1 .\" **************************************************************************
3 .\" * Project ___| | | | _ \| |
4 .\" * / __| | | | |_) | |
5 .\" * | (__| |_| | _ <| |___
6 .\" * \___|\___/|_| \_\_____|
8 .\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
10 .\" * This software is licensed as described in the file COPYING, which
11 .\" * you should have received as part of this distribution. The terms
12 .\" * are also available at https://curl.haxx.se/docs/copyright.html.
14 .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 .\" * copies of the Software, and permit persons to whom the Software is
16 .\" * furnished to do so, under the terms of the COPYING file.
18 .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 .\" * KIND, either express or implied.
21 .\" **************************************************************************
23 .\" DO NOT EDIT. Generated by the curl project gen.pl man page generator.
25 .TH curl 1 "November 16, 2016" "Curl 7.59.0" "Curl Manual"
28 curl \- transfer a URL
34 is a tool to transfer data from or to a server, using one of the supported
35 protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP,
36 LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET
37 and TFTP). The command is designed to work without user interaction.
39 curl offers a busload of useful tricks like proxy support, user
40 authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
41 resume, Metalink, and more. As you will see below, the number of features will
44 curl is powered by libcurl for all transfer-related features. See
45 \fIlibcurl(3)\fP for details.
47 The URL syntax is protocol-dependent. You'll find a detailed description in
50 You can specify multiple URLs or parts of URLs by writing part sets within
53 http://site.{one,two,three}.com
55 or you can get sequences of alphanumeric series by using [] as in:
57 ftp://ftp.example.com/file[1-100].txt
59 ftp://ftp.example.com/file[001-100].txt (with leading zeros)
61 ftp://ftp.example.com/file[a-z].txt
63 Nested sequences are not supported, but you can use several ones next to each
66 http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
68 You can specify any amount of URLs on the command line. They will be fetched
69 in a sequential manner in the specified order.
71 You can specify a step counter for the ranges to get every Nth number or
74 http://example.com/file[1-100:10].txt
76 http://example.com/file[a-z:2].txt
78 When using [] or {} sequences when invoked from a command line prompt, you
79 probably have to put the full URL within double quotes to avoid the shell from
80 interfering with it. This also goes for other characters treated special, like
81 for example '&', '?' and '*'.
83 Provide the IPv6 zone index in the URL with an escaped percentage sign and the
84 interface name. Like in
86 http://[fe80::3%25eth0]/
88 If you specify URL without protocol:// prefix, curl will attempt to guess what
89 protocol you might want. It will then default to HTTP but try other protocols
90 based on often-used host name prefixes. For example, for host names starting
91 with "ftp." curl will assume you want to speak FTP.
93 curl will do its best to use what you pass to it as a URL. It is not trying to
94 validate it as a syntactically correct URL by any means but is instead
95 \fBvery\fP liberal with what it accepts.
97 curl will attempt to re-use connections for multiple file transfers, so that
98 getting many files from the same server will not do multiple connects /
99 handshakes. This improves speed. Of course this is only done on files
100 specified on a single command line and cannot be used between separate curl
103 curl normally displays a progress meter during operations, indicating the
104 amount of transferred data, transfer speeds and estimated time left, etc. The
105 progress meter displays number of bytes and the speeds are in bytes per
106 second. The suffixes (k, M, G, T, P) are 1024 based. For example 1k is 1024
107 bytes. 1M is 1048576 bytes.
109 curl displays this data to the terminal by default, so if you invoke curl to
110 do an operation and it is about to write data to the terminal, it
111 \fIdisables\fP the progress meter as otherwise it would mess up the output
112 mixing progress meter and response data.
114 If you want a progress meter for HTTP POST or PUT requests, you need to
115 redirect the response output to a file, using shell redirect (>), \fI-o, --output\fP or
118 It is not the same case for FTP upload as that operation does not spit out
119 any response data to the terminal.
121 If you prefer a progress "bar" instead of the regular meter, \fI-#, --progress-bar\fP is
122 your friend. You can also disable the progress meter completely with the
123 \fI-s, --silent\fP option.
125 Options start with one or two dashes. Many of the options require an
126 additional value next to them.
128 The short "single-dash" form of the options, -d for example, may be used with
129 or without a space between it and its value, although a space is a recommended
130 separator. The long "double-dash" form, \fI-d, --data\fP for example, requires a space
131 between it and its value.
133 Short version options that don't need any additional values can be used
134 immediately next to each other, like for example you can specify all the
135 options -O, -L and -v at once as -OLv.
137 In general, all boolean options are enabled with --\fBoption\fP and yet again
138 disabled with --\fBno-\fPoption. That is, you use the exact same option name
139 but prefix it with "no-". However, in this list we mostly only list and show
140 the --option version of them. (This concept with --no options was added in
141 7.19.0. Previously most options were toggled on/off on repeated use of the
142 same command line option.)
143 .IP "--abstract-unix-socket <path>"
144 (HTTP) Connect through an abstract Unix domain socket, instead of using the network.
145 Note: netstat shows the path of an abstract socket prefixed with '@', however
146 the <path> argument should not have this leading character.
150 (HTTP) Tells curl to figure out authentication method by itself, and use the most
151 secure one the remote site claims to support. This is done by first doing a
152 request and checking the response-headers, thus possibly inducing an extra
153 network round-trip. This is used instead of setting a specific authentication
154 method, which you can do with \fI--basic\fP, \fI--digest\fP, \fI--ntlm\fP, and \fI--negotiate\fP.
156 Using \fI--anyauth\fP is not recommended if you do uploads from stdin, since it may
157 require data to be sent twice and then the client must be able to rewind. If
158 the need should arise when uploading from stdin, the upload operation will
161 Used together with \fI-u, --user\fP.
163 See also \fI--proxy-anyauth\fP and \fI--basic\fP and \fI--digest\fP.
165 (FTP SFTP) When used in an upload, this makes curl append to the target file instead of
166 overwriting it. If the remote file doesn't exist, it will be created. Note
167 that this flag is ignored by some SFTP servers (including OpenSSH).
169 (HTTP) Tells curl to use HTTP Basic authentication with the remote host. This is the
170 default and this option is usually pointless, unless you use it to override a
171 previously set option that sets a different authentication method (such as
172 \fI--ntlm\fP, \fI--digest\fP, or \fI--negotiate\fP).
174 Used together with \fI-u, --user\fP.
176 See also \fI--proxy-basic\fP.
177 .IP "--cacert <file>"
178 (TLS) Tells curl to use the specified certificate file to verify the peer. The file
179 may contain multiple CA certificates. The certificate(s) must be in PEM
180 format. Normally curl is built to use a default file for this, so this option
181 is typically used to alter that default file.
183 curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
184 set, and uses the given path as a path to a CA cert bundle. This option
185 overrides that variable.
187 The windows version of curl will automatically look for a CA certs file named
188 \'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
189 Current Working Directory, or in any folder along your PATH.
191 If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
192 (libnsspem.so) needs to be available for this option to work properly.
194 (iOS and macOS only) If curl is built against Secure Transport, then this
195 option is supported for backward compatibility with other SSL engines, but it
196 should not be set. If the option is not set, then curl will use the
197 certificates in the system and user Keychain to verify the peer, which is the
198 preferred method of verifying the peer's certificate chain.
200 If this option is used several times, the last one will be used.
202 (TLS) Tells curl to use the specified certificate directory to verify the
203 peer. Multiple paths can be provided by separating them with ":" (e.g.
204 \&"path1:path2:path3"). The certificates must be in PEM format, and if curl is
205 built against OpenSSL, the directory must have been processed using the
206 c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow
207 OpenSSL-powered curl to make SSL-connections much more efficiently than using
208 \fI--cacert\fP if the --cacert file contains many CA certificates.
210 If this option is set, the default capath value will be ignored, and if it is
211 used several times, the last one will be used.
213 (TLS) Tells curl to verify the status of the server certificate by using the
214 Certificate Status Request (aka. OCSP stapling) TLS extension.
216 If this option is enabled and the server sends an invalid (e.g. expired)
217 response, if the response suggests that the server certificate has been revoked,
218 or no response at all is received, the verification fails.
220 This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
223 .IP "--cert-type <type>"
224 (TLS) Tells curl what certificate type the provided certificate is in. PEM, DER and
225 ENG are recognized types. If not specified, PEM is assumed.
227 If this option is used several times, the last one will be used.
229 See also \fI-E, --cert\fP and \fI--key\fP and \fI--key-type\fP.
230 .IP "-E, --cert <certificate[:password]>"
231 (TLS) Tells curl to use the specified client certificate file when getting a file
232 with HTTPS, FTPS or another SSL-based protocol. The certificate must be in
233 PKCS#12 format if using Secure Transport, or PEM format if using any other
234 engine. If the optional password isn't specified, it will be queried for on
235 the terminal. Note that this option assumes a \&"certificate" file that is the
236 private key and the client certificate concatenated! See \fI-E, --cert\fP and \fI--key\fP to
237 specify them independently.
