{% extends "frame.html" %} {% block body %}

Pathod is a pathological HTTP daemon designed to let you craft almost any conceivable HTTP response, including ones that creatively violate the standards. HTTP responses are specified using a small, terse language, which pathod shares with its evil twin pathoc.

To start playing with pathod, simply fire up the daemon:

./pathod

By default, the service listens on port 9999 of localhost. Pathod's documentation is self-hosting, and the pathod daemon exposes an interface that lets you play with the specifciation language, preview what responses and requests would look like on the wire, and view internal logs. To access all of this, just fire up your browser, and point it to the following URL:

http://localhost:9999

The default crafting anchor point is the path /p/. Anything after this URL prefix is treated as a response specifier. So, hitting the following URL will generate an HTTP 200 response with 100 bytes of random data:

http://localhost:9999/p/200:b@100

See the language documentation to get (much) fancier. The pathod daemon also takes a range of configuration options. To view those, use the command-line help:

./pathod --help

Pathod automatically responds to both straight HTTP and proxy requests. For proxy requests, the upstream host is ignored, and the path portion of the URL is used to match anchors. This lets you test software that supports a proxy configuration by spoofing responses from upstream servers.

By default, we treat all proxy CONNECT requests as HTTPS traffic, serving the response using either pathod's built-in certificates, or the cert/key pair specified by the user. You can over-ride this behaviour if you're testing a client that makes a non-SSL CONNECT request using the -C command-line option.

Anchors provide an alternative to specifying the response in the URL. Instead, you attach a response to a pre-configured anchor point, specified with a regex. When a URL matching the regex is requested, the specified response is served.

./pathod -a "/foo=200"

Here, "/foo" is ithe regex specifying the anchor path, and the part after the "=" is a response specifier.

There are two operators in the language that load contents from file - the + operator to load an entire request specification from file, and the > value specifier. In pathod, both of these operators are restricted to a directory specified at startup, or disabled if no directory is specified:

./pathod -d ~/staticdir"

Pathod uses the non-standard 800 response code to indicate internal errors, to distinguish them from crafted responses. For example, a request to:

http://localhost:9999/p/foo

... will return an 800 response because "foo" is not a valid page specifier.

pathod exposes a simple API, intended to make it possible to drive and inspect the daemon remotely for use in unit testing and the like.

/api/clear_log A POST to this URL clears the log buffer.
/api/info Basic version and configuration info.
/api/log Returns the current log buffer. At the moment the buffer size is 500 entries - when the log grows larger than this, older entries are discarded. The returned data is a JSON dictionary, with the form:
{ 'log': [ ENTRIES ] } 
You can preview the JSON data returned for a log entry through the built-in web interface.
{% endblock %}