3986. If a value is an
array reference, the key will be repeated with each of the values of the array
reference. If data is provided as a hash reference, the key/value pairs in the
resulting string will be sorted by key and value for consistent ordering.
.SS can_ssl
.IX Subsection "can_ssl"
.Vb 3
\& $ok = HTTP::Tiny\->can_ssl;
\& ($ok, $why) = HTTP::Tiny\->can_ssl;
\& ($ok, $why) = $http\->can_ssl;
.Ve
.PP
Indicates if SSL support is available. When called as a class object, it
checks for the correct version of Net::SSLeay and IO::Socket::SSL.
When called as an object methods, if \f(CW\*(C`SSL_verify\*(C'\fR is true or if \f(CW\*(C`SSL_verify_mode\*(C'\fR
is set in \f(CW\*(C`SSL_options\*(C'\fR, it checks that a CA file is available.
.PP
In scalar context, returns a boolean indicating if SSL is available.
In list context, returns the boolean and a (possibly multi-line) string of
errors indicating why SSL isn't available.
.SS connected
.IX Subsection "connected"
.Vb 2
\& $host = $http\->connected;
\& ($host, $port) = $http\->connected;
.Ve
.PP
Indicates if a connection to a peer is being kept alive, per the \f(CW\*(C`keep_alive\*(C'\fR
option.
.PP
In scalar context, returns the peer host and port, joined with a colon, or
\&\f(CW\*(C`undef\*(C'\fR (if no peer is connected).
In list context, returns the peer host and port or an empty list (if no peer
is connected).
.PP
\&\fBNote\fR: This method cannot reliably be used to discover whether the remote
host has closed its end of the socket.
.SH "TLS/SSL SUPPORT"
.IX Header "TLS/SSL SUPPORT"
Direct \f(CW\*(C`https\*(C'\fR connections are supported only if IO::Socket::SSL 1.56 or
greater and Net::SSLeay 1.49 or greater are installed. An error will occur
if new enough versions of these modules are not installed or if the TLS
encryption fails. You can also use \f(CWHTTP::Tiny::can_ssl()\fR utility function
that returns boolean to see if the required modules are installed.
.PP
An \f(CW\*(C`https\*(C'\fR connection may be made via an \f(CW\*(C`http\*(C'\fR proxy that supports the CONNECT
command (i.e. RFC 2817). You may not proxy \f(CW\*(C`https\*(C'\fR via a proxy that itself
requires \f(CW\*(C`https\*(C'\fR to communicate.
.PP
TLS/SSL provides two distinct capabilities:
.IP \(bu 4
Encrypted communication channel
.IP \(bu 4
Verification of server identity
.PP
\&\fBBy default, HTTP::Tiny verifies server identity\fR.
.PP
This was changed in version 0.083 due to security concerns. The previous default
behavior can be enabled by setting \f(CW$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}\fR
to 1.
.PP
Verification is done by checking that that the TLS/SSL connection has a valid
certificate corresponding to the host name of the connection and that the
certificate has been verified by a CA. Assuming you trust the CA, this will
protect against machine-in-the-middle
attacks <http://en.wikipedia.org/wiki/Machine-in-the-middle_attack>.
.PP
Certificate verification requires a file containing trusted CA certificates.
.PP
If the environment variable \f(CW\*(C`SSL_CERT_FILE\*(C'\fR is present, HTTP::Tiny
will try to find a CA certificate file in that location.
.PP
If the Mozilla::CA module is installed, HTTP::Tiny will use the CA file
included with it as a source of trusted CA's.
.PP
If that module is not available, then HTTP::Tiny will search several
system-specific default locations for a CA certificate file:
.IP \(bu 4
/etc/ssl/certs/ca\-certificates.crt
.IP \(bu 4
/etc/pki/tls/certs/ca\-bundle.crt
.IP \(bu 4
/etc/ssl/ca\-bundle.pem
.IP \(bu 4
/etc/openssl/certs/ca\-certificates.crt
.IP \(bu 4
/etc/ssl/cert.pem
.IP \(bu 4
/usr/local/share/certs/ca\-root\-nss.crt
.IP \(bu 4
/etc/pki/tls/cacert.pem
.IP \(bu 4
/etc/certs/ca\-certificates.crt
.PP
An error will be occur if \f(CW\*(C`verify_SSL\*(C'\fR is true and no CA certificate file
is available.
.PP
If you desire complete control over TLS/SSL connections, the \f(CW\*(C`SSL_options\*(C'\fR
attribute lets you provide a hash reference that will be passed through to
\&\f(CWIO::Socket::SSL::start_SSL()\fR, overriding any options set by HTTP::Tiny. For
example, to provide your own trusted CA file:
.PP
.Vb 3
\& SSL_options => {
\& SSL_ca_file => $file_path,
\& }
.Ve
.PP
The \f(CW\*(C`SSL_options\*(C'\fR attribute could also be used for such things as providing a
client certificate for authentication to a server or controlling the choice of
cipher used for the TLS/SSL connection. See IO::Socket::SSL documentation for
details.
