curl(1) | Curl Manual | curl(1) |
curl - transfer a URL
curl [options / URLs]
curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user interaction.
curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer resume, Metalink, and more. As you will see below, the number of features will make your head spin!
curl is powered by libcurl for all transfer-related features. See libcurl(3) for details.
The URL syntax is protocol-dependent. You'll find a detailed description in RFC 3986.
You can specify multiple URLs or parts of URLs by writing part sets within braces as in:
http://site.{one,two,three}.com
or you can get sequences of alphanumeric series by using [] as in:
ftp://ftp.example.com/file[1-100].txt
ftp://ftp.example.com/file[001-100].txt (with leading zeros)
ftp://ftp.example.com/file[a-z].txt
Nested sequences are not supported, but you can use several ones next to each other:
http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
You can specify any amount of URLs on the command line. They will be fetched in a sequential manner in the specified order. You can specify command line options and URLs mixed and in any order on the command line.
You can specify a step counter for the ranges to get every Nth number or letter:
http://example.com/file[1-100:10].txt
http://example.com/file[a-z:2].txt
When using [] or {} sequences when invoked from a command line prompt, you probably have to put the full URL within double quotes to avoid the shell from interfering with it. This also goes for other characters treated special, like for example '&', '?' and '*'.
Provide the IPv6 zone index in the URL with an escaped percentage sign and the interface name. Like in
http://[fe80::3%25eth0]/
If you specify URL without protocol:// prefix, curl will attempt to guess what protocol you might want. It will then default to HTTP but try other protocols based on often-used host name prefixes. For example, for host names starting with "ftp." curl will assume you want to speak FTP.
curl will do its best to use what you pass to it as a URL. It is not trying to validate it as a syntactically correct URL by any means but is instead very liberal with what it accepts.
curl will attempt to re-use connections for multiple file transfers, so that getting many files from the same server will not do multiple connects / handshakes. This improves speed. Of course this is only done on files specified on a single command line and cannot be used between separate curl invokes.
curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time left, etc. The progress meter displays number of bytes and the speeds are in bytes per second. The suffixes (k, M, G, T, P) are 1024 based. For example 1k is 1024 bytes. 1M is 1048576 bytes.
curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal, it disables the progress meter as otherwise it would mess up the output mixing progress meter and response data.
If you want a progress meter for HTTP POST or PUT requests, you need to redirect the response output to a file, using shell redirect (>), -o, --output or similar.
It is not the same case for FTP upload as that operation does not spit out any response data to the terminal.
If you prefer a progress "bar" instead of the regular meter, -#, --progress-bar is your friend. You can also disable the progress meter completely with the -s, --silent option.
Options start with one or two dashes. Many of the options require an additional value next to them.
The short "single-dash" form of the options, -d for example, may be used with or without a space between it and its value, although a space is a recommended separator. The long "double-dash" form, -d, --data for example, requires a space between it and its value.
Short version options that don't need any additional values can be used immediately next to each other, like for example you can specify all the options -O, -L and -v at once as -OLv.
In general, all boolean options are enabled with --option and yet again disabled with --no-option. That is, you use the exact same option name but prefix it with "no-". However, in this list we mostly only list and show the --option version of them. (This concept with --no options was added in 7.19.0. Previously most options were toggled on/off on repeated use of the same command line option.)
Added in 7.53.0.
Using --anyauth is not recommended if you do uploads from stdin, since it may require data to be sent twice and then the client must be able to rewind. If the need should arise when uploading from stdin, the upload operation will fail.
Used together with -u, --user.
See also --proxy-anyauth and --basic and --digest.
Used together with -u, --user.
See also --proxy-basic.
curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set, and uses the given path as a path to a CA cert bundle. This option overrides that variable.
The windows version of curl will automatically look for a CA certs file named ´curl-ca-bundle.crt´, either in the same directory as curl.exe, or in the Current Working Directory, or in any folder along your PATH.
If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly.
(iOS and macOS only) If curl is built against Secure Transport, then this option is supported for backward compatibility with other SSL engines, but it should not be set. If the option is not set, then curl will use the certificates in the system and user Keychain to verify the peer, which is the preferred method of verifying the peer's certificate chain.
(Schannel only) This option is supported for Schannel in Windows 7 or later with libcurl 7.60 or later. This option is supported for backward compatibility with other SSL engines; instead it is recommended to use Windows' store of root certificates (the default for Schannel).
If this option is used several times, the last one will be used.
If this option is set, the default capath value will be ignored, and if it is used several times, the last one will be used.
If this option is enabled and the server sends an invalid (e.g. expired) response, if the response suggests that the server certificate has been revoked, or no response at all is received, the verification fails.
This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
Added in 7.41.0.
If this option is used several times, the last one will be used.
See also -E, --cert and --key and --key-type.
If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. If the nickname contains ":", it needs to be preceded by "\" so that it is not recognized as password delimiter. If the nickname contains "\", it needs to be escaped as "\\" so that it is not recognized as an escape character.
If curl is built against OpenSSL library, and the engine pkcs11 is available, then a PKCS#11 URI (RFC 7512) can be used to specify a certificate located in a PKCS#11 device. A string beginning with "pkcs11:" will be interpreted as a PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine option will be set as "pkcs11" if none was provided and the --cert-type option will be set as "ENG" if none was provided.
(iOS and macOS only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.
(Schannel only) Client certificates must be specified by a path expression to a certificate store. (Loading PFX is not supported; you can import it to a store first). You can use "<store location>\<store name>\<thumbprint>" to refer to a certificate in the system certificates store, for example, "CurrentUser\MY\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a". Thumbprint is usually a SHA-1 hex string which you can see in certificate details. Following store locations are supported: CurrentUser, LocalMachine, CurrentService, Services, CurrentUserGroupPolicy, LocalMachineGroupPolicy, LocalMachineEnterprise.
