Reviews & Comments of ModHeader - Modify HTTP headers chrome extension

Was a solid extension before the bait and switch they pulled recently by limiting free accounts to 10 rules.

pretty easy to use and do job well what it is supposed to. Very happy with low weight app. Keep up the good work Team ModHeader

I use this extension every day for work. I have a large number of headers in a profile and it wasn't really an option to slim it down to 10 so I gladly paid for it because I've used it for so long. There's a lifetime purchase option that worked best for me. I ran into an issue once I paid for the license and the developer set aside the time to work with me to see what was wrong. It was a simple fix but I'm glad he made the time to help. Everyone needs to be paid for their time. This is an invaluable tool and I can't work without it. I've used it for free for a number of years so I'm glad to pay for it now.

I CANNOT recommend ANYONE use this extension. For details, read on. Once upon a time the developer of this extension added a clickjack/adfraud proxy to it and proceeded to opt all users into tracking without their consent or knowledge. They also didn't give users a means of opting out of said tracking within the app's UI. This change was only discovered because a user noticed their browser sending TONS of traffic to an ad server and had no idea why. That user filed an issue on Github at the time, asking the developer what was going on and to either give users an easy way to opt out or remove the malware altogether. Given that the developer has decided this extension should NO LONGER BE OPEN SOURCE (they've privated the repository in Git), you can no longer view that issue on Github to verify for yourself. ...thankfully, the Wayback Machine exists to keep people honest: https://web.archive.org/web/20220831183213/https://github.com/modheader/modheader/issues/64 When the dev made the change to add this new "functionality," they used the commmit message "minor bug fixes." Not sure what to call that other than "sneaky" or "brazenly dishonest." You can't see that commit for yourself on Git anymore, either, however the Wayback Machine thankfully has us covered here, too: https://web.archive.org/web/20220831183235/https://github.com/modheader/modheader/blob/615c68ec434f6d82675e9a12eca5d8093e9e97ee/src/js/reverse10XX.js It took weeks for the developer to finally relent and remove the malware, but once they did I decided I'd give the app another chance. Recently, they've made another *very* impactful change, and yet again they didn't communicate it ahead of time: the dev has decided to add a paywall that prevents the user from, ya know, *using the extension* if they have more than 10 TOTAL rules saved. ...and they're asking users to pay them $50 a YEAR to bypass it. Let me say that another way: This developer - whom once added clickjack MALWARE to this extension and opted all 700,000 users in without their consent - now wants you to pay them the same annual price that many ANTI-VIRUS solutions cost. THICK irony there. If the developer had communicated to users AHEAD OF TIME that they were going to be introducing a paywall, I would've been MORE than happy to pay them a reasonable one-time fee. I'm sure they've put MANY hours into building and supporting this app, and it's only right they be compensated for that effort. I only use the app a few times a month, but I've done so for years, so if they'd ASKED me to pay ~$25-$40 (as a one-time fee) to continue using the app without hassle, I wouldn't have hesitated. I have zero issue with a developer getting paid. Communication is the key though. It shows mutual respect between the user and the developer. Implementing a paywall without warning (neutering the app for anyone with more than 10 rules) and then "asking" those users to pay $50 YEARLY to continue using the app (the same way they've been using it for FREE for YEARS) is NOT how devs should treat their users! In conclusion, this developer has now made changes they knew would be detrimental to users without any communication ahead of time at *least* twice (that we know of), one of which introduced malware and opted users into the tracking from that malware without getting consent. Tack on the fact that they've privated the repository - removing our only legal means of keeping them honest - and I can no longer support or trust this developer to be respectful, transparent, and honest with their users. I CANNOT recommend this extension to ANYONE.

Very useful when the team's infrastructure requires using headers to control web page traffic.

So now it costs 4$/month to add a cookie to the request. I'll just write my own extension...it takes like 5min. Or just forget it I'll add the cookie in the "Application" tab. I'm so disappointed that it costs money for such a basic feature. I would pay for stuff that would actually cost you money like an actual "service" eg logs or hosting stuff. But adding a cookie doesn't consume any resources for the creator, so why is it a subscription? I just everybody does subscription service nowadays but they don't understand why. Just think form the point of view of the user/customer... I appreciate all the hard work the creator put to make this, but the business model is super bad.

