http-server icon indicating copy to clipboard operation
http-server copied to clipboard
verified publisher icon http-party

Support HTTP PUT requests via a flag

Open LeaVerou opened this issue 8 years ago • 6 comments

It would be super useful for making local web apps that can also write files.

LeaVerou avatar Sep 10 '17 22:09 LeaVerou

@LeaVerou first, I love your work, and am excited you're using http-server. 😄

Second, this is a "future direction" question for this project, but one I'd be more than happy to discuss.

FWIW, I'd very much like this project to more fully support HTTP, but I fear it turning into "yet another nginx" (or whatever) and loosing it's simplicity and focus. Also, adding the ability to write files introduces security risks this project (mostly) avoids by being a read-only HTTP server.

The focus is currently on continuing to build "a simple zero-configuration command-line http server." I'm not sure (yet) how to add PUT in a way that doesn't come with the overhead of users, access control, permissions, etc.

Thoughts?

BigBlueHat avatar Sep 21 '17 13:09 BigBlueHat

@LeaVerou first, I love your work, and am excited you're using http-server. 😄

Aw, thank you! 😊 I use http-server locally all the time, I literally have 4 running right now. Thank you so much for making it!

FWIW, I'd very much like this project to more fully support HTTP, but I fear it turning into "yet another nginx" (or whatever) and loosing it's simplicity and focus.

Absolutely. But supporting PUT would make would be an easy way to create local apps that write files, which despite advances to the Web platform, is still rather hard.

Also, adding the ability to write files introduces security risks this project (mostly) avoids by being a read-only HTTP server.

But I would assume most people run it locally, as an alternative to python -m SimpleHTTPServer, no?

I'm not sure (yet) how to add PUT in a way that doesn't come with the overhead of users, access control, permissions, etc.

That would definitely be overkill! However, if my assumption above is correct (that most people run it locally), are these really needed?

LeaVerou avatar Sep 22 '17 04:09 LeaVerou

First, @indexzero actual gets all the credit for this project. I'm just here to keep it running. 😃

Second, I'm all for adding PUT (and perhaps POST) for "local only" usage. Think we'd just need some gigantic warning or something...and being very careful with the write-space limitations (so as not to let folks PUT ../../../whatever.dll (or some such).

Pull Requests most welcome. 😁

BigBlueHat avatar Oct 12 '17 19:10 BigBlueHat

POST support that does not write anything and just serves static files would useful as well to debug applications which send POST requests instead of GET.

yura-pakhuchiy avatar Oct 21 '17 06:10 yura-pakhuchiy

@yura-pakhuchiy could you file another issue for that? I'm not sure what the expected behavior here would be, so explaining that would be ideal. Thanks!

BigBlueHat avatar Dec 04 '17 16:12 BigBlueHat

This issue has been inactive for 180 days

github-actions[bot] avatar Aug 31 '21 12:08 github-actions[bot]