Table: net_http_request
Send an HTTP request to a host on a server in order to receive a response. A request body and headers can be provided with each request. Currently, the GET and POST methods are supported.
Note: A url
must be provided in all queries to this table.
Examples
Send a GET request to GitHub API
select url, method, response_status_code, jsonb_pretty(response_body :: jsonb) as response_bodyfrom net_http_requestwhere url = 'https://api.github.com/users/github';
Send a GET request with a modified user agent
select url, method, response_status_code, jsonb_pretty(request_headers) as request_headers, response_bodyfrom net_http_requestwhere url = 'http://httpbin.org/user-agent' and request_headers = jsonb_object( '{user-agent, accept}', '{steampipe-test-user, application/json}' );
Send a POST request with request body and headers
select url, method, response_status_code, jsonb_pretty(request_headers) as request_headers, response_bodyfrom net_http_requestwhere url = 'http://httpbin.org/anything' and method = 'POST' and request_body = jsonb_object( '{username, password}', '{steampipe, test_password}' ) :: text and request_headers = jsonb_object('{content-type}', '{application/json}');
Send a GET request with multiple values for a request header
select url, method, response_status_code, jsonb_pretty(request_headers) as request_headers, response_bodyfrom net_http_requestwhere url = 'http://httpbin.org/anything' and request_headers = '{ "authorization": "Basic YWxhZGRpbjpvcGVuc2VzYW2l", "accept": ["application/json", "application/xml"] }' :: jsonb;
Check for HTTP Strict Transport Security (HSTS) protection
select url, method, response_status_code, case when response_headers -> 'Strict-Transport-Security' is not null then 'enabled' else 'disabled' end as hsts_protectionfrom net_http_requestwhere url = 'http://microsoft.com';
Query examples
- security_headers_content_security_policy_check
- security_headers_permissions_policy_check
- security_headers_raw_header_list
- security_headers_referrer_policy_check
- security_headers_strict_transport_security_check
- security_headers_x_content_type_options_check
- security_headers_x_frame_options_check
Control examples
- security_headers_content_security_policy
- security_headers_permissions_policy
- security_headers_referrer_policy
- security_headers_strict_transport_security
- security_headers_x_content_type_options
- security_headers_x_frame_options
- security_headers_missing_headers
.inspect net_http_request
An HTTP request is made by a client, to a named host, which is located on a server.
Name | Type | Description |
---|---|---|
_ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. |
follow_redirects | boolean | If true, the requests will follow the redirects. |
method | text | Specifies the HTTP method (GET, POST). |
request_body | text | The request's body. |
request_headers | jsonb | A map of headers passed in the request. |
response_body | text | Represents the response body. |
response_error | text | Represents an error or failure, either from a non-successful HTTP status, an error while executing the request, or some other failure which occurred during the parsing of the response. |
response_headers | jsonb | A map of response headers used by web applications to configure security defenses in web browsers. |
response_status_code | bigint | HTTP status code is a server response to a browser's request. |
url | text | URL of the site. |