239 If curl is built against the NSS SSL library then this option can tell
240 curl the nickname of the certificate to use within the NSS database defined
241 by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
242 NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
243 loaded. If you want to use a file from the current directory, please precede
244 it with "./" prefix, in order to avoid confusion with a nickname. If the
245 nickname contains ":", it needs to be preceded by "\\" so that it is not
246 recognized as password delimiter. If the nickname contains "\\", it needs to
247 be escaped as "\\\\" so that it is not recognized as an escape character.
249 (iOS and macOS only) If curl is built against Secure Transport, then the
250 certificate string can either be the name of a certificate/private key in the
251 system or user keychain, or the path to a PKCS#12-encoded certificate and
252 private key. If you want to use a file from the current directory, please
253 precede it with "./" prefix, in order to avoid confusion with a nickname.
255 If this option is used several times, the last one will be used.
257 See also \fI--cert-type\fP and \fI--key\fP and \fI--key-type\fP.
258 .IP "--ciphers <list of ciphers>"
259 (TLS) Specifies which ciphers to use in the connection. The list of ciphers must
260 specify valid ciphers. Read up on SSL cipher list details on this URL:
262 https://curl.haxx.se/docs/ssl-ciphers.html
264 If this option is used several times, the last one will be used.
265 .IP "--compressed-ssh"
266 (SCP SFTP) Enables built-in SSH compression.
267 This is a request, not an order; the server may or may not do it.
271 (HTTP) Request a compressed response using one of the algorithms curl supports, and
272 save the uncompressed document. If this option is used and the server sends
273 an unsupported encoding, curl will report an error.
274 .IP "-K, --config <file>"
276 Specify a text file to read curl arguments from. The command line arguments
277 found in the text file will be used as if they were provided on the command
280 Options and their parameters must be specified on the same line in the file,
281 separated by whitespace, colon, or the equals sign. Long option names can
282 optionally be given in the config file without the initial double dashes and
283 if so, the colon or equals characters can be used as separators. If the option
284 is specified with one or two dashes, there can be no colon or equals character
285 between the option and its parameter.
287 If the parameter is to contain whitespace, the parameter must be enclosed
288 within quotes. Within double quotes, the following escape sequences are
289 available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
290 letter is ignored. If the first column of a config line is a '#' character,
291 the rest of the line will be treated as a comment. Only write one option per
292 physical line in the config file.
294 Specify the filename to \fI-K, --config\fP as '-' to make curl read the file from stdin.
296 Note that to be able to specify a URL in the config file, you need to specify
297 it using the \fI--url\fP option, and not by simply writing the URL on its own
298 line. So, it could look similar to this:
300 url = "https://curl.haxx.se/docs/"
302 When curl is invoked, it (unless \fI-q, --disable\fP is used) checks for a default
303 config file and uses it if found. The default config file is checked for in
304 the following places in this order:
306 1) curl tries to find the "home dir": It first checks for the CURL_HOME and
307 then the HOME environment variables. Failing that, it uses getpwuid() on
308 Unix-like systems (which returns the home dir given the current user in your
309 system). On Windows, it then checks for the APPDATA variable, or as a last
310 resort the '%USERPROFILE%\\Application Data'.
312 2) On windows, if there is no _curlrc file in the home dir, it checks for one
313 in the same dir the curl executable is placed. On Unix-like systems, it will
314 simply try to load .curlrc from the determined home dir.
317 # --- Example file ---
320 output = "curlhere.html"
321 user-agent = "superagent/1.0"
323 # and fetch another URL too
324 url = "example.com/docs/manpage.html"
326 referer = "http://nowhereatall.example.com/"
327 # --- End of example file ---
330 This option can be used multiple times to load multiple config files.
331 .IP "--connect-timeout <seconds>"
332 Maximum time in seconds that you allow curl's connection to take. This only
333 limits the connection phase, so if curl connects within the given period it
334 will continue - if not it will exit. Since version 7.32.0, this option
335 accepts decimal values.
337 If this option is used several times, the last one will be used.
339 See also \fI-m, --max-time\fP.
340 .IP "--connect-to <HOST1:PORT1:HOST2:PORT2>"
342 For a request to the given HOST1:PORT1 pair, connect to HOST2:PORT2 instead.
343 This option is suitable to direct requests at a specific server, e.g. at a
344 specific cluster node in a cluster of servers. This option is only used to
345 establish the network connection. It does NOT affect the hostname/port that is
346 used for TLS/SSL (e.g. SNI, certificate verification) or for the application
347 protocols. "HOST1" and "PORT1" may be the empty string, meaning "any
348 host/port". "HOST2" and "PORT2" may also be the empty string, meaning "use the
349 request's original host/port".
351 A "host" specified to this option is compared as a string, so it needs to
352 match the name used in request URL. It can be either numerical such as
353 "127.0.0.1" or the full host name such as "example.org".
355 This option can be used many times to add many connect rules.
357 See also \fI--resolve\fP and \fI-H, --header\fP. Added in 7.49.0.
358 .IP "-C, --continue-at <offset>"
359 Continue/Resume a previous file transfer at the given offset. The given offset
360 is the exact number of bytes that will be skipped, counting from the beginning
361 of the source file before it is transferred to the destination. If used with
362 uploads, the FTP server command SIZE will not be used by curl.
364 Use "-C -" to tell curl to automatically find out where/how to resume the
365 transfer. It then uses the given output/input files to figure that out.
367 If this option is used several times, the last one will be used.
369 See also \fI-r, --range\fP.
370 .IP "-c, --cookie-jar <filename>"
371 (HTTP) Specify to which file you want curl to write all cookies after a completed
372 operation. Curl writes all cookies from its in-memory cookie storage to the
373 given file at the end of operations. If no cookies are known, no data will be
374 written. The file will be written using the Netscape cookie file format. If
375 you set the file name to a single dash, "-", the cookies will be written to
378 This command line option will activate the cookie engine that makes curl
379 record and use cookies. Another way to activate it is to use the \fI-b, --cookie\fP
382 If the cookie jar can't be created or written to, the whole curl operation
383 won't fail or even report an error clearly. Using \fI-v, --verbose\fP will get a warning
384 displayed, but that is the only visible feedback you get about this possibly
387 If this option is used several times, the last specified file name will be
389 .IP "-b, --cookie <data>"
390 (HTTP) Pass the data to the HTTP server in the Cookie header. It is supposedly
391 the data previously received from the server in a "Set-Cookie:" line. The
392 data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
394 If no '=' symbol is used in the argument, it is instead treated as a filename
395 to read previously stored cookie from. This option also activates the cookie
396 engine which will make curl record incoming cookies, which may be handy if
397 you're using this in combination with the \fI-L, --location\fP option or do multiple URL
398 transfers on the same invoke.
400 The file format of the file to read cookies from should be plain HTTP headers
401 (Set-Cookie style) or the Netscape/Mozilla cookie file format.
403 The file specified with \fI-b, --cookie\fP is only used as input. No cookies will be
404 written to the file. To store cookies, use the \fI-c, --cookie-jar\fP option.
406 Exercise caution if you are using this option and multiple transfers may
407 occur. If you use the NAME1=VALUE1; format, or in a file use the Set-Cookie
408 format and don't specify a domain, then the cookie is sent for any domain
409 (even after redirects are followed) and cannot be modified by a server-set
410 cookie. If the cookie engine is enabled and a server sets a cookie of the same
411 name then both will be sent on a future transfer to that server, likely not
412 what you intended. To address these issues set a domain in Set-Cookie (doing
413 that will include sub domains) or use the Netscape format.
415 If this option is used several times, the last one will be used.
417 Users very often want to both read cookies from a file and write updated
418 cookies back to a file, so using both \fI-b, --cookie\fP and \fI-c, --cookie-jar\fP in the same
419 command line is common.
421 When used in conjunction with the \fI-o, --output\fP option, curl will create the
422 necessary local directory hierarchy as needed. This option creates the dirs
423 mentioned with the \fI-o, --output\fP option, nothing else. If the --output file name
424 uses no dir or if the dirs it mentions already exist, no dir will be created.
426 To create remote directories when using FTP or SFTP, try \fI--ftp-create-dirs\fP.
428 (FTP SMTP) Convert LF to CRLF in upload. Useful for MVS (OS/390).
430 (SMTP added in 7.40.0)
431 .IP "--crlfile <file>"
432 (TLS) Provide a file using PEM format with a Certificate Revocation List that may
433 specify peer certificates that are to be considered revoked.
435 If this option is used several times, the last one will be used.
438 .IP "--data-ascii <data>"
439 (HTTP) This is just an alias for \fI-d, --data\fP.
440 .IP "--data-binary <data>"
441 (HTTP) This posts data exactly as specified with no extra processing whatsoever.
443 If you start the data with the letter @, the rest should be a filename. Data
444 is posted in a similar manner as \fI-d, --data\fP does, except that newlines and
445 carriage returns are preserved and conversions are never done.