.SH "PROXY SUPPORT"
.IX Header "PROXY SUPPORT"
HTTP::Tiny can proxy both \f(CW\*(C`http\*(C'\fR and \f(CW\*(C`https\*(C'\fR requests. Only Basic proxy
authorization is supported and it must be provided as part of the proxy URL:
\&\f(CW\*(C`http://user:pass@proxy.example.com/\*(C'\fR.
.PP
HTTP::Tiny supports the following proxy environment variables:
.IP \(bu 4
http_proxy or HTTP_PROXY
.IP \(bu 4
https_proxy or HTTPS_PROXY
.IP \(bu 4
all_proxy or ALL_PROXY
.PP
If the \f(CW\*(C`REQUEST_METHOD\*(C'\fR environment variable is set, then this might be a CGI
process and \f(CW\*(C`HTTP_PROXY\*(C'\fR would be set from the \f(CW\*(C`Proxy:\*(C'\fR header, which is a
security risk. If \f(CW\*(C`REQUEST_METHOD\*(C'\fR is set, \f(CW\*(C`HTTP_PROXY\*(C'\fR (the upper case
variant only) is ignored, but \f(CW\*(C`CGI_HTTP_PROXY\*(C'\fR is considered instead.
.PP
Tunnelling \f(CW\*(C`https\*(C'\fR over an \f(CW\*(C`http\*(C'\fR proxy using the CONNECT method is
supported. If your proxy uses \f(CW\*(C`https\*(C'\fR itself, you can not tunnel \f(CW\*(C`https\*(C'\fR
over it.
.PP
Be warned that proxying an \f(CW\*(C`https\*(C'\fR connection opens you to the risk of a
man-in-the-middle attack by the proxy server.
.PP
The \f(CW\*(C`no_proxy\*(C'\fR environment variable is supported in the format of a
comma-separated list of domain extensions proxy should not be used for.
.PP
Proxy arguments passed to \f(CW\*(C`new\*(C'\fR will override their corresponding
environment variables.
.SH LIMITATIONS
.IX Header "LIMITATIONS"
HTTP::Tiny is \fIconditionally compliant\fR with the
HTTP/1.1 specifications <http://www.w3.org/Protocols/>:
.IP \(bu 4
"Message Syntax and Routing" [RFC7230]
.IP \(bu 4
"Semantics and Content" [RFC7231]
.IP \(bu 4
"Conditional Requests" [RFC7232]
.IP \(bu 4
"Range Requests" [RFC7233]
.IP \(bu 4
"Caching" [RFC7234]
.IP \(bu 4
"Authentication" [RFC7235]
.PP
It attempts to meet all "MUST" requirements of the specification, but does not
implement all "SHOULD" requirements. (Note: it was developed against the
earlier RFC 2616 specification and may not yet meet the revised RFC 7230\-7235
spec.) Additionally, HTTP::Tiny supports the \f(CW\*(C`PATCH\*(C'\fR method of RFC 5789.
.PP
Some particular limitations of note include:
.IP \(bu 4
HTTP::Tiny focuses on correct transport. Users are responsible for ensuring
that user-defined headers and content are compliant with the HTTP/1.1
specification.
.IP \(bu 4
Users must ensure that URLs are properly escaped for unsafe characters and that
international domain names are properly encoded to ASCII. See URI::Escape,
URI::_punycode and Net::IDN::Encode.
.IP \(bu 4
Redirection is very strict against the specification. Redirection is only
automatic for response codes 301, 302, 307 and 308 if the request method is
\&'GET' or 'HEAD'. Response code 303 is always converted into a 'GET'
redirection, as mandated by the specification. There is no automatic support
for status 305 ("Use proxy") redirections.
.IP \(bu 4
There is no provision for delaying a request body using an \f(CW\*(C`Expect\*(C'\fR header.
Unexpected \f(CW\*(C`1XX\*(C'\fR responses are silently ignored as per the specification.
.IP \(bu 4
Only 'chunked' \f(CW\*(C`Transfer\-Encoding\*(C'\fR is supported.
.IP \(bu 4
There is no support for a Request-URI of '*' for the 'OPTIONS' request.
.IP \(bu 4
Headers mentioned in the RFCs and some other, well-known headers are
generated with their canonical case. Other headers are sent in the
case provided by the user. Except for control headers (which are sent first),
headers are sent in arbitrary order.
