Sift — HTTP capture viewer

About

Sift is a read-only viewer for HTTP session captures. You drag a capture file
onto the panel and Sift renders a navigable request and response inspector. It
parses the file entirely in memory and never writes anything to disk.

It opens three formats:

- HAR (`.har`), the HTTP Archive JSON format exported by browser developer tools
  and many HTTP clients.
- Fiddler SAZ (`.saz`) session archives.
- Charles session exports, both `.xml` and `.trace`.

All three are normalized into the same internal model, so the inspector behaves
identically regardless of where the capture came from.

What it does:

- Shows a request list with method, status (colored by class), host, path,
  response type, size, and duration. The list is virtualized, so captures with
  thousands of requests stay responsive.
- Shows a detail pane with tabs for request and response headers, query
  parameters, cookies, request body, response body, and timing.
- Pretty-prints and syntax-highlights JSON, XML, HTML, CSS, and JavaScript
  bodies. Large bodies are held behind an explicit "render anyway" control so a
  single request cannot lock up the panel.
- Masks sensitive values by default. Authorization headers, cookies, Set-Cookie
  headers, common API-key headers, and token-shaped query parameters are hidden
  until you click to reveal an individual value, or use the global reveal
  toggle.
- Decompresses gzip and deflate response bodies and reassembles chunked
  transfer encoding. Brotli-encoded bodies cannot be decoded with the bundled
  library and are shown as raw bytes with a clear "not decoded" badge rather
  than failing.
- Exports a sanitized HAR. This rebuilds a valid HAR file with every sensitive
  value replaced by a placeholder, so a capture can be shared without leaking
  credentials. The export is the only file Sift produces, and only as a download
  you start.
- Searches across URL, headers, and body text, with quick filters by method,
  status class, host, and response MIME type.

Who it is for: developers and QA engineers who need to read a capture someone
sent them, or one they exported, without uploading it to an online tool or
installing a heavier proxy. Because nothing is persisted, the panel is empty
again after a reload, by design.

How to use it: open Chrome DevTools, select the "Sift" panel, and drop a
capture file onto it. There is no toolbar popup; the extension exists only as a
DevTools panel.

Limitations, stated plainly:

- Brotli (`br`) response bodies are not decoded.
- Encrypted or password-protected SAZ archives are detected and refused with a
  clear message rather than guessed at.
- The Charles `.chls` and `.tcpsf` formats and packet captures (pcap/pcapng) are
  not supported. Export HAR from those tools instead.
- There is no live capture in this version. Sift views files you already have.