{"id":17176,"library":"bhttp","title":"bhttp HTTP Client","description":"bhttp is a Node.js HTTP client library designed to provide a sane and intuitive API, offering Streams2 support, automatic payload detection (URL-encoded, multipart/form-data, stream, Buffer, JSON), and robust session management with automatic cookie handling. It differentiates itself from alternatives like the core `http` module, `request`, `needle`, and `hyperquest` by addressing common issues such as low-level API complexity, agent pool blocking, and poor documentation. Key features include easy-to-use promises or nodebacks, multipart/form-data support with Streams2, and progress events for uploads and downloads. The package is currently at version 1.2.8, but its npm and GitHub activity indicate it has been abandoned for several years, making new releases unlikely.","status":"abandoned","version":"1.2.8","language":"javascript","source_language":"en","source_url":null,"tags":["javascript","http","client","multipart","stream","hyperquest","request","needle"],"install":[{"cmd":"npm install bhttp","lang":"bash","label":"npm"},{"cmd":"yarn add bhttp","lang":"bash","label":"yarn"},{"cmd":"pnpm add bhttp","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Provides a Promises API for asynchronous operations, which bhttp optionally supports alongside nodebacks. It is listed as a direct dependency in the package.json.","package":"bluebird"}],"imports":[{"note":"bhttp is a CommonJS module and is imported using require().","symbol":"bhttp","correct":"const bhttp = require('bhttp');"},{"note":"The `get` method is a common way to make HTTP GET requests with bhttp.","symbol":"bhttp.get","correct":"const bhttp = require('bhttp');\nbhttp.get('http://example.com');"},{"note":"The `post` method is used for making HTTP POST requests, handling various payload types automatically.","symbol":"bhttp.post","correct":"const bhttp = require('bhttp');\nbhttp.post('http://example.com/api', { data: 'payload' });"}],"quickstart":{"code":"const Promise = require(\"bluebird\");\nconst bhttp = require(\"bhttp\");\nconst https = require('https');\n\n// Workaround for bhttp's lack of default HTTPS agent\nconst httpsAgent = new https.Agent({ rejectUnauthorized: false }); // WARNING: Do not use rejectUnauthorized: false in production\n\nPromise.try(function() {\n  // Using the custom HTTPS agent for a secure request (example with a test endpoint)\n  return bhttp.get(\"https://icanhazip.com/\", { agent: httpsAgent });\n}).then(function(response) {\n  console.log(\"Your IP is:\", response.body.toString());\n}).catch(function(err) {\n  console.error(\"Error fetching IP:\", err.message);\n});\n\n// Example using nodebacks for a simple HTTP request (no HTTPS agent needed here)\nbhttp.get(\"http://example.com/data\", {}, function(err, response) {\n  if (err) {\n    console.error(\"Error with nodeback request:\", err.message);\n    return;\n  }\n  console.log(\"Nodeback response status:\", response.statusCode);\n});","lang":"javascript","description":"This quickstart demonstrates making both promise-based and nodeback-style GET requests. It includes a critical workaround for bhttp's default HTTPS limitation, illustrating how to use a custom `https.Agent`."},"warnings":[{"fix":"Always provide a custom `https.Agent` with appropriate SSL/TLS settings when making HTTPS requests. Example: `const https = require('https'); const agent = new https.Agent({ rejectUnauthorized: true }); bhttp.get(url, { agent: agent });`","message":"bhttp does not use a HTTPS-capable agent by default, and all SSL-related options are ignored. This is a critical security vulnerability for production applications using HTTPS without explicit configuration.","severity":"breaking","affected_versions":">=1.0.0"},{"fix":"Consider migrating to actively maintained HTTP client libraries such as `axios`, `node-fetch`, or the built-in `fetch` API in Node.js for new projects and existing applications.","message":"The `bhttp` package appears to be abandoned, with the last npm publish and GitHub activity dating back over 8 years. This means there are no new features, bug fixes, or security updates, making it unsuitable for modern production environments due to potential unpatched vulnerabilities and compatibility issues with newer Node.js versions.","severity":"gotcha","affected_versions":">=1.2.8"},{"fix":"Thoroughly test stream-based operations in your target Node.js environment. For new stream-heavy applications, prefer modern alternatives that natively support `async` iterators and Web Streams.","message":"While bhttp supports Streams2, its age suggests potential incompatibility or suboptimal performance with newer Node.js stream APIs (e.g., Web Streams, `async` iterators).","severity":"gotcha","affected_versions":"<=1.2.8"}],"env_vars":null,"last_verified":"2026-04-22T00:00:00.000Z","next_check":"2026-07-21T00:00:00.000Z","problems":[{"fix":"Provide a `https.Agent` to `bhttp`'s options. For example: `const https = require('https'); const agent = new https.Agent({ rejectUnauthorized: true }); bhttp.get('https://example.com', { agent: agent });`","cause":"Attempting an HTTPS request without explicitly configuring a `https.Agent` that handles SSL/TLS. bhttp ignores SSL-related options by default.","error":"Error: write EPROTO"},{"fix":"Ensure `bhttp` is correctly imported as a CommonJS module: `const bhttp = require('bhttp');`. Verify that `bhttp` is installed (`npm install bhttp`) and the path is correct.","cause":"Incorrect import of the bhttp module or trying to call methods on an undefined `bhttp` object. This usually happens if `require('bhttp')` fails or if the module structure is misunderstood (e.g., expecting named exports).","error":"TypeError: bhttp.get is not a function"}],"ecosystem":"npm","meta_description":null}