Package web defines minimal helper routines for accessing HTTP/HTTPS resources without requiring external dependencies on the net package.
If the cmd_go_bootstrap build tag is present, web avoids the use of the net package and returns errors for all network operations.
GetBytes returns the body of the requested resource, or an error if the response status was not http.StatusOK.
GetBytes is a convenience wrapper around Get and Response.Err.
Join returns the result of adding the slash-separated path elements to the end of u's path.
OpenBrowser attempts to open the requested URL in a web browser.
Redacted returns a redacted string form of the URL, suitable for printing in error messages. The string form replaces any non-empty password in the original URL with "[redacted]".
An HTTPError describes an HTTP error response (non-200 result).
Get returns the body of the HTTP or HTTPS resource specified at the given URL.
If the URL does not include an explicit scheme, Get first tries "https". If the server does not respond under that scheme and the security mode is Insecure, Get then tries "http". The URL included in the response indicates which scheme was actually used, and it is a redacted URL suitable for use in error messages.
For the "https" scheme only, credentials are attached using the cmd/go/internal/auth package. If the URL itself includes a username and password, it will not be attempted under the "http" scheme unless the security mode is Insecure.
Get returns a non-nil error only if the request did not receive a response under any applicable scheme. (A non-2xx response does not cause an error.)
Err returns an *HTTPError corresponding to the response r. If the response r has StatusCode 200 or 0 (unset), Err returns nil. Otherwise, Err may read from r.Body in order to extract relevant error detail.
SecurityMode specifies whether a function should make network calls using insecure transports (eg, plain text HTTP). The zero value is "secure".
const ( SecureOnly SecurityMode = iota // Reject plain HTTP; validate HTTPS. DefaultSecurity // Allow plain HTTP if explicit; validate HTTPS. Insecure // Allow plain HTTP if not explicitly HTTPS; skip HTTPS validation. )