🚀 Standalone API Client

A lightweight, secure, web-based API testing tool with built-in CORS proxy support and password protection. Single HTML file - no installation required.

✨ Features

🔒 Security First

• Password Protection: SHA-256 hashed password authentication
• Session-Based: Auto-locks on page refresh
• Local CORS Proxy: Keep API calls secure on localhost
• Encrypted Storage: Optional encryption for sensitive request data

🎯 Core Functionality

• All HTTP Methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
• Request Components:
  • URL parameters with key-value editor
  • Custom headers with common presets
  • Multiple body types: Raw, JSON, Form URL Encoded
  • Authentication: None, Bearer Token, Basic Auth, API Key
• Response Handling:
  • Syntax-highlighted JSON/XML/HTML responses
  • Status code and timing information
  • Copy-to-clipboard functionality
  • Full headers display

📁 Organization & Persistence

• Collections & Groups: Organize requests by projects/environments
• Save & Load: localStorage-based request library
• Import/Export: JSON-based backup and restore
• Auto-Backup (Optional): Automatically exports to file with every change (can be toggled in Settings)

🌐 CORS Proxy Management

• Built-in Status Monitor: Real-time proxy online/offline detection
• Multiple Proxy Options:
  • 🔒 Local (Secure) - Recommended
  • AllOrigins
  • CORSProxy.io
  • Custom proxy URL
• One-Click Start Instructions: GUI-integrated proxy startup guide

💡 User Experience

• Light/Dark Theme: Toggle between themes with persistent preference (moon/sun icon in header)
• Settings Dialog: Centralized settings for auto-backup preferences and app information
• Split-Pane Interface: Sidebar | Request | Response
• Toast Notifications: Non-blocking success/error messages
• Form-Urlencoded Editor: Visual key-value field editor
• Auto URL Encoding: Toggle for form values
• Common Presets: Quick-add common headers and parameters

🚀 Quick Start

1. Open the Client

Simply open index.html in any modern web browser. No server or installation required!

2. Enter Password

Default Password: admin123

⚠️ Important: Change the password immediately for security!

3. Start Making Requests

1. Enter your API endpoint URL
2. Select HTTP method (GET, POST, etc.)
3. Add headers, params, or body as needed
4. Click "Send Request"

4. Enable CORS Proxy (Optional)

If you get CORS errors:

1. Check "CORS Proxy" checkbox
2. If proxy is offline, click "🚀 Start Proxy" button
3. Follow instructions (double-click start_proxy.bat)
4. Proxy status will turn green when running

📂 Project Structure

standalone-api-client/
│
├── index.html              # Main application (single-file, fully functional)
├── local_cors_proxy.py     # Local CORS proxy server (Python/Flask)
├── start_proxy.bat         # Windows batch file to start proxy
│
├── README.md               # This file
├── PASSWORD_SETUP.md       # Password configuration guide
├── CORS_PROXY_EXPLAINED.md # CORS proxy documentation
└── .gitignore              # Git ignore patterns

🔧 Requirements

For Main Application

• Modern web browser (Chrome, Firefox, Edge, Safari)
• That's it! No other dependencies.

For CORS Proxy (Optional)

• Python 3.7+
• Flask and flask-cors (auto-installed by start_proxy.bat)

Install manually:

pip install flask flask-cors

📖 Documentation

• Password Setup Guide - How to change password and manage authentication
• CORS Proxy Explained - Understanding and using the local proxy

🎓 Usage Examples

Basic GET Request

1. Select "GET" method
2. Enter URL: https://api.example.com/users
3. Click "Send Request"

POST with JSON Body

1. Select "POST" method
2. Enter URL: https://api.example.com/users
3. Go to "Body" tab → Select "Raw"
4. Enter JSON:

   {
     "name": "John Doe",
     "email": "john@example.com"
   }

5. In Headers tab, add: Content-Type: application/json
6. Click "Send Request"

Form URL Encoded Request

1. Select "POST" method
2. Go to "Body" tab → Select "Form URL Encoded"
3. Click "+ Add Field" to add key-value pairs
4. Toggle "Auto URL Encode" if needed
5. Click "Send Request"

