What Is a HAR File? HTTP Archive Format Explained
If you've ever reported a website bug to a support team and been asked to "send a HAR file," you're not alone in wondering what that actually means. HAR files sit at the intersection of web development and everyday troubleshooting — and understanding what they capture, how they're created, and what they reveal can make you a much more effective troubleshooter.
HAR File: The Basic Definition
HAR stands for HTTP Archive. It's a JSON-formatted log file that records all network activity between your browser and the websites or web applications you interact with. Think of it as a detailed diary your browser keeps — noting every request sent, every response received, and precisely how long each exchange took.
The format was developed to give developers and support teams a standardized way to share and analyze network performance data. Instead of saying "the page loads slowly," a HAR file shows exactly which resources loaded, in what order, how large they were, and where time was lost.
What Gets Recorded Inside a HAR File
A HAR file captures a structured snapshot of network traffic. Inside, you'll find:
| Data Type | What It Includes |
|---|---|
| Requests | URL, HTTP method (GET, POST, etc.), headers, cookies |
| Responses | Status codes, response headers, body content |
| Timing data | DNS lookup time, connection time, time to first byte, total load time |
| Page events | When the page started loading, when it finished |
| Resource sizes | Compressed and uncompressed file sizes |
Every asset a page loads — images, scripts, stylesheets, API calls, fonts — gets its own entry. A complex web application might generate a HAR file with hundreds of individual entries.
How HAR Files Are Created 🔍
You don't need special software to generate a HAR file. Every major browser has built-in developer tools that record and export them.
In Chrome or Edge:
- Open DevTools (F12 or right-click → Inspect)
- Go to the Network tab
- Reload the page or reproduce the issue
- Right-click any entry in the network log → Save all as HAR with content
In Firefox:
- Open DevTools → Network tab
- Reproduce the issue
- Click the gear icon → Save All As HAR
In Safari:
- Enable the Develop menu in preferences
- Open Web Inspector → Network tab
- Export using the download icon
The resulting .har file is plain JSON text, meaning it can be opened in any text editor — though purpose-built HAR viewers make the data much easier to read.
What HAR Files Are Used For
HAR files serve several practical purposes depending on who's reading them:
Technical support and debugging — When a web application behaves unexpectedly, support engineers use HAR files to see the exact sequence of network events that led to the problem. Error codes, failed requests, and malformed responses become immediately visible.
Performance analysis — Web developers use HAR files to identify bottlenecks. If a page is slow, the timing data reveals whether the problem is a slow server response, a large uncompressed image, too many sequential requests, or something else entirely.
API troubleshooting — Developers building integrations between services use HAR files to inspect the raw API calls being made — including request payloads and response bodies — without needing access to server logs.
Security auditing — Security professionals analyze HAR files to check what data is being transmitted, confirm HTTPS usage, and look for unexpected third-party connections.
The Privacy Dimension You Can't Ignore ⚠️
Here's something important that often goes unmentioned: HAR files can contain sensitive data.
Because they capture everything your browser sends and receives, a HAR file recorded during an active session may include:
- Authentication tokens and session cookies — which could allow someone to impersonate you
- Passwords — if transmitted as form data
- Personal information — from form fields or API responses
- API keys — if they appear in request headers or URLs
This is why security-conscious organizations have policies around HAR file handling. When a support team asks you to provide one, it's worth asking how they'll store and delete it. Some tools and browser extensions exist specifically to sanitize HAR files — stripping sensitive headers and cookie values before sharing.
The risk level varies considerably based on what you were doing when you recorded the file, which sites were involved, and whether you were logged into authenticated sessions at the time.
Reading and Analyzing a HAR File
Raw HAR files are technically readable as JSON, but manually parsing hundreds of entries is impractical. Several tools make analysis more approachable:
- Browser DevTools can re-import HAR files for visual inspection
- Google's HAR Analyzer (web-based) provides a clean waterfall view
- Fiddler and Charles Proxy both import HAR files with full filtering capabilities
- har-validator and similar CLI tools are used in development pipelines to programmatically check HAR content
What you can extract from a HAR file depends heavily on your comfort with network concepts. Reading HTTP status codes, understanding redirect chains, and interpreting waterfall charts are skills that develop with exposure to the format.
Factors That Shape What a HAR File Captures
Not all HAR files are created equal. Several variables affect what ends up recorded:
- Browser and version — different browsers implement the HAR spec with minor variations
- DevTools settings — whether "Preserve log" is enabled changes what's captured across navigations
- Browser extensions — some extensions inject additional requests or modify headers, which appear in the HAR
- Network conditions — recordings on slow or throttled connections reflect those constraints in timing data
- Authentication state — whether you're logged in determines which cookies and tokens appear
A HAR file recorded by one person in one browser on one network will look meaningfully different from the same page recorded by someone else under different conditions — even if the underlying issue is identical.
HAR Files Across Different Technical Contexts
The usefulness of a HAR file shifts depending on who's working with it and why. A developer debugging a failed API integration needs different things from the file than a support agent trying to reproduce a login error, or a performance engineer benchmarking page load times. The format is the same; what matters is which signals are relevant to the specific problem being investigated, and whether the person analyzing it has the context to interpret those signals correctly.