Skip to main content
Glama

send_h2

Send HTTP/2 requests over TLS with ALPN for security testing. Enables raw frame mode and smuggling primitives.

Instructions

Send HTTP/2 request over TLS with ALPN negotiation. See rqwstr_docs(topic="http2") for raw-frame mode and smuggling primitives. Cookie handling matches send: an explicit Cookie in headers (or raw_headers) suppresses the per-hunt cookie jar, and a Cookie set in both sources is additive on the wire (both propagate, not deduped). raw_headers only reaches the wire on raw_mode or a pooled connection; on the standard HTTP/2 path raw_headers is not sent, so it neither suppresses the jar nor lands on the wire.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
sniNoTLS SNI override. Decouples SNI from Host header. When set the TLS ServerName uses this value instead of the Host header.
urlYesTarget URL (must be HTTPS)
bodyNoRequest body
grepNoRegex to filter response
nameNoSave request with this name for quick lookup
notesNoAttach notes to request
methodYesHTTP method (GET POST PUT DELETE etc)
headersNoRequest headers
raw_modeNoUse raw H2 frame path. Bypasses Go HTTP/2 validation. Enables CRLF injection and Content-Length mismatch.
body_fileNoRead request body from relative hunt artifact path; absolute paths require RQWSTR_ALLOW_ABSOLUTE_FILE_PATHS=1. Supports binary content and raw CRLF bytes. Takes precedence over body parameter.
timeout_msNoRequest timeout in ms (default 30000)
raw_headersNoOrdered header pairs [[name val]...] for raw_mode. Use instead of headers when order matters.
connection_idNoReuse H2 connection by ID. Same connection_id = same TCP connection. For H2 smuggling self-verification (send smuggle + follow-up on same connection). Auto-closes after 60s idle.
keep_alive_msNoHold connection open after response for H2 smuggling. Sends PING keepalives. Milliseconds. raw_mode only.
close_connectionNoClose a pooled connection by connection_id. Returns immediately without sending a request.
grep_ignore_caseNoCase insensitive grep
pause_after_headers_msNoPause between HEADERS and DATA frames in milliseconds (raw_mode only). For pause-based desync attacks.
content_length_overrideNoOverride Content-Length header value (raw_mode only). Set to a value different from body length for H2.CL smuggling.
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Given no annotations, the description fully discloses behaviors: ALPN negotiation, cookie suppression/additive behavior, raw_headers sending conditions, connection reuse/auto-close, and raw_mode specifics. It provides extensive detail beyond the schema.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise and well-structured, front-loading the main purpose. Every sentence adds value with no wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Lacks output schema, but covers input parameters and behavioral nuances comprehensively. References external docs for further depth. Sufficient for a complex tool with 18 parameters.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 100% schema coverage, baseline is 3. The description adds value by explaining interactions like cookie handling and raw_headers behavior, exceeding mere schema documentation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states 'Send HTTP/2 request over TLS with ALPN negotiation,' providing a specific verb and resource. It distinguishes from siblings like 'send' by focusing on HTTP/2 and advanced features like smuggling, with a reference to 'rqwstr_docs' for further details.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description offers guidance on cookie handling and raw mode usage, and compares to 'send' for cookie behavior. However, it does not explicitly specify when to avoid this tool in favor of siblings, though the context implies it for HTTP/2-specific tasks.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Kjopstad-IT/rqwstr-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server