If this option is used several times, the last one will be used.
See also --cert-type and --key and --key-type.
https://curl.haxx.se/docs/ssl-ciphers.html
If this option is used several times, the last one will be used.
Added in 7.56.0.
Specify a text file to read curl arguments from. The command line arguments found in the text file will be used as if they were provided on the command line.
Options and their parameters must be specified on the same line in the file, separated by whitespace, colon, or the equals sign. Long option names can optionally be given in the config file without the initial double dashes and if so, the colon or equals characters can be used as separators. If the option is specified with one or two dashes, there can be no colon or equals character between the option and its parameter.
If the parameter is to contain whitespace, the parameter must be enclosed within quotes. Within double quotes, the following escape sequences are available: \\, \", \t, \n, \r and \v. A backslash preceding any other letter is ignored. If the first column of a config line is a '#' character, the rest of the line will be treated as a comment. Only write one option per physical line in the config file.
Specify the filename to -K, --config as '-' to make curl read the file from stdin.
Note that to be able to specify a URL in the config file, you need to specify it using the --url option, and not by simply writing the URL on its own line. So, it could look similar to this:
url = "https://curl.haxx.se/docs/"
When curl is invoked, it (unless -q, --disable is used) checks for a default config file and uses it if found. The default config file is checked for in the following places in this order:
1) curl tries to find the "home dir": It first checks for the CURL_HOME and then the HOME environment variables. Failing that, it uses getpwuid() on Unix-like systems (which returns the home dir given the current user in your system). On Windows, it then checks for the APPDATA variable, or as a last resort the '%USERPROFILE%\Application Data'.
2) On windows, if there is no _curlrc file in the home dir, it checks for one in the same dir the curl executable is placed. On Unix-like systems, it will simply try to load .curlrc from the determined home dir.
# --- Example file --- # this is a comment url = "example.com" output = "curlhere.html" user-agent = "superagent/1.0" # and fetch another URL too url = "example.com/docs/manpage.html" -O referer = "http://nowhereatall.example.com/" # --- End of example file ---
This option can be used multiple times to load multiple config files.
If this option is used several times, the last one will be used.
See also -m, --max-time.
For a request to the given HOST1:PORT1 pair, connect to HOST2:PORT2 instead. This option is suitable to direct requests at a specific server, e.g. at a specific cluster node in a cluster of servers. This option is only used to establish the network connection. It does NOT affect the hostname/port that is used for TLS/SSL (e.g. SNI, certificate verification) or for the application protocols. "HOST1" and "PORT1" may be the empty string, meaning "any host/port". "HOST2" and "PORT2" may also be the empty string, meaning "use the request's original host/port".
A "host" specified to this option is compared as a string, so it needs to match the name used in request URL. It can be either numerical such as "127.0.0.1" or the full host name such as "example.org".
This option can be used many times to add many connect rules.
See also --resolve and -H, --header. Added in 7.49.0.
Use "-C -" to tell curl to automatically find out where/how to resume the transfer. It then uses the given output/input files to figure that out.
If this option is used several times, the last one will be used.
See also -r, --range.
This command line option will activate the cookie engine that makes curl record and use cookies. Another way to activate it is to use the -b, --cookie option.
If the cookie jar can't be created or written to, the whole curl operation won't fail or even report an error clearly. Using -v, --verbose will get a warning displayed, but that is the only visible feedback you get about this possibly lethal situation.
If this option is used several times, the last specified file name will be used.
If no '=' symbol is used in the argument, it is instead treated as a filename to read previously stored cookie from. This option also activates the cookie engine which will make curl record incoming cookies, which may be handy if you're using this in combination with the -L, --location option or do multiple URL transfers on the same invoke. If the file name is exactly a minus ("-"), curl will instead the contents from stdin.
The file format of the file to read cookies from should be plain HTTP headers (Set-Cookie style) or the Netscape/Mozilla cookie file format.
The file specified with -b, --cookie is only used as input. No cookies will be written to the file. To store cookies, use the -c, --cookie-jar option.
Exercise caution if you are using this option and multiple transfers may occur. If you use the NAME1=VALUE1; format, or in a file use the Set-Cookie format and don't specify a domain, then the cookie is sent for any domain (even after redirects are followed) and cannot be modified by a server-set cookie. If the cookie engine is enabled and a server sets a cookie of the same name then both will be sent on a future transfer to that server, likely not what you intended. To address these issues set a domain in Set-Cookie (doing that will include sub domains) or use the Netscape format.
If this option is used several times, the last one will be used.
Users very often want to both read cookies from a file and write updated cookies back to a file, so using both -b, --cookie and -c, --cookie-jar in the same command line is common.
To create remote directories when using FTP or SFTP, try --ftp-create-dirs.
(SMTP added in 7.40.0)
If this option is used several times, the last one will be used.
Added in 7.19.7.
If you start the data with the letter @, the rest should be a filename. Data is posted in a similar manner as -d, --data does, except that newlines and carriage returns are preserved and conversions are never done.
Like -d, --data the default content-type sent to the server is application/x-www-form-urlencoded. If you want the data to be treated as arbitrary binary data by the server then set the content-type to octet-stream: -H "Content-Type: application/octet-stream".
If this option is used several times, the ones following the first will append data as described in -d, --data.
See also -d, --data. Added in 7.43.0.
To be CGI-compliant, the <data> part should begin with a name followed by a separator and a content specification. The <data> part can be passed to curl using one of the following syntaxes:
See also -d, --data and --data-raw. Added in 7.18.0.
--data-raw is almost the same but does not have a special interpretation of the @ character. To post data purely binary, you should instead use the --data-binary option. To URL-encode the value of a form field you may use --data-urlencode.
If any of these options is used more than once on the same command line, the data pieces specified will be merged together with a separating &-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post chunk that looks like 'name=daniel&skill=lousy'.
