HTTP client
Every request (http* and fetch) is gated by net(host) — deny-by-default, even under run. HTTPS works out of the box (rustls + OS root CAs).
-- Doc example: the HTTP client is gated by net(host). A request to an undeclared
-- host is refused at the capability check — before any network call happens.
intent: "doc example: HTTP client capability gating"
require net("api.allowed.com")
task reach_undeclared()
give http_get("https://evil.example.com/data") -- host not declared → denied
test "a request to an undeclared host is blocked (deny-by-default)"
assert_error(reach_undeclared)
Making requests
require net("api.store.com")
let r be http_get("https://api.store.com/products")
let r be http_get(url, {"x-api-key": secret("API_KEY")}, {"page": "1"}) -- headers, query
let r be http_post(url, {"name": "Alice"}, {"Authorization": bearer(secret("API_KEY"))})
let r be http("POST", url, headers, query, body) -- full control
Credentials go in headers (a secret materializes only at the socket) — see Secrets.
The response
A request returns a map:
status of r -- 200
ok of r -- true (200–299)
body of r -- raw text
json of r -- parsed JSON (if the content-type is JSON)
headers of r -- response headers
error of r -- error message if it failed
require net / net("") allow any host; net(".x.com") matches subdomains.