top | item 41643242

(no title)

Only 3.4k of C code for a full http and https server? I honestly thought you would need a lot more for it to be fully compliant with the spec.

discuss

ironhaven|1 year ago

Http/1.1 is dead simple if you ignore most of the spec. If you only take get requests and set content-length on response you will be good for 99% of user agents. It’s not much more code to handle the transfer-encoding and byte-range headers. HTTPS is just http over a tls socket which is the level of abstraction you should have if you don’t roll your own crypto.

It’s fun and not that bad really.

AnotherGoodName|1 year ago

Yeah I’ve done this for embedded devices. A website can be presented with nothing more than a raw socket and sending back a text string of http headers and html in a single text string when people connect to it.

Hell if you’re really lazy you can forgo responding with the http headers and just socket.write(“hello world”) as the response and all the major browsers will render “hello world” to the user. Properly formatted http headers are just a text string extra and the html is just text. There’s not much to it.

folmar|1 year ago

And TLS can be handle by kernel if you target linux only. https://docs.kernel.org/networking/tls.html

sph|1 year ago

Why HTTP/1.1?

Everybody speaks HTTP/1.0 and it is even simpler.

ninjin|1 year ago

It feels about right to me. OpenBSD's httpd(8) [1] currently clocks in at just below 15,000 lines when you include its documentation. Take away a few features, make a few assumptions , and I would not be surprised we are in the 5,000 lines territory like this project.

    $ wc -l *
        31 Makefile
       910 config.c
       314 control.c
        34 css.h.in
       257 http.h
       100 httpd.8
      1262 httpd.c
       882 httpd.conf.5
       843 httpd.h
        19 js.h.in
       218 log.c
       319 logger.c
      2563 parse.y
       309 patterns.7
       713 patterns.c
        46 patterns.h
       829 proc.c
      1484 server.c
       849 server_fcgi.c
       826 server_file.c
      1997 server_http.c
        10 toheader.sed
     14815 total

[1]: https://man.openbsd.org/httpd.8

cozzyd|1 year ago

I wrote a simple embedded C webserver to provide a liveview of data acquisition for one of my experiments that weighs in at <250LOC. Ok, I wouldn't put it on the public internet, and it only implements a small fraction of HTTP/1.1, but it works and only requires mallocing at initialization...

rwmj|1 year ago

If you control the client, you can make webservers that are very small indeed. Here's one we use for local testing, where we know the client will be libcurl and know exactly what requests will be made: https://gitlab.com/nbdkit/nbdkit/-/blob/master/tests/web-ser... Basically 600 LoC. It would be completely insecure if exposed to the internet, but (by design) it can only serve over Unix domain sockets.

fanf2|1 year ago

There are a few other HTTP/1.1 servers at that kind of size https://www.acme.com/software/thttpd/benchmarks.html