OHTTP Documentation
Welcome to the ohttp.info documentation. This guide covers how to use Oblivious HTTP (RFC 9458) to make private HTTP requests.
What is OHTTP?
Oblivious HTTP is a protocol that hides client identities from servers. When you make a request through OHTTP:
- The server cannot see your IP address
- The server cannot link your requests together
- The relay cannot see the content of your requests
Quick Start
Use our hosted infrastructure to try OHTTP immediately:
- Gateway Key Config:
https://gateway.ohttp.info/.well-known/ohttp-gateway - Relay Endpoint:
https://relay.ohttp.info/ohttp - Gateway Endpoint:
https://gateway.ohttp.info/ohttp
Installation
npm install ohttp-ts hpkeBasic Usage
import { OHTTPClient, KeyConfig } from 'ohttp-ts';
import { CipherSuite, KEM_DHKEM_X25519_HKDF_SHA256,
KDF_HKDF_SHA256, AEAD_AES_128_GCM } from 'hpke';
// Setup cipher suite
const suite = new CipherSuite(
KEM_DHKEM_X25519_HKDF_SHA256,
KDF_HKDF_SHA256,
AEAD_AES_128_GCM
);
// Fetch gateway's public key
const keyBytes = await fetch(
'https://gateway.ohttp.info/.well-known/ohttp-gateway'
).then(r => r.arrayBuffer());
const keyConfig = KeyConfig.parse(new Uint8Array(keyBytes));
// Create client and send request
const client = new OHTTPClient(suite, keyConfig);
const { request, context } = await client.encapsulateRequest(
new Request('https://api.example.com/data', {
method: 'POST',
body: JSON.stringify({ message: 'Hello!' })
}),
'https://relay.ohttp.info/ohttp'
);
// Send encapsulated request
const encResponse = await fetch(request);
// Decapsulate response
const response = await context.decapsulateResponse(encResponse);
const data = await response.json();