HTTP Header Formatter

HTTP headers are key-value pairs transmitted at the beginning of every HTTP request and response. They carry metadata about the message: the content type and encoding of the body, authentication credentials, caching directives, cookie data, information about the client and server, and security policies. The HTTP/1.1 specification defines many standard headers, and custom headers prefixed with X- were historically used for application-specific data.

Raw HTTP headers from network captures, server logs, or curl output can be hard to read because they arrive as a continuous block of text with inconsistent spacing. This tool parses them into a clean, readable structure and can format them for direct use in code — as curl -H flags or as a JavaScript object for use with the Fetch API.

Key headers to understand: Content-Type specifies the format of the request or response body (application/json, text/html, multipart/form-data). Authorization carries credentials in various formats (Bearer token, Basic auth). Cache-Control directs how responses should be cached. CORS headers (Access-Control-Allow-Origin, Access-Control-Allow-Headers) control cross-origin resource sharing. Security headers like Content-Security-Policy, Strict-Transport-Security, and X-Frame-Options protect against common web attacks.