Synsema docsENES

Cliente HTTP

Cada request (http* y fetch) está gateado por net(host) — deny-by-default, incluso bajo run. HTTPS funciona de fábrica (rustls + root CAs del SO).

http-client.syn
-- Doc example: the HTTP client is gated by net(host). A request to an undeclared
-- host is refused at the capability check — before any network call happens.
intent: "doc example: HTTP client capability gating"
require net("api.allowed.com")

task reach_undeclared()
    give http_get("https://evil.example.com/data")    -- host not declared → denied

test "a request to an undeclared host is blocked (deny-by-default)"
    assert_error(reach_undeclared)

Hacer requests

require net("api.store.com")

let r be http_get("https://api.store.com/products")
let r be http_get(url, {"x-api-key": secret("API_KEY")}, {"page": "1"})   -- headers, query
let r be http_post(url, {"name": "Alice"}, {"Authorization": bearer(secret("API_KEY"))})
let r be http("POST", url, headers, query, body)                          -- control total

Las credenciales van en headers (un secret se materializa solo en el socket) — ver Secretos.

La respuesta

Un request devuelve un map:

status of r     -- 200
ok of r         -- true (200–299)
body of r       -- texto crudo
json of r       -- JSON parseado (si el content-type es JSON)
headers of r    -- headers de respuesta
error of r      -- mensaje de error si falló

require net / net("") permiten cualquier host; net(".x.com") matchea subdominios.