If you start the data with the letter @, the rest should be a file name to read the data from, or - if you want curl to read the data from stdin. Multiple files can also be specified. Posting data from a file named from a file like that, carriage returns and newlines will be stripped out. If you don't want the @ character to have a special interpretation use --data-raw instead.
See also --data-binary and --data-urlencode and --data-raw. This option overrides -F, --form and -I, --head and -T, --upload-file.
If this option is used several times, only the first one is used.
See also -u, --user and --proxy-digest and --anyauth. This option overrides --basic and --ntlm and --negotiate.
--eprt can be used to explicitly enable EPRT again and --no-eprt is an alias for --disable-eprt.
If the server is accessed using IPv6, this option will have no effect as EPRT is necessary then.
Disabling EPRT only changes the active behavior. If you want to switch to passive mode you need to not use -P, --ftp-port or force it with --ftp-pasv.
--epsv can be used to explicitly enable EPSV again and --no-epsv is an alias for --disable-epsv.
If the server is an IPv6 host, this option will have no effect as EPSV is necessary then.
Disabling EPSV only changes the passive behavior. If you want to switch to active mode you need to use -P, --ftp-port.
See also --proto. Added in 7.61.0.
See also --dns-ipv4-addr and --dns-ipv6-addr. --dns-interface requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
See also --dns-interface and --dns-ipv6-addr. --dns-ipv4-addr requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
See also --dns-interface and --dns-ipv4-addr. --dns-ipv6-addr requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
--dns-servers requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
If this option is used several times, the last one will be used.
This option is handy to use when you want to store the headers that an HTTP site sends to you. Cookies from the headers could then be read in a second curl invocation by using the -b, --cookie option! The -c, --cookie-jar option is a better way to store cookies.
When used in FTP, the FTP server response lines are considered being "headers" and thus are saved there.
If this option is used several times, the last one will be used.
See also -o, --output.
See also --random-file.
See also --connect-timeout. Added in 7.47.0.
When curl is used to do multiple transfers on the command line, it will attempt to operate on each given URL, one by one. By default, it will ignore errors if there are more URLs given and the last URL's success will determine the error code curl returns. So early failures will be "hidden" by subsequent successful transfers.
Using this option, curl will instead return an error on the first transfer that fails, independent of the amount of URLs that are given on the command line. This way, no transfer failures go undetected by scripts and similar.
This option is global and does not need to be specified for each use of -:, --next.
This option does not imply -f, --fail, which causes transfers to fail due to the server's HTTP status code. You can combine the two options, however note -f, --fail is not global and is therefore contained by -:, --next.
Added in 7.52.0.
This method is not fail-safe and there are occasions where non-successful response codes will slip through, especially when authentication is involved (response codes 401 and 407).
This is currently only implemented in the NSS and Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) backends.
Added in 7.42.0.
See also -F, --form.
For SMTP and IMAP protocols, this is the mean to compose a multipart mail message to transmit.
This enables uploading of binary files etc. To force the 'content' part to be a file, prefix the file name with an @ sign. To just get the content part from a file, prefix the file name with the symbol <. The difference between @ and < is then that @ makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file.
Tell curl to read content from stdin instead of a file by using - as filename. This goes for both @ and < constructs. When stdin is used, the contents is buffered in memory first by curl to determine its size and allow a possible resend. Defining a part's data from a named non-regular file (such as a named pipe or similar) is unfortunately not subject to buffering and will be effectively read at transmission time; since the full size is unknown before the transfer starts, such data is sent as chunks by HTTP and rejected by IMAP.
Example: send an image to an HTTP server, where 'profile' is the name of the form-field to which the file portrait.jpg will be the input:
curl -F profile=@portrait.jpg https://example.com/upload.cgi
Example: send a your name and shoe size in two text fields to the server:
curl -F name=John -F shoesize=11 https://example.com/
Example: send a your essay in a text field to the server. Send it as a plain text field, but get the contents for it from a local file:
curl -F "story=<hugefile.txt" https://example.com/
You can also tell curl what Content-Type to use by using 'type=', in a manner similar to:
curl -F "web=@index.html;type=text/html" example.com
or
curl -F "name=daniel;type=text/foo" example.com
You can also explicitly change the name field of a file upload part by setting filename=, like this:
curl -F "file=@localfile;filename=nameinpost" example.com
If filename/path contains ',' or ';', it must be quoted by double-quotes like:
curl -F
"file=@\"localfile\";filename=\"nameinpost\""
example.com
or
curl -F 'file=@"localfile";filename="nameinpost"'
example.com
Note that if a filename/path is quoted by double-quotes, any double-quote or backslash within the filename must be escaped by backslash.
Quoting must also be applied to non-file data if it contains semicolons, leading/trailing spaces or leading double quotes:
curl -F 'colors="red; green; blue";type=text/x-myapp'
example.com
You can add custom headers to the field by setting headers=, like
curl -F "submit=OK;headers=\"X-submit-type: OK\""
example.com
or
curl -F "submit=OK;headers=@headerfile" example.com
The headers= keyword may appear more that once and above notes about quoting apply. When headers are read from a file, Empty lines and lines starting with '#' are comments and ignored; each header can be folded by splitting between two words and starting the continuation line with a space; embedded carriage-returns and trailing spaces are stripped. Here is an example of a header file contents:
# This file contain two headers.
X-header-1: this is a header
# The following header is folded.
X-header-2: this is
another header
To support sending multipart mail messages, the syntax is
extended as follows:
- name can be omitted: the equal sign is the first character of the
argument,
- if data starts with '(', this signals to start a new multipart: it can
be followed by a content type specification.
- a multipart can be terminated with a '=)' argument.