Bearer Token Authentication

1. Go to "Auth" tab
2. Select "Bearer Token"
3. Enter your token
4. Click "Send Request"

Save Request for Later

1. Configure your request
2. Click "💾 Save" button
3. Enter name and group
4. Request is saved to localStorage

Export/Backup Requests

1. Click "📥 Export" button
2. JSON file downloads with all requests
3. Share or backup the file
4. Import later with "📤 Import" button

Configure Auto-Backup (Optional)

Auto-backup automatically exports your requests to a JSON file every time you make changes (with 5-second debouncing for performance).

To Enable/Disable:

1. Click "⚙️ Settings" button in the header
2. Toggle "Enable auto-backup" checkbox
3. Setting is saved immediately and persists across sessions

When Enabled:

• Automatically exports after every save, update, or delete
• Creates timestamped JSON files in your Downloads folder
• Provides an extra safety net beyond localStorage
• Uses 5-second debouncing to avoid excessive file creation

Default: Enabled (can be disabled anytime)

Switch Theme (Light/Dark Mode)

1. Click the moon icon (🌙) in the header to toggle to dark theme
2. Click the sun icon (☀️) to toggle back to light theme
3. Theme preference is saved automatically and persists across sessions
4. Works on both the login screen and main application

🔐 Security

Password Protection

• Default password: admin123 (change immediately!)
• SHA-256 hashed (not stored in plaintext)
• Session-based (expires on page refresh)
• Manual lock button available

See Password Setup Guide for detailed instructions.

Data Storage

• All data stored in browser's localStorage
• Optional encryption for sensitive requests
• Export functionality for backup
• No data sent to external servers (except your API calls)

CORS Proxy Security

• Runs locally on localhost:8080
• No data sent to third-party proxies (when using local option)
• Filters problematic headers
• Health check endpoint for monitoring

See CORS Proxy Guide for security details.

🐛 Troubleshooting

CORS Errors

Problem: Request fails with CORS error Solution:

1. Enable "CORS Proxy" checkbox
2. Select "🔒 Local (Secure)"
3. Click "🚀 Start Proxy" button
4. Follow instructions to start proxy
5. Wait for status to show "Proxy Online" (green)

Password Not Working

Problem: Can't login with password Solution:

1. Open index.html in text editor
2. Find line: const passwordHash = "..."
3. Replace with default hash: 240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9
4. Save file and try password: admin123

Requests Not Saving

Problem: Saved requests disappear Solution:

• Check browser's localStorage is enabled
• Try exporting requests as backup (JSON file)
• Check browser console (F12) for errors
• Click "🔧 Cleanup" button to remove corrupted data

Proxy Won't Start

Problem: Proxy shows offline even after starting Solution:

1. Check Python is installed: python --version
2. Install dependencies: pip install flask flask-cors
3. Check port 8080 is not in use
4. Look for error messages in proxy terminal window
5. Try manual start: python local_cors_proxy.py

🤝 Contributing

Contributions are welcome! Here's how:

1. Fork the repository
2. Create a feature branch: git checkout -b feature/amazing-feature
3. Make your changes
4. Commit: git commit -m 'Add amazing feature'
5. Push: git push origin feature/amazing-feature
6. Open a Pull Request

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Inspired by Postman and Insomnia API clients
• Built for developers who need a lightweight, portable API testing solution
• No external dependencies in the main application

📧 Support

• Open an issue for bugs or feature requests
• Check existing issues before creating new ones
• Provide detailed information for faster resolution

🗺️ Roadmap

• Request history tracking
• Environment variables support
• Collection sharing via URL
• Request chaining/workflows
• GraphQL support
• WebSocket testing
• Request templates library
• Custom theme colors
• Keyboard shortcuts

---

Built with ❤️ for developers who value simplicity and security

⭐ Star this repo if you find it useful!