Header Modifier

Chrome extension that allows you to modify HTTP headers for specific URLs and apply rules based on the current page you're visiting.

# Header Modifier ## Description **Header Modifier** is a powerful Chrome extension that allows you to modify HTTP headers for specific URLs and apply rules based on the current page you're visiting. Perfect for developers, testers, and power users who need to customize request headers for API testing, authentication bypass, user-agent spoofing, or debugging web applications. ### Key Features: - **Smart Page-Based Rules**: Apply header modifications only when visiting specific websites - **Global or Contextual**: Create rules that work globally or only on specific pages - **Header Modification**: Add, modify, or override any HTTP header - **URL Redirection**: Redirect specific requests to different URLs - **Real-time Updates**: Rules activate automatically when switching between tabs or pages - **Visual Feedback**: See which rules are active for the current page - **Easy Management**: User-friendly interface to add, edit, and delete rules - **Export**: Backup and share your rule configurations ## How to Use ### 1. Creating Rules #### Basic Rule Creation: 1. Click the extension icon in your toolbar 2. Go to the "Add Rule" tab 3. Fill in the required fields: - **Page Pattern** (optional): When to apply this rule (e.g., `*://example.com/*`) - **Request URL Pattern**: Which requests to modify (e.g., `*://api.example.com/*`) - **Action**: Choose "Modify Headers" or "Redirect" #### For Header Modification: 1. Select "Modify Headers" action 2. Enter headers in JSON format: ```json { "Authorization": "Bearer your-token-here", "User-Agent": "Custom Bot 1.0", "X-API-Key": "your-api-key" } ``` #### For URL Redirection: 1. Select "Redirect" action 2. Enter the destination URL ### 2. URL Pattern Examples #### Page Patterns (when to apply): - `*://example.com/*` - Only on example.com - `*://localhost:*/*` - Only on localhost (any port) - `*://*.google.com/*` - On all Google subdomains - Leave empty for global rules #### Request URL Patterns (what to modify): - `*://api.example.com/*` - All API requests - `*://*/api/v1/*` - API v1 endpoints on any domain - `*://*/*` - All requests (global) - `https://cdn.example.com/*` - Only HTTPS CDN requests ### 3. Common Use Cases #### API Authentication: ``` Page Pattern: *://myapp.com/* Request Pattern: *://api.myapp.com/* Headers: {"Authorization": "Bearer abc123"} ``` #### Development Environment: ``` Page Pattern: *://localhost:3000/* Request Pattern: *://api.production.com/* Action: Redirect to http://localhost:8080/api/ ``` #### User-Agent Override: ``` Page Pattern: (empty - global) Request Pattern: *://*/* Headers: {"User-Agent": "Custom Browser 2.0"} ``` #### CORS Headers for Testing: ``` Page Pattern: *://localhost:*/* Request Pattern: *://api.external.com/* Headers: { "Access-Control-Allow-Origin": "*", "Access-Control-Allow-Headers": "Content-Type" } ``` ### 4. Managing Rules #### View Active Rules: - The extension shows how many rules are active for the current page - Green indicator = rules are active - Gray indicator = no rules for this page #### Edit/Delete Rules: 1. Go to "Manage Rules" tab 2. See all configured rules with their patterns 3. Click "Delete" to remove individual rules 4. Use "Clear All Rules" to start fresh #### Backup: 1. Click "Export Rules" to download your configuration 2. Save the JSON file as backup ### 5. Tips & Best Practices 1. **Test Gradually**: Start with simple rules and test them before adding complex ones 2. **Use Specific Patterns**: Avoid overly broad patterns that might affect unintended requests 3. **Check Console**: Open Developer Tools to see if your headers are applied correctly 4. **Page vs Request Patterns**: - Page Pattern = when the rule should be active (website you're on) - Request Pattern = which requests to modify (API calls, resources) 5. **Global Rules**: Leave Page Pattern empty for rules that work everywhere 6. **Debugging**: Check the extension console logs for troubleshooting ### 6. Security Note This extension can modify HTTP headers which may affect website security. Use responsibly: - Don't add malicious headers - Be careful with authentication tokens - Test in development environments first - Review rules periodically ### 7. Troubleshooting #### Rules Not Working? 1. Check if the URL patterns match correctly 2. Verify JSON syntax for headers 3. Look at browser console for errors 4. Try reloading the page after adding rules #### Extension Not Loading? 1. Check all files are in the extension folder 2. Reload the extension in chrome://extensions/ 3. Check for JavaScript errors in console #### Performance Issues? 1. Reduce number of broad pattern rules 2. Use specific patterns instead of wildcards 3. Remove unused rules regularly