Example: the following command sends an SMTP mime e-mail consisting in an inline part in two alternative formats: plain text and HTML. It attaches a text file:
curl -F '=(;type=multipart/alternative' \
-F '=plain text message' \
-F '= <body>HTML message</body>;type=text/html' \
-F '=)' -F '=@textfile.txt' ... smtp://example.com
Data can be encoded for transfer using encoder=. Available encodings are binary and 8bit that do nothing else than adding the corresponding Content-Transfer-Encoding header, 7bit that only rejects 8-bit characters with a transfer error, quoted-printable and base64 that encodes data according to the corresponding schemes, limiting lines length to 76 characters.
Example: send multipart mail with a quoted-printable text message and a base64 attached file:
curl -F '=text message;encoder=quoted-printable' \
-F '=@localfile;encoder=base64' ... smtp://example.com
See further examples and details in the MANUAL.
This option can be used multiple times.
This option overrides -d, --data and -I, --head and -T, --upload-file.
If this option is used several times, the last one will be used.
Added in 7.13.0.
Added in 7.15.5.
See also --create-dirs.
Added in 7.15.1.
If this option is used several times, only the first one is used. Undoing an enforced passive really isn't doable but you must then instead enforce the correct -P, --ftp-port again.
Passive mode means that curl will try the EPSV command first and then PASV, unless --disable-epsv is used.
See also --disable-epsv. Added in 7.11.0.
If this option is used several times, the last one will be used. Disable the use of PORT with --ftp-pasv. Disable the attempt to use the EPRT command instead of PORT by using --disable-eprt. EPRT is really PORT++.
Since 7.19.5, you can append ":[start]-[end]" to the right of the address, to tell curl what TCP port range to use. That means you specify a port range, from a lower to a higher number. A single number works as well, but do note that it increases the risk of failure since the port may not be available.
See also --ftp-pasv and --disable-eprt.
Added in 7.20.0.
This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
See also --ftp-pasv. Added in 7.14.2.
See also --ftp-ssl-ccc. Added in 7.16.2.
See also --ssl and --ftp-ssl-ccc-mode. Added in 7.16.1.
Added in 7.16.0.
If used in combination with -I, --head, the POST data will instead be appended to the URL with a HEAD request.
If this option is used several times, only the first one is used. This is because undoing a GET doesn't make sense, but you should then instead enforce the alternative method you prefer.
The range of suggested useful values is limited. Happy Eyeballs RFC 6555 says "It is RECOMMENDED that connection attempts be paced 150-250 ms apart to balance human factors against network load." libcurl currently defaults to 200 ms. Firefox and Chrome currently default to 300 ms.
If this option is used several times, the last one will be used.
Added in 7.59.0.
This option is primarily useful when sending test requests to a service that expects this header.
Added in 7.60.0.
curl will make sure that each header you add/replace is sent with the proper end-of-line marker, you should thus not add that as a part of the header content: do not add newlines or carriage returns, they will only mess things up for you.
Starting in 7.55.0, this option can take an argument in @filename style, which then adds a header for each line in the input file. Using @- will make curl read the header file from stdin.
See also the -A, --user-agent and -e, --referer options.
Starting in 7.37.0, you need --proxy-header to send custom headers intended for a proxy.
Example:
curl -H "X-First-Name: Joe" http://example.com/
WARNING: headers set with this option will be set in all requests - even after redirects are followed, like when told with -L, --location. This can lead to the header being sent to other hosts than the original host, so sensitive headers should be used with caution combined with following redirects.
This option can be used multiple times to add/replace/remove multiple headers.
Added in 7.17.1.
HTTP/0.9 is a completely headerless response and therefore you can also connect with this to non-HTTP servers and still get a response since curl will simply transparently downgrade - if allowed.
A future curl version will deny continuing if the response isn't at least HTTP/1.0 unless this option is used.
This option overrides --http1.1 and --http2.
This option overrides -0, --http1.0 and --http2. Added in 7.33.0.
--http2-prior-knowledge requires that the underlying libcurl was built to support HTTP/2. This option overrides --http1.1 and -0, --http1.0 and --http2. Added in 7.49.0.
See also --no-alpn. --http2 requires that the underlying libcurl was built to support HTTP/2. This option overrides --http1.1 and -0, --http1.0 and --http2-prior-knowledge. Added in 7.33.0.
For FTP (since 7.46.0), skip the RETR command to figure out the size before downloading a file.
To view the request headers, consider the -v, --verbose option.
See also -v, --verbose.
The server connection is verified by making sure the server's certificate contains the right name and verifies successfully using the cert store.
See this online resource for further details:
https://curl.haxx.se/docs/sslcerts.html
See also --proxy-insecure and --cacert.
Perform an operation using a specified interface. You can enter interface name, IP address or host name. An example could look like:
curl --interface eth0:1 https://www.example.com/
If this option is used several times, the last one will be used.
On Linux it can be used to specify a VRF, but the binary needs to either have CAP_NET_RAW or to be run as root. More information about Linux VRF: https://www.kernel.org/doc/Documentation/networking/vrf.txt
See also --dns-interface.
See also --http1.1 and --http2. This option overrides -6, --ipv6.
See also --http1.1 and --http2. This option overrides -4, --ipv4.
See also -b, --cookie and -c, --cookie-jar.
If this option is used several times, the last one will be used. If unspecified, the option defaults to 60 seconds.
Added in 7.18.0.
If this option is used several times, the last one will be used.
If curl is built against OpenSSL library, and the engine pkcs11 is available, then a PKCS#11 URI (RFC 7512) can be used to specify a private key located in a PKCS#11 device. A string beginning with "pkcs11:" will be interpreted as a PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine option will be set as "pkcs11" if none was provided and the --key-type option will be set as "ENG" if none was provided.
If this option is used several times, the last one will be used.
If this option is used several times, the last one will be used.
--krb requires that the underlying libcurl was built to support Kerberos.
If this option is used several times, the last given file name will be used.
Added in 7.16.1.
The given speed is measured in bytes/second, unless a suffix is appended. Appending 'k' or 'K' will count the number as kilobytes, 'm' or 'M' makes it megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G.
