HTTP Header Viewer HTTP 请求头查看工具
输入要访问的 URL,选择请求方法,查看服务器返回的 HTTP 状态码与响应头信息。
Enter a target URL and choose a request method to inspect the HTTP status code and response headers returned by the server.
-
Content-Type:指示响应内容的 MIME 类型和字符集,例如 text/html; charset=UTF-8。
Content-Type: Indicates the MIME type and charset of the response, such as text/html; charset=UTF-8. -
Content-Length:响应体的字节长度(若可提前得知)。
Content-Length: Size of the response body in bytes (when known in advance). -
Server:服务器软件信息,例如 nginx、Apache 或 cloudflare 等。
Server: Web server software information, e.g. nginx, Apache or cloudflare. -
Date:服务器返回响应的时间(通常为 UTC)。
Date: Timestamp (usually UTC) when the server generated the response. -
Cache-Control / Expires:缓存相关指令,控制浏览器或中间缓存对资源的缓存策略。
Cache-Control / Expires: Cache directives that control how browsers and intermediaries cache the response. -
Location:配合 3xx 重定向状态码使用,指向新的跳转目标地址。
Location: Used with 3xx redirect status codes to indicate the new target URL. -
Set-Cookie:服务器下发 Cookie 给客户端,用于会话状态、登录信息等。
Set-Cookie: Used by the server to set cookies on the client for sessions, logins, etc. -
Strict-Transport-Security (HSTS):强制客户端在一定时间内仅通过 HTTPS 访问站点。
Strict-Transport-Security (HSTS): Forces clients to use HTTPS for a certain period.
说明:本工具基于浏览器 fetch() 能力实现,仅能在浏览器安全策略允许的范围内读取响应头。
某些站点若未设置 CORS 允许,将只能看到部分“简单响应头”或请求会被浏览器直接阻止;如需完整原始头部,建议在服务器端通过代理转发方式实现。
Note: This tool relies on the browser’s fetch() API and can only expose headers allowed by browser security policies.
Some sites without proper CORS configuration may expose only “simple response headers”, or the request may be blocked by the browser. For full raw headers,
consider using a server-side proxy implementation.
