HTTP Behavior Inspector

Rule-based inspection of HTTP behavior with clear verdicts (PASS, warnings, FAIL) and evidence completeness. Analyze redirects, CORS, caching, headers, and status semantics.

What the Inspector Checks

  • Redirect chains — follows every hop and classifies each
  • CORS policy — validates Access-Control headers against origin
  • Cache semantics — Cache-Control, ETag, Vary, and freshness rules
  • HTTP status code semantics — flags misuse (e.g. 200 on error bodies)
  • Clear PASS / WARNING / FAIL verdicts with evidence

Frequently Asked Questions

How is this different from a curl command?

The Inspector applies rule-based analysis and categorizes findings into PASS, WARNING, and FAIL — with human-readable evidence, not just raw output.

Can I inspect CORS for a cross-origin request?

Yes. Specify the origin header and the Inspector validates the Access-Control-Allow-Origin, credentials, and preflight policy against it.

Does it follow redirect chains?

Yes. Every redirect hop is followed and classified — including mixed HTTP/HTTPS transitions, loops, and final destination semantics.