If you also use the -Y, --speed-limit option, that option will take precedence and might cripple the rate-limiting slightly, to help keeping the speed-limit logic working.
If this option is used several times, the last one will be used.
Note: Some FTP servers list only files in their response to NLST; they do not include sub-directories and symbolic links.
(POP3) When retrieving a specific email from POP3, this switch forces a LIST command to be performed instead of RETR. This is particularly useful if the user wants to see if a specific message id exists on the server and what size it is.
Note: When combined with -X, --request, this option can be used to send an UIDL command instead, so the user may use the email's unique identifier rather than it's message id to make the request.
Added in 7.21.5.
Added in 7.15.2.
See also -u, --user.
When curl follows a redirect and the request is not a plain GET (for example POST or PUT), it will do the following request with a GET if the HTTP response was 301, 302, or 303. If the response code was any other 3xx code, curl will re-send the following request using the same unmodified method.
You can tell curl to not change the non-GET request method to GET after a 30x response by using the dedicated options for that: --post301, --post302 and --post303.
You can use the login options to specify protocol specific options that may be used during authentication. At present only IMAP, POP3 and SMTP support login options. For more information about the login options please see RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt
If this option is used several times, the last one will be used.
Added in 7.34.0.
See also --mail-rcpt and --mail-from. Added in 7.25.0.
See also --mail-rcpt and --mail-auth. Added in 7.20.0.
When performing a mail transfer, the recipient should specify a valid email address to send the mail to.
When performing an address verification (VRFY command), the recipient should be specified as the user name or user name and domain (as per Section 3.5 of RFC5321). (Added in 7.34.0)
When performing a mailing list expand (EXPN command), the recipient should be specified using the mailing list name, such as "Friends" or "London-Office". (Added in 7.34.0)
Added in 7.20.0.
A size modifier may be used. For example, Appending 'k' or 'K' will count the number as kilobytes, 'm' or 'M' makes it megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G. (Added in 7.58.0)
NOTE: The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers.
See also --limit-rate.
If this option is used several times, the last one will be used.
If this option is used several times, the last one will be used.
See also --connect-timeout.
Example to use a remote Metalink file:
curl --metalink http://www.example.com/example.metalink
To use a Metalink file in the local file system, use FILE protocol (file://):
curl --metalink file://example.metalink
Please note that if FILE protocol is disabled, there is no way to use a local Metalink file at the time of this writing. Also note that if --metalink and -i, --include are used together, --include will be ignored. This is because including headers in the response will break Metalink parser and if the headers are included in the file described in Metalink file, hash check will fail.
--metalink requires that the underlying libcurl was built to support metalink. Added in 7.27.0.
This option requires a library built with GSS-API or SSPI support. Use -V, --version to see if your curl supports GSS-API/SSPI or SPNEGO.
When using this option, you must also provide a fake -u, --user option to activate the authentication code properly. Sending a '-u :' is enough as the user name and password from the -u, --user option aren't actually used.
If this option is used several times, only the first one is used.
See also --basic and --ntlm and --anyauth and --proxy-negotiate.
It will abide by --netrc-optional if specified.
This option overrides -n, --netrc. Added in 7.21.5.
See also --netrc-file. This option overrides -n, --netrc.
A quick and very simple example of how to setup a .netrc to allow curl to FTP to the machine host.domain.com with user name 'myself' and password 'secret' should look similar to:
machine host.domain.com login myself password secret
-:, --next will reset all local options and only global ones will have their values survive over to the operation following the -:, --next instruction. Global options include -v, --verbose, --trace, --trace-ascii and --fail-early.
For example, you can do both a GET and a POST in a single command line:
curl www1.example.com --next -d postthis www2.example.com
Added in 7.36.0.
See also --no-npn and --http2. --no-alpn requires that the underlying libcurl was built to support TLS. Added in 7.36.0.
Note that this is the negated option name documented. You can thus use --buffer to enforce the buffering.
Note that this is the negated option name documented. You can thus use --keepalive to enforce keepalive.
See also --no-alpn and --http2. --no-npn requires that the underlying libcurl was built to support TLS. Added in 7.36.0.
Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
Added in 7.16.0.
Since 7.53.0, This option overrides the environment variables that disable the proxy. If there's an environment variable disabling a proxy, you can set noproxy list to "" to override it.
Added in 7.19.4.
See also --ntlm and --proxy-ntlm.
If you want to enable NTLM for your proxy authentication, then use --proxy-ntlm.
If this option is used several times, only the first one is used.
See also --proxy-ntlm. --ntlm requires that the underlying libcurl was built to support TLS. This option overrides --basic and --negotiate and --digest and --anyauth.
The Bearer Token and user name are formatted according to RFC 6750.
If this option is used several times, the last one will be used.
curl http://{one,two}.example.com -o "file_#1.txt"
or use several variables like:
curl http://{site,host}.host[1-5].com -o "#1_#2"
You may use this option as many times as the number of URLs you have. For example, if you specify two URLs on the same command line, you can use it like this:
curl -o aa example.com -o bb example.net
and the order of the -o options and the URLs doesn't matter, just that the first -o is for the first URL and so on, so the above command line can also be written as
curl example.com example.net -o aa -o bb
See also the --create-dirs option to create the local directories dynamically. Specifying the output as '-' (a single dash) will force the output to be done to stdout.
See also -O, --remote-name and --remote-name-all and -J, --remote-header-name.
If this option is used several times, the last one will be used.
Added in 7.42.0.
When negotiating a TLS or SSL connection, the server sends a certificate indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key provided to this option, curl will abort the connection before sending or receiving any data.
PEM/DER support:
7.39.0: OpenSSL, GnuTLS and GSKit
7.43.0: NSS and wolfSSL/CyaSSL
7.47.0: mbedtls
7.49.0: PolarSSL sha256 support:
7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
7.47.0: mbedtls
7.49.0: PolarSSL Other SSL backends not supported.
