Rule Engine
HTTPeep's composable rule engine matches traffic by domain, path, headers, and more, then routes it through a deterministic action pipeline.
The rule engine is the core of HTTPeep. Every other feature — mocking, throttling, breakpoints, DNS overrides — is implemented as a stage in the same deterministic pipeline: Match → Actions → Resolve → Response. You define rules once, and they apply automatically to every matching request from that point forward. Rules are stored as YAML files you can version-control, share with your team, and reuse across projects.
Pipeline overview
flowchart LR
A[Incoming request] --> B{Match}
B -->|No match| C[Pass through]
B -->|Match| D[Request Actions]
D --> E{Resolve}
E -->|Pass Through| F[Origin server]
E -->|Map Remote| G[Different host]
E -->|Map Local| H[Local files]
F & G & H --> I[Response Actions]
I --> J[Client]Each stage runs in order. If a request matches a rule, it proceeds through request actions, then a resolve outlet, then response actions. If no rule matches, the request passes through to the origin unmodified.
Stage 1 — Match
Match conditions determine which requests a rule applies to. You can combine multiple conditions; all specified conditions must be satisfied for a rule to match.
Domain matching
Matches only the specified hostname.
match:
domains:
- type: exact
value: api.example.comMatches any subdomain using *.
match:
domains:
- type: wildcard
value: "*.example.com"Matches using a pattern with named capture groups, which can be reused in actions.
match:
domains:
- type: template
value: "{env}.api.example.com"Other match conditions
| Condition | Description | Example |
|---|---|---|
path | Match by URL path, supports wildcards | /api/users/* |
header | Match by request header name and value | Authorization: Bearer * |
query | Match by query parameter name and value | debug=true |
body | Match by request body content | JSON field presence or value |
originProtocol | Restrict to http or https | https |
stopAfterMatched
When stopAfterMatched: true, HTTPeep stops evaluating subsequent rules after this rule matches. This is useful when you want a rule to act as a short-circuit for a specific domain or path without interference from lower-priority rules.
Stage 2 — Request actions
Request actions run before the request is forwarded. You can chain multiple actions; they execute in the order listed.
Stage 3 — Resolve
The resolve stage determines where the request ultimately goes. Every rule has exactly one resolve outlet.
Pass Through
Forward the request to the original server. Use this when you only need to observe, modify, or delay traffic without changing its destination.
Map Remote
Route the request to a different host. The client's code and the URL in the browser remain unchanged. See Map Remote.
Map Local
Serve a response from a local file instead of contacting any server. Ideal for mocking APIs. See Mock / Map Local.
A fourth resolve outcome, Block, immediately drops the request and returns a connection error to the client. Configure it via the rule editor when you want to simulate a service being unreachable.
Stage 4 — Response actions
Response actions run after the resolve stage returns a response. You can filter by status code or Content-Type to apply actions selectively.
| Action | Description |
|---|---|
| Filter by status code | Only apply response actions to responses with matching status codes (e.g., 2xx, 404) |
| Filter by Content-Type | Restrict actions to specific content types such as application/json |
| Rewrite response body | Find-and-replace or fully replace the response body |
| Inject scripts | Inject a <script> tag into HTML responses (useful for adding debug tooling) |
| Delay response | Add latency to the response |
| Throttle response | Limit download bandwidth |
| Response breakpoint | Pause the response for manual editing before delivering it to the client |
Execution logs
Every stage of the pipeline is logged. In the session detail panel, the Rule tab shows which rule matched, which actions ran, which resolve outlet was used, and any response actions applied. Nothing is a black box — you can trace exactly what happened to any request.
Full YAML example
The following rule maps all HTTPS traffic to api.example.com to a local directory of mock files, then adds a 500 ms delay and throttles the download to 384 KB/s:
# rule.yaml - Frontend Mock API
- id: rule_mnhi5xkt
description: "Frontend Mock API"
enabled: true
builtin: false
stopAfterMatched: false
match:
domains:
- type: exact
value: api.example.com
originProtocol: https
requestActions: []
resolve:
type: map_local_dir
filePath: /Users/chris/mocks/api
headers:
x-httpeep-debug: '1'
responseActions:
- type: delay_response
id: action_1775140499860
enabled: true
delayMs: 500
- type: throttle_response
id: action_1775591855867
enabled: true
speed:
max: 384
burst: 768Rule storage and team sharing
All rules are stored as plain YAML files under ~/.httpeep/rules/:
~/.httpeep/rules/
├── rule.yaml # Main rule configuration
├── bypass.yaml # Bypass configuration
├── dns_override.yaml # DNS override configuration
├── external_proxy.yaml # External proxy configuration
└── rate_limit.yaml # Rate limit configurationBecause rules are files, you can:
- Version-control them with Git to track every change
- Share them with teammates by committing to a shared repository
- Branch rule sets per project or environment
- Review rule changes through pull requests before applying them
- Export and import rules for quick migration between machines
Keep your rules in a Git repository alongside your project code. When a teammate pulls your branch, they get the exact same debugging setup you used to reproduce the issue.
Capture and inspect HTTP/HTTPS
HTTPeep captures HTTP/1.1, HTTP/2, and HTTPS traffic in real time. Filter by domain, method, status, and path. Export sessions as JSON, HAR, or PCAP.
Mock APIs
Serve local files as API responses instead of hitting the real server. Supports JSON, JS, and any static content, with instant hot reload on file changes.