Something wrong with this tool?
About Headers Parser Online
This tool parses raw HTTP request or response headers into a structured display. Paste headers from a curl command, browser network inspector, or proxy log, and the tool returns each header name and value as a separate row, plus parsed interpretation of complex headers (Cookie, Set-Cookie, Cache-Control, Content-Security-Policy).
HTTP headers are full of compact, easy-to-misread syntax: cookies with attributes, security policies with directives, cache rules with seconds and modifiers. Reading them correctly is essential for debugging — auth failures, caching issues, CORS problems, security misconfigurations.
Use it when troubleshooting failing API calls, auditing server responses, or learning the HTTP protocol. The visual breakdown is much clearer than a wall of text.
How to use this tool
How to parse a raw HTTP header block into key/value pairs
Paste the headers
Drop the raw header block into the "Headers" field. The tool accepts what `curl -I` prints — one header per line, `Name: value` form, optional initial `HTTP/1.1 200 OK` status line which gets ignored.
Press Run
Result returns `headers` — an object mapping lowercased header names to values. Header names are case-insensitive per HTTP, so the lowercasing is a normalisation step. Duplicate names are kept by appending (commas inside the value).
Common things to look for
`Content-Type` (with optional charset), `Cache-Control` (max-age, immutable, no-store), `Strict-Transport-Security`, `Content-Security-Policy`, `Set-Cookie` (note: Set-Cookie is the one header where commas can NOT be used to join multiple instances).
Tricky `Set-Cookie`
RFC 7230 says headers with multiple values join with `, ` — except `Set-Cookie`, whose own value can contain commas. If your input has multiple Set-Cookie lines, this tool's naive merge will mangle them. Use raw access (e.g. fetch.headers.getSetCookie) for accuracy.