Tests the two mechanisms browsers use to upload files: top-level document/iframe
form submission and XHR/fetch resource requests. Only multipart POST bodies are
considered for upload content inspection at this time.
Native Form POST sec-fetch-mode: navigate
Real browser form submission with file input. Proxy response renders in iframe —
check DevTools Network tab for x-menlo-* headers.
Uploading…
XHR / Fetch Upload sec-fetch-mode: cors
Programmatic upload via fetch(). Browser sends
sec-fetch-mode: cors. Proxy response headers shown inline. Supports file upload,
generated blobs, and raw body POST/PUT.
Drag & drop a file here, or click to browse
Or generate blob:
Connection Timeline
ⓘH2: If the origin closes during upload inspection, tungsten sends GOAWAY to the browser. The in-flight upload continues on the same client connection (tungsten reconnects to origin internally), but pings move to a new tunnel (*** NEW CONNECTION ***). Upload completes on the original connection ID.
H1: The upload blocks the tunnel (serial), so pings open new connections during the upload. After the upload, Connection: close tears down the tunnel and pings move to a fresh one. /ping every 2s (does not reset idle timeout)