l-switch by bingrulin
Proxy localhost API calls to production or staging with JSON rules. Supports CHIPS(partitioned cookies): reads partition-scoped cookies and injects them on redirect so local dev can authenticate against real backends—no companion extension on Firefox
Extension Metadata
About this extension
l-switch is the Firefox client for pm-switch: a developer tool for running local front-end code against real production or staging APIs.
Modern browsers enforce CHIPS (Cookies Having Independent Partitioned State). After CHIPS, whether a cookie is sent depends not only on
l-switch handles that for you: when a proxy rule matches, it reads partitioned cookies for the target site and injects them (and related headers such as CSRF tokens) into the proxied request, so your local app can still call authenticated online backends.
Key features
On Firefox, proxy + cookie injection runs in one extension (async
Who it is for
Front-end and full-stack developers who:
Quick start
Example:
```json
{
"proxy": [
{
"src": "http://127.0.0.1:7001/(.*)\.json",
"tgt": "https://example.com/$1.json",
"headersToAdd": [
{
"headerName": "X-Xsrf-Token",
"fromCookieName": "XSRF-TOKEN"
}
]
}
],
"cors": ["example.com"]
}
Modern browsers enforce CHIPS (Cookies Having Independent Partitioned State). After CHIPS, whether a cookie is sent depends not only on
Domain and SameSite, but also on the cookie’s partition (the top-level site context). A simple in-browser redirect from localhost to an online host is often not enough—partitioned cookies may not ride along automatically.l-switch handles that for you: when a proxy rule matches, it reads partitioned cookies for the target site and injects them (and related headers such as CSRF tokens) into the proxied request, so your local app can still call authenticated online backends.
Key features
- CHIPS / partitioned cookie support — Uses
cookiesAPI with partition awareness and injects the right cookies on redirected traffic (seegetPartitionCookiein the extension). - URL proxy rules —
src→tgtmatching (string or regex). - Header helpers — Referer, Origin, optional
headersToAdd/headersToDel, andcorshost lists for cross-origin scripts after redirect. - JSON configuration — Edit rules in the popup; toggle the toolbar switch to enable or disable.
On Firefox, proxy + cookie injection runs in one extension (async
webRequest blocking). On Chrome, the same workflow still uses m-switch + p-switch; Firefox users only need l-switch.Who it is for
Front-end and full-stack developers who:
- Develop on
localhost(or another local origin) but need live backend responses - Rely on partitioned (CHIPS) cookies for login/session on the target domain
- Want the xswitch / pm-switch workflow without manually copying cookies
Quick start
- Open the popup and edit JSON (
proxy, optionalcors). - Turn the extension on.
- Reload your app; use
credentials: "include"on fetches when cookies are required.
Example:
```json
{
"proxy": [
{
"src": "http://127.0.0.1:7001/(.*)\.json",
"tgt": "https://example.com/$1.json",
"headersToAdd": [
{
"headerName": "X-Xsrf-Token",
"fromCookieName": "XSRF-TOKEN"
}
]
}
],
"cors": ["example.com"]
}
Rated 0 by 0 reviewers
Permissions and data
Required permissions:
- Clear recent browsing history, cookies, and related data
- Access browser tabs
- Access your data for all websites
Data collection:
- The developer says this extension doesn't require data collection.
More information
- Add-on Links
- Version
- 1.0.22
- Size
- 1.13 MB
- Last updated
- 10 days ago (May 25, 2026)
- Related Categories
- License
- ISC License
- Version History
- Add to collection