http

package standard library

Versions in this module

go1

go1.18.10

Jan 10, 2023 GO-2023-1571GO-2023-1878GO-2023-2102GO-2024-2600GO-2024-2687GO-2024-2963GO-2025-3420GO-2025-3503GO-2025-3751GO-2025-4012GO-2026-4918

GO-2023-1571: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1878: Insufficient sanitization of Host header in net/http

GO-2023-2102: HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2600: Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

GO-2024-2687: HTTP/2 CONTINUATION flood in net/http

GO-2024-2963: Denial of service due to improper 100-continue handling in net/http

GO-2025-3420: Sensitive headers incorrectly sent after cross-domain redirect in net/http

GO-2025-3503: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

GO-2025-3751: Sensitive headers not cleared on cross-origin redirect in net/http

GO-2025-4012: Lack of limit when parsing cookies can cause memory exhaustion in net/http

GO-2026-4918: Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

Changes in this version

+ const DefaultMaxHeaderBytes

+ const DefaultMaxIdleConnsPerHost

+ const MethodConnect

+ const MethodDelete

+ const MethodGet

+ const MethodHead

+ const MethodOptions

+ const MethodPatch

+ const MethodPost

+ const MethodPut

+ const MethodTrace

+ const StatusAccepted

+ const StatusAlreadyReported

+ const StatusBadGateway

+ const StatusBadRequest

+ const StatusConflict

+ const StatusContinue

+ const StatusCreated

+ const StatusEarlyHints

+ const StatusExpectationFailed

+ const StatusFailedDependency

+ const StatusForbidden

+ const StatusFound

+ const StatusGatewayTimeout

+ const StatusGone

+ const StatusHTTPVersionNotSupported

+ const StatusIMUsed

+ const StatusInsufficientStorage

+ const StatusInternalServerError

+ const StatusLengthRequired

+ const StatusLocked

+ const StatusLoopDetected

+ const StatusMethodNotAllowed

+ const StatusMisdirectedRequest

+ const StatusMovedPermanently

+ const StatusMultiStatus

+ const StatusMultipleChoices

+ const StatusNetworkAuthenticationRequired

+ const StatusNoContent

+ const StatusNonAuthoritativeInfo

+ const StatusNotAcceptable

+ const StatusNotExtended

+ const StatusNotFound

+ const StatusNotImplemented

+ const StatusNotModified

+ const StatusOK

+ const StatusPartialContent

+ const StatusPaymentRequired

+ const StatusPermanentRedirect

+ const StatusPreconditionFailed

+ const StatusPreconditionRequired

+ const StatusProcessing

+ const StatusProxyAuthRequired

+ const StatusRequestEntityTooLarge

+ const StatusRequestHeaderFieldsTooLarge

+ const StatusRequestTimeout

+ const StatusRequestURITooLong

+ const StatusRequestedRangeNotSatisfiable

+ const StatusResetContent

+ const StatusSeeOther

+ const StatusServiceUnavailable

+ const StatusSwitchingProtocols

+ const StatusTeapot

+ const StatusTemporaryRedirect

+ const StatusTooEarly

+ const StatusTooManyRequests

+ const StatusUnauthorized

+ const StatusUnavailableForLegalReasons

+ const StatusUnprocessableEntity

+ const StatusUnsupportedMediaType

+ const StatusUpgradeRequired

+ const StatusUseProxy

+ const StatusVariantAlsoNegotiates

+ const TimeFormat

+ const TrailerPrefix

+ var DefaultClient = &Client

+ var DefaultServeMux = &defaultServeMux

+ var ErrAbortHandler = errors.New("net/http: abort Handler")

+ var ErrBodyNotAllowed = errors.New("http: request method or response status code does not allow body")

+ var ErrBodyReadAfterClose = errors.New("http: invalid Read on closed Body")

+ var ErrContentLength = errors.New("http: wrote more than the declared Content-Length")

+ var ErrHandlerTimeout = errors.New("http: Handler timeout")

