Skip to main content

On mobile? Send a link to your computer to download HTTP Toolkit there:

No spam, no newsletters - just a quick & easy download link

On mobile? Send a link to your computer to download HTTP Toolkit there:

No spam, no newsletters - just a quick & easy download link

http

interception

announcements

X-Ray Debugging for HTTP

HTTP Toolkit is a suite of open-source & cross-platform tools for developing, debugging & testing anything using HTTP. It lets you intercept HTTP(S) with one click, and explore, examine & understand all your traffic, to spot bugs, fix bugs, and build better software.

The free release of the first version (HTTP View) has been available for a little while, and today I've got some new killer features launching as part of HTTP Toolkit Pro, to let you look deep inside your HTTP traffic, with all the context you need to understand everything your application is doing.

API integrations for 1400+ APIs

Understanding your traffic takes more than just the raw data. Using OpenAPIopens in a new tab and the OpenAPI directoryopens in a new tab, HTTP Toolkit can work out exactly which API every single request is talking to, for APIs from AWS to Stripe to Github, and a whole lot more.

With that, there's a lot of cool things we can do. For example:

API metadata for a request to the YouTube API

Here we've taken a request to the YouTube API, and immediately worked out what operation it's doing, interpreted the parameters to provide inline documentation, pointed out that one parameter has an invalid value, and spotted another required parameter that's missing.

Debugging tools with real context - tools that really understand what you're trying to do - let you take your development skills to a whole new level.

Performance analysis, tips & warnings

Performance is hard. There's a huge number of ways to tweak & tune the speed of your application with HTTP, a lot of confusing specs (what's the difference between a no-store and no-cache cache-control header?), and not a lot of advice.

For most applications though, the two most important things to focus on are compression, and caching. Streaming large responses hugely slows down client applications, and caching lets them avoid request round trips entirely.

Performance analysis for an HTTP request

You can now get automated performance analysis for all HTTP responses, including the response time itself, but also the details of the request & response body compression (and a comparison to other content encodings you could've used), and a breakdown of the response cacheability itself.

The caching details come with a summary & detailed explanation of whether & why the request is cacheable, and also which future requests it'll match, who can cache it (just browsers, or CDNs and proxies too?), and when it'll expire.

Caching is hard, and HTTP Toolkit has your back to help you really understand what your response headers mean. In addition, if you've made mistakes like missing directives that would make your caching more consistent & reliable, or disagreeing configuration for the same property (like Expires & max-age), you'll get tips and warnings to help you fix them easily.

Lots more

On top of all that, we've now got light, dark & high-contrast themes, inline documentation for every HTTP header & status code, one-click man-in-the-middle setup for terminals (on all platforms) in addition to browsers, and everything else you might need to quickly & easily understand your HTTP traffic.

A sustainable future

HTTP Toolkit is fundamentally an open-source project. It's been hugely driven by the hard work and many contributions to Mockttpopens in a new tab, and user feedback from the community over the past couple of months has been essential.

Releasing this paid version doesn't change that, and the entire Pro code is open-source too: github.com/httptoolkitopens in a new tab. The aim is to make the project sustainable though, by encouraging professional developers & power users to help support ongoing development, to drive the project forward into the future.

If you like the sound of this, help fund it! Get HTTP Toolkit now, and supercharge your software debugging. If you're on the fence, you can also get started by with the existing free release.

We're also launching on Product Hunt today! Take a look at the reviews and leave your feedback at producthunt.com/posts/http-viewopens in a new tab.

Share this post:

Blog newsletter

Become an HTTP & debugging expert, by subscribing to receive new posts like these emailed straight to your inbox:

Related content

open-source

HTTP Toolkit is joining the Open Source Pledge

The Open Source Pledge is a new push to make companies commit to funding the maintainers of the open-source software they depend on, and to publicly recognize the ones that do. HTTP Toolkit has donated back to maintainers for a few years now, but joining the Open Source Pledge today means formally committing to that, and to doing so publicly with a sustainable minimum level ($2000 per full-time developer, or higher) indefinitely into the future.

http

22 years later, YAML now has a media type

As of February 14th 2024, RFC 9512 formally registers "application/yaml" as the media type for all YAML content, and adds "+yaml" as a standard structured suffix for all YAML-based more specific media types. With this registration, it's now included in the official media types list maintained by the IANA. Media types like this (also known as the MIME types, from their original invention for email attachment metadata) are heavily used particularly in HTTP "Content-Type" headers for both requests & responses, and in all sorts of file metadata and processing logic elsewhere. These names give applications a common vocabulary to describe data when passing it around.

http

What is X-Forwarded-For and when can you trust it?

The X-Forwarded-For (XFF) HTTP header provides crucial insight into the origin of web requests. The header works as a mechanism for conveying the original source IP addresses of clients, and not just across one hop, but through chains of multiple intermediaries. This list of IPv4 and IPv6 addresses is helpful to understand where requests have really come from in scenarios where they traverse several servers, proxies, or load balancers. A typical HTTP request goes on a bit of a journey, traversing multiple layers of infrastructure before reaching its destination. Without the "X-Forwarded-For" header, the receiving server would only see the IP address of the last intermediary in the chain (the direct source of the request) rather than the true client origin.