HN
Today

TIL: You can make HTTP requests without curl using Bash /dev/TCP

Discover how bash /dev/tcp allows raw HTTP requests in stripped-down container environments, a clever hack when curl is nowhere to be found. This TIL-worthy trick, while not a curl replacement, highlights Bash's surprising network capabilities for quick connectivity checks. The discussion delves into the finer points of HTTP protocol handling and the ongoing debate about minimalism in container images.

31
Score
8
Comments
#3
Highest Rank
5h
on Front Page
First Seen
Jun 16, 5:00 PM
Last Seen
Jun 16, 9:00 PM
Rank Over Time
45375

The Lowdown

The author shares a "Today I Learned" moment about using bash /dev/tcp to make HTTP requests without relying on curl or wget, a necessity he encountered in a highly stripped-down Docker container.

  • The core technique involves exec 3<>/dev/tcp/host/port to open a TCP socket as file descriptor 3, then using printf to manually construct and send HTTP requests to that descriptor.
  • A crucial detail is including Connection: close in the HTTP headers to ensure the server closes the connection, allowing cat <&3 to terminate gracefully rather than hanging indefinitely.
  • This method is limited to plaintext HTTP as it lacks built-in TLS support; HTTPS requires external tools like openssl s_client, at which point dedicated HTTP clients become more practical.
  • It's a Bash-specific feature, not POSIX, and depends on Bash being compiled with --enable-net-redirections (though commonly enabled).

Ultimately, this technique is presented as a valuable workaround for diagnostic checks in extremely minimal environments where standard tools are absent, rather than a general-purpose HTTP client.

The Gossip

Protocol Purity vs. Practical Prowess

While the article's title playfully suggests "Bash can speak HTTP," commenters are quick to clarify that Bash merely provides the raw TCP socket. The user is, in fact, manually crafting the HTTP protocol. Many acknowledge the cleverness of this hack for specific, constrained scenarios like quick connectivity checks in minimal containers, but caution against using it for complex, real-world HTTP interactions. For robust handling of headers, redirects, and encodings, `curl`'s comprehensive features remain indispensable.

Container Conundrums and `curl`'s Credibility

A significant thread in the discussion centers on the philosophy of container image minimalism. Some argue that `curl` is such a fundamental tool for debugging and connectivity checks that it should be included even in "slim" production images. Conversely, others defend the practice of highly stripped-down images, citing security benefits (reduced attack surface), smaller image sizes, and faster deployments as reasons to omit non-essential tools. The article's `bash /dev/tcp` technique is thus positioned as a valuable workaround for these ultra-minimal environments where `curl` is intentionally absent.