If this option is used several times, the last one will be used.
See also --post302 and --post303 and -L, --location. Added in 7.17.1.
See also --post301 and --post303 and -L, --location. Added in 7.19.1.
See also --post302 and --post301 and -L, --location. Added in 7.26.0.
The pre proxy string should be specified with a protocol:// prefix to specify alternative proxy protocols. Use socks4://, socks4a://, socks5:// or socks5h:// to request the specific SOCKS version to be used. No protocol specified will make curl default to SOCKS4.
If the port number is not specified in the proxy string, it is assumed to be 1080.
User and password that might be provided in the proxy string are URL decoded by curl. This allows you to pass in special characters such as @ by using %40 or pass in a colon with %3a.
If this option is used several times, the last one will be used.
Added in 7.52.0.
This progress bar draws a single line of '#' characters across the screen and shows a percentage if the transfer size is known. For transfers without a known size, there will be space ship (-=o=-) that moves back and forth but only while data is being transferred, with a set of flying hash sign symbols on top.
Example:
curl --proto-default https ftp.mozilla.org
An unknown or unsupported protocol causes error CURLE_UNSUPPORTED_PROTOCOL (1).
This option does not change the default proxy protocol (http).
Without this option curl would make a guess based on the host, see --url for details.
Added in 7.45.0.
Example, allow only HTTP and HTTPS on redirect:
curl --proto-redir -all,http,https http://example.com
By default curl will allow all protocols on redirect except several disabled for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0 SMB and SMBS are also disabled. Specifying all or +all enables all protocols on redirect, including those disabled for security.
Added in 7.20.2.
Unknown protocols produce a warning. This allows scripts to safely rely on being able to disable potentially dangerous protocols, without relying upon support for that protocol being built into curl to avoid an error.
This option can be used multiple times, in which case the effect is the same as concatenating the protocols into one instance of the option.
See also --proto-redir and --proto-default. Added in 7.20.2.
See also -x, --proxy and --proxy-basic and --proxy-digest. Added in 7.13.2.
See also -x, --proxy and --proxy-anyauth and --proxy-digest.
See also --proxy-capath and --cacert and --capath and -x, --proxy. Added in 7.52.0.
See also --proxy-cacert and -x, --proxy and --capath. Added in 7.52.0.
Added in 7.52.0.
Added in 7.52.0.
Added in 7.52.0.
Added in 7.52.0.
See also -x, --proxy and --proxy-anyauth and --proxy-basic.
curl will make sure that each header you add/replace is sent with the proper end-of-line marker, you should thus not add that as a part of the header content: do not add newlines or carriage returns, they will only mess things up for you.
Headers specified with this option will not be included in requests that curl knows will not be sent to a proxy.
Starting in 7.55.0, this option can take an argument in @filename style, which then adds a header for each line in the input file. Using @- will make curl read the header file from stdin.
This option can be used multiple times to add/replace/remove multiple headers.
Added in 7.37.0.
Added in 7.52.0.
Added in 7.52.0.
See also --proxy-anyauth and --proxy-basic. Added in 7.17.1.
See also --proxy-negotiate and --proxy-anyauth.
Added in 7.52.0.
When negotiating a TLS or SSL connection, the server sends a certificate indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key provided to this option, curl will abort the connection before sending or receiving any data.
If this option is used several times, the last one will be used.
Added in 7.43.0.
Added in 7.52.0.
https://curl.haxx.se/docs/ssl-ciphers.html
If this option is used several times, the last one will be used.
Added in 7.52.0.
Added in 7.52.0.
Added in 7.52.0.
Added in 7.52.0.
If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-U :".
If this option is used several times, the last one will be used.
The proxy string can be specified with a protocol:// prefix. No protocol specified or http:// will be treated as HTTP proxy. Use socks4://, socks4a://, socks5:// or socks5h:// to request a specific SOCKS version to be used. (The protocol support was added in curl 7.21.7)
HTTPS proxy support via https:// protocol prefix was added in 7.52.0 for OpenSSL, GnuTLS and NSS.
Unrecognized and unsupported proxy protocols cause an error since 7.52.0. Prior versions may ignore the protocol and use http:// instead.
If the port number is not specified in the proxy string, it is assumed to be 1080.
This option overrides existing environment variables that set the proxy to use. If there's an environment variable setting a proxy, you can set proxy to "" to override it.
All operations that are performed over an HTTP proxy will transparently be converted to HTTP. It means that certain protocol specific operations might not be available. This is not the case if you can tunnel through the proxy, as one with the -p, --proxytunnel option.
User and password that might be provided in the proxy string are URL decoded by curl. This allows you to pass in special characters such as @ by using %40 or pass in a colon with %3a.
The proxy host can be specified the exact same way as the proxy environment variables, including the protocol prefix (http://) and the embedded user + password.
If this option is used several times, the last one will be used.
The only difference between this and the HTTP proxy option -x, --proxy, is that attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol instead of the default HTTP 1.1.
To suppress proxy CONNECT response headers when curl is set to output headers use --suppress-connect-headers.
See also -x, --proxy.
If this option is used several times, the last one will be used.
(As of 7.39.0, curl attempts to automatically extract the public key from the private key file, so passing this option is generally not required. Note that this public key extraction requires libcurl to be linked against a copy of libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
If the server returns failure for one of the commands, the entire operation will be aborted. You must send syntactically correct FTP commands as RFC 959 defines to FTP servers, or one of the commands listed below to SFTP servers.
This option can be used multiple times. When speaking to an FTP server, prefix the command with an asterisk (*) to make curl continue even if the command fails as by default curl will stop at first failure.
SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands itself before sending them to the server. File names may be quoted shell-style to embed spaces or special characters. Following is the list of all supported SFTP quote commands:
Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the 'start-stop' range syntax. If a non-digit character is given in the range, the server's response will be unspecified, depending on the server's configuration.
