HeaderKit is a lightweight, privacy-friendly alternative to ModHeader. It lets you configure browser request headers with flexible filters. The companion HeaderKit CLI enables agents to adjust the extension's configuration and control browser requests.
Everything runs locally in your browser; there are no accounts, no servers, and no telemetry.
- Profiles — group rules into named, colour-coded containers you can toggle independently. Multiple profiles can be active at once.
- Rule types — request headers, response headers, cookies, and redirects.
- Header actions: set (default), append, remove.
- Response-header rules can override security headers such as
CSPandX-Frame-Options. - Cookie rules are structured sugar over the
Cookie/Set-Cookieheaders. - Redirects support a static whole-URL target and regex capture-group substitution.
- Filters — limit which requests a profile affects by:
- URL — enter a domain (subdomains included) or a URL with
*wildcards; a regex mode is available for advanced matching. Usable as include or exclude rules. - Tab — lock a profile to a specific open tab.
- Window — lock a profile to a specific browser window.
- Resource type — map to
declarativeNetRequestresource types.
- URL — enter a domain (subdomains included) or a URL with
- Three-level switches — a global pause, per-profile toggles, and per-rule toggles. A rule is only compiled when all three are enabled.
- Import / export — export and import HeaderKit's native JSON format, and import profiles from ModHeader.
- Toolbar feedback — a badge showing the number of active rules.
- One shared UI — the same React interface as a toolbar popup or a full browser tab ("Open in Tab").
- Agent-friendly automation — let coding agents inspect and update browser header profiles through the HeaderKit CLI. Its JSON-lines machine mode pairs with the extension over a local WebSocket (Agent Mode).
| Browser | Status | Mechanism |
|---|---|---|
| Chrome / Edge | Primary target (MV3) | declarativeNetRequest (DNR) |
| Firefox | Secondary target | webRequest (capability may differ) |
Install HeaderKit directly from the Chrome Web Store.
HeaderKit provides a machine-readable CLI so an agent can configure request headers, response headers, cookies, redirects, and filters in your browser:
npx headerkit --jsonThen open the extension popup and click Connect CLI. Once the CLI emits
{"event":"paired"}, the agent can send commands over stdin and consume one
JSON response per stdout line. See the CLI guide for setup,
commands, and the pairing protocol.
- Node.js 18+ and npm
- Chrome, Edge, or Firefox
npm install# Chrome / Edge
npm run dev
# Firefox
npm run dev:firefoxWXT launches a browser with the extension loaded and hot-reloads on changes.
# Chrome / Edge
npm run build
# Firefox
npm run build:firefox
# Produce a distributable zip
npm run zipBuild output is written to .output/.
- Run
npm run build. - Open
chrome://extensions, enable Developer mode. - Click Load unpacked and select
.output/chrome-mv3/.
npm test # run the unit tests once
npm run test:watch
npm run compile # wxt prepare + tsc --noEmitentrypoints/
background.ts # reconciles DNR rules from stored profile data
popup/ # shared React UI (popup + full tab)
src/
core/ # profile model, compile, reconcile, storage, import/export
public/ # extension icons and static assets
docs/adr/ # architecture decision records
CONTEXT.md # domain glossary (ubiquitous language)
wxt.config.ts # WXT + manifest configuration
- WXT — the browser-extension framework
- React 19 + TypeScript
- Tailwind CSS 4
- Vitest for testing
Issues and pull requests are welcome. Before opening a PR:
- Run
npm testandnpm run compileto make sure tests and types pass. - Follow the conventions in
AGENTS.md.
Released under the MIT License. © 2026 GeoffZhu.

