HTTPageboy
Minimal HTTP server package for handling request/response transmission. Focuses only on transporting a well formed HTTP message; does not process or decide how the server behaves. Aspires to become runtime-agnostic, with minimal, solid, and flexible dependencies.
Example
The core logic resides in src/lib.rs.
See it working out of the box on this video
The following example is executable. Run cargo run to see the available variants and navigate to http://127.0.0.1:7878 in your browser.
A basic server setup (select a runtime feature when running, e.g. cargo run --features async_tokio):
use ;
/// Minimal async handler: waits 100ms and replies "ok"
async
async
Response now supports arbitrary headers:
Response
Response
Testing
Test helpers live in httpageboy::test_utils and work the same for sync and async runtimes:
setup_test_server(server_url, factory)starts a server once per URL and marks it active (passNoneto reuse the default127.0.0.1:0and let the OS pick a port).run_test(request, expected, target_url)opens a TCP connection to the active server (or the URL you pass), writes a raw HTTP payload, and asserts the response contains the expected bytes.
Async tokio example mirroring the current helpers:
use ;
use ;
async
async
async
CORS
Servers now ship with a permissive CORS policy by default (allow all origins, methods, and common headers). You can tighten it after constructing the server:
let mut server = new.await.unwrap;
server.set_cors_str;
// or build it directly:
// server.set_cors(CorsPolicy::from_config_str("origin=http://localhost:3000"));
Preflights (OPTIONS) are answered automatically using the active policy.
OpenAPI helper
cargo openapi generates OpenAPI directly from implemented server.add_route(...) calls and the // openapi: comments placed immediately above each route. It is dependency-free and works offline.
// openapi: List users in the business
// auth: user-token, business-id, app-id
// permission: users.read
// response: 200 User list
server.add_route;
Default project flow:
That reads src/ and writes both:
docs/openapi.yaml
public/openapi.yaml
For custom paths:
Supported route comments:
openapi: human summary
auth: user-token, business-id, app-id
headers: service-token
permission: users.read
request: json
response: 200 OK
errors: invalid_token, insufficient_permissions
Notes for API authors:
- Put comments immediately above the
server.add_route(...)call they describe. - Use
openapi:for the human description; without it, the handler name is used. - Use
auth:orheaders:for required headers; omit it for public routes. - Use
permission:when the route requires an authorization permission. - Use
request:when the route expects a JSON body. - Use
response:for the main success response. - Use
errors:for known business error names.
The generator extracts only routes registered in code. Missing or incomplete comments are not blockers: generation continues with the route method, path, handler name, path parameters, and any comments that are present.
Comandos:
Examples
Additional examples can be found within the tests.
License
Copyright (c) 2025 fahedsl. This project is licensed under the MIT License.