You should also be aware that many HTTP/1.1 servers do not have this feature enabled, so that when you attempt to get a range, you'll instead get the whole document.
FTP and SFTP range downloads only support the simple 'start-stop' syntax (optionally with one of the numbers omitted). FTP use depends on the extended FTP command SIZE.
If this option is used several times, the last one will be used.
Added in 7.16.2.
If this option is used several times, the last one will be used.
See also -A, --user-agent and -H, --header.
If the server specifies a file name and a file with that name already exists in the current working directory it will not be overwritten and an error will occur. If the server doesn't specify a file name then this option has no effect.
There's no attempt to decode %-sequences (yet) in the provided file name, so this option may provide you with rather unexpected file names.
WARNING: Exercise judicious use of this option, especially on Windows. A rogue server could send you the name of a DLL or other file that could possibly be loaded automatically by Windows or some third party software.
Added in 7.19.0.
The file will be saved in the current working directory. If you want the file saved in a different directory, make sure you change the current working directory before invoking curl with this option.
The remote file name to use for saving is extracted from the given URL, nothing else, and if it already exists it will be overwritten. If you want the server to be able to choose the file name refer to -J, --remote-header-name which can be used in addition to this option. If the server chooses a file name and that name already exists it will not be overwritten.
There is no URL decoding done on the file name. If it has %20 or other URL encoded parts of the name, they will end up as-is as file name.
You may use this option as many times as the number of URLs you have.
Added in 7.55.0.
Normally you don't need this option. All sorts of GET, HEAD, POST and PUT requests are rather invoked by using dedicated command line options.
This option only changes the actual word used in the HTTP request, it does not alter the way curl behaves. So for example if you want to make a proper HEAD request, using -X HEAD will not suffice. You need to use the -I, --head option.
The method string you set with -X, --request will be used for all requests, which if you for example use -L, --location may cause unintended side-effects when curl doesn't change request method according to the HTTP 30x response codes - and similar.
(FTP) Specifies a custom FTP command to use instead of LIST when doing file lists with FTP.
(POP3) Specifies a custom POP3 command to use instead of LIST or RETR. (Added in 7.26.0)
(IMAP) Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
(SMTP) Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in 7.34.0)
If this option is used several times, the last one will be used.
By specifying '*' as host you can tell curl to resolve any host and specific port pair to the specified address. Wildcard is resolved last so any --resolve with a specific host and port will be used first.
The provided address set by this option will be used even if -4, --ipv4 or -6, --ipv6 is set to make curl use another IP version.
Support for providing the IP address within [brackets] was added in 7.57.0.
Support for providing multiple IP addresses per entry was added in 7.59.0.
Support for resolving with wildcard was added in 7.64.0.
This option can be used many times to add many host names to resolve.
Added in 7.21.3.
Added in 7.52.0.
If this option is used several times, the last one will be used.
Added in 7.12.3.
If this option is used several times, the last one will be used.
Added in 7.12.3.
When curl is about to retry a transfer, it will first wait one second and then for all forthcoming retries it will double the waiting time until it reaches 10 minutes which then will be the delay between the rest of the retries. By using --retry-delay you disable this exponential backoff algorithm. See also --retry-max-time to limit the total time allowed for retries.
If this option is used several times, the last one will be used.
Added in 7.12.3.
Added in 7.31.0.
Examples: --negotiate --service-name sockd would use sockd/server-name.
Added in 7.43.0.
Use -S, --show-error in addition to this option to disable progress meter but still show error messages.
See also -v, --verbose and --stderr.
This option overrides any previous use of -x, --proxy, as they are mutually exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks4 proxy with -x, --proxy using a socks4:// protocol prefix.
Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time -x, --proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
If this option is used several times, the last one will be used.
Added in 7.15.2.
This option overrides any previous use of -x, --proxy, as they are mutually exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks4a proxy with -x, --proxy using a socks4a:// protocol prefix.
Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time -x, --proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
If this option is used several times, the last one will be used.
Added in 7.18.0.
Added in 7.55.0.
Added in 7.19.4.
Examples: --socks5 proxy-name --socks5-gssapi-service sockd would use sockd/proxy-name --socks5 proxy-name --socks5-gssapi-service sockd/real-name would use sockd/real-name for cases where the proxy-name does not match the principal name.
Added in 7.19.4.
Added in 7.55.0.
This option overrides any previous use of -x, --proxy, as they are mutually exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks5 hostname proxy with -x, --proxy using a socks5h:// protocol prefix.
Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time -x, --proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
If this option is used several times, the last one will be used.
Added in 7.18.0.
This option overrides any previous use of -x, --proxy, as they are mutually exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks5 proxy with -x, --proxy using a socks5:// protocol prefix.
Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time -x, --proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
If this option is used several times, the last one will be used.
This option (as well as --socks4) does not work with IPV6, FTPS or LDAP.
Added in 7.18.0.
If this option is used several times, the last one will be used.
This option controls transfers and thus will not affect slow connects etc. If this is a concern for you, try the --connect-timeout option.
If this option is used several times, the last one will be used.
Added in 7.25.0.
Added in 7.44.0.
This option was formerly known as --ftp-ssl-reqd.
Added in 7.20.0.
This option was formerly known as --ftp-ssl (Added in 7.11.0). That option name can still be used but will be removed in a future version.
Added in 7.20.0.
See also --http1.1 and --http2. -2, --sslv2 requires that the underlying libcurl was built to support TLS. This option overrides -3, --sslv3 and -1, --tlsv1 and --tlsv1.1 and --tlsv1.2.
See also --http1.1 and --http2. -3, --sslv3 requires that the underlying libcurl was built to support TLS. This option overrides -2, --sslv2 and -1, --tlsv1 and --tlsv1.1 and --tlsv1.2.
If this option is used several times, the last one will be used.
