This is a service to help easily test the behaviour of HTTP clients like browsers, libraries, developer tools or anything else. Inspired by httpbin. I made this because httpbin lacked some things I needed, like the /mix endpoint, the /payload endpoint, not ignore request body in /get, accepting any method in most endpoints, not hiding some headers, etc.
https://self-signed-cert.httpbun.com
that uses a self-signed HTTPS certificate.
★ Star this project on GitHub.
curl oof.ooo/get
/put
, /patch
and /delete
endpoints that behave similarly.
curl -X POST -d 'one=1' oof.ooo/post
curl -X POST -d '{"one": 1}' -H 'content-type:application/json' oof.ooo/post
curl -X PUT oof.ooo/put
curl -X PATCH oof.ooo/patch
curl -X DELETE oof.ooo/delete
/any
is also accepted.headers
which is an object of all the headers in
the request, as keys and values. If a header repeats in the request, then its values are concatenated with a
comma and treated as a single header value.
curl -H 'x-custom: custom header value' oof.ooo/headers
Content-Type
header as the request and the body of the request as is.
curl -H 'Content-Type: text/plain' -d 'plain body' oof.ooo/payload
curl -H 'Content-Type: application/json' -d '{"a": 1}' oof.ooo/payload
username
and password
as the credentials.
curl -H 'Authorization: Basic c2NvdHQ6dGlnZXI=' oof.ooo/basic-auth/scott/tiger
Authorization
header in the request, that takes the
form Bearer some-auth-token-here
. If no expectedToken
is given, any token will be
treated as valid. If no Authorization
header is present in the request, this results in a 401
response.
curl -H 'Authorization: Bearer auth_token_here' oof.ooo/bearer
curl -H 'Authorization: Bearer expected_token' oof.ooo/bearer/expected_token
/digest-auth/auth/scott/tiger
requires to be authenticated with
the credentials scott
and tiger
as username and password. The implementation is based
on this example from Wikipedia. The value of qop
defaults to auth
.
origin
, with the client's IP Address for value.
If-Modified-Since
or If-None-Match
header, returns a 304
response. Otherwise, it behaves the same as /get
for GET requests,
/post
for POST requests, etc.
Cache-Control
header for age
seconds.codes
. It can be a comma-separated list of multiple
status codes, of which a random one is chosen for the response.
/response-headers?one=two
, there is a header called One
, whose value is
two
.
The response body contains all the headers again, in the form of a JSON object. (This JSON object in the
response should be considered deprecated, and may be removed in the future.)
encoded
text with base64 encoding scheme. Defaults to
SFRUUEJVTiBpcyBhd2Vzb21lciE=
.
count
random bytes in the response. The Content-Type
header is set to
application/octet-stream
. The pseudo-randomness algorithm is not to be considered as
cryptographically secure.
seconds
seconds. The seconds
parameter has to be an integer
currently. Fractional delays are not yet supported.
*
character. The following query params can be used to configure this endpoint:
duration
: Time seconds over which to periodically drip the data. Default: 2.
numbytes
: Total number of times to drip the data. Default: 10.
code
: The HTTP status code to be used in their response. Default: 200.
delay
: An initial delay, in seconds. Default: 2.
/drip-lines
, a newline character is written after every piece of data.
count
links, which in turn respond with HTML documents with links
again. You mostly want to use the first version (i.e., without offset
).
count
random bytes, that are generated with the same random seed every time. The
value of count
is capped to 1000.
name
to value
.url
query param. If a status
query param is also given, it is used as the HTTP Status code in the response. Otherwise, 302 is used.
count
times. For example, /redirect/3
will redirect three times before
settling on a response. The redirect URLs specified in the Location
header will be
relative URLs.
count
times. For example, /redirect/3
will redirect three times before
settling on a response. The redirect URLs specified in the Location
header will be
absolute URLs.
/mix/s=400/h=x-custom-header:some-valueThe
s=
and h=
are directives that /mix
understands. Supported directives are:
s
: HTTP response status code.
h
: Set a response header, in the form name:value
.
c
: Set a cookie, in the form name:value
.
r
: Set a redirect URL. Uses status code 307. To change, use s=
directive.
b64
: Set the response body to the base64 decoded value.
With Docker: docker run -p 80:80 sharat87/httpbun
From source, with task installed: task run
localhost:3090
, which configures the server
to listen on TCP port 3090 on localhost.HTTPBUN_BIND
environment variable.
the-one
,
then the /get
endpoint will be available on /the-one/get
. Similarly, all other
endpoints are also prefixed with the value of this argument.
This is a non-exhaustive list of differences from httpbin.
/get
, /post
, etc.
400 Bad Request
error,
instead of responding with a success, and empty body details like httpbin.
/headers
.
See
list of hidden headers on httpbin.
Httpbun is distributed with the Apache-2.0 License. Please refer to the LICENSE and NOTICE files present in the source distribution of this project.
The bun icon was generated using the following graphics from Twitter Twemoji:
1fad3.svg
.