447 If this option is used several times, the ones following the first will append
448 data as described in \fI-d, --data\fP.
449 .IP "--data-raw <data>"
450 (HTTP) This posts data similarly to \fI-d, --data\fP but without the special
451 interpretation of the @ character.
453 See also \fI-d, --data\fP. Added in 7.43.0.
454 .IP "--data-urlencode <data>"
455 (HTTP) This posts data, similar to the other \fI-d, --data\fP options with the exception
456 that this performs URL-encoding.
458 To be CGI-compliant, the <data> part should begin with a \fIname\fP followed
459 by a separator and a content specification. The <data> part can be passed to
460 curl using one of the following syntaxes:
463 This will make curl URL-encode the content and pass that on. Just be careful
464 so that the content doesn't contain any = or @ symbols, as that will then make
465 the syntax match one of the other cases below!
467 This will make curl URL-encode the content and pass that on. The preceding =
468 symbol is not included in the data.
470 This will make curl URL-encode the content part and pass that on. Note that
471 the name part is expected to be URL-encoded already.
473 This will make curl load data from the given file (including any newlines),
474 URL-encode that data and pass it on in the POST.
476 This will make curl load data from the given file (including any newlines),
477 URL-encode that data and pass it on in the POST. The name part gets an equal
478 sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
479 name is expected to be URL-encoded already.
482 See also \fI-d, --data\fP and \fI--data-raw\fP. Added in 7.18.0.
483 .IP "-d, --data <data>"
484 (HTTP) Sends the specified data in a POST request to the HTTP server, in the same way
485 that a browser does when a user has filled in an HTML form and presses the
486 submit button. This will cause curl to pass the data to the server using the
487 content-type application/x-www-form-urlencoded. Compare to \fI-F, --form\fP.
489 \fI--data-raw\fP is almost the same but does not have a special interpretation of
490 the @ character. To post data purely binary, you should instead use the
491 \fI--data-binary\fP option. To URL-encode the value of a form field you may use
492 \fI--data-urlencode\fP.
494 If any of these options is used more than once on the same command line, the
495 data pieces specified will be merged together with a separating
496 &-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post
497 chunk that looks like \&'name=daniel&skill=lousy'.
499 If you start the data with the letter @, the rest should be a file name to
500 read the data from, or - if you want curl to read the data from
501 stdin. Multiple files can also be specified. Posting data from a file named
502 'foobar' would thus be done with \fI-d, --data\fP @foobar. When --data is told to read
503 from a file like that, carriage returns and newlines will be stripped out. If
504 you don't want the @ character to have a special interpretation use \fI--data-raw\fP
507 See also \fI--data-binary\fP and \fI--data-urlencode\fP and \fI--data-raw\fP. This option overrides \fI-F, --form\fP and \fI-I, --head\fP and \fI--upload\fP.
508 .IP "--delegation <LEVEL>"
509 (GSS/kerberos) Set LEVEL to tell the server what it is allowed to delegate when it
510 comes to user credentials.
513 Don't allow any delegation.
515 Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos
516 service ticket, which is a matter of realm policy.
518 Unconditionally allow the server to delegate.
521 (HTTP) Enables HTTP Digest authentication. This is an authentication scheme that
522 prevents the password from being sent over the wire in clear text. Use this in
523 combination with the normal \fI-u, --user\fP option to set user name and password.
525 If this option is used several times, only the first one is used.
527 See also \fI-u, --user\fP and \fI--proxy-digest\fP and \fI--anyauth\fP. This option overrides \fI--basic\fP and \fI--ntlm\fP and \fI--negotiate\fP.
529 (FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing active
530 FTP transfers. Curl will normally always first attempt to use EPRT, then LPRT
531 before using PORT, but with this option, it will use PORT right away. EPRT and
532 LPRT are extensions to the original FTP protocol, and may not work on all
533 servers, but they enable more functionality in a better way than the
534 traditional PORT command.
536 --eprt can be used to explicitly enable EPRT again and --no-eprt is an alias
537 for \fI--disable-eprt\fP.
539 If the server is accessed using IPv6, this option will have no effect as EPRT
542 Disabling EPRT only changes the active behavior. If you want to switch to
543 passive mode you need to not use \fI-P, --ftp-port\fP or force it with \fI--ftp-pasv\fP.
545 (FTP) (FTP) Tell curl to disable the use of the EPSV command when doing passive FTP
546 transfers. Curl will normally always first attempt to use EPSV before PASV,
547 but with this option, it will not try using EPSV.
549 --epsv can be used to explicitly enable EPSV again and --no-epsv is an alias
550 for \fI--disable-epsv\fP.
552 If the server is an IPv6 host, this option will have no effect as EPSV is
555 Disabling EPSV only changes the passive behavior. If you want to switch to
556 active mode you need to use \fI-P, --ftp-port\fP.
558 If used as the first parameter on the command line, the \fIcurlrc\fP config
559 file will not be read and used. See the \fI-K, --config\fP for details on the default
560 config file search path.
561 .IP "--dns-interface <interface>"
562 (DNS) Tell curl to send outgoing DNS requests through <interface>. This option is a
563 counterpart to \fI--interface\fP (which does not affect DNS). The supplied string
564 must be an interface name (not an address).
566 See also \fI--dns-ipv4-addr\fP and \fI--dns-ipv6-addr\fP. \fI--dns-interface\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
567 .IP "--dns-ipv4-addr <address>"
568 (DNS) Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
569 the DNS requests originate from this address. The argument should be a
572 See also \fI--dns-interface\fP and \fI--dns-ipv6-addr\fP. \fI--dns-ipv4-addr\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
573 .IP "--dns-ipv6-addr <address>"
574 (DNS) Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
575 the DNS requests originate from this address. The argument should be a
578 See also \fI--dns-interface\fP and \fI--dns-ipv4-addr\fP. \fI--dns-ipv6-addr\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
579 .IP "--dns-servers <addresses>"
580 Set the list of DNS servers to be used instead of the system default.
581 The list of IP addresses should be separated with commas. Port numbers
582 may also optionally be given as \fI:<port-number>\fP after each IP
585 \fI--dns-servers\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
586 .IP "-D, --dump-header <filename>"
587 (HTTP FTP) Write the received protocol headers to the specified file.
589 This option is handy to use when you want to store the headers that an HTTP
590 site sends to you. Cookies from the headers could then be read in a second
591 curl invocation by using the \fI-b, --cookie\fP option! The \fI-c, --cookie-jar\fP option is a
592 better way to store cookies.
594 When used in FTP, the FTP server response lines are considered being "headers"
595 and thus are saved there.
597 If this option is used several times, the last one will be used.
599 See also \fI-o, --output\fP.
600 .IP "--egd-file <file>"
601 (TLS) Specify the path name to the Entropy Gathering Daemon socket. The socket is
602 used to seed the random engine for SSL connections.
604 See also \fI--random-file\fP.
605 .IP "--engine <name>"
606 (TLS) Select the OpenSSL crypto engine to use for cipher operations. Use \fI--engine\fP
607 list to print a list of build-time supported engines. Note that not all (or
608 none) of the engines may be available at run-time.
609 .IP "--expect100-timeout <seconds>"
610 (HTTP) Maximum time in seconds that you allow curl to wait for a 100-continue
611 response when curl emits an Expects: 100-continue header in its request. By
612 default curl will wait one second. This option accepts decimal values! When
613 curl stops waiting, it will continue as if the response has been received.
615 See also \fI--connect-timeout\fP. Added in 7.47.0.
617 Fail and exit on the first detected transfer error.
619 When curl is used to do multiple transfers on the command line, it will
620 attempt to operate on each given URL, one by one. By default, it will ignore
621 errors if there are more URLs given and the last URL's success will determine
622 the error code curl returns. So early failures will be "hidden" by subsequent
623 successful transfers.
625 Using this option, curl will instead return an error on the first transfer
626 that fails, independent of the amount of URLs that are given on the command
627 line. This way, no transfer failures go undetected by scripts and similar.
629 This option is global and does not need to be specified for each use of \fI-:, --next\fP.
631 This option does not imply \fI-f, --fail\fP, which causes transfers to fail due to the
632 server's HTTP status code. You can combine the two options, however note \fI-f, --fail\fP
633 is not global and is therefore contained by \fI-:, --next\fP.
637 (HTTP) Fail silently (no output at all) on server errors. This is mostly done to
638 better enable scripts etc to better deal with failed attempts. In normal cases
639 when an HTTP server fails to deliver a document, it returns an HTML document
640 stating so (which often also describes why and more). This flag will prevent
641 curl from outputting that and return error 22.
643 This method is not fail-safe and there are occasions where non-successful
644 response codes will slip through, especially when authentication is involved
645 (response codes 401 and 407).
647 (TLS) Tells curl to use false start during the TLS handshake. False start is a mode
648 where a TLS client will start sending application data before verifying the
649 server's Finished message, thus saving a round trip when performing a full
652 This is currently only implemented in the NSS and Secure Transport (on iOS 7.0
653 or later, or OS X 10.9 or later) backends.