Can you clarify if this extension still contains click-fraud malware? https://chrome.google.com/webstore/detail/modheader-modify-http-hea/idgpnmonknjnojddfkpgkljpfnnfcklj

i dont know what this is even meant to do but if i did i would give it 5 stars

bad

Really easy to use

it's ok.

useless

I wanted to add a header to a simple request so that it would trigger a preflight. Didn't work.

Very useful

Well I use to be able to use it to insert CORS headers for developing, but now that is a paid feature...so it's useless now.

Must have for web devs. This extension is essential to web development. It is extremely easy to use, supports profiles, can't ask for more. Thank you for this great tool.

The new limits are very frustrating. It's a tool I use on rare occasions rather than go into postman. I can't justify a monthly fee for such an edge case. Need up update description since the source code is no longer open-source.

Awesome extension!!

Unfortunately with the new update you're now limited to a number of profiles. This is fine but I have many existing profiles and now it is really inconvenient. There should have been a notification that this change was going to happen before rolling it out.

paying customer, has never worked, no help extremely poor ui and no help

This extension is so bad. If I'm modifying the value of the header I want to set, the update does not work, a lot of the time. It won't update. Not only that, sometimes updating a value will just cause the extension to straight up stop working, i.e. the headers are not set at all.

I saw that this extension used to host malware, introduced by the author himself. Even if it is gone now, it can never be trusted again. Shame! https://github.com/modheader/modheader/issues/64

cannot add profile

Works fine when you're trying to modify request headers, but at the time of writing this, the extension is unable to edit response headers. Is there an explanation for this behaviour?

Was useful, now it costs to have more than 3 profiles. Removing features to lock them behind a paywall, sheesh. Also, it just deleted all my profiles for whatever reason.

Very broken. Worked flawlessly since I started using it in August 2021. But since using the new version, it is really painful to use. Let's say you have two profiles with separate headers and URL filters. When I disable all headers and filters on Profile 2, then the Profile 1 headers are added. But if any Profile 2 headers or filters are enabled, even if Profile 2 is disabled, the Profile 1 headers are not added. In other words, the enabling and disabling of profiles does not do anything.

Used to be perfect for my needs. Now it simply doesn't work - the extra headers are never sent. I checked tab filters, URL filters, everything.

Removing free tools and making them a paid for function, I have been using this tool for years disappointed that they have now removed the Tab lock feature from the free version , so will need to look elsewhere for this feature.

Broken. I just installed this and the view has no style applied to it. It's completely unusable. It's like it's missing the stylesheet and it's such a mess, it's not possible to use. This is unfortunate. I also didn't realize this is a paid for extension... seems a bit much ($4/month) given the simplicity of this extension so I will look for alternatives or build my own.

I don't have anything to say about the extension's functionality but it uses up a lot of my CPU even when it's not doing anything so I suspect it has some kind of malware embedded in it.

Love this extension! It is so helpful for development.

I want to change URLs like: https://www.youtube.com/watch?v=Od49AfIS2-U&ab_channel=DUST to: https://www.youtube.com/watch_popup?v=Od49AfIS2-U&ab_channel=DUST ie Regex for all URLs: https://www.youtube.com/watch?\(.*\) to: https://www.youtube.com/watch_popup?\1 Can this be done somehow? - I will raise the rating to five stars if you can do it! Thanks, Phil.

It's really simple. But I have absolutely no idea how to use it. There is barely any indication of what to do.

SHEESH. So good for devs.

THE BEST

Doesnt work. White popup when clicked. Background tab gives the errors on console: Unchecked runtime.lastError: Tabs cannot be edited right now (user may be dragging a tab). background.bundle.js:1 Uncaught (in promise) TypeError: Cannot read property 'id' of undefined at onTabUpdated (background.bundle.js:1)

Great for dev testing!

