HTTP Header Inspector: Decode Responses
Inspect and decode HTTP request and response headers — understand content-type, cache-control, CORS.
Published:
Tags: HTTP header inspector, HTTP response headers tool, decode HTTP headers
HTTP Header Inspector: Decode Responses HTTP headers are the metadata layer of every web request — they control caching, security, content negotiation, authentication, and CORS. Reading raw headers is straightforward once you know what each field means. An HTTP header inspector parses them for you, annotating each directive so you can debug faster. --- All the tools discussed here are available for free at theproductguy.in — client-side, no sign-up required. Part of the HTTP Debugging Tools Guide — a complete toolkit for diagnosing web requests. --- What is Structure of HTTP Headers? An HTTP request starts with a request line, followed by headers, a blank line, and an optional body: An HTTP response starts with a status line, followed by headers: Headers are case-insensitive by spec. The…
Frequently Asked Questions
What are HTTP headers?
HTTP headers are key-value pairs sent in the first section of an HTTP request or response. They carry metadata that controls how the message is interpreted: content type, caching rules, authentication credentials, encoding, cookies, and CORS permissions. Headers are separate from the message body.
How do I inspect HTTP response headers?
Open Chrome or Firefox DevTools, click the Network tab, trigger the request, then click the request row and go to the Headers sub-tab. For command-line inspection, use curl -I URL to fetch only headers. An online header inspector lets you paste a raw header block and get each header annotated.
What is the Content-Type header?
Content-Type is a response header that declares the MIME type and optional character encoding of the response body. Common values are application/json for API responses, text/html; charset=utf-8 for web pages, image/png for PNG images, and application/octet-stream for binary downloads. Browsers use this to decide how to render or handle the response.
What is the Cache-Control header?
Cache-Control is an HTTP header that tells browsers and CDNs how to cache the response. Key directives include max-age (seconds until stale), no-cache (must revalidate before using cached copy), no-store (never cache), public (CDNs may cache), and private (only the user's browser may cache). It applies to both requests and responses.
How do I add CORS headers?
To allow cross-origin requests, the server must include Access-Control-Allow-Origin in the response. For public APIs: Access-Control-Allow-Origin: *. For credentialed requests: Access-Control-Allow-Origin: https://yourfrontend.com (exact origin) plus Access-Control-Allow-Credentials: true. For non-simple requests, you also need to handle the OPTIONS preflight with Access-Control-Allow-Methods and Access-Control-Allow-Headers.
All articles · theproductguy.in