This is a service to help easily test the behaviour of HTTP clients like browsers, libraries, developer tools or anything else. Heavily inspired by the httpbin project. Canonical version available at httpbun.com, currently mirrored at httpbun.org as well.
★ Star this project on GitHub.
/put
, /patch
and /delete
endpoints that behave similarly.headers
which is an object of all the headers in the
request, as keys and values. If a header repeats in the request, then its values are concatenated with a comma and
treated as a single header value.username
and password
as the credentials.Authorization
header in the request, that takes the form
Bearer some-auth-token-here
. If no expectedToken
is given, any token will be treated as
valid. If no Authorization
header is present in the request, this results in a 401 response./digest-auth/auth/scott/tiger
requires to be authenticated with the
credentials scott
and tiger
as username and password. The implementation is based on
this example from Wikipedia. The value of qop
is usually auth
.origin
, with the client's IP Address for value.user-agent
, with the client's user agent (as present
in the User-Agent
header) for value.If-Modified-Since
or If-None-Match
header, returns a 304
response. Otherwise, it behaves the same as /get
for GET requests,
/post
for POST requests, etc.Cache-Control
header for age
seconds.codes
. It can be a comma-separated list of multiple status
codes, of which a random one is chosen for the response./response-headers?one=two
, there is a header called One
, whose value is two
.
The response body contains all the headers again, in the form of a JSON object. (This JSON object in the response
should be considered deprecated, and may be removed in the future.)encoded
text with base64 encoding scheme. Defaults to
SFRUUEJVTiBpcyBhd2Vzb21lciE=
.count
random bytes in the response. The Content-Type
header is set to
application/octet-stream
. The pseudo-randomness algorithem is not to be considered as cryptographically
secure.seconds
seconds. The seconds
parameter has to be an integer
currently. Fractional delays are not yet supported.*
character. The following query params can be used to configure this endpoint:
duration
: Time seconds over which to periodically drip the data. Default: 2.
numbytes
: Total number of times to drip the data. Default: 10.
code
: The HTTP status code to be used in ther response. Default: 200.
delay
: An initial delay, in seconds. Default: 2.
/drip-lines
, a newline character is written after every piece of data.
count
links, which in turn respond with HTML documents with links again.
You mostly want to use the first version (i.e., without offset
).count
random bytes, that are generated with the same random seed every time. The value
of count
is capped to 1000.name
to value
.url
query param. If a status_code
query
param is also given, it is used as the HTTP Status code in the response. Otherwise, 301 is used.count
times. For example, /redirect/3
will redirect three times before settling
on a response. The redirect URLs specified in the Location
header will be relative URLs.count
times. For example, /redirect/3
will redirect three times before settling
on a response. The redirect URLs specified in the Location
header will be absolute URLs.iframe
, pointing to the given url
. For example, opening
/iframe?url=https://sharats.me
in the browser will show a page that tries to open
https://sharats.me
in an iframe
.client_id
, scope
, state
etc. that are required for a typical OAuth flow, and present the user a minimal UI to approve or decline, and then
redirect to the URL specified by redirect_uri
with appropriate details. You may try this out with the
OAuthDebugger to understand the flow better.docker run -p 8008:80 ghcr.io/sharat87/httpbun
localhost
. Set it to 0.0.0.0
to make your
instance accessible from non local clients.3090
.
empty
,
which means it will allow any. An example: httpbun.com,httpbun.org
.1
, only accept connections coming in as https
. By default, https is not
forced.1
, the endpoint /info
will be availble, which responds with various server
information. By default, /info
returns a 404 Not Found
response.Not all endpoints in httpbin are yet supported by httpbun. This will change as I get to spend more time on adding those features to httpbun, so be sure to check back.
The following though, are known incompatibilities with Httpbin, and are intended. These deviations are intentional and are unlikely to change (unless of course there's a compelling reason to).
X-One
is always
represented as X-One
, and never as x-one
or any other casing.
/get
, /post
, etc.
Httpbun is distributed with the Apache-2.0 License. Please refer to the LICENSE and NOTICE files present in the source distribution of this project.
This favicon was generated using the following graphics from Twitter Twemoji:
1fad3.svg
.