
Make HTTP requests from your browser - llambda
http://hurl.it/?
======
johns
Hurl.it was originally created by Chris Wanstranth and Leah Culver at the 2009
Rails Rumble. We (Twilio) just took over maintenance of the project because it
has some obvious utility when testing URL callbacks and webhooks. We want to
make some improvements to it, so if you have any ideas or suggestions, I'd
love to hear them. You can post them here or create an issue on the current
home of the project on Github: <https://github.com/twilio/hurl>

And you can follow @hurlit for updates

~~~
aurelianito
It would be great if instead of a website you port it to a browser plug-in. It
would achieve several things:

* Better security for the user (the paranoid in me do not want to send my credentials through a third party site).

* It could use the credentials stored in the browser (cookies, basic-auth, etc).

* The IP of the requester would not be hidden, allowing IP filtering for development servers.

* It could run on a PC that is not connected to internet.

~~~
bgruber
For chrome, I like using the "REST Console" extension
([https://chrome.google.com/webstore/detail/cokgbflfommojglbmb...](https://chrome.google.com/webstore/detail/cokgbflfommojglbmbpenpphppikmonn)),
which I believe has all of the benefits you listed. The "credentials stored in
a browser" thing is the main reason for me to be using it.

------
huhtenberg
> _Make HTTP requests from your browser_

Ironically, this is exactly what the browser is for.

~~~
tomblomfield
Yes, but "Make HTTP requests with custom action, headers & body from your
browser" isn't as snappy.

~~~
dools
If you just put the word "custom" in there I reckon it would make a big
difference ;)

------
WA
Hurl <http://victim.org/index.php?a=;DROP> DATABASE users --

What I want to say is that services like this have a security flaw by design
which allows random people to execute strange statements in the name of Hurl.

There are certainly other ways to execute malicious HTTP requests (for
example, let the Google Bot do it), but still, it should be pointed out.

~~~
gcb
On mobile so i can't check myself: does The BROWSER makes the request by some
clever way? Or simple server side script does it?

~~~
dmn001
server side:

<http://checkip.dyndns.com/> ->
[http://hurl.it/hurls/6fb24ac23d7c64a7edbcfceecd77c3d02586416...](http://hurl.it/hurls/6fb24ac23d7c64a7edbcfceecd77c3d02586416b/c2ec392ee0dee0ec18cb466de547603fb7531e53)

127.0.0.1 ->
[http://hurl.it/hurls/7ad9448295a320acfe11160f0a8986fa591329f...](http://hurl.it/hurls/7ad9448295a320acfe11160f0a8986fa591329f1/625380ead1fb24f897ca4ffcc511f0d76761b7ae)

------
slig
If you're on OSX, take a look on <http://ditchnet.org/httpclient/>

------
taf2
Very useful - to send a curl to someone - to explain why a response is
incorrect or provide context about a service response... Sure you could use
curl + gist - but there is something I nicer here - for example on my iPhone I
could use hurl.it to explain a bad response via email without having to drop
into a shell... Great service thanks!

------
secure
So my browser will send an HTTP request to this website which in turn sends an
HTTP request? We need to go deeper…

~~~
wavephorm
What I want is a website that can now render that http response into a fully
formed webpage and display that in my browser.

~~~
jgeralnik
And use that newly generated website to make another http request!

------
bryanh
I would pay for a better hurl.it (common templates, saved responses, etc,
etc...).

It's been an absolutely indispensable tools for debugging (crazy) API's while
developing <https://zapier.com>.

~~~
sirn
Have you considered using something like Charles Proxy[1] instead?

[1]: <http://www.charlesproxy.com/>

~~~
aw3c2
There is some FOSS alternative if I recall correctly but I forgot the name. I
think it was written in Java.

~~~
18pfsmt
The Cocoa-specific app looks interesting, but I think the Java-based
alternative you were referencing was Paros[1]?

[1]<http://www.parosproxy.org/download.shtml>

------
FuzzyDunlop
See also: XHR Poster (Chrome extension) [1]

I couldn't live without it.

[1] <http://goo.gl/UFSdZ>

------
Terretta
Older and better (a point of opinion):

<http://www.rexswain.com/httpview.html>

Since October 1999, actually.

------
nuttendorfer
This is useful if you are on systems where curl is not easily available.
Helped a few times!

------
raesene2
Interesting idea, could be very useful. One thing with this kind of service is
always how they handle validation of data from the 3rd party service (eg, in
headers). So as an example
[http://hurl.it/hurls/db870b49c7203ec9acb47ba7769c126146b1768...](http://hurl.it/hurls/db870b49c7203ec9acb47ba7769c126146b17688/7a2392760777638701222299a58c3d9b461bf403)
executes javascript in the context of their site... (just a pop-up box with
hi, but could be any script..)

~~~
johns
A pull request or issue created on <https://github.com/twilio/hurl> would be
fantastic :)

~~~
nbpoole
Done ;-)

<https://github.com/twilio/hurl/pull/9>

------
obeattie
I've used this extensively before; brilliant little service, but I've recently
started using the "REST Console" Chrome extension, which is bloody brilliant:

[https://chrome.google.com/webstore/detail/cokgbflfommojglbmb...](https://chrome.google.com/webstore/detail/cokgbflfommojglbmbpenpphppikmonn)

------
maybemaybenot
That's kind of handy for looking to see where irritating shortened links are
redirecting - e.g. t.co or bit.ly

~~~
kami8845
<http://tools.pingdom.com/fpt/> gives you an image too :)

------
drp
Something fun to point it at: <http://httpong.com>

Particularly <http://httpong.com/response> but the other parts can show you
what hurl.it is sending.

~~~
johtso
Or <http://httpbin.org>

------
godDLL
Do you have some limits in place, or can I just expect it to proxy all of my
web traffic when I want it to (which I can do with one JS statement right on
this page)? Magic WebKit Inspector is going to ruin your hosting bill.

------
mtrimpe
Minor bug-report: when you keep clicking on the 'Send' button continuously it
will occasionally show the JSON response in-browser instead of updating the
UI.

And no, I'm not crazy. I was trying to test GitHub's rate-limiting. ;)

~~~
johns
Thanks for the report, can you put this into the issues list on
<https://github.com/twilio/hurl>?

------
ssfak
Somewhat similar but more useful for debugging "HTTP caching" by Mark
Nottingham: redbot (<http://redbot.org/>)

------
Hunterhdolan
Yeah... thats the funny thing about web browsers... the tend to do that

------
tomblomfield
Useful service, but this has been around for many months now..

------
strags
Homer: They have HTTP in browsers now?

------
pors
Sooo, web based curl? Amazing! #not

~~~
ceejayoz
I take it you've never had "What's curl?" as a response when trying to show
someone an API is working fine?

~~~
pors
Well, maybe you're right. I assumed that people programming against REST API's
know basic tools like curl, but apparently I got that wrong.

~~~
ceejayoz
Yep. I've encountered plenty of cargo-cult programmers who know how to copy-
paste code examples but who are SOL when it comes to troubleshooting.

