Is this a substitute for server-side validation?

No. Use it for manual checks and triage; production systems should still validate and authorize on the server.

Where does processing happen?

Most validators here run in your browser. If a tool calls an API, that is stated on the page. See the site privacy policy for data handling.

Validators and utilities that complement Content-Type vs body check — same session, no sign-up.

Content-Type (line or value)

Body sample

Heuristic comparison of declared Content-Type (and charset hint) against a coarse sniff of the body start (JSON, HTML, XML, YAML). No remote fetch.

Coarse Content-Type vs first-bytes sniff for JSON, HTML, XML, YAML — heuristic only; does not decode charset or gzip.

Heuristic comparison of declared Content-Type (and charset hint) against a coarse sniff of the body start (JSON, HTML, XML, YAML). No remote fetch.
Limits called out in the description (what this tool does not verify — e.g. live network reachability, issuer databases, or strict schema contracts unless stated).
Structural or syntax mistakes that would break parsers, serializers, or the next step in your workflow.

What does Content-Type vs body check do?: Heuristic comparison of declared Content-Type (and charset hint) against a coarse sniff of the body start (JSON, HTML, XML, YAML). No remote fetch. Use the form above, then see “How to use” and “What this check helps you catch” for behavior detail.
Is this a substitute for server-side validation?: No. Use it for manual checks and triage; production systems should still validate and authorize on the server.
Where does processing happen?: Most validators here run in your browser. If a tool calls an API, that is stated on the page. See the site privacy policy for data handling.