Simple Http Headers Injec
View on Chrome Web StoreChrome will indicate if you already have this installed.
Overview
A lightweight and powerful Google Chrome extension designed for developers and QA engineers. It allows you to inject custom HTTP headers into web requests on the fly.
## Features
**Global Injection:** Adds headers to all HTTP/HTTPS requests initiated by the browser.
**Request Types:** Works with all resource types (Main frame, AJAX/Fetch, Images, Scripts, CSS, etc.).
**Group Management:**
* Create up to **3 independent groups** of headers.
* **Toggle Groups:** Enable or disable specific groups instantly.
* **Rename Groups:** Customize group names (e.g., "Staging Env", "Debug Tokens") for better organization.
**Master Switch:** Instantly enable or disable the entire extension with one click.
**Auto-Save:** All changes (headers, values, names, toggles) are saved automatically in real-time.
**Conflict Resolution:** If a header already exists in the request, this extension **overwrites** it with your custom value.
## User Guide
### 1. Adding Headers
1. Click the extension icon to open the popup.
2. By default, one group is created. Click **+ Add Header** inside the group card.
3. Enter the **Header Name** (e.g., `Authorization`, `X-Custom-Token`) and **Value**.
4. The indicator **"Saved"** will appear at the top, confirming the rule is active.
### 2. Managing Groups
* **Rename:** Click on the group title (e.g., "Group 1") and type a new name.
* **Toggle:** Use the switch next to the group name to temporarily disable all headers in that group.
* **Collapse:** Click on the group header (outside the input box) to collapse/expand the group card to save space.
* **Delete:** Click the trash icon to remove a group completely.
### 3. Master Switch & Privacy Toggle
* Master Switch. Use the toggle in the top-right corner of the popup header.
* **OFF:** No headers will be injected, regardless of group settings.
* **ON:** Headers from enabled groups will be injected.
* Privacy Toggle (Hide Values): Click the lock switch next to the Master Switch to mask all values. This prevents accidental exposure of sensitive credentials (like API keys or auth tokens) to bystanders or during screen sharing. Toggle it again to reveal the stored content.
Changelog:
1.0.2
Added a new "Security Mode" toggle to hide sensitive header values.
1.0.1
Realease.
Tags
Privacy Practices
🔐 Security Analysis
⏳ Security scan is queued. Check back soon.