.PP
Despite the limitations listed above, HTTP::Tiny is considered
feature-complete. New feature requests should be directed to
HTTP::Tiny::UA.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
.IP \(bu 4
HTTP::Tiny::UA \- Higher level UA features for HTTP::Tiny
.IP \(bu 4
HTTP::Thin \- HTTP::Tiny wrapper with HTTP::Request/HTTP::Response compatibility
.IP \(bu 4
HTTP::Tiny::Mech \- Wrap WWW::Mechanize instance in HTTP::Tiny compatible interface
.IP \(bu 4
IO::Socket::IP \- Required for IPv6 support
.IP \(bu 4
IO::Socket::SSL \- Required for SSL support
.IP \(bu 4
LWP::UserAgent \- If HTTP::Tiny isn't enough for you, this is the "standard" way to do things
.IP \(bu 4
Mozilla::CA \- Required if you want to validate SSL certificates
.IP \(bu 4
Net::SSLeay \- Required for SSL support
.SH SUPPORT
.IX Header "SUPPORT"
.SS "Bugs / Feature Requests"
.IX Subsection "Bugs / Feature Requests"
Please report any bugs or feature requests through the issue tracker
at <https://github.com/chansen/p5\-http\-tiny/issues>.
You will be notified automatically of any progress on your issue.
.SS "Source Code"
.IX Subsection "Source Code"
This is open source software. The code repository is available for
public review and contribution under the terms of the license.
.PP
<https://github.com/chansen/p5\-http\-tiny>
.PP
.Vb 1
\& git clone https://github.com/chansen/p5\-http\-tiny.git
.Ve
.SH AUTHORS
.IX Header "AUTHORS"
.IP \(bu 4
Christian Hansen <chansen@cpan.org>
.IP \(bu 4
David Golden <dagolden@cpan.org>
.SH CONTRIBUTORS
.IX Header "CONTRIBUTORS"
.IP \(bu 4
Alan Gardner <gardner@pythian.com>
.IP \(bu 4
Alessandro Ghedini <al3xbio@gmail.com>
.IP \(bu 4
A. Sinan Unur <nanis@cpan.org>
.IP \(bu 4
Brad Gilbert <bgills@cpan.org>
.IP \(bu 4
brian m. carlson <sandals@crustytoothpaste.net>
.IP \(bu 4
Chris Nehren <apeiron@cpan.org>
.IP \(bu 4
Chris Weyl <cweyl@alumni.drew.edu>
.IP \(bu 4
Claes Jakobsson <claes@surfar.nu>
.IP \(bu 4
Clinton Gormley <clint@traveljury.com>
.IP \(bu 4
Craig A. Berry <craigberry@mac.com>
.IP \(bu 4
Craig Berry <cberry@cpan.org>
.IP \(bu 4
David Golden <xdg@xdg.me>
.IP \(bu 4
David Mitchell <davem@iabyn.com>
.IP \(bu 4
Dean Pearce <pearce@pythian.com>
.IP \(bu 4
Edward Zborowski <ed@rubensteintech.com>
.IP \(bu 4
Felipe Gasper <felipe@felipegasper.com>
.IP \(bu 4
Graham Knop <haarg@haarg.org>
.IP \(bu 4
Greg Kennedy <kennedy.greg@gmail.com>
.IP \(bu 4
James E Keenan <jkeenan@cpan.org>
.IP \(bu 4
James Raspass <jraspass@gmail.com>
.IP \(bu 4
Jeremy Mates <jmates@cpan.org>
.IP \(bu 4
Jess Robinson <castaway@desert\-island.me.uk>
.IP \(bu 4
Karen Etheridge <ether@cpan.org>
.IP \(bu 4
Lukas Eklund <leklund@gmail.com>
.IP \(bu 4
Martin J. Evans <mjegh@ntlworld.com>
.IP \(bu 4
Martin-Louis Bright <mlbright@gmail.com>
.IP \(bu 4
Matthew Horsfall <wolfsage@gmail.com>
.IP \(bu 4
Michael R. Davis <mrdvt92@users.noreply.github.com>
.IP \(bu 4
Mike Doherty <doherty@cpan.org>
.IP \(bu 4
Nicolas Rochelemagne <rochelemagne@cpanel.net>
.IP \(bu 4
Olaf Alders <olaf@wundersolutions.com>
.IP \(bu 4
Olivier Mengué <dolmen@cpan.org>
.IP \(bu 4
Petr Písař <ppisar@redhat.com>
.IP \(bu 4
sanjay-cpu <snjkmr32@gmail.com>
.IP \(bu 4
Serguei Trouchelle <stro@cpan.org>
.IP \(bu 4
Shoichi Kaji <skaji@cpan.org>
.IP \(bu 4
SkyMarshal <skymarshal1729@gmail.com>
.IP \(bu 4
Sören Kornetzki <soeren.kornetzki@delti.com>
.IP \(bu 4
Steve Grazzini <steve.grazzini@grantstreet.com>
.IP \(bu 4
Stig Palmquist <git@stig.io>
.IP \(bu 4
Syohei YOSHIDA <syohex@gmail.com>
.IP \(bu 4
Tatsuhiko Miyagawa <miyagawa@bulknews.net>
.IP \(bu 4
Tom Hukins <tom@eborcom.com>
.IP \(bu 4
Tony Cook <tony@develop\-help.com>
.IP \(bu 4
Xavier Guimard <yadd@debian.org>
.SH "COPYRIGHT AND LICENSE"
.IX Header "COPYRIGHT AND LICENSE"
This software is copyright (c) 2023 by Christian Hansen.
.PP
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.
|