Httpbin.dev

Httpbin.dev is a service to debug/test your http clients

Sponsors:

ENDPOINTS

/ This page.
/absolute-redirect/:n 302 Absolute redirects n times.
/anything/:anything Returns anything that is passed to request.
/base64/:value Decodes a Base64 encoded string.
/base64/decode/:value Explicit URL for decoding a Base64 encoded string.
/base64/encode/:value Encodes a string into Base64.
/basic-auth/:user/:passwd Challenges HTTPBasic Auth.
/bearer Checks Bearer token header - returns 401 if not set.
/brotli Returns brotli-encoded data.
/bytes/:n Generates n random bytes of binary data, accepts optional seed integer parameter.
/cache Returns 200 unless an If-Modified-Since or If-None-Match header is provided, when it returns a 304.
/cache/:n Sets a Cache-Control header for n seconds.
/cookies Returns cookie data.
/cookies/delete?name Deletes one or more simple cookies.
/cookies/set?name=value Sets one or more simple cookies.
/deflate Returns deflate-encoded data.
/delay/:n Delays responding for min(n, 10) seconds.
/delete Returns request data. Allows only DELETE requests.
/deny Denied by robots.txt file.
/digest-auth/:qop/:user/:passwd/:algorithm Challenges HTTP Digest Auth.
/digest-auth/:qop/:user/:passwd Challenges HTTP Digest Auth.
/drip?numbytes=n&duration=s&delay=s&code=code Drips data over a duration after an optional initial delay, then (optionally) returns with the given status code.
/dump/request Returns the given request in its HTTP/1.x wire approximate representation.
/encoding/utf8 Returns page containing UTF-8 data.
/etag/:etag Assumes the resource has the given etag and responds to If-None-Match header with a 200 or 304 and If-Match with a 200 or 412 as appropriate.
/forms/post HTML form that submits to /post
/get Returns GET data.
/gzip Returns gzip-encoded data.
/head Returns response headers. Allows only HEAD requests.
/headers Returns request header dict.
/hidden-basic-auth/:user/:passwd 404'd BasicAuth.
/html Renders an HTML Page.
/hostname Returns the name of the host serving the request.
/image Returns page containing an image based on sent Accept header.
/image/jpeg Returns a JPEG image.
/image/png Returns a PNG image.
/image/svg Returns a SVG image.
/image/webp Returns a WEBP image.
/image/avif Returns a AVIF image.
/json Returns JSON.
/links/:n Returns page containing n HTML links.
/options Returns request data. Allows only OPTIONS requests.
/patch Returns request data. Allows only PATCH requests.
/post Returns request data. Allows only POST requests.
/preflight Only accept OPTIONS, return no data, only preflight headers
/put Returns request data. Allows only PUT requests.
/range/1024?duration=s&chunk_size=code Streams n bytes, and allows specifying a Range header to select a subset of the data. Accepts a chunk_size and request duration parameter.
/redirect-to?url=foo&status_code=307 307 Redirects to the foo URL.
/redirect-to?url=foo 302 Redirects to the foo URL.
/redirect/:n 302 Redirects n times.
/relative-redirect/:n 302 Relative redirects n times.
/response-headers?key=val Returns given response headers.
/headers-sec-ch Enables all Client Hints headers and redirects to /headers. Includes both current and deprecated headers (e.g. sec-ch-viewport).
/status/:code Returns given HTTP Status code.
/stream-bytes/:n Streams n random bytes of binary data, accepts optional seed and chunk_size integer parameters.
/stream/:n Streams min(n, 100) lines.
/unstable Fails half the time, accepts optional failure_rate float and seed integer parameters.
/user-agent Returns user-agent.
/uuid Generates a UUIDv4 value.
/xml Returns some XML
/zstd Returns zstd-encoded data.
/pdf Navigate on PDF document
/pdf-embeded Navigate on HTML document embedding a PDF loaded from current domain
/pdf-embeded-oop Navigate on HTML document embedding a PDF loaded from external domain
/iframe Load an HTML page with content rendered in iframe
/iframe-oop Load an HTML page with content rendered in iframe from an external domain

Example

$ curl https://httpbin.dev/user-agent

{"user-agent":"curl/7.64.1"}

$ curl https://httpbin.dev/get?foo=bar

{
  "args": {
    "foo": [
      "bar"
    ]
  },
  "headers": {
    "Accept": [
      "*/*"
    ],
    "Host": [
      "httpbin.dev"
    ],
    "User-Agent": [
      "curl/7.64.1"
    ]
  },
  "origin": "73.238.9.52, 77.83.142.42",
  "url": "https://httpbin.dev/get?foo=bar"
}

$ curl https://httpbin.dev/dump/request?foo=bar

GET /dump/request?foo=bar HTTP/1.1
Host: httpbin.dev
Accept: */*
User-Agent: curl/7.64.1

$ curl -I https://httpbin.dev/status/403

HTTP/2 403
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy:  frame-ancestors 'self' *.httpbin.dev; font-src 'self' *.httpbin.dev; default-src 'self' *.httpbin.dev; img-src 'self' *.httpbin.dev; media-src 'self' *.httpbin.dev; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.httpbin.dev; style-src 'self' 'unsafe-inline' *.httpbin.dev https://unpkg.com; frame-src 'self' *.httpbin.dev; worker-src 'self' *.httpbin.dev; connect-src 'self' *.httpbin.dev
date: Mon, 27 Mar 2023 16:26:57 GMT
permissions-policy: fullscreen=(self), autoplay=*, geolocation=(), camera=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

$ curl -I https://httpbin.dev/headers-sec-ch

HTTP/2 302
accept-ch: sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-wow64, sec-ch-device-memory, sec-ch-dpr, sec-ch-viewport-width, sec-ch-viewport-height, sec-ch-prefers-color-scheme, sec-ch-prefers-reduced-motion, sec-ch-prefers-reduced-transparency, sec-ch-viewport, sec-ch-width
location: /headers