Easy to use, thank you :) But make sure if you use an Accept header that your service can actually supply that format - I was hitting an MTConnect Agent to get JSON output but didn't realize they didn't support JSON until v1.5, so kept getting back XML!

Great tool for down and dirty headers.

Could not make it to apply different headers for different tabs.. UI is not intuitive

Very simple in use.

very good extension, i am finally free of being served images in .webp format

Why can you create multiple profiles without the ability to disable/enable them individually? I have 4 profiles but all of them are active and there doesn't seem to be a way to disable profiles. Is the only option to delete the profile?

I was trying to automate some manual processes with a SaaS provider who used ancient iFrames with header-based authentication... barf. Then I found this plugin which allowed me to access the embedded pages in a new tab and carry over my authentication. Lifesaver

I thought that it is very handy and have been helping me a lot!

Love It Thank You

I was using Requestly but got tired of the popups asking me to make an account. I switched to this and am enjoying it.

Thank you for this. It's so simple and easy to use. Love it.

Super. Just what I wanted.

it does no have zoom pro!!!

I use this every day. Thank you for a great tool.

Works flawlessly!

GOOGLE PLEASE REMOVE THIS EXTENSION! It now embeds malware.

DO NOT USE THIS. It will install a proxy to funnel traffic through your network connection. What a shame because this extension was very useful.

Now has a unwanted proxy, which is not notified to user: https://github.com/bewisse/modheader/issues/64 Stored here for if the above gets removed: https://web.archive.org/web/20201104033708/https://github.com/bewisse/modheader/issues/64

Was great but looks like some latest update turned into malware. :'(

STAY AWAY unconsented bot net integration

the addition of the P2P file sharing functionality forces us to ban this extension and all bewisse products company wide. Thank for using us as porn serving zombies.

Good and convenient extension!

As of 31/10/20, the mod sneakily adds you to the infatica.io P2P proxy network, which then monetises your bandwidth. Privacy notice is updated to warn you but existing users may not be aware.

It got updated and I lost all my headers setup...

I work with cloud tech and some time it is difficult to test stuff in the browser! This tool makes my life seamless; I am able to test my concepts on the fly, modify headers without actually writing code is a big plus!

A slick way of adding the `Accept:application/JSON` headers to any browser window.

Nice plugin

Hey i Love the way it works. But personally i feel the new UI crappy. The Old UI looked pretty descent. This new UI irritates my eyes. Sorry to say this but had to.

What was wrong with the previous UI? Why this redesign? The indicator used to show if anything was active or not (greyed out) which was more helpful than having it seemingly ALWAYS active-looking and having to have a profile allocated to "None" and reading that tiny number to see if headers are on or not at a glance. But even a second "None" profile is not a workable solution to this because we might have many headers to flip on or off - too many permutations for individual profiles. When I uncheck every header, it still shows the profile indicator that used to mean some header was being modified.

Awesome! So far, this has been a very helpful utility for me. Would be really awesome if it were possible to configure it to only send headers either on requests currently under the current tab (and not ALL tabs for ALL requests) or somehow retain settings on a per tab basis. Reason: If I'm sending an "Authorization: Bearer ..." token to test something out really quickly, I'll get kicked out of SoundCloud in another tab/window entirely :) EDIT: Adjusting review downward from 5 to 3 stars until the new UI (updated April 2020) can be fixed. Please see: https://github.com/bewisse/modheader/issues/40

New update withe the left side navbar (or whatever it's called) is just HORRIBLE! You need to check or uncheck the headers and most of the time you run into that section and it expands ?. Please move it at least to the right side! This is a very poor user experience for such a cool feature.

Useful

非常完美，但是为什么有些我自定义的请求头不能大写？

simple good

easy to use

It used to be really responsive but now when i'm trying to turn headers on or off, it's not visually showing at times, or when i try to type into the input fields, nothing shows until after I click away then suddenly my input displays...

Good at what it does, but recently it's been very unresponsive when changing the headers. Has really strong input lag, especially when adding 5+ request headers

Pretty good, other options do too little or do too much for you.

Stopped working a few days ago.

