DevToolsForYou
Private by defaultRuns in your browser

HTTP request replay

Paste a curl command or raw HTTP request, tweak any field, and replay it — response status, headers, and body shown inline.

Quick samplesClick to load
Related toolsAll Encoding & security

Base64 Encoder and Decoder

Encode text to Base64 or decode Base64 back into readable text with Unicode-safe support.

URL Encoder and Decoder

Encode or decode URLs, query strings, and parameter values for safe transport across the web.

JWT Encoder and Decoder

Decode JWTs and generate signed or unsigned tokens in the browser.

Hash Generator

Generate MD5, SHA-1, SHA-256, and SHA-512 hashes from text input.

HTML Escape Tool

Escape and unescape HTML entities for safe display in code, templates, and content.

Binary / Hex / Octal Converter

Convert numbers between binary, octal, decimal, and hexadecimal instantly — see all four bases at once.

Password Generator

Generate secure random passwords with configurable length, character sets, and a built-in strength indicator.

Password Strength Checker

Check password strength with entropy calculation, character composition analysis, and estimated crack times at different attack speeds.

HTTP Request Builder

Build, send, and inspect HTTP requests with custom headers, query params, and body — all in your browser.

cURL to Code Converter

Convert any curl command into runnable code in JavaScript, Python, PHP, Go, Ruby, or Java — no signup required, all processing in the browser.

Base64 File Encoder / Decoder

Encode any file or text to Base64, or decode Base64 back to its original form. Supports images, PDFs, certificates, and any binary file — fully in-browser.

JWT Expiry Visual Timeline

Paste a JWT and see its lifecycle on a visual timeline — issued, not-before, expiry, and current time. All claims decoded inline, status shown at a glance.

HTTP Replay

About this tool

When debugging an API issue you usually have the request already in hand — copied from browser DevTools, pasted from a colleague, or pulled from a log file as a curl command. Re-entering all the headers, method, URL, and body manually into a request builder is tedious. This tool takes the opposite approach: paste the request as a curl command or as raw HTTP text and it parses it into an editable form automatically. The curl parser handles single and double quoted strings, multi-line commands joined with backslash continuations, all common flags (-X, -H, -d, --data-raw, --data-binary, -u for basic auth, -b for cookies, --header=, --request=), and extracts the URL from the non-flag argument. The raw HTTP parser reads the request line (METHOD /path HTTP/1.1), parses the header block, builds the full URL from the Host header and path, and captures the body after the blank separator line. Once parsed, every field is fully editable — change the method, update a header value, modify the body — then click Replay to fire the request via the browser's fetch API and see the response status, timing, size, body, and response headers inline. Because requests are sent directly from your browser, CORS policies on the target server apply. Requests to public APIs and CORS-enabled endpoints work without any configuration.

No signup requiredRuns in your browserInstant results
How to use
  1. 1

    Paste a curl command or raw HTTP request into the import box.

  2. 2

    Choose the matching format tab (curl command or Raw HTTP).

  3. 3

    Click Parse & edit — method, URL, headers, and body are filled in automatically.

  4. 4

    Edit any field if needed, then click Replay Request.

  5. 5

    The response status, timing, headers, and body appear in the panel below.

Why use this tool?

  • Replay a failing API request from a bug report without re-entering all the headers manually.

  • Test an endpoint copied from API documentation by pasting the example curl command.

  • Modify and re-send a request copied from browser DevTools to debug an API integration.

  • Verify that a request from a colleague reproduces the issue before investigating further.

ExamplesInput → output

curl GET

Inputcurl https://jsonplaceholder.typicode.com/posts/1
OutputParsed: GET https://jsonplaceholder.typicode.com/posts/1

curl POST

Inputcurl -X POST https://api.example.com/users -H "Content-Type: application/json" -d '{"name":"Alice"}'
OutputParsed: POST https://api.example.com/users with body and header
Common errorsAnd how to fix them

Could not extract a URL

Cause: The curl command may be missing the URL, or it starts with an option rather than a recognisable argument.

Fix: Make sure the URL appears as a plain argument in the curl command (e.g. curl https://example.com/api). Wrap it in quotes if it contains special characters.

First line must be: METHOD /path HTTP/1.1

Cause: The pasted text is not in raw HTTP request format. It may be a response, a curl command, or just a URL.

Fix: Switch to the curl tab if you have a curl command. For raw HTTP, the first line must be the request line, e.g. GET /api/users HTTP/1.1.

CORS / network error in response

Cause: The target server does not include CORS headers (Access-Control-Allow-Origin) so the browser blocks the response.

Fix: This is a browser security restriction, not a tool bug. Try the request from a server-side environment, or test against a CORS-enabled API like jsonplaceholder.typicode.com.

Frequently asked questionsCommon questions answered

These answers explain common http replay tasks, expected input formats, and edge cases so both visitors and search engines can understand what this tool does.

What curl flags are supported?

-X / --request (method), -H / --header (headers), -d / --data / --data-raw / --data-binary (body), -u / --user (Basic auth → Authorization header), -b / --cookie (Cookie header). Multi-line commands using backslash continuation are supported. Both single and double quoted values are handled.

How are raw HTTP requests parsed?

The first line is parsed as METHOD /path HTTP/1.x. Headers are read until the blank line separator. The Host header is combined with the path to build the full URL. Everything after the blank line is treated as the request body.

Why do some requests fail with a CORS error?

Browsers enforce CORS: if the target server doesn't include Access-Control-Allow-Origin in its response headers, the browser blocks the response. This is a browser security policy, not a bug. It affects all browser-based HTTP tools. To test non-CORS endpoints, use a CLI tool like curl directly.

Is this the same as the HTTP Request Builder?

The HTTP Request Builder lets you construct requests from scratch using a form. The HTTP Request Replay tool starts from an existing request — a curl command or raw HTTP text — and parses it into the form for you, so you can replay or modify it without manual entry.

Related guidesAll guides →

How to Read HTTP Headers

A practical guide to HTTP headers — request vs response headers, what the most important ones mean, how to inspect them in the browser and curl, and security headers you should be setting.

Read guide →