+ var ErrHeaderTooLong = &ProtocolError

+ var ErrHijacked = errors.New("http: connection has been hijacked")

+ var ErrLineTooLong = internal.ErrLineTooLong

+ var ErrMissingBoundary = &ProtocolError

+ var ErrMissingContentLength = &ProtocolError

+ var ErrMissingFile = errors.New("http: no such file")

+ var ErrNoCookie = errors.New("http: named cookie not present")

+ var ErrNoLocation = errors.New("http: no Location header in response")

+ var ErrNotMultipart = &ProtocolError

+ var ErrNotSupported = &ProtocolError

+ var ErrServerClosed = errors.New("http: Server closed")

+ var ErrShortBody = &ProtocolError

+ var ErrSkipAltProtocol = errors.New("net/http: skip alternate protocol")

+ var ErrUnexpectedTrailer = &ProtocolError

+ var ErrUseLastResponse = errors.New("net/http: use last response")

+ var ErrWriteAfterFlush = errors.New("unused")

+ var LocalAddrContextKey = &contextKey

+ var NoBody = noBody

+ var ServerContextKey = &contextKey

+ func CanonicalHeaderKey(s string) string

+ func DetectContentType(data []byte) string

+ func Error(w ResponseWriter, error string, code int)

+ func Handle(pattern string, handler Handler)

+ func HandleFunc(pattern string, handler func(ResponseWriter, *Request))

+ func ListenAndServe(addr string, handler Handler) error

+ func ListenAndServeTLS(addr, certFile, keyFile string, handler Handler) error

+ func MaxBytesReader(w ResponseWriter, r io.ReadCloser, n int64) io.ReadCloser

+ func NotFound(w ResponseWriter, r *Request)

+ func ParseHTTPVersion(vers string) (major, minor int, ok bool)

+ func ParseTime(text string) (t time.Time, err error)

+ func ProxyFromEnvironment(req *Request) (*url.URL, error)

+ func ProxyURL(fixedURL *url.URL) func(*Request) (*url.URL, error)

+ func Redirect(w ResponseWriter, r *Request, url string, code int)

+ func Serve(l net.Listener, handler Handler) error

+ func ServeContent(w ResponseWriter, req *Request, name string, modtime time.Time, ...)

+ func ServeFile(w ResponseWriter, r *Request, name string)

+ func ServeTLS(l net.Listener, handler Handler, certFile, keyFile string) error

+ func SetCookie(w ResponseWriter, cookie *Cookie)

+ func StatusText(code int) string

+ type Client struct

+ CheckRedirect func(req *Request, via []*Request) error

+ Jar CookieJar

+ Timeout time.Duration

+ Transport RoundTripper

+ func (c *Client) CloseIdleConnections()

+ func (c *Client) Do(req *Request) (*Response, error)

+ func (c *Client) Get(url string) (resp *Response, err error)

+ func (c *Client) Head(url string) (resp *Response, err error)

+ func (c *Client) Post(url, contentType string, body io.Reader) (resp *Response, err error)

+ func (c *Client) PostForm(url string, data url.Values) (resp *Response, err error)

+ type CloseNotifier interface

+ CloseNotify func() <-chan bool

+ type ConnState int

+ const StateActive

+ const StateClosed

+ const StateHijacked

+ const StateIdle

+ const StateNew

+ func (c ConnState) String() string

+ type Cookie struct

+ Domain string

+ Expires time.Time

+ HttpOnly bool

+ MaxAge int

+ Name string

+ Path string

+ Raw string

+ RawExpires string

+ SameSite SameSite

+ Secure bool

+ Unparsed []string

+ Value string

+ func (c *Cookie) String() string

+ func (c *Cookie) Valid() error

+ type CookieJar interface

+ Cookies func(u *url.URL) []*Cookie

+ SetCookies func(u *url.URL, cookies []*Cookie)

+ type Dir string

+ func (d Dir) Open(name string) (File, error)

+ type File interface

+ Readdir func(count int) ([]fs.FileInfo, error)

+ Stat func() (fs.FileInfo, error)