656 .IP "--form-string <name=string>"
657 (HTTP SMTP IMAP) Similar to \fI-F, --form\fP except that the value string for the named parameter is used
658 literally. Leading \&'@' and \&'<' characters, and the \&';type=' string in
659 the value have no special meaning. Use this in preference to \fI-F, --form\fP if
660 there's any possibility that the string value may accidentally trigger the
661 \&'@' or \&'<' features of \fI-F, --form\fP.
663 See also \fI-F, --form\fP.
664 .IP "-F, --form <name=content>"
665 (HTTP SMTP IMAP) For HTTP protocol family, this lets curl emulate a filled-in form in which a
666 user has pressed the submit button. This causes curl to POST data using the
667 Content-Type multipart/form-data according to RFC 2388.
669 For SMTP and IMAP protocols, this is the mean to compose a multipart mail
672 This enables uploading of binary files etc. To force the 'content' part to be
673 a file, prefix the file name with an @ sign. To just get the content part from
674 a file, prefix the file name with the symbol <. The difference between @ and <
675 is then that @ makes a file get attached in the post as a file upload, while
676 the < makes a text field and just get the contents for that text field from a
679 Tell curl to read content from stdin instead of a file by using - as
680 filename. This goes for both @ and < constructs. When stdin is used, the
681 contents is buffered in memory first by curl to determine its size and allow a
682 possible resend. Defining a part's data from a named non-regular file (such
683 as a named pipe or similar) is unfortunately not subject to buffering and will
684 be effectively read at transmission time; since the full size is unknown
685 before the transfer starts, such data is sent as chunks by HTTP and rejected
688 Example: send an image to an HTTP server, where \&'profile' is the name of the
689 form-field to which the file portrait.jpg will be the input:
691 curl -F profile=@portrait.jpg https://example.com/upload.cgi
693 Example: send a your name and shoe size in two text fields to the server:
695 curl -F name=John -F shoesize=11 https://example.com/
697 Example: send a your essay in a text field to the server. Send it as a plain
698 text field, but get the contents for it from a local file:
700 curl -F "story=<hugefile.txt" https://example.com/
702 You can also tell curl what Content-Type to use by using 'type=', in a manner
705 curl -F "web=@index.html;type=text/html" example.com
709 curl -F "name=daniel;type=text/foo" example.com
711 You can also explicitly change the name field of a file upload part by setting
712 filename=, like this:
714 curl -F "file=@localfile;filename=nameinpost" example.com
716 If filename/path contains ',' or ';', it must be quoted by double-quotes like:
718 curl -F "file=@\\"localfile\\";filename=\\"nameinpost\\"" example.com
722 curl -F 'file=@"localfile";filename="nameinpost"' example.com
724 Note that if a filename/path is quoted by double-quotes, any double-quote
725 or backslash within the filename must be escaped by backslash.
727 Quoting must also be applied to non-file data if it contains semicolons,
728 leading/trailing spaces or leading double quotes:
730 curl -F 'colors="red; green; blue";type=text/x-myapp' example.com
732 You can add custom headers to the field by setting headers=, like
734 curl -F "submit=OK;headers=\\"X-submit-type: OK\\"" example.com
738 curl -F "submit=OK;headers=@headerfile" example.com
740 The headers= keyword may appear more that once and above notes about quoting
741 apply. When headers are read from a file, Empty lines and lines starting
742 with '#' are comments and ignored; each header can be folded by splitting
743 between two words and starting the continuation line with a space; embedded
744 carriage-returns and trailing spaces are stripped.
745 Here is an example of a header file contents:
747 # This file contain two headers.
749 X-header-1: this is a header
751 # The following header is folded.
758 To support sending multipart mail messages, the syntax is extended as follows:
760 - name can be omitted: the equal sign is the first character of the argument,
762 - if data starts with '(', this signals to start a new multipart: it can be
763 followed by a content type specification.
765 - a multipart can be terminated with a '=)' argument.
767 Example: the following command sends an SMTP mime e-mail consisting in an
768 inline part in two alternative formats: plain text and HTML. It attaches a
771 curl -F '=(;type=multipart/alternative' \\
773 -F '=plain text message' \\
775 -F '= <body>HTML message</body>;type=text/html' \\
777 -F '=)' -F '=@textfile.txt' ... smtp://example.com
779 Data can be encoded for transfer using encoder=. Available encodings are
780 \fIbinary\fP and \fI8bit\fP that do nothing else than adding the corresponding
781 Content-Transfer-Encoding header, \fI7bit\fP that only rejects 8-bit characters
782 with a transfer error, \fIquoted-printable\fP and \fIbase64\fP that encodes
783 data according to the corresponding schemes, limiting lines length to
786 Example: send multipart mail with a quoted-printable text message and a
787 base64 attached file:
789 curl -F '=text message;encoder=quoted-printable' \\
791 -F '=@localfile;encoder=base64' ... smtp://example.com
793 See further examples and details in the MANUAL.
795 This option can be used multiple times.
797 This option overrides \fI-d, --data\fP and \fI-I, --head\fP and \fI--upload\fP.
798 .IP "--ftp-account <data>"
799 (FTP) When an FTP server asks for "account data" after user name and password has
800 been provided, this data is sent off using the ACCT command.
802 If this option is used several times, the last one will be used.
805 .IP "--ftp-alternative-to-user <command>"
806 (FTP) If authenticating with the USER and PASS commands fails, send this command.
807 When connecting to Tumbleweed's Secure Transport server over FTPS using a
808 client certificate, using "SITE AUTH" will tell the server to retrieve the
809 username from the certificate.
812 .IP "--ftp-create-dirs"
813 (FTP SFTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
814 the server, the standard behavior of curl is to fail. Using this option, curl
815 will instead attempt to create missing directories.
817 See also \fI--create-dirs\fP.
818 .IP "--ftp-method <method>"
819 (FTP) Control what method curl should use to reach a file on an FTP(S)
820 server. The method argument should be one of the following alternatives:
823 curl does a single CWD operation for each path part in the given URL. For deep
824 hierarchies this means very many commands. This is how RFC 1738 says it should
825 be done. This is the default but the slowest behavior.
827 curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full
828 path to the server for all these commands. This is the fastest behavior.
830 curl does one CWD with the full target directory and then operates on the file
831 \&"normally" (like in the multicwd case). This is somewhat more standards
832 compliant than 'nocwd' but without the full penalty of 'multicwd'.
837 (FTP) Use passive mode for the data connection. Passive is the internal default
838 behavior, but using this option can be used to override a previous \fI-P, --ftp-port\fP
841 If this option is used several times, only the first one is used. Undoing an
842 enforced passive really isn't doable but you must then instead enforce the
843 correct \fI-P, --ftp-port\fP again.
845 Passive mode means that curl will try the EPSV command first and then PASV,
846 unless \fI--disable-epsv\fP is used.
848 See also \fI--disable-epsv\fP. Added in 7.11.0.
849 .IP "-P, --ftp-port <address>"
850 (FTP) Reverses the default initiator/listener roles when connecting with FTP. This
851 option makes curl use active mode. curl then tells the server to connect back
852 to the client's specified address and port, while passive mode asks the server
853 to setup an IP address and port for it to connect to. <address> should be one
857 i.e "eth0" to specify which interface's IP address you want to use (Unix only)
859 i.e "192.168.10.1" to specify the exact IP address
861 i.e "my.host.domain" to specify the machine
863 make curl pick the same IP address that is already used for the control
867 If this option is used several times, the last one will be used. Disable the
868 use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command
869 instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
871 Since 7.19.5, you can append \&":[start]-[end]\&" to the right of the address,
872 to tell curl what TCP port range to use. That means you specify a port range,
873 from a lower to a higher number. A single number works as well, but do note
874 that it increases the risk of failure since the port may not be available.
876 See also \fI--ftp-pasv\fP and \fI--disable-eprt\fP.
878 (FTP) Tell curl to send a PRET command before PASV (and EPSV). Certain FTP servers,
879 mainly drftpd, require this non-standard command for directory listings as
880 well as up and downloads in PASV mode.
883 .IP "--ftp-skip-pasv-ip"
884 (FTP) Tell curl to not use the IP address the server suggests in its response
885 to curl's PASV command when curl connects the data connection. Instead curl
886 will re-use the same IP address it already uses for the control
889 This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
891 See also \fI--ftp-pasv\fP. Added in 7.14.2.
892 .IP "--ftp-ssl-ccc-mode <active/passive>"
893 (FTP) Sets the CCC mode. The passive mode will not initiate the shutdown, but
894 instead wait for the server to do it, and will not reply to the shutdown from
895 the server. The active mode initiates the shutdown and waits for a reply from
898 See also \fI--ftp-ssl-ccc\fP. Added in 7.16.2.
900 (FTP) Use CCC (Clear Command Channel) Shuts down the SSL/TLS layer after
901 authenticating. The rest of the control channel communication will be
902 unencrypted. This allows NAT routers to follow the FTP transaction. The
903 default mode is passive.
