I cannot ever be sure about this but this might have come to me in a dream. I just thought about why it’s so hard to implement a web-server in bash, basically all the functionality of the webserver must be implemented in bash but the http handling can be compiled.
This program lets you declare endpoints and map them to shell commands, query args get passed as ENV vars, methods are enforced, body is passed in stdin and the response is the stdout.
I also learned I really like declaring flake.nix files for all my personal projects, I hope it helps you install what I create!
for the common use cases, I imagine you’re better off using https://github.com/adnanh/webhook instead. handles security etc. don’t think it lets you return responses but at that point you probably want a proper server framework
deleted by creator
deleted by creator
Unauthenticated RCE <3
Joking aside, I have done something similar to allow turning off my server from a http endpoint. Your method does seem a lot cleaner and more flexible though.
cgi
Yea have you not be able to do this with Apache etc forever? You can even define the endpoint with a very unix like every endpoint is a file.
On fact was there not even a vulnerability that was caused by the fact the CGI can run bash?
Terrifying
Im using this in prod to host our banking frontend! It works great so far :)
What about request/response headers?
Out of scope
