API Workbench
fetch — there is no server-side proxy. That means normal browser security rules (CORS, mixed content, private-network restrictions) apply, and localhost/private APIs may refuse cross-origin requests from this page. Credentials and body content are never logged or included in a share link.Query parameters
None set.
Headers
None set.
Auth values are held only in this page's memory. They're never written to a share link, and never saved to Workspaces.
0 / 2,000,000 bytes — ignored for GET/HEAD
Export
curl -X GET 'https://httpbin.org/get'fetch("https://httpbin.org/get", {
method: "GET",
})
.then((res) => res.text())
.then((data) => console.log(data));axios({
method: "get",
url: "https://httpbin.org/get",
})
.then((res) => console.log(res.data));import requests
response = requests.request(
"GET",
"https://httpbin.org/get",
)
print(response.text)package main
import (
"fmt"
"io"
"net/http"
)
func main() {
var payload io.Reader = nil
req, err := http.NewRequest("GET", "https://httpbin.org/get", payload)
if err != nil {
panic(err)
}
res, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
public class Main {
public static void main(String[] args) throws Exception {
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://httpbin.org/get"))
.method("GET", HttpRequest.BodyPublishers.noBody())
.build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());
}
}using System.Net.Http;
var client = new HttpClient();
var request = new HttpRequestMessage(new HttpMethod("GET"), "https://httpbin.org/get");
var response = await client.SendAsync(request);
var body = await response.Content.ReadAsStringAsync();
Console.WriteLine(body);FAQ
This tool sends requests directly from your browser tab — there's no server-side proxy. Browsers restrict cross-origin requests via CORS, and increasingly restrict pages from the public internet reaching private-network/localhost addresses. If a request fails, the diagnostics panel explains this is a CORS/network policy issue, not necessarily an HTTP error from the server.
No — a desktop app without browser sandboxing could send requests without these restrictions, but that capability isn't part of this web app today. This tool is intentionally browser-only.
No. Auth credentials are held only in memory for this page and are never written to Workspaces, exports, or logs. The request body is only saved to a Workspaces session if you explicitly check the opt-in box.
Yes — request bodies are capped at 2 MB and response previews are capped at 2 MB to keep the tab responsive.
See also: