Please check the build logs for more information.
See Builds for ideas on how to fix a failed build, or Metadata for how to configure docs.rs builds.
If you believe this is docs.rs' fault, open an issue.
wtcat - WebTransport CLI Client
wtcat is a WebTransport CLI client for testing and debugging, similar to how wscat is used for WebSocket connections. It provides an easy way to connect to WebTransport servers, test authentication, and monitor real-time message streams.
Features
- 🚀 Simple WebTransport connections - Connect to any WebTransport server
- 🔐 Flexible authentication - Support for JWT tokens, username/password, or no auth
- 📤 Custom payloads - Send arbitrary JSON messages on connection
- 📡 Real-time streaming - Monitor server messages in real-time
- 🔧 JSON mode - Pipe output to
jqand other tools - 🔒 TLS options - Support for self-signed certificates (development)
- ⚡ QUIC/HTTP3 - Built on modern WebTransport protocol
Installation
From crates.io
From source
Quick Start
Basic connection (no auth)
With JWT token
With username/password authentication
JSON mode (pipeable to jq)
|
Usage
wtcat - WebTransport CLI client for testing (like wscat for WebSocket)
Usage: wtcat [OPTIONS] --url <URL>
Options:
-u, --url <URL>
WebTransport server URL (e.g., https://localhost:4433 or https://localhost:4433/wt)
-t, --token <TOKEN>
JWT token for authentication (optional)
--username <USERNAME>
Username for authentication (requires --password and --auth-url)
-p, --password <PASSWORD>
Password for authentication (requires --username and --auth-url)
--auth-url <AUTH_URL>
Authentication endpoint URL (e.g., https://api.example.com/auth/login)
Required when using --username and --password
-s, --send <SEND>
Custom JSON payload to send on connection (e.g., '{"subscribe": "updates"}')
--no-auth
Skip authentication - connect without sending auth message
-k, --insecure
Skip TLS certificate verification (for self-signed certs)
-j, --json
Output only JSON (no decorative text, pipeable to jq)
--auth-timeout <AUTH_TIMEOUT>
Timeout for authentication response in seconds [default: 10]
-h, --help
Print help
-V, --version
Print version
Examples
1. Test local development server
2. Connect with custom auth endpoint
3. Send custom JSON payload
4. Monitor and filter JSON messages with jq
# Extract specific fields from all messages
|
# Filter messages by type
|
# Pretty print specific fields
|
5. Testing different servers
# Connect to production server (with valid cert)
# Connect to staging (self-signed cert)
# Connect without any auth
Authentication
wtcat supports multiple authentication methods:
1. JWT Token (Direct)
Provide a JWT token directly if you already have one:
2. Username/Password
Let wtcat fetch a JWT token for you by authenticating against an HTTP API:
The auth endpoint should:
- Accept
POSTrequests with JSON:{"username": "...", "password": "..."} - Return JSON with one of:
token,access_token, orjwtfield
3. Custom Payload
Send a custom JSON authentication message:
4. No Authentication
Connect without sending any authentication message:
TLS Certificate Verification
Development (Self-Signed Certificates)
Use the -k or --insecure flag to skip certificate verification:
⚠️ Warning: Only use --insecure for development with self-signed certificates. Never use it in production!
Production (Valid Certificates)
For production servers with CA-signed certificates, simply omit the -k flag:
JSON Output Mode
Use -j or --json to output only JSON messages without decorative text. Perfect for piping to other tools:
# Basic JSON output
# With jq for filtering
|
# Save to file
# Process with other tools
|
Troubleshooting
Connection refused
Error: Connection refused (os error 61)
Solution: Ensure the WebTransport server is running and accessible at the specified URL and port.
Certificate verification failed
Error: invalid peer certificate: UnknownIssuer
Solution: Use the --insecure flag for self-signed certificates:
Authentication timeout
❌ Timeout waiting for authentication response (10s)
Solutions:
- Check if the server is responding to authentication requests
- Verify your token is valid and not expired
- Increase timeout with
--auth-timeout 30 - Try with
--no-authto test basic connectivity first
ALPN protocol mismatch
Error: peer doesn't support any known protocol
Solution: The server must support HTTP/3 ALPN protocol (h3). Ensure your server is configured for WebTransport/HTTP3.
How It Works
wtcat uses the QUIC protocol (HTTP/3) to establish WebTransport connections:
┌─────────┐ ┌─────────┐
│ wtcat │ │ Server │
└────┬────┘ └────┬────┘
│ │
│ 1. QUIC connection (TLS 1.3) │
│──────────────────────────────────>│
│ │
│ 2. Open bidirectional stream │
│──────────────────────────────────>│
│ │
│ 3. Send auth/custom message │
│──────────────────────────────────>│
│ │
│ 4. Receive response │
│<──────────────────────────────────│
│ │
│ 5. Stream messages │
│<══════════════════════════════════│
│ (real-time updates) │
│ │
Comparison: wtcat vs wscat
| Feature | wtcat (WebTransport) | wscat (WebSocket) |
|---|---|---|
| Protocol | QUIC/HTTP3 | TCP/HTTP1.1 or HTTP/2 |
| Encryption | TLS 1.3 (mandatory) | Optional (ws/wss) |
| Latency | Lower (0-RTT) | Higher |
| Head-of-line blocking | No | Yes |
| Multiplexing | Native | Via HTTP/2 |
| Mobile-friendly | Yes (survives IP changes) | No |
| Browser support | ~75% (2025) | ~98% |
Development
Building from source
Running tests
Development mode
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
License
This project is licensed under the MIT License - see the LICENSE file for details.
Acknowledgments
Related Projects
- wscat - WebSocket testing tool
- websocat - Advanced WebSocket client
- curl - HTTP client (supports HTTP/3 in newer versions)
- h2load - HTTP/2 and HTTP/3 load testing tool
Support
Made with ❤️ by the Rust community