+ type FileSystem interface

+ Open func(name string) (File, error)

+ func FS(fsys fs.FS) FileSystem

+ type Flusher interface

+ Flush func()

+ type Handler interface

+ ServeHTTP func(ResponseWriter, *Request)

+ func AllowQuerySemicolons(h Handler) Handler

+ func FileServer(root FileSystem) Handler

+ func MaxBytesHandler(h Handler, n int64) Handler

+ func NotFoundHandler() Handler

+ func RedirectHandler(url string, code int) Handler

+ func StripPrefix(prefix string, h Handler) Handler

+ func TimeoutHandler(h Handler, dt time.Duration, msg string) Handler

+ type HandlerFunc func(ResponseWriter, *Request)

+ func (f HandlerFunc) ServeHTTP(w ResponseWriter, r *Request)

+ type Header map[string][]string

+ func (h Header) Add(key, value string)

+ func (h Header) Clone() Header

+ func (h Header) Del(key string)

+ func (h Header) Get(key string) string

+ func (h Header) Set(key, value string)

+ func (h Header) Values(key string) []string

+ func (h Header) Write(w io.Writer) error

+ func (h Header) WriteSubset(w io.Writer, exclude map[string]bool) error

+ type Hijacker interface

+ Hijack func() (net.Conn, *bufio.ReadWriter, error)

+ type ProtocolError struct

+ ErrorString string

+ func (pe *ProtocolError) Error() string

+ type PushOptions struct

+ Header Header

+ Method string

+ type Pusher interface

+ Push func(target string, opts *PushOptions) error

+ type Request struct

+ Body io.ReadCloser

+ Cancel <-chan struct{}

+ Close bool

+ ContentLength int64

+ Form url.Values

+ GetBody func() (io.ReadCloser, error)

+ Header Header

+ Host string

+ Method string

+ MultipartForm *multipart.Form

+ PostForm url.Values

+ Proto string

+ ProtoMajor int

+ ProtoMinor int

+ RemoteAddr string

+ RequestURI string

+ Response *Response

+ TLS *tls.ConnectionState

+ Trailer Header

+ TransferEncoding []string

+ URL *url.URL

+ func NewRequest(method, url string, body io.Reader) (*Request, error)

+ func NewRequestWithContext(ctx context.Context, method, url string, body io.Reader) (*Request, error)

+ func ReadRequest(b *bufio.Reader) (*Request, error)

+ func (r *Request) AddCookie(c *Cookie)

+ func (r *Request) BasicAuth() (username, password string, ok bool)

+ func (r *Request) Clone(ctx context.Context) *Request

+ func (r *Request) Context() context.Context

+ func (r *Request) Cookie(name string) (*Cookie, error)

+ func (r *Request) Cookies() []*Cookie

+ func (r *Request) FormFile(key string) (multipart.File, *multipart.FileHeader, error)

+ func (r *Request) FormValue(key string) string

+ func (r *Request) MultipartReader() (*multipart.Reader, error)

+ func (r *Request) ParseForm() error

+ func (r *Request) ParseMultipartForm(maxMemory int64) error

+ func (r *Request) PostFormValue(key string) string

+ func (r *Request) ProtoAtLeast(major, minor int) bool

+ func (r *Request) Referer() string

+ func (r *Request) SetBasicAuth(username, password string)

+ func (r *Request) UserAgent() string

+ func (r *Request) WithContext(ctx context.Context) *Request

+ func (r *Request) Write(w io.Writer) error

+ func (r *Request) WriteProxy(w io.Writer) error

+ type Response struct

+ Body io.ReadCloser

+ Close bool

+ ContentLength int64

+ Header Header

+ Proto string

+ ProtoMajor int

+ ProtoMinor int

+ Request *Request

+ Status string

+ StatusCode int

+ TLS *tls.ConnectionState

+ Trailer Header

+ TransferEncoding []string

+ Uncompressed bool

+ func Get(url string) (resp *Response, err error)

+ func Head(url string) (resp *Response, err error)