See also -v, --verbose and -s, --silent.
Added in 7.61.0.
See also -D, --dump-header and -i, --include and -p, --proxytunnel.
Added in 7.49.0.
Since 7.50.2, curl sets this option by default and you need to explicitly switch it off if you don't want it on.
Added in 7.11.2.
TTYPE=<term> Sets the terminal type.
XDISPLOC=<X display> Sets the X display location.
NEW_ENV=<var,val> Sets an environment variable.
If this option is used several times, the last one will be used.
Added in 7.20.0.
This option improves interop with some legacy servers that do not acknowledge or properly implement TFTP options. When this option is used --tftp-blksize is ignored.
Added in 7.48.0.
Start the date expression with a dash (-) to make it request for a document that is older than the given date/time, default is a document that is newer than the specified date/time.
If this option is used several times, the last one will be used.
See also --tlsv1.0 and --tlsv1.1 and --tlsv1.2 and --tlsv1.3. --tls-max requires that the underlying libcurl was built to support TLS. Added in 7.54.0.
https://curl.haxx.se/docs/ssl-ciphers.html
If this option is used several times, the last one will be used.
Added in 7.21.4.
Added in 7.21.4.
Added in 7.21.4.
Added in 7.34.0.
Added in 7.34.0.
Added in 7.34.0.
Note that TLS 1.3 is only supported by a subset of TLS backends. At the time of this writing, they are BoringSSL, NSS, and Secure Transport (on iOS 11 or later, and macOS 10.13 or later).
Added in 7.52.0.
See also --http1.1 and --http2. -1, --tlsv1 requires that the underlying libcurl was built to support TLS. This option overrides --tlsv1.1 and --tlsv1.2 and --tlsv1.3.
Added in 7.21.6.
This is very similar to --trace, but leaves out the hex part and only shows the ASCII part of the dump. It makes smaller output that might be easier to read for untrained humans.
If this option is used several times, the last one will be used.
This option overrides --trace and -v, --verbose.
Added in 7.14.0.
If this option is used several times, the last one will be used.
This option overrides -v, --verbose and --trace-ascii.
Added in 7.40.0.
Use the file name "-" (a single dash) to use stdin instead of a given file. Alternately, the file name "." (a single period) may be specified instead of "-" to use stdin in non-blocking mode to allow reading server output while stdin is being uploaded.
You can specify one -T, --upload-file for each URL on the command line. Each -T, --upload-file + URL pair specifies what to upload and to where. curl also supports "globbing" of the -T, --upload-file argument, meaning that you can upload multiple files to a single URL by using the same URL globbing style supported in the URL, like this:
curl --upload-file "{file1,file2}" http://www.example.com
or even
curl -T "img[1-1000].png" ftp://ftp.example.com/upload/
When uploading to an SMTP server: the uploaded data is assumed to be RFC 5322 formatted. It has to feature the necessary set of headers and mail body formatted correctly by the user as curl will not transcode nor encode it further in any way.
If the given URL is missing a scheme name (such as "http://" or "ftp://" etc) then curl will make a guess based on the host. If the outermost sub-domain name matches DICT, FTP, IMAP, LDAP, POP3 or SMTP then that protocol will be used, otherwise HTTP will be used. Since 7.45.0 guessing can be disabled by setting a default protocol, see --proto-default for details.
This option may be used any number of times. To control where this URL is written, use the -o, --output or the -O, --remote-name options.
If this option is used several times, the last one will be used.
If you simply specify the user name, curl will prompt for a password.
The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still.
When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to successfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.
When using NTLM, the user name can be specified simply as the user name, without the domain, if there is a single domain and forest in your setup for example.
To specify the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLE\user and user@example.com respectively.
If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".
If this option is used several times, the last one will be used.
If you only want HTTP headers in the output, -i, --include might be the option you're looking for.
If you think this option still doesn't give you enough details, consider using --trace or --trace-ascii instead.
Use -s, --silent to make curl really quiet.
See also -i, --include. This option overrides --trace and --trace-ascii.
The first line includes the full version of curl, libcurl and other 3rd party libraries linked with the executable.
The second line (starts with "Protocols:") shows all protocols that libcurl reports to support.
The third line (starts with "Features:") shows specific features libcurl reports to offer. Available features include:
The variables present in the output format will be substituted by the value or text that curl thinks fit, as described below. All variables are specified as %{variable_name} and to output a normal % you just write them as %%. You can output a newline by using \n, a carriage return with \r and a tab space with \t.
The output will be written to standard output, but this can be switched to standard error by using %{stderr}.
NOTE: The %-symbol is a special symbol in the win32-environment, where all occurrences of % must be doubled when using this option.
The variables available are:
~/.curlrc
The environment variables can be specified in lower case or upper case. The lower case version has precedence. http_proxy is an exception as it is only available in lower case.
Using an environment variable to set the proxy has the same effect as using the -x, --proxy option.
This environment variable disables use of the proxy even when specified with the -x, --proxy option. That is NO_PROXY=direct.example.com curl -x http://proxy.example.com http://direct.example.com accesses the target URL directly, and NO_PROXY=direct.example.com curl -x http://proxy.example.com http://somewhere.example.com accesses the target URL through the proxy.
The list of host names can also be include numerical IP addresses, and IPv6 versions should then be given without enclosing brackets.
Since curl version 7.21.7, the proxy string may be specified with a protocol:// prefix to specify alternative proxy protocols.
If no protocol is specified in the proxy string or if the string doesn't match a supported one, the proxy will be treated as an HTTP proxy.
The supported proxy protocol prefixes are as follows:
There are a bunch of different error codes and their corresponding error messages that may appear during bad conditions. At the time of this writing, the exit codes are:
Daniel Stenberg is the main author, but the whole list of contributors is found in the separate THANKS file.
https://curl.haxx.se
November 16, 2016 | Curl 7.64.0 |