
Show HN: I created Postwoman, an online, open-source API request builder - liyasthomas
https://www.indiehackers.com/post/17788d573f
======
peteforde
I'm surprised that nobody has mentioned Insomnia.

[https://insomnia.rest/](https://insomnia.rest/)

It's an excellent tool that allows defining workspaces and even sharing sets
of routes with members of your team. It's one of my favourite tools.

~~~
bleachedsleet
Personally using Nightingale when on Windows and couldn't be happier. I don't
need or want another electron app running on my machine and currently all the
cool kids in the space of API clients seem to be using just that, including
Insomnia.

[https://www.microsoft.com/en-us/p/nightingale-rest-api-
clien...](https://www.microsoft.com/en-us/p/nightingale-rest-api-
client/9n2t6f9f5zdn?activetab=pivot:overviewtab)

~~~
jbergens
Thanks for the tip! I will try it out.

------
oakesm9
I'm just a user of this, but if anyone is looking for a truly native MacOS
version of Postman, you should take a look at Paw.

[https://paw.cloud/](https://paw.cloud/)

~~~
notus
Can it use postman collections?

~~~
drak0n1c
Yes, it supports plugins, one of which can import Postman Collections. There
is also a plugin for exporting Postman Collections in case you work with
people who use Postman.

[https://paw.cloud/docs/migrate/postman](https://paw.cloud/docs/migrate/postman)

[https://paw.cloud/docs/exporters/postman-
exporter](https://paw.cloud/docs/exporters/postman-exporter)

------
maddening
> I use a low-end PC and can't possibly afford to run another Electron app

> That's why I created my own API request builder with pure JavaScript (I used
> Vue.js) + HTML + CSS

So... the only differences are not running this as a separate process and NIH?

~~~
nicoburns
Presumably lower memory usage due to not running in a separate process. On a
low-end PC this is a completely valid concern. Chrome is memory hungry.
Running one instance might be viable. Running 2, 3 or 6 probably isn't (and
you can always choose a less memory-hungry browser).

~~~
jmnicolas
If performances are a concern I would build it in QT, not Javascript. Just
opening Firefox eats like 400 MB ram on my PC !

~~~
tumetab1
It makes me question, is there any way to run a slim browser for these kind of
tools?

It would be cool to have a tool that would: * run a very slim browser tab for
each tool * I cloud load/save sites into tools (So I can really run them
offline) * Could have a shortcut or a starting page that's just links to my
saved tools

~~~
dahfizz
Considering this tool uses JavaScript rendering, I'm not sure you could get
away with a "slim browser". You're going to need all the bloat that makes CSR
work.

------
dalbotex
Don't CORS restrictions basically render this whole tool useless?

~~~
lol768
I suppose it's useful for APIs with permissive CORS headers. Maybe there's
also some way to run it locally as a separate app with SOP disabled?

Maybe something like:

    
    
      $ chromium-browser --disable-web-security --user-data-dir="/tmp" --kiosk https://liyasthomas.github.io/postwoman/
    

Unrelated, meta note: why does indiehackers need a separate interstitial
splash screen, visible for ~4-5 seconds to load a simple article page?

~~~
oauea
Then you're launching a second chromium instance and practically recreating
Electron.

~~~
lol768
Yes, indeed. Sort of defeats the point of Postwoman being more performant..

Still, this seems safer than the various extensions that have been recommended
in order to disable the SOP. I'd rather the user's data wasn't on the line.

~~~
oauea
Right, so I don't see any reason why I would ever want to use this tool when
far superior alternatives (like postman) exist.

------
amrrs
Github:
[https://github.com/liyasthomas/postwoman](https://github.com/liyasthomas/postwoman)

Back Story: [https://dev.to/liyasthomas/i-created-postwoman-an-online-
ope...](https://dev.to/liyasthomas/i-created-postwoman-an-online-open-source-
api-request-builder-41md)

------
leandot
After Postman lost all my saved queries after an upgrade I switched to
Insomnia - [https://insomnia.rest/](https://insomnia.rest/) and am quite happy
with it.

~~~
stronglikedan
I'm curious to know what gives you the confidence that Insomnia won't lose
your saved data? Are you paying the premium for the data sync?

~~~
cerberusss
Not OP, but since Insomnia is a native app, it'll probably store its data and
preferences in ~/Library. That is of course backed up via Time Machine.

~~~
umen
It is not nattive , very hard to find native apps
[https://github.com/getinsomnia/insomnia](https://github.com/getinsomnia/insomnia)

------
duiker101
Since it was added, my favourite way to do API requests is IntelliJ Http
client

[https://www.jetbrains.com/help/idea/http-client-in-
product-c...](https://www.jetbrains.com/help/idea/http-client-in-product-code-
editor.html)

You just write the requests. That's it. Not much of an interface or anything.

It also supports creating requests from a cURL command (so in Chromium
devtools you can copy the cURL request and then paste it in IntelliJ).

~~~
sancha_
This is also what I use. Others mention insomnia, but it does not support
testing responses (validating them) with a script. With the Http Client in
IntelliJ you can do that, as well as with Postman. But with Postman you need
to import/export everything and put it into you projects, so you can check it
in with your source code. Using IntelliJ you don't need to do that anymore
too.

Having used Postman, Insomnia and the IntelliJ Http Client, the last one is
the best out of them all.

------
jgrpf
I like wuzz. An ncurses interfaces for HTTP requests that allows me to save my
configuration. It's super lightweight and all I need.

[https://github.com/asciimoo/wuzz](https://github.com/asciimoo/wuzz)

------
oauea
Is this affiliated with Postman? It seems disingenuous to reuse their name if
not.

~~~
dyeje
Came here to say the same. Seems needlessly antagonistic.

~~~
JungleGymSam
But inclusion!

------
AngeloAnolin
Navigating to the site[1] and asking me to install it on my Chrome browser
without providing any relevant information is a big security no-no. I think
the developer should have provided more information on the product and link to
a trustworthy site where the binaries could be verified and added (safely)
into the browser.

[1]
[https://liyasthomas.github.io/postwoman/](https://liyasthomas.github.io/postwoman/)

------
unhammer
Hm, web based so defeated by CORS (plus privacy issues unless you install it
on your own server, but then Postman itself is closed source …). Fortunately
there's an Emacs package for this =P
[http://emacsrocks.com/e15.html](http://emacsrocks.com/e15.html)

------
maxelerator
I'm pretty happy with the features of the vscode-restclient called VS Code
extension. [https://github.com/Huachao/vscode-
restclient](https://github.com/Huachao/vscode-restclient)

------
tumetab1
Opening the link I was hoping that this would be a postman with better support
for file uploads. I have a long lived desired to be able to have postman
request which embeds a file to upload. I really like postman features and UX
but when I need a test suite for a file upload endpoint it doesn't match.

Tried several hacks to achieve to embed files but none worked. If the endpoint
supported Content-Transfer-Encoding it would be kind of easy to do.

~~~
scarface74
You don’t need a hack. I do it all of the time.

[https://stackoverflow.com/questions/16015548/tool-for-
sendin...](https://stackoverflow.com/questions/16015548/tool-for-sending-
multipart-form-data-request)

~~~
tumetab1
That doesn't work for the test runner, just for one time off requests. Just
closing and opening postman it looses the file you had choosen.

~~~
scarface74
Use the export functionality to create a script in your language of choice?
(c#, Java, Curl, etc.)?

~~~
tumetab1
In my opinion that would defeat the purpose of the tool. I like to have a
postman suite file that I can share... using other tools and integrations
would kind of break that.

Postman best thing is that an easy enough tool for beginners and customizable
enough to be a test suite for an API. The cost of leaving the tools for it's
pretty high.

------
whoisthemachine
That's a neat side project, and I like the idea of having a quick website I
can go for testing quick requests rather than having to open a full-fledged
app.

------
riston
Working on integrating other companies APIs and find declarative approach
easier like VSCode has this extension where you could write all API calls in
code.
[https://marketplace.visualstudio.com/items?itemName=humao.re...](https://marketplace.visualstudio.com/items?itemName=humao.rest-
client)

~~~
ticmasta
If you're already in VS Code I prefer the rest extension as well. It's great
for making quick one-off calls but is a little under-powered for organizing
larger sets of endpoints, credentials, etc

~~~
riston
You can create env variables, local variables, use response results in next
request etc.

------
systematical
How does performance compare to PostMans laughably bad performance? I'd love
to drop postman.

~~~
joshmn
Plenty of alternatives. Paw[0], Insomnia[1] to name a few.

[0] [https://paw.cloud/](https://paw.cloud/)

[1] [https://insomnia.rest/](https://insomnia.rest/)

------
Sree_Inventrust
Great, You can host your open source API on www.inventrust.com as well. This
is a blockchain enabled, collaborative Exchange for Trusted software code.

------
beardedwizard
Don't forget to paste your auth tokens into a random website today.

~~~
edoceo
Everyone: don't use existing please make new, unique keys for services like
this. Time-box and revoke!

~~~
iandinwoodie
Can you please elaborate on what you mean by time-boxing and how you achieve
it? I'm assuming it means to assign a time scope to a key and then revoke it's
access outside of that time period. This would require access to the API
authentication methods, correct? Otherwise, for API's that you don't have
backend access to (e.g., GitHub API) you should just generate a token for
testing and manually delete it when you are done?

~~~
dennisnedry
They mean to assign an expiration date to your tokens. Then when you're done
testing, still revoke the token, even if you haven't reached the expiration
date.

~~~
edoceo
This is exactly what I meant, thank you.

------
RyJones
this is pretty cool! I've needed a tool like this all week to mess with the
GitHub API

------
alperakgun
Rested firefox extension is quite nice too.

------
abtinf
Here is the definition of trademark infringement directly from USPTO [1]:
"Trademark infringement is the unauthorized use of a trademark or service mark
on or in connection with goods and/or services in a manner that is likely to
cause confusion, deception, or mistake about the source of the goods and/or
services."

I'm not affiliated with Postman in any way. But if I was, I'd already have
sent a note to my lawyers to collect evidence, issue a cease and desist
letter, get your project kicked off of github, and prepare for the possibility
of lawsuit.

Given the nature of your project and the extreme similarity to the name
"Postman", I would strongly urge you to change your project's name before you
expose yourself and your family to potential financial ruin.

[1] [https://www.uspto.gov/page/about-trademark-
infringement](https://www.uspto.gov/page/about-trademark-infringement)

~~~
jjeaff
First, doesn't even look like it's a commercial product.

Second, the creator says they don't have the money right now for a domain
name. You can't squeeze blood from a turnip. And they may not even live in a
country that respects US trademark law.

Seems like a polite request from postman would be a good place to start.

