Item logo image for HTTP Header Modifier for testing

HTTP Header Modifier for testing

5.0(

2 ratings

)
ExtensionDeveloper Tools6 users
Item media 2 (screenshot) for HTTP Header Modifier for testing
Item media 1 (screenshot) for HTTP Header Modifier for testing
Item media 2 (screenshot) for HTTP Header Modifier for testing
Item media 1 (screenshot) for HTTP Header Modifier for testing
Item media 1 (screenshot) for HTTP Header Modifier for testing
Item media 2 (screenshot) for HTTP Header Modifier for testing

Overview

A lightweight developer tool to inject and override response headers for testing CSP, CORS, and security policies.

HTTP Header Modifier for testing is a lightweight, high-performance developer tool designed to inject, override, and modify HTTP response headers on the fly. Built with the modern Manifest V3 engine, it provides a secure and efficient way to debug web security policies, CORS configurations, and server behaviors without the bloat of traditional header managers. 🚀 Key Use Cases # Debug CSP & Security: Easily test and bypass Content Security Policy (CSP) or HSTS headers in your local development environment. # CORS Troubleshooting: Inject Access-Control-Allow-Origin headers to resolve cross-origin issues during API development. # Environment Simulation: Override headers like X-Frame-Options or Server to simulate different backend environments. # Custom Headers: Add your own custom headers (e.g., X-DummyHeader) to verify frontend logic. 🛠️ Features # Global Master Switch: Quickly enable or disable all modifications with a single click. # Domain-Specific Targeting: Use powerful URL matching (e.g., example.com) to ensure headers only apply where you need them. # Manifest V3 Optimized: Uses the declarativeNetRequest API for native-speed header modification that respects browser privacy. # Zero Latency: Modifications happen at the network level, ensuring no impact on page load speed. ⚠️ Note for Developers Due to Chrome’s internal networking optimizations (HSTS and HTTP/3), modified headers may occasionally be hidden in the "Network" tab of DevTools. To verify active headers, it is recommended to check the console using: fetch(window.location.href).then(r => console.log(r.headers.get('Your-Header')))

5 out of 52 ratings

Learn more about results and reviews.

Details

  • Version
    1.0.0
  • Updated
    January 10, 2026
  • Offered by
    Manfred Gruber
  • Size
    18.03KiB
  • Languages
    English
  • Developer
    Manfred
    Wien Vienna 1220 AT
    Email
    manfred.extensions@gmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

Related

HTTP Header Modifier

5.0

Modify HTTP request headers for specific URLs

Allow CSP: Content-Security-Policy

4.0

Easily remove CSP (Content-Security-Policy) rules from the response header.

CORS Unblock

4.8

Temporarily unblock CORS for development and testing purposes

Anti-CORS, anti-CSP

4.3

Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites

REST Client

5.0

Use Rest Client – your powerful REST API client tool for testing and debugging HTTP requests both online and locally in Chrome

CSP Unblock

4.4

No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.

Testing Toolkit: 15+ Essential Manual Testing Tools

5.0

Redefine manual testing with best-in-class tools, supercharged with AI. JSON Formatter, Cache Manager, Responsive testing & more

[Experiment] Edit and Resend: Ajax Request Debugger in Chrome DevTools

3.8

Enhance Chrome DevTools with a new tab. Edit and resend fetch() / XHR requests. Efficiently debug or test your web applications.

ModHeader - Modify HTTP headers

3.0

Modify HTTP request headers, response headers, and redirect URLs

XApi HTTP Client - Api Testing Tool

0.0

Intercept, debug & replay HTTP requests. A comprehensive API client with collections and cURL support inside Chrome DevTools.

Ignore X-Frame headers

4.4

Drops X-Frame-Options and Content-Security-Policy HTTP response headers, allowing all pages to be iframed.

LambdaTest Accessibility DevTools

4.9

LambdaTest Accessibility DevTools - The Go-to Accessibility Auditor for Developers, Testers, and Product Managers.

HTTP Header Modifier

5.0

Modify HTTP request headers for specific URLs

Allow CSP: Content-Security-Policy

4.0

Easily remove CSP (Content-Security-Policy) rules from the response header.

CORS Unblock

4.8

Temporarily unblock CORS for development and testing purposes

Anti-CORS, anti-CSP

4.3

Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites

REST Client

5.0

Use Rest Client – your powerful REST API client tool for testing and debugging HTTP requests both online and locally in Chrome

CSP Unblock

4.4

No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.

Testing Toolkit: 15+ Essential Manual Testing Tools

5.0

Redefine manual testing with best-in-class tools, supercharged with AI. JSON Formatter, Cache Manager, Responsive testing & more

[Experiment] Edit and Resend: Ajax Request Debugger in Chrome DevTools

3.8

Enhance Chrome DevTools with a new tab. Edit and resend fetch() / XHR requests. Efficiently debug or test your web applications.

Google apps