Using ModHeader for HTTP authentication
HTTP authentication
Most websites typically accept the Authorization
request header or some form of
cookie for authentication. The value is usually either some form of internal ID or a JSON web
token (JWT). By passing in different Authorization
request header (or cookie), one can
turn on / off logged-in state, switch users, change user's role, etc.
Changing Authorization header
Using ModHeader, you can quickly change the authorization header using the following steps:
- Click on , and select Request header
- Add
Authorization
header with the desired value. - Now visit your web server. It should have the
Authorization
header passed to it. - Going one step further, you can click on , and select URL filter to enable the Authorization header override only on your domains. This way, you will not accidentally leak your authorization header to other third-party websites.
- To turn off the feature, simply uncheck the
Authorization
request header row - You can also add additional
Authorization
header rows so you can easily switch between different users. - Alternatively, you can right-click on the profile badge on the left hand side, and select Clone profile, then update the
Authorization
header value in the new profile. You can quickly switch between differentAuthorization
headers by switching profile. You can click on , then select Keyboard shortcuts to assign custom shortcut keys to each profile.
Changing Cookie value
If you are using cookie-based authentication, you can also use ModHeader to quickly change its value using the following steps:
- Click on , and select Cookie header
- Add the desired cookie name and value.
- Now visit your web server. It should have the cookie passed to it.
- Going one step further, you can click on , and select URL filter to enable the cookie header override only on your domains. This way, you will not accidentally leak your authorization header to other third-party websites.
- Similar to the
Authorization
header approach above, you can easily turn on/off the modification with the checkbox on the left hand side, and use multiple profiles to quickly toggle between different cookie value.