905 See also \fI--ssl\fP and \fI--ftp-ssl-ccc-mode\fP. Added in 7.16.1.
906 .IP "--ftp-ssl-control"
907 (FTP) Require SSL/TLS for the FTP login, clear for transfer. Allows secure
908 authentication, but non-encrypted data transfers for efficiency. Fails the
909 transfer if the server doesn't support SSL/TLS.
913 When used, this option will make all data specified with \fI-d, --data\fP, \fI--data-binary\fP
914 or \fI--data-urlencode\fP to be used in an HTTP GET request instead of the POST
915 request that otherwise would be used. The data will be appended to the URL
916 with a '?' separator.
918 If used in combination with \fI-I, --head\fP, the POST data will instead be appended to
919 the URL with a HEAD request.
921 If this option is used several times, only the first one is used. This is
922 because undoing a GET doesn't make sense, but you should then instead enforce
923 the alternative method you prefer.
925 This option switches off the "URL globbing parser". When you set this option,
926 you can specify URLs that contain the letters {}[] without having them being
927 interpreted by curl itself. Note that these letters are not normal legal URL
928 contents but they should be encoded according to the URI standard.
929 .IP "--happy-eyeballs-timeout-ms <milliseconds>"
930 Happy eyeballs is an algorithm that attempts to connect to both IPv4 and IPv6
931 addresses for dual-stack hosts, preferring IPv6 first for the number of
932 milliseconds. If the IPv6 address cannot be connected to within that time then
933 a connection attempt is made to the IPv4 address in parallel. The first
934 connection to be established is the one that is used.
936 The range of suggested useful values is limited. Happy Eyeballs RFC 6555 says
937 "It is RECOMMENDED that connection attempts be paced 150-250 ms apart to
938 balance human factors against network load." libcurl currently defaults to
939 200 ms. Firefox and Chrome currently default to 300 ms.
941 If this option is used several times, the last one will be used.
945 (HTTP FTP FILE) Fetch the headers only! HTTP-servers feature the command HEAD which this uses
946 to get nothing but the header of a document. When used on an FTP or FILE file,
947 curl displays the file size and last modification time only.
948 .IP "-H, --header <header/@file>"
949 (HTTP) Extra header to include in the request when sending HTTP to a server. You may
950 specify any number of extra headers. Note that if you should add a custom
951 header that has the same name as one of the internal ones curl would use, your
952 externally set header will be used instead of the internal one. This allows
953 you to make even trickier stuff than curl would normally do. You should not
954 replace internally set headers without knowing perfectly well what you're
955 doing. Remove an internal header by giving a replacement without content on
956 the right side of the colon, as in: -H \&"Host:". If you send the custom
957 header with no-value then its header must be terminated with a semicolon, such
958 as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
960 curl will make sure that each header you add/replace is sent with the proper
961 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
962 content: do not add newlines or carriage returns, they will only mess things up
965 Starting in 7.55.0, this option can take an argument in @filename style, which
966 then adds a header for each line in the input file. Using @- will make curl
967 read the header file from stdin.
969 See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.
971 Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers intended
976 curl -H "X-First-Name: Joe" http://example.com/
978 \fBWARNING\fP: headers set with this option will be set in all requests - even
979 after redirects are followed, like when told with \fI-L, --location\fP. This can lead to
980 the header being sent to other hosts than the original host, so sensitive
981 headers should be used with caution combined with following redirects.
983 This option can be used multiple times to add/replace/remove multiple headers.
985 Usage help. This lists all current command line options with a short
987 .IP "--hostpubmd5 <md5>"
988 (SFTP SCP) Pass a string containing 32 hexadecimal digits. The string should
989 be the 128 bit MD5 checksum of the remote host's public key, curl will refuse
990 the connection with the host unless the md5sums match.
994 (HTTP) Tells curl to use HTTP version 1.0 instead of using its internally preferred
997 This option overrides \fI--http1.1\fP and \fI--http2\fP.
999 (HTTP) Tells curl to use HTTP version 1.1.
1001 This option overrides \fI-0, --http1.0\fP and \fI--http2\fP. Added in 7.33.0.
1002 .IP "--http2-prior-knowledge"
1003 (HTTP) Tells curl to issue its non-TLS HTTP requests using HTTP/2 without HTTP/1.1
1004 Upgrade. It requires prior knowledge that the server supports HTTP/2 straight
1005 away. HTTPS requests will still do HTTP/2 the standard way with negotiated
1006 protocol version in the TLS handshake.
1008 \fI--http2-prior-knowledge\fP requires that the underlying libcurl was built to support HTTP/2. This option overrides \fI--http1.1\fP and \fI-0, --http1.0\fP and \fI--http2\fP. Added in 7.49.0.
1010 (HTTP) Tells curl to use HTTP version 2.
1012 See also \fI--no-alpn\fP. \fI--http2\fP requires that the underlying libcurl was built to support HTTP/2. This option overrides \fI--http1.1\fP and \fI-0, --http1.0\fP and \fI--http2-prior-knowledge\fP. Added in 7.33.0.
1013 .IP "--ignore-content-length"
1014 (FTP HTTP) For HTTP, Ignore the Content-Length header. This is particularly useful for
1015 servers running Apache 1.x, which will report incorrect Content-Length for
1016 files larger than 2 gigabytes.
1018 For FTP (since 7.46.0), skip the RETR command to figure out the size before
1021 Include the HTTP response headers in the output. The HTTP response headers can
1022 include things like server name, cookies, date of the document, HTTP version
1025 To view the request headers, consider the \fI-v, --verbose\fP option.
1027 See also \fI-v, --verbose\fP.
1028 .IP "-k, --insecure"
1030 By default, every SSL connection curl makes is verified to be secure. This
1031 option allows curl to proceed and operate even for server connections
1032 otherwise considered insecure.
1034 The server connection is verified by making sure the server's certificate
1035 contains the right name and verifies successfully using the cert store.
1037 See this online resource for further details:
1038 https://curl.haxx.se/docs/sslcerts.html
1040 See also \fI--proxy-insecure\fP and \fI--cacert\fP.
1041 .IP "--interface <name>"
1043 Perform an operation using a specified interface. You can enter interface
1044 name, IP address or host name. An example could look like:
1046 curl --interface eth0:1 https://www.example.com/
1048 If this option is used several times, the last one will be used.
1050 On Linux it can be used to specify a VRF, but the binary needs to either
1051 have CAP_NET_RAW or to be ran as root. More information about Linux VRF:
1052 https://www.kernel.org/doc/Documentation/networking/vrf.txt
1054 See also \fI--dns-interface\fP.
1056 This option tells curl to resolve names to IPv4 addresses only, and not for
1059 See also \fI--http1.1\fP and \fI--http2\fP. This option overrides \fI-6, --ipv6\fP.
1061 This option tells curl to resolve names to IPv6 addresses only, and not for
1064 See also \fI--http1.1\fP and \fI--http2\fP. This option overrides \fI-6, --ipv6\fP.
1065 .IP "-j, --junk-session-cookies"
1066 (HTTP) When curl is told to read cookies from a given file, this option will make it
1067 discard all "session cookies". This will basically have the same effect as if
1068 a new session is started. Typical browsers always discard session cookies when
1069 they're closed down.
1071 See also \fI-b, --cookie\fP and \fI-c, --cookie-jar\fP.
1072 .IP "--keepalive-time <seconds>"
1073 This option sets the time a connection needs to remain idle before sending
1074 keepalive probes and the time between individual keepalive probes. It is
1075 currently effective on operating systems offering the TCP_KEEPIDLE and
1076 TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
1077 option has no effect if \fI--no-keepalive\fP is used.
1079 If this option is used several times, the last one will be used. If
1080 unspecified, the option defaults to 60 seconds.
1083 .IP "--key-type <type>"
1084 (TLS) Private key file type. Specify which type your \fI--key\fP provided private key
1085 is. DER, PEM, and ENG are supported. If not specified, PEM is assumed.
1087 If this option is used several times, the last one will be used.
1089 (TLS SSH) Private key file name. Allows you to provide your private key in this separate
1090 file. For SSH, if not specified, curl tries the following candidates in order:
1091 '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
1093 If this option is used several times, the last one will be used.
1095 (FTP) Enable Kerberos authentication and use. The level must be entered and should
1096 be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a
1097 level that is not one of these, 'private' will instead be used.
1099 If this option is used several times, the last one will be used.
1101 \fI--krb\fP requires that the underlying libcurl was built to support Kerberos.
1102 .IP "--libcurl <file>"
1103 Append this option to any ordinary curl command line, and you will get a
1104 libcurl-using C source code written to the file that does the equivalent
1105 of what your command-line operation does!