+ func Post(url, contentType string, body io.Reader) (resp *Response, err error)

+ func PostForm(url string, data url.Values) (resp *Response, err error)

+ func ReadResponse(r *bufio.Reader, req *Request) (*Response, error)

+ func (r *Response) Cookies() []*Cookie

+ func (r *Response) Location() (*url.URL, error)

+ func (r *Response) ProtoAtLeast(major, minor int) bool

+ func (r *Response) Write(w io.Writer) error

+ type ResponseWriter interface

+ Header func() Header

+ Write func([]byte) (int, error)

+ WriteHeader func(statusCode int)

+ type RoundTripper interface

+ RoundTrip func(*Request) (*Response, error)

+ var DefaultTransport RoundTripper = &Transport{ ... }

+ func NewFileTransport(fs FileSystem) RoundTripper

+ type SameSite int

+ const SameSiteDefaultMode

+ const SameSiteLaxMode

+ const SameSiteNoneMode

+ const SameSiteStrictMode

+ type ServeMux struct

+ func NewServeMux() *ServeMux

+ func (mux *ServeMux) Handle(pattern string, handler Handler)

+ func (mux *ServeMux) HandleFunc(pattern string, handler func(ResponseWriter, *Request))

+ func (mux *ServeMux) Handler(r *Request) (h Handler, pattern string)

+ func (mux *ServeMux) ServeHTTP(w ResponseWriter, r *Request)

+ type Server struct

+ Addr string

+ BaseContext func(net.Listener) context.Context

+ ConnContext func(ctx context.Context, c net.Conn) context.Context

+ ConnState func(net.Conn, ConnState)

+ ErrorLog *log.Logger

+ Handler Handler

+ IdleTimeout time.Duration

+ MaxHeaderBytes int

+ ReadHeaderTimeout time.Duration

+ ReadTimeout time.Duration

+ TLSConfig *tls.Config

+ TLSNextProto map[string]func(*Server, *tls.Conn, Handler)

+ WriteTimeout time.Duration

+ func (srv *Server) Close() error

+ func (srv *Server) ListenAndServe() error

+ func (srv *Server) ListenAndServeTLS(certFile, keyFile string) error

+ func (srv *Server) RegisterOnShutdown(f func())

+ func (srv *Server) Serve(l net.Listener) error

+ func (srv *Server) ServeTLS(l net.Listener, certFile, keyFile string) error

+ func (srv *Server) SetKeepAlivesEnabled(v bool)

+ func (srv *Server) Shutdown(ctx context.Context) error

+ type Transport struct

+ Dial func(network, addr string) (net.Conn, error)

+ DialContext func(ctx context.Context, network, addr string) (net.Conn, error)

+ DialTLS func(network, addr string) (net.Conn, error)

+ DialTLSContext func(ctx context.Context, network, addr string) (net.Conn, error)

+ DisableCompression bool

+ DisableKeepAlives bool

+ ExpectContinueTimeout time.Duration

+ ForceAttemptHTTP2 bool

+ GetProxyConnectHeader func(ctx context.Context, proxyURL *url.URL, target string) (Header, error)

+ IdleConnTimeout time.Duration

+ MaxConnsPerHost int

+ MaxIdleConns int

+ MaxIdleConnsPerHost int

+ MaxResponseHeaderBytes int64

+ Proxy func(*Request) (*url.URL, error)

+ ProxyConnectHeader Header

+ ReadBufferSize int

+ ResponseHeaderTimeout time.Duration

+ TLSClientConfig *tls.Config

+ TLSHandshakeTimeout time.Duration

+ TLSNextProto map[string]func(authority string, c *tls.Conn) RoundTripper

+ WriteBufferSize int

+ func (t *Transport) CancelRequest(req *Request)

+ func (t *Transport) Clone() *Transport

+ func (t *Transport) CloseIdleConnections()

+ func (t *Transport) RegisterProtocol(scheme string, rt RoundTripper)

+ func (t *Transport) RoundTrip(req *Request) (*Response, error)

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL