Requestly
HTTP InterceptorPricingRequestly vs PostmanBlogDocsDownload

Home / Products / Modify HTTP Headers

Modify HTTP Request & Response Headers for Free

Add, remove, or override request and response headers directly in your browser. Debug faster, test smarter, and bypass restrictions — free & unlimited.

  • Manage Content-Security-Policy
  • Remove X-Frame-Options

Modify HTTP Headers without limits

Add, remove, or override request and response headers directly in your browser. Debug faster, test smarter, and bypass restrictions — free & unlimited.

Bypass CORS & Security Restrictions

Override CORS response headers with proper values to fix the CORS Issues in your local development & testing. Learn more -> Bypass CORS - Modify HTTP Headers for free

Authenticate API Requests

Automatically add or modify the Authorization header to pass JWTs or API keys for secure access. Learn More -> Authorization - Modify HTTP Headers for Free

Insert Custom Headers

Attach custom headers like x-userId, x-feature-flag, or any test data to simulate user-specific behavior. Learn more ->

Collaboration & 1-Click Sharing

Promote consistency and accelerate development by sharing Requestly rules within your team. Collaboration 1 Click Sharing

Modify/ Bypass CORS

Bypass CORS errors during development by modifying response headers locally, without changing anything on the server.

Import rule Read More ->

Set Authorization Header

Inject auth tokens into request headers to test APIs without logging in or changing your code.

Import rule Read More ->

Add, modify, or remove Cookie headers in requests to fake sessions, test edge cases, or debug issues, no need to touch your browser storage.

Import rule Read More ->

More features for your testing needs

These HTTP Rules designed for all your local development and testing needs.

Modify Responses

Intercept, Modify & Mock API Responses in Real-Time

Cancel request

Block URLs by specifying keywords or complete URL.

Replace string

Replace part of URL like hostname, query values.

Modify Headers

Modify HTTP request & response headers.

Query params

Add or Remove Query Parameters

Insert scripts

Inject Custom JS & CSS on any website(s).

Delay network

Simulate delay in response of API calls.

Modify request body

Modify body of website or application POST requests.

Effortless team collaboration

Share instantly, sync effortlessly, and collaborate effectively with your team in dedicated workspaces.

Quick One time sharing

Instantly generate and share a link to your rules and more.

Team workspaces

Collaborate easily with teammates in a shared workspace.

Export data & sync to Git

Easily version-control your configs by exporting and syncing.

Enterprise-ready security and compliance

Requestly ensures top-tier security with SOC-II compliance, SSO integration, and role-based access control. We protect your data and secure your workflows, making us the ideal choice for enterprises. Learn more

SOC 2 compliant

SOC-II Compliance

Adheres to rigorous security standards for data protection and privacy.

Single Sign-On (SSO)

Simplifies user access with secure, centralized authentication.

Role-based access control

Ensures precise control over user permissions and data access.

Data encryption

Protects your data in transit and at rest with advanced encryption protocols.

Audit logs

Protects your data in transit and at rest with advanced encryption protocols.

Regular security updates

Keeps your environment secure with timely updates and patches.

Loved by developers around the World

Developers around the world trust us to simplify debugging, speed up workflows, and make development more efficient.

★★★★★ on Chrome store

Requestly is the first API client that has genuinely replaced Postman for me. Everything runs locally, so my API data never has to go through a cloud server. There’s no mandatory login, no unnecessary bloat, and no pressure to upgrade just to keep using the same workflow. It feels faster, simpler, and much more aligned with how developers actually want to work.

Hasan Toor
Hasan Toor
AI & Tech Educator
★★★★★ on Chrome store

Postman stopped fitting the way our team works. We wanted our API collections in Git, not locked inside another tool. Requestly stores everything as plain JSON files in a local directory, which gives us full control over versioning, reviews, and collaboration.

NIJ Ruvos
NIJ Ruvos
★★★★★ on Chrome store

My absolute favorite web debugging proxy and API client. I use it nearly every day for work to modify HTTP requests, test and mock API calls, inject JS snippets into sites, etc. The Requestly team is incredible — I once submitted a bug report and it was closed out within an hour. Also just kind, passionate people. I can't recommend Requestly enough.

Charles Tysse
Charles Tysse
Seasoned analytics architect and engineer
★★★★★ on Chrome store

Absolutely love the API Client feature! It’s like Postman, but better integrated into my daily workflow. Modifying API responses directly from the same tool I use for debugging is such a time-saver. Great job, Requestly team, for constantly innovating!

Liran Blumenberg
Liran Blumenberg
Sales Representative, Clal Insurance & Finance
★★★★★ on Chrome store

We recently migrated from Postman to Requestly’s API Client, and it has been a great experience. The ability to store collections locally, keep them in Git, and work with simple JSON files made the transition seamless and much more developer-friendly.

Harry S
Harry S
Principal Engineer at Tapistro
★★★★★ on Chrome store

Requestly is an incredibly useful tool for developers working on a large team with multiple staging envs, or numerous app endpoints for various APIs in a local environment. The Sessions feature is especially useful for documenting solutions or sharing with others since it captures the relevant network traffic, and screen recording enables others to easily reproduce. Requestly combines all the power of complicated tools like Charles Proxy and Postman in one app/chrome extension. I highly recommend giving it a try if you haven't already–it will make your dev work so much easier. (Summarized)

Joél Hawkins Torres
Joél Hawkins Torres
Senior Software Engineer at Autodesk
★★★★★ on Chrome store

Requestly is user-friendly, brilliant and easy-to-use. I use it on an daily basis and it makes my work easier. After using other tools like Charles - Requestly is a nice new breath of air that I highly vouch for. Apart from the tool being amazing - the support from the Requestly team is phenomenal with them always going above and beyond for their clients.

Marius Ludick
Marius Ludick
Solutions Architect II at Amazon
★★★★★ on Chrome store

App works as expected! Ran into some small issues while creating the rules but the support team was able to help and overcome those.

José Miguel Dias Fernandes
José Miguel Dias Fernandes
Development Lead at Vodafone

Frequently Asked Questions

Yes, you can. Requestly processes rules in a defined order, and the Modify HTTP Response Headers rule can still be applied even if the same URL is affected by other rules such as Redirect, Modify Request, or Modify API Response. This allows you to layer rules and test complex scenarios easily.

Yes, you can add, remove or modify CORS-related headers such as Access-Control-Allow-Origin, Content-Security-Policy, etc., to test cross-origin behavior in development.

Yes. Requestly offers a Free plan with essential features like unlimited header rules and standard HTTP modifications, perfect for getting started.

Yes. Requestly offers an Enterprise Plan built for larger teams and organizations that need full control and compliance. It includes unlimited usage, API access, SSO & SAML, GDPR and SOC 2 compliance, user access management, SLAs for support and uptime, invoice-based billing, and priority support via Slack Connect, Email, and Chat. Contact Us

Yes! Requestly is free for students, enjoy access to powerful tools and features with no cost.

Response header modifications done by Requestly are not always visible in the browser’s dev tools, but rest assured, they are being applied correctly. You can verify it by inspecting the network traffic through Requestly itself.

Yes, you can apply header modifications to specific HTTP methods by specifying the method condition within the rule settings. This ensures that headers are modified only for requests of certain types. Check our advance filters

Yes, Requestly supports one-click migration to seamlessly import your ModHeader settings, making the transition quick and easy. Import from ModHeader.

Ready to try it yourself?

Intercept, modify and mock HTTP requests in your browser or on desktop. Free to use.

Free · macOS, Windows & Linux