The extension works perfectly. Only thing that it applies the headers to all sites. I can see an option in the extension settings page saying "Allow this extension to read and change all your data on websites that you visit:" But, the problem is I cannot enter http://localhost the field says invalid domain.

Meddl!

A great tool to help modify the requests! I tried several tools but this one is simply the best!!

Best tool for headers 5+ for backups! Thank you guys!

Very helpful!

adding request headers works but adding response headers doesnt really do anything

Saved me from the tyranny of WebP images. Just had to remove image/webp from the default Accept request header.

Adding a new response header doesn't seem to work.

Can't believe how powerful is this extension. It solved my problem in upload file XHR requests was rejected on Azure notebook giving 500 internal server error because of wrong content-length value. just put content-length and it worked perfect

I would be perfect if we can export all profiles once and add it later in time or may be in another system all at once.

Incredible plugin, fantastic responsive developer.

Works fine for Google Chrome and Chromium but NOT for Vivaldi? Has someone tried to use it in Vivaldi browser? Settings are just ignored.

The whole Chrome lags with this extension enabled.

I needed to tweak some API responses for CORS testing without having to update the API code and this did the trick!!! Thanks

Easy to configure and use

Thank you for removing the ads again. I actually came on today to down rate the extension because of that, but noticed today it was removed. Otherwise, this has been an invaluable extension for my work.

Doesn't work at all. Can't add profiles or headers.

3 stars: I use this extension a lot, and it just about works But, I have some problems: - Input boxes should expand to display long headers - 'Esc' clears the current input box and there's no undo. Bye bye carefully crafted header. (In my opinion, esc should hide the extension popup)

As others have mentioned, a recent update pushed ads into the popup. Additionally, the UI stopped working around the Chrome 69 update -- clicking add new rule freezes the popup, the UI freezes in other situations too

its good

Excellent! :)

It is really simple and useful. But I don't know why it cannot modify the `Host` header for some websites.

Simple and working!

FINALLY! I needed a tool that would stop Chrome from auto-rendering .xml files and this one let's me do it by changing the response headers! All I had to do was change these two headers: Content-Type: application/octet-stream Content-Disposition: attachment; filename="download.xml" and it works like a charm! Thanks a bunch!

fine

Cool header modifier. easy to use, and very smooth work

After an update it stopped working :'( can't add request headers anymore. -- update Reinstalling fixed the problem

Great! It's a really very heapful chrome ext.

This extension works great. It allows me to add my API key in the authorization header when testing my API and create URL pattern filters to only add the header on certain domains so that I don't have to remember to turn it off. My one gripe is that the latest update added a badge with a count of the number of headers turned on. I don't like seeing a red badge on the extension since it makes it looks like there is a problem that needs my attention. It would be nice to be able to disable this via a setting.

It's really very helpful chrome extension. Though would request the Developer to add a Label Indicator (like color change or Icon-blink) to notify user's that the extension is running with some value in it. Usually we set some specific header and later forget to remove it and keep working with the settings, that causes some other issues. Hope you got what i meant. update++ looks like this request has been integrated in the extension. So it's surely is a 5star now.

Use this extension every single day for testing. Very well done. Love the popup settings menu instead of keeping them in a separate tab.

Now that you can filter by website I am really loving this extension. People need to learn how it works and they will be very happy.

Deleting due to it requesting my browser history, which makes no sense.

Does as it says!!

Not helpful

Very useful extension. It's a pity that profiles are not synchronized with my Google account, i.e. my profiles are gone after I installed Chrome on a new laptop. I know about the manual export/import feature, but this extension could have saved profiles in Chrome Sync. @hao1300 could you consider implementing this? https://developer.chrome.com/extensions/storage#property-sync

I downloaded this software to use for tubeoffline after getting an error message and it worked perfectly!

doesn't work

I think the one feature really missing here is being able to only set headers for certain pages and sites. Sometimes you'll forget that you're modifying your headers and wonder why every site is somewhat broken :'(.

Very good, but would be awesome if you could toggle on/off without having to click the extension icon and unselect the headers.