Read the Blog
Become an HTTP & debugging expert by subscribing to receive new posts like these emailed straight to your inbox:
Public CDNs Are Useless and Dangerous
Defeating Android Certificate Pinning with Frida
Encoding your HTTP for fun and profit
Build an HTTPS-intercepting JavaScript proxy in 30 seconds flat
One Port to Rule Them All
Defining a new HTTP method: HTTP SEARCH
What are CORS proxies, and when are they safe?
Intercept and edit HTTP traffic from (almost) any Android app
How to intercept & debug all Java HTTPS
HTTPWTF
Cache your CORS, for performance & profit
Fixing DNS in Node.js
How to Index 226,379 API Endpoints
The right way to turn off your old APIs
Mining your CLI history for good git aliases
How do you know what's gone wrong when your API request fails?
Intercepting HTTPS on Android
Migrating a JS project from Travis to GitHub Actions
How to Debug Any CORS Error
Android 11 tightens restrictions on CA certificates
GraphQL the Simple Way, or: Don't Use Apollo
Inspecting Android HTTP with a fake VPN
How to Debug Node.js Segmentation Faults
Translating between HTTP/1 and HTTP/2
What's coming in TypeScript 4?
Bye bye Feature-Policy, hello Permissions-Policy
How will user-agent client hints work?
Ignore HTTP Client Errors At Your Peril
HTTP 555: User-Defined Resource Error
Chrome 79+ no longer shows preflight CORS requests
Global developer CAs considered harmful
Free as in Beer
How to Debug Anything
A Crash Course in Price Localization
The 5 Big Features of TypeScript 3.7 and How to Use Them
Unblocking Node With Unref()
Notarize your Electron App with Electron Forge
X-Ray Debugging for HTTP
Bundling Remote Scripts with Webpack
Debugging Netlify Function Errors with Sentry
One-click HTTP debugging for any CLI tool
Welcome to the HTTP Toolkit blog
100% open-source
Dive in at github.com/httptoolkit
Dive in at github.com/httptoolkit
Built in Barcelona