1107 If this option is used several times, the last given file name will be
1111 .IP "--limit-rate <speed>"
1112 Specify the maximum transfer rate you want curl to use - for both downloads
1113 and uploads. This feature is useful if you have a limited pipe and you'd like
1114 your transfer not to use your entire bandwidth. To make it slower than it
1117 The given speed is measured in bytes/second, unless a suffix is appended.
1118 Appending 'k' or 'K' will count the number as kilobytes, 'm' or 'M' makes it
1119 megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G.
1121 If you also use the \fI-Y, --speed-limit\fP option, that option will take precedence and
1122 might cripple the rate-limiting slightly, to help keeping the speed-limit
1125 If this option is used several times, the last one will be used.
1126 .IP "-l, --list-only"
1128 When listing an FTP directory, this switch forces a name-only view. This is
1129 especially useful if the user wants to machine-parse the contents of an FTP
1130 directory since the normal directory view doesn't use a standard look or
1131 format. When used like this, the option causes a NLST command to be sent to
1132 the server instead of LIST.
1134 Note: Some FTP servers list only files in their response to NLST; they do not
1135 include sub-directories and symbolic links.
1138 When retrieving a specific email from POP3, this switch forces a LIST command
1139 to be performed instead of RETR. This is particularly useful if the user wants
1140 to see if a specific message id exists on the server and what size it is.
1142 Note: When combined with \fI-X, --request\fP, this option can be used to send an UIDL
1143 command instead, so the user may use the email's unique identifier rather than
1144 it's message id to make the request.
1147 .IP "--local-port <num/range>"
1148 Set a preferred single number or range (FROM-TO) of local port numbers to use
1149 for the connection(s). Note that port numbers by nature are a scarce resource
1150 that will be busy at times so setting this range to something too narrow might
1151 cause unnecessary connection setup failures.
1154 .IP "--location-trusted"
1155 (HTTP) Like \fI-L, --location\fP, but will allow sending the name + password to all hosts that
1156 the site may redirect to. This may or may not introduce a security breach if
1157 the site redirects you to a site to which you'll send your authentication info
1158 (which is plaintext in the case of HTTP Basic authentication).
1160 See also \fI-u, --user\fP.
1161 .IP "-L, --location"
1162 (HTTP) If the server reports that the requested page has moved to a different
1163 location (indicated with a Location: header and a 3XX response code), this
1164 option will make curl redo the request on the new place. If used together with
1165 \fI-i, --include\fP or \fI-I, --head\fP, headers from all requested pages will be shown. When
1166 authentication is used, curl only sends its credentials to the initial
1167 host. If a redirect takes curl to a different host, it won't be able to
1168 intercept the user+password. See also \fI--location-trusted\fP on how to change
1169 this. You can limit the amount of redirects to follow by using the
1170 \fI--max-redirs\fP option.
1172 When curl follows a redirect and the request is not a plain GET (for example
1173 POST or PUT), it will do the following request with a GET if the HTTP response
1174 was 301, 302, or 303. If the response code was any other 3xx code, curl will
1175 re-send the following request using the same unmodified method.
1177 You can tell curl to not change the non-GET request method to GET after a 30x
1178 response by using the dedicated options for that: \fI--post301\fP, \fI--post302\fP and
1180 .IP "--login-options <options>"
1181 (IMAP POP3 SMTP) Specify the login options to use during server authentication.
1183 You can use the login options to specify protocol specific options that may
1184 be used during authentication. At present only IMAP, POP3 and SMTP support
1185 login options. For more information about the login options please see
1186 RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt
1188 If this option is used several times, the last one will be used.
1191 .IP "--mail-auth <address>"
1192 (SMTP) Specify a single address. This will be used to specify the authentication
1193 address (identity) of a submitted message that is being relayed to another
1196 See also \fI--mail-rcpt\fP and \fI--mail-from\fP. Added in 7.25.0.
1197 .IP "--mail-from <address>"
1198 (SMTP) Specify a single address that the given mail should get sent from.
1200 See also \fI--mail-rcpt\fP and \fI--mail-auth\fP. Added in 7.20.0.
1201 .IP "--mail-rcpt <address>"
1202 (SMTP) Specify a single address, user name or mailing list name. Repeat this
1203 option several times to send to multiple recipients.
1205 When performing a mail transfer, the recipient should specify a valid email
1206 address to send the mail to.
1208 When performing an address verification (VRFY command), the recipient should be
1209 specified as the user name or user name and domain (as per Section 3.5 of
1210 RFC5321). (Added in 7.34.0)
1212 When performing a mailing list expand (EXPN command), the recipient should be
1213 specified using the mailing list name, such as "Friends" or "London-Office".
1218 Manual. Display the huge help text.
1219 .IP "--max-filesize <bytes>"
1220 Specify the maximum size (in bytes) of a file to download. If the file
1221 requested is larger than this value, the transfer will not start and curl will
1222 return with exit code 63.
1224 A size modifier may be used. For example, Appending 'k' or 'K' will count the
1225 number as kilobytes, 'm' or 'M' makes it megabytes, while 'g' or 'G' makes it
1226 gigabytes. Examples: 200K, 3m and 1G. (Added in 7.58.0)
1228 \fBNOTE:\fP The file size is not always known prior to download, and for such
1229 files this option has no effect even if the file transfer ends up being larger
1230 than this given limit. This concerns both FTP and HTTP transfers.
1232 See also \fI--limit-rate\fP.
1233 .IP "--max-redirs <num>"
1234 (HTTP) Set maximum number of redirection-followings allowed. When \fI-L, --location\fP is used,
1235 is used to prevent curl from following redirections \&"in absurdum". By
1236 default, the limit is set to 50 redirections. Set this option to -1 to make it
1239 If this option is used several times, the last one will be used.
1240 .IP "-m, --max-time <time>"
1241 Maximum time in seconds that you allow the whole operation to take. This is
1242 useful for preventing your batch jobs from hanging for hours due to slow
1243 networks or links going down. Since 7.32.0, this option accepts decimal
1244 values, but the actual timeout will decrease in accuracy as the specified
1245 timeout increases in decimal precision.
1247 If this option is used several times, the last one will be used.
1249 See also \fI--connect-timeout\fP.
1251 This option can tell curl to parse and process a given URI as Metalink file
1252 (both version 3 and 4 (RFC 5854) are supported) and make use of the mirrors
1253 listed within for failover if there are errors (such as the file or server not
1254 being available). It will also verify the hash of the file after the download
1255 completes. The Metalink file itself is downloaded and processed in memory and
1256 not stored in the local file system.
1258 Example to use a remote Metalink file:
1260 curl --metalink http://www.example.com/example.metalink
1262 To use a Metalink file in the local file system, use FILE protocol (file://):
1264 curl --metalink file://example.metalink
1266 Please note that if FILE protocol is disabled, there is no way to use a local
1267 Metalink file at the time of this writing. Also note that if \fI--metalink\fP and
1268 \fI-i, --include\fP are used together, --include will be ignored. This is because
1269 including headers in the response will break Metalink parser and if the
1270 headers are included in the file described in Metalink file, hash check will
1274 \fI--metalink\fP requires that the underlying libcurl was built to support metalink. Added in 7.27.0.
1276 (HTTP) Enables Negotiate (SPNEGO) authentication.
1278 This option requires a library built with GSS-API or SSPI support. Use
1279 \fI-V, --version\fP to see if your curl supports GSS-API/SSPI or SPNEGO.
1281 When using this option, you must also provide a fake \fI-u, --user\fP option to activate
1282 the authentication code properly. Sending a '-u :' is enough as the user name
1283 and password from the \fI-u, --user\fP option aren't actually used.
1285 If this option is used several times, only the first one is used.
1287 See also \fI--basic\fP and \fI--ntlm\fP and \fI--anyauth\fP and \fI--proxy-negotiate\fP.
1288 .IP "--netrc-file <filename>"
1289 This option is similar to \fI-n, --netrc\fP, except that you provide the path (absolute
1290 or relative) to the netrc file that Curl should use. You can only specify one
1291 netrc file per invocation. If several \fI--netrc-file\fP options are provided,
1292 the last one will be used.
1294 It will abide by \fI--netrc-optional\fP if specified.
1296 This option overrides \fI-n, --netrc\fP. Added in 7.21.5.
1297 .IP "--netrc-optional"
1298 Very similar to \fI-n, --netrc\fP, but this option makes the .netrc usage \fBoptional\fP
1299 and not mandatory as the \fI-n, --netrc\fP option does.
1301 See also \fI--netrc-file\fP. This option overrides \fI-n, --netrc\fP.
1303 Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
1304 home directory for login name and password. This is typically used for FTP on
1305 Unix. If used with HTTP, curl will enable user authentication. See
1306 \fInetrc(5)\fP \fIftp(1)\fP for details on the file format. Curl will not
1307 complain if that file doesn't have the right permissions (it should not be
1308 either world- or group-readable). The environment variable "HOME" is used to
1309 find the home directory.
