Cloudflare's Railgun - HTTP Compare Script

Bash Script

Before I present the script, I would like to walkthrough my thought process and present some of the decisions I made. I ultimately wanted something relatively portable since I would be running it on a machine that had an IPv6 address. I also wanted something relatively lightweight since it’s a fairly simple task. Due to that, I decided on using bash and curl.

This script assumes that you have curl and other basic UNIX tools installed. It should be fairly standard.

Firstly, we have the curl commands we want to run to retrieve the HTTP response headers via IPv6. I ended up with the following for the origin and the site:

  • curl -6 -I -L -s -g -k https://[2604:a880:1:20::3010:8001]:443 (Origin)
  • curl -6 -I -L -s (Site)

  • -6 IPv6
  • -I headers only
  • -L location (if page was moved)
  • -s silences the loading bar
  • -g allows curl to no interpret non-standard characters like [ or ]
  • -k insecure (since the certificate is self-signed) —-

Next, I would want to show the difference of what both these items return. I would use the command diff for that, where -y displays both options as two columns.

After that, I would create it as a bash script. The script is as follows:

diff -y <(curl -6 -I -L -s -g -k https://[2604:a880:1:20::3010:8001]:443) <(curl -6 -s -I -L

In order to create an executable file, I would run the following in a writable directory. This would create a file and make it executable.

printf '#!/bin/bash\ndiff -y <(curl -6 -I -L -s -g -k https://[2604:a880:1:20::3010:8001]:443) <(curl -6 -s -I -L' > && chmod u+x

I ended up deciding to make this a very literal script, where if the same header shows up in a different location, it would show a difference. The reasoning behind this is that header order is fairly important and it’s a good indication that something unexpected has changed.

Colin Murray avatar
About Colin Murray
I am a solutions engineer at Cloudflare. All opinions are my own.
comments powered by Disqus