top | item 45338561 Fine-grained HTTP filtering for Claude Code 88 points| ammario | 5 months ago |ammar.io 11 comments order hn newest simonw|5 months ago This describes httpjail, a new Rust sandbox proxy tool: https://github.com/coder/httpjailIt works for any process, not just Claude Code. I got it working with Codex CLI like this: httpjail --js "r.host === 'chatgpt.com'" -- codex After installing it using Cargo (and Homebrew): brew upgrade rust cargo install httpjail I wrote more notes about it here: https://simonwillison.net/2025/Sep/19/httpjail/ mandrade2|5 months ago > Allow only GET requests i.e. make the internet read-onlyIf only developers never made use of GET to modify resources...https://www.reddit.com/r/webdev/comments/6999x7/comment/dh4v... userbinator|5 months ago Ironically, your URL demonstrates this nicely, having a bunch of extra superfluous parameters that only serve to update some tracking database. Here is the "cleaned" URL: https://www.reddit.com/r/webdev/comments/6999x7/comment/dh4v...I thought it'd be this old but memorable article: https://thedailywtf.com/articles/The_Spider_of_Doom andy99|5 months ago Am I misunderstanding this one? GET still sends information to another server, what is the "read only" aspect? load replies (3) moderation|5 months ago Previously [0]0. https://news.ycombinator.com/item?id=45307459 dang|5 months ago We'll merge that comment hither. Thanks! load replies (1)
simonw|5 months ago This describes httpjail, a new Rust sandbox proxy tool: https://github.com/coder/httpjailIt works for any process, not just Claude Code. I got it working with Codex CLI like this: httpjail --js "r.host === 'chatgpt.com'" -- codex After installing it using Cargo (and Homebrew): brew upgrade rust cargo install httpjail I wrote more notes about it here: https://simonwillison.net/2025/Sep/19/httpjail/
mandrade2|5 months ago > Allow only GET requests i.e. make the internet read-onlyIf only developers never made use of GET to modify resources...https://www.reddit.com/r/webdev/comments/6999x7/comment/dh4v... userbinator|5 months ago Ironically, your URL demonstrates this nicely, having a bunch of extra superfluous parameters that only serve to update some tracking database. Here is the "cleaned" URL: https://www.reddit.com/r/webdev/comments/6999x7/comment/dh4v...I thought it'd be this old but memorable article: https://thedailywtf.com/articles/The_Spider_of_Doom andy99|5 months ago Am I misunderstanding this one? GET still sends information to another server, what is the "read only" aspect? load replies (3)
userbinator|5 months ago Ironically, your URL demonstrates this nicely, having a bunch of extra superfluous parameters that only serve to update some tracking database. Here is the "cleaned" URL: https://www.reddit.com/r/webdev/comments/6999x7/comment/dh4v...I thought it'd be this old but memorable article: https://thedailywtf.com/articles/The_Spider_of_Doom
andy99|5 months ago Am I misunderstanding this one? GET still sends information to another server, what is the "read only" aspect? load replies (3)
moderation|5 months ago Previously [0]0. https://news.ycombinator.com/item?id=45307459 dang|5 months ago We'll merge that comment hither. Thanks! load replies (1)
simonw|5 months ago
It works for any process, not just Claude Code. I got it working with Codex CLI like this:
After installing it using Cargo (and Homebrew): I wrote more notes about it here: https://simonwillison.net/2025/Sep/19/httpjail/mandrade2|5 months ago
If only developers never made use of GET to modify resources...
https://www.reddit.com/r/webdev/comments/6999x7/comment/dh4v...
userbinator|5 months ago
I thought it'd be this old but memorable article: https://thedailywtf.com/articles/The_Spider_of_Doom
andy99|5 months ago
moderation|5 months ago
0. https://news.ycombinator.com/item?id=45307459
dang|5 months ago