1311 A quick and very simple example of how to setup a \fI.netrc\fP to allow curl
1312 to FTP to the machine host.domain.com with user name \&'myself' and password
1313 \&'secret' should look similar to:
1315 .B "machine host.domain.com login myself password secret"
1317 Tells curl to use a separate operation for the following URL and associated
1318 options. This allows you to send several URL requests, each with their own
1319 specific options, for example, such as different user names or custom requests
1322 \fI-:, --next\fP will reset all local options and only global ones will have their
1323 values survive over to the operation following the \fI-:, --next\fP instruction. Global
1324 options include \fI-v, --verbose\fP, \fI--trace\fP, \fI--trace-ascii\fP and \fI--fail-early\fP.
1326 For example, you can do both a GET and a POST in a single command line:
1328 curl www1.example.com --next -d postthis www2.example.com
1332 (HTTPS) Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built
1333 with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
1334 HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
1336 See also \fI--no-npn\fP and \fI--http2\fP. \fI--no-alpn\fP requires that the underlying libcurl was built to support TLS. Added in 7.36.0.
1337 .IP "-N, --no-buffer"
1338 Disables the buffering of the output stream. In normal work situations, curl
1339 will use a standard buffered output stream that will have the effect that it
1340 will output the data in chunks, not necessarily exactly when the data arrives.
1341 Using this option will disable that buffering.
1343 Note that this is the negated option name documented. You can thus use
1344 --buffer to enforce the buffering.
1345 .IP "--no-keepalive"
1346 Disables the use of keepalive messages on the TCP connection. curl otherwise
1347 enables them by default.
1349 Note that this is the negated option name documented. You can thus use
1350 --keepalive to enforce keepalive.
1352 (HTTPS) Disable the NPN TLS extension. NPN is enabled by default if libcurl was built
1353 with an SSL library that supports NPN. NPN is used by a libcurl that supports
1354 HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
1356 See also \fI--no-alpn\fP and \fI--http2\fP. \fI--no-npn\fP requires that the underlying libcurl was built to support TLS. Added in 7.36.0.
1357 .IP "--no-sessionid"
1358 (TLS) Disable curl's use of SSL session-ID caching. By default all transfers are
1359 done using the cache. Note that while nothing should ever get hurt by
1360 attempting to reuse SSL session-IDs, there seem to be broken SSL
1361 implementations in the wild that may require you to disable this in order for
1364 Note that this is the negated option name documented. You can thus use
1365 --sessionid to enforce session-ID caching.
1368 .IP "--noproxy <no-proxy-list>"
1369 Comma-separated list of hosts which do not use a proxy, if one is specified.
1370 The only wildcard is a single * character, which matches all hosts, and
1371 effectively disables the proxy. Each name in this list is matched as either
1372 a domain which contains the hostname, or the hostname itself. For example,
1373 local.com would match local.com, local.com:80, and www.local.com, but not
1376 Since 7.53.0, This option overrides the environment variables that disable the
1377 proxy. If there's an environment variable disabling a proxy, you can set
1378 noproxy list to \&"" to override it.
1382 (HTTP) Enables NTLM much in the style \fI--ntlm\fP does, but hand over the authentication
1383 to the separate binary ntlmauth application that is executed when needed.
1385 See also \fI--ntlm\fP and \fI--proxy-ntlm\fP.
1387 (HTTP) Enables NTLM authentication. The NTLM authentication method was designed by
1388 Microsoft and is used by IIS web servers. It is a proprietary protocol,
1389 reverse-engineered by clever people and implemented in curl based on their
1390 efforts. This kind of behavior should not be endorsed, you should encourage
1391 everyone who uses NTLM to switch to a public and documented authentication
1392 method instead, such as Digest.
1394 If you want to enable NTLM for your proxy authentication, then use
1397 If this option is used several times, only the first one is used.
1399 See also \fI--proxy-ntlm\fP. \fI--ntlm\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI--basic\fP and \fI--negotiated\fP and \fI--digest\fP and \fI--anyauth\fP.
1400 .IP "--oauth2-bearer <token>"
1401 (IMAP POP3 SMTP) Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token
1402 is used in conjunction with the user name which can be specified as part of
1403 the \fI--url\fP or \fI-u, --user\fP options.
1405 The Bearer Token and user name are formatted according to RFC 6750.
1407 If this option is used several times, the last one will be used.
1408 .IP "-o, --output <file>"
1409 Write output to <file> instead of stdout. If you are using {} or [] to fetch
1410 multiple documents, you can use '#' followed by a number in the <file>
1411 specifier. That variable will be replaced with the current string for the URL
1412 being fetched. Like in:
1414 curl http://{one,two}.example.com -o "file_#1.txt"
1416 or use several variables like:
1418 curl http://{site,host}.host[1-5].com -o "#1_#2"
1420 You may use this option as many times as the number of URLs you have. For
1421 example, if you specify two URLs on the same command line, you can use it like
1424 curl -o aa example.com -o bb example.net
1426 and the order of the -o options and the URLs doesn't matter, just that the
1427 first -o is for the first URL and so on, so the above command line can also be
1430 curl example.com example.net -o aa -o bb
1432 See also the \fI--create-dirs\fP option to create the local directories
1433 dynamically. Specifying the output as '-' (a single dash) will force the
1434 output to be done to stdout.
1436 See also \fI-O, --remote-name\fP and \fI--remote-name-all\fP and \fI-J, --remote-header-name\fP.
1437 .IP "--pass <phrase>"
1438 (SSH TLS) Passphrase for the private key
1440 If this option is used several times, the last one will be used.
1442 Tell curl to not handle sequences of /../ or /./ in the given URL
1443 path. Normally curl will squash or merge them according to standards but with
1444 this option set you tell it not to do that.
1447 .IP "--pinnedpubkey <hashes>"
1448 (TLS) Tells curl to use the specified public key file (or hashes) to verify the
1449 peer. This can be a path to a file which contains a single public key in PEM
1450 or DER format, or any number of base64 encoded sha256 hashes preceded by
1451 \'sha256//\' and separated by \';\'
1453 When negotiating a TLS or SSL connection, the server sends a certificate
1454 indicating its identity. A public key is extracted from this certificate and
1455 if it does not exactly match the public key provided to this option, curl will
1456 abort the connection before sending or receiving any data.
1459 7.39.0: OpenSSL, GnuTLS and GSKit
1460 7.43.0: NSS and wolfSSL/CyaSSL
1464 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
1467 Other SSL backends not supported.
1469 If this option is used several times, the last one will be used.
1471 (HTTP) Tells curl to respect RFC 7231/6.4.2 and not convert POST requests into GET
1472 requests when following a 301 redirection. The non-RFC behaviour is ubiquitous
1473 in web browsers, so curl does the conversion by default to maintain
1474 consistency. However, a server may require a POST to remain a POST after such
1475 a redirection. This option is meaningful only when using \fI-L, --location\fP.
1477 See also \fI--post302\fP and \fI--post303\fP and \fI-L, --location\fP. Added in 7.17.1.
1479 (HTTP) Tells curl to respect RFC 7231/6.4.3 and not convert POST requests into GET
1480 requests when following a 302 redirection. The non-RFC behaviour is ubiquitous
1481 in web browsers, so curl does the conversion by default to maintain
1482 consistency. However, a server may require a POST to remain a POST after such
1483 a redirection. This option is meaningful only when using \fI-L, --location\fP.
1485 See also \fI--post301\fP and \fI--post303\fP and \fI-L, --location\fP. Added in 7.19.1.
1487 (HTTP) Tells curl to respect RFC 7231/6.4.4 and not convert POST requests into GET
1488 requests when following a 303 redirection. The non-RFC behaviour is ubiquitous
1489 in web browsers, so curl does the conversion by default to maintain
1490 consistency. However, a server may require a POST to remain a POST after such
1491 a redirection. This option is meaningful only when using \fI-L, --location\fP.
1493 See also \fI--post302\fP and \fI--post301\fP and \fI-L, --location\fP. Added in 7.26.0.
1494 .IP "--preproxy [protocol://]host[:port]"
1495 Use the specified SOCKS proxy before connecting to an HTTP or HTTPS \fI-x, --proxy\fP. In
1496 such a case curl first connects to the SOCKS proxy and then connects (through
1497 SOCKS) to the HTTP or HTTPS proxy. Hence pre proxy.
1499 The pre proxy string should be specified with a protocol:// prefix to specify
1500 alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
1501 socks5h:// to request the specific SOCKS version to be used. No protocol
1502 specified will make curl default to SOCKS4.
1504 If the port number is not specified in the proxy string, it is assumed to be
1507 User and password that might be provided in the proxy string are URL decoded
1508 by curl. This allows you to pass in special characters such as @ by using %40
1509 or pass in a colon with %3a.
1511 If this option is used several times, the last one will be used.
1514 .IP "-#, --progress-bar"
1515 Make curl display transfer progress as a simple progress bar instead of the
1516 standard, more informational, meter.
