Convert Curl to Fetch

Browser DevTools feature. In Chrome/Edge: right-click a network request → Copy → “Copy as cURL” (Chrome uses bash format; pick “Copy as cURL (bash)” on Windows for Unix-style flags). Firefox: Copy → “Copy as cURL”. The output is a single-line or multi-line cURL command that exactly reproduces the request – paste it here to convert it to JS.

cURL: -u admin:secret. The tool base64-encodes admin:secret (to YWRtaW46c2VjcmV0) and adds Authorization: Basic YWRtaW46c2VjcmV0 header to the fetch options. Note: Basic auth credentials are visible to anyone with access to the encoded string – encode once, use over HTTPS only.

cURL: curl -G 'https://api.com/search' -d 'q=hello' -d 'limit=10' → makes a GET to https://api.com/search?q=hello&limit=10. The tool detects -G and converts the body parts to URL query string instead of POST body. The fetch URL is fully constructed; no body added.

cURL: -F '[email protected]' -F 'name=jane'. The tool emits a self-invoking arrow function that builds a FormData object: body: (() => { const formData = new FormData(); formData.append("name", "jane"); ... return formData; })(). For @file references, it leaves a comment for you to substitute the actual File/Blob object – browsers can’t read arbitrary filesystem paths without user interaction.

fetch: built-in browser API, no dependency. Default for browser code. axios: more conveniences (auto JSON parse, interceptors, request cancellation, progress events) but adds 14 KB. Use axios when you need its features OR if the codebase already uses it. node-fetch: ports browser fetch to Node.js (Node 18+ has native fetch, so node-fetch is mainly for older Node versions).

The “fetch + TypeScript” target emits the same code with a TypeScript comment header. The tool doesn’t auto-infer response types (that would require schema knowledge). Add type assertions like const data = await response.json() as User or define interfaces inline.

credentials: 'include' tells fetch to send cookies on cross-origin requests AND to honor Set-Cookie response headers cross-origin. Required for cookie-based auth across domains. Default (without this flag) is same-origin – cookies only sent same-origin. Without the toggle, your auth cookies may not be sent to your API if it’s on a different domain.

Not converted: --cert, --key, --cacert (client certs – fetch can’t load filesystem certs in browser), --proxy (browsers don’t expose proxy in fetch options), -o/--output (file output – use response.blob() + URL.createObjectURL manually), --resolve (DNS overrides). Most are browser-security-blocked anyway.

Yes. cURL input + generated code stay in your browser. The base64 encoding for basic auth is purely client-side. API keys and tokens in your cURL never leave your device.