HAR to cURL Commands Extractor
指导
HAR to cURL Commands Extractor
A HAR (HTTP Archive) file captures every network request your browser made on a page — but reading raw HAR JSON is painful, and reproducing a single request by hand is worse. This tool parses a HAR export entirely in your browser and turns each captured request into a ready-to-run cURL command, complete with method, headers, cookies and request body. Drop it into a terminal to replay an API call, share a reproducible bug report, or move a request from DevTools into a script.
如何使用
In your browser DevTools, open the Network tab, right-click any request and choose “Save all as HAR with content” (or export the whole session). Upload that .har file here, or paste the JSON directly. The tool immediately lists a cURL command for every request. Use the filters to narrow down to a method, status code or just the API (XHR) calls, then copy a single command or download the whole set as a runnable shell script.
特征
- Every request as cURL – Each entry in the HAR becomes a standalone, copy-paste cURL command.
- 智能过滤 – Narrow output by HTTP method, status tier (2xx/3xx/4xx/5xx), content type, or a free-text URL search.
- Header control – Toggle request headers, the Cookie header and the request body independently, and skip HTTP/2 pseudo-headers.
- Auth masking – Optionally replace Authorization and API-key values with a placeholder before sharing.
- Shell-safe escaping – Values are single-quoted and escaped so commands run correctly even with special characters.
- 一键导出 – Copy all commands or download them as a .sh script. Everything runs client-side; nothing is uploaded.
常问问题
-
什么是 HAR 文件?
A HAR (HTTP Archive) file is a JSON-formatted log of a web browser's interaction with a site. It records each request and response — URLs, headers, cookies, timings, payloads and status codes — under a top-level log.entries array. Browsers and tools export it for performance analysis and debugging.
-
Why does cURL need shell-safe quoting?
A POSIX shell interprets characters like spaces, quotes, ampersands and dollar signs before cURL ever sees them. Wrapping each argument in single quotes — and escaping any embedded single quote — ensures the value is passed literally, so a JSON body or a header with special characters is sent exactly as captured.
-
What are HTTP/2 pseudo-headers?
HTTP/2 replaced the old request line with pseudo-headers that begin with a colon, such as :method, :path, :scheme and :authority. They are part of the HTTP/2 framing layer, not real request headers, so they are usually omitted when reconstructing an equivalent cURL command.
-
Why mask Authorization headers before sharing requests?
Captured requests frequently contain bearer tokens, session cookies and API keys that grant access to an account. Replacing those values with a placeholder lets you share a reproducible request — for a bug report or documentation — without leaking live credentials that an attacker could reuse.
