Developer

HTTP Request Builder

Compose method, URL, query parameters, and headers, then copy ready-to-run cURL (bash-style quoting) and async fetch() JavaScript. URLs without a scheme get https:// prepended when parsing. Nothing is sent to DroidXP — generation is entirely in your browser.

Ad placement — top banner
Query parameters
Name Value

Appends to the URL using URLSearchParams (proper encoding).

Headers
Name Value
cURL options
Ad placement — mid rectangle

What is an HTTP request builder?

When you debug APIs or write front-end code, you often need the same request expressed as a shell cURL command and as a fetch() call. This tool turns your form inputs into copy-paste snippets with reasonable escaping for cURL and valid JavaScript for fetch options — so you can move between terminal tests and browser code faster.

Query parameters vs. the URL field

You can paste a full URL that already contains a query string, or keep the path in the URL field and add key/value rows — the builder merges extra parameters using the URL API so encoding stays correct for spaces, Unicode, and reserved characters.

cURL quoting and Windows

Generated cURL uses bash-style single quotes ('…') with the standard '\\'' escape for embedded quotes. That works in macOS/Linux terminals and Git Bash on Windows. cmd.exe and PowerShell have different quoting rules — if a command fails, paste into WSL/Git Bash or adjust quotes manually.

fetch(), CORS, and credentials

Snippets use await fetch(url, { … }). In a real browser page, cross-origin calls are subject to CORS; curl is not. The credentials dropdown maps to the Fetch API: use include only when you intend to send cookies to a cross-origin API that allows it. For same-origin APIs, same-origin is often enough.

TLS and -k

The Insecure TLS checkbox adds curl -k to skip certificate verification — useful for local dev with self-signed certs. Never use this against production endpoints or untrusted networks.

How to use this tool

  1. Step 1: Choose method and enter URL (scheme optional — https:// is assumed when missing).
  2. Step 2: Add query parameters and headers as needed; use Add JSON Content-Type for JSON bodies.
  3. Step 3: Paste a body for POST/PUT/PATCH/DELETE, then copy the cURL or fetch tab.

Frequently Asked Questions

Does this tool send HTTP requests to my API?

No. It only builds text. Your URL and body never leave the browser unless you run the copied command or code yourself elsewhere.

Why does fetch fail in the browser but cURL works?

Browsers enforce CORS, mixed content (HTTPS page calling HTTP API), and cookie rules. cURL has none of those. Test APIs that block browser origins with cURL or server-side clients, or configure CORS on the API.

Duplicate header names — which wins?

In the generated fetch snippet, headers are a single JavaScript object — duplicate keys collapse to the last value. For multiple Set-Cookie-style cases, use Headers with append in your own code.

Should I use -k / insecure TLS?

Only for local development with self-signed certificates. Disabling verification on public networks exposes you to interception.

GET with a body — is that valid?

Rare and discouraged; many clients and caches ignore GET bodies. Prefer POST when you must send a payload. The checkbox exists for legacy or debugging scenarios only.

How is the request body embedded in JavaScript?

The fetch snippet uses JSON.stringify-style escaping via a string literal so newlines and quotes in your pasted body become a valid JS string. If you need Blob or FormData, adapt the generated code.

Does this support multipart/form-data?

Not automatically — you would use FormData in code and typically curl -F in the shell. This builder targets JSON/text bodies and header lists; extend the output manually for uploads.

Why prepend https:// when my URL has no scheme?

Browsers and the URL parser require a scheme. Prepending https:// matches common API usage; if you need http:// for local servers, type it explicitly.

Ad placement — sidebar 300×600