1518 This progress bar draws a single line of '#' characters across the screen and
1519 shows a percentage if the transfer size is known. For transfers without a
1520 known size, there will be space ship (-=o=-) that moves back and forth but
1521 only while data is being transferred, with a set of flying hash sign symbols on
1523 .IP "--proto-default <protocol>"
1524 Tells curl to use \fIprotocol\fP for any URL missing a scheme name.
1528 curl --proto-default https ftp.mozilla.org
1530 An unknown or unsupported protocol causes error
1531 \fICURLE_UNSUPPORTED_PROTOCOL\fP (1).
1533 This option does not change the default proxy protocol (http).
1535 Without this option curl would make a guess based on the host, see \fI--url\fP for
1539 .IP "--proto-redir <protocols>"
1540 Tells curl to limit what protocols it may use on redirect. Protocols denied by
1541 \fI--proto\fP are not overridden by this option. See --proto for how protocols are
1544 Example, allow only HTTP and HTTPS on redirect:
1546 curl --proto-redir -all,http,https http://example.com
1548 By default curl will allow all protocols on redirect except several disabled
1549 for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
1550 SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP enables all
1551 protocols on redirect, including those disabled for security.
1554 .IP "--proto <protocols>"
1555 Tells curl to limit what protocols it may use in the transfer. Protocols are
1556 evaluated left to right, are comma separated, and are each a protocol name or
1557 'all', optionally prefixed by zero or more modifiers. Available modifiers are:
1561 Permit this protocol in addition to protocols already permitted (this is
1562 the default if no modifier is used).
1565 Deny this protocol, removing it from the list of protocols already permitted.
1568 Permit only this protocol (ignoring the list already permitted), though
1569 subject to later modification by subsequent entries in the comma separated
1576 .B \fI--proto\fP -ftps
1577 uses the default protocols, but disables ftps
1579 .B \fI--proto\fP -all,https,+http
1580 only enables http and https
1582 .B \fI--proto\fP =http,https
1583 also only enables http and https
1586 Unknown protocols produce a warning. This allows scripts to safely rely on
1587 being able to disable potentially dangerous protocols, without relying upon
1588 support for that protocol being built into curl to avoid an error.
1590 This option can be used multiple times, in which case the effect is the same
1591 as concatenating the protocols into one instance of the option.
1593 See also \fI--proto-redir\fP and \fI--proto-default\fP. Added in 7.20.2.
1594 .IP "--proxy-anyauth"
1595 Tells curl to pick a suitable authentication method when communicating with
1596 the given HTTP proxy. This might cause an extra request/response round-trip.
1598 See also \fI-x, --proxy\fP and \fI--proxy-basic\fP and \fI--proxy-digest\fP. Added in 7.13.2.
1600 Tells curl to use HTTP Basic authentication when communicating with the given
1601 proxy. Use \fI--basic\fP for enabling HTTP Basic with a remote host. Basic is the
1602 default authentication method curl uses with proxies.
1604 See also \fI-x, --proxy\fP and \fI--proxy-anyauth\fP and \fI--proxy-digest\fP.
1605 .IP "--proxy-cacert <file>"
1606 Same as \fI--cacert\fP but used in HTTPS proxy context.
1608 See also \fI--proxy-capath\fP and \fI--cacert\fP and \fI--capath\fP and \fI-x, --proxy\fP. Added in 7.52.0.
1609 .IP "--proxy-capath <dir>"
1610 Same as \fI--capath\fP but used in HTTPS proxy context.
1612 See also \fI--proxy-cacert\fP and \fI-x, --proxy\fP and \fI--capath\fP. Added in 7.52.0.
1613 .IP "--proxy-cert-type <type>"
1614 Same as \fI--cert-type\fP but used in HTTPS proxy context.
1617 .IP "--proxy-cert <cert[:passwd]>"
1618 Same as \fI-E, --cert\fP but used in HTTPS proxy context.
1621 .IP "--proxy-ciphers <list>"
1622 Same as \fI--ciphers\fP but used in HTTPS proxy context.
1625 .IP "--proxy-crlfile <file>"
1626 Same as \fI--crlfile\fP but used in HTTPS proxy context.
1629 .IP "--proxy-digest"
1630 Tells curl to use HTTP Digest authentication when communicating with the given
1631 proxy. Use \fI--digest\fP for enabling HTTP Digest with a remote host.
1633 See also \fI-x, --proxy\fP and \fI--proxy-anyauth\fP and \fI--proxy-basic\fP.
1634 .IP "--proxy-header <header/@file>"
1635 (HTTP) Extra header to include in the request when sending HTTP to a proxy. You may
1636 specify any number of extra headers. This is the equivalent option to \fI-H, --header\fP
1637 but is for proxy communication only like in CONNECT requests when you want a
1638 separate header sent to the proxy to what is sent to the actual remote host.
1640 curl will make sure that each header you add/replace is sent with the proper
1641 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
1642 content: do not add newlines or carriage returns, they will only mess things
1645 Headers specified with this option will not be included in requests that curl
1646 knows will not be sent to a proxy.
1648 Starting in 7.55.0, this option can take an argument in @filename style, which
1649 then adds a header for each line in the input file. Using @- will make curl
1650 read the header file from stdin.
1652 This option can be used multiple times to add/replace/remove multiple headers.
1655 .IP "--proxy-insecure"
1656 Same as \fI-k, --insecure\fP but used in HTTPS proxy context.
1659 .IP "--proxy-key-type <type>"
1660 Same as \fI--key-type\fP but used in HTTPS proxy context.
1663 .IP "--proxy-key <key>"
1664 Same as \fI--key\fP but used in HTTPS proxy context.
1665 .IP "--proxy-negotiate"
1666 Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating
1667 with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate (SPNEGO)
1670 See also \fI--proxy-anyauth\fP and \fI--proxy-basic\fP. Added in 7.17.1.
1672 Tells curl to use HTTP NTLM authentication when communicating with the given
1673 proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
1675 See also \fI--proxy-negotiate\fP and \fI--proxy-anyauth\fP.
1676 .IP "--proxy-pass <phrase>"
1677 Same as \fI--pass\fP but used in HTTPS proxy context.
1680 .IP "--proxy-pinnedpubkey <hashes>"
1681 (TLS) Tells curl to use the specified public key file (or hashes) to verify the
1682 proxy. This can be a path to a file which contains a single public key in PEM
1683 or DER format, or any number of base64 encoded sha256 hashes preceded by
1684 \'sha256//\' and separated by \';\'
1686 When negotiating a TLS or SSL connection, the server sends a certificate
1687 indicating its identity. A public key is extracted from this certificate and
1688 if it does not exactly match the public key provided to this option, curl will
1689 abort the connection before sending or receiving any data.
1691 If this option is used several times, the last one will be used.
1692 .IP "--proxy-service-name <name>"
1693 This option allows you to change the service name for proxy negotiation.
1696 .IP "--proxy-ssl-allow-beast"
1697 Same as \fI--ssl-allow-beast\fP but used in HTTPS proxy context.
1700 .IP "--proxy-tlsauthtype <type>"
1701 Same as \fI--tlsauthtype\fP but used in HTTPS proxy context.
1704 .IP "--proxy-tlspassword <string>"
1705 Same as \fI--tlspassword\fP but used in HTTPS proxy context.
1708 .IP "--proxy-tlsuser <name>"
1709 Same as \fI--tlsuser\fP but used in HTTPS proxy context.
1713 Same as \fI-1, --tlsv1\fP but used in HTTPS proxy context.
1716 .IP "-U, --proxy-user <user:password>"
1717 Specify the user name and password to use for proxy authentication.
1719 If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM
1720 authentication then you can tell curl to select the user name and password
1721 from your environment by specifying a single colon with this option: "-U :".
1723 If this option is used several times, the last one will be used.
1724 .IP "-x, --proxy [protocol://]host[:port]"
1725 Use the specified proxy.
1727 The proxy string can be specified with a protocol:// prefix. No protocol
1728 specified or http:// will be treated as HTTP proxy. Use socks4://, socks4a://,
1729 socks5:// or socks5h:// to request a specific SOCKS version to be used.
1730 (The protocol support was added in curl 7.21.7)
1732 HTTPS proxy support via https:// protocol prefix was added in 7.52.0 for
1733 OpenSSL, GnuTLS and NSS.
1735 Unrecognized and unsupported proxy protocols cause an error since 7.52.0.
1736 Prior versions may ignore the protocol and use http:// instead.
1738 If the port number is not specified in the proxy string, it is assumed to be
1741 This option overrides existing environment variables that set the proxy to
1742 use. If there's an environment variable setting a proxy, you can set proxy to
1743 \&"" to override it.
1745 All operations that are performed over an HTTP proxy will transparently be
1746 converted to HTTP. It means that certain protocol specific operations might
1747 not be available. This is not the case if you can tunnel through the proxy, as
1748 one with the \fI-p, --proxytunnel\fP option.
1750 User and password that might be provided in the proxy string are URL decoded
1751 by curl. This allows you to pass in special characters such as @ by using %40
1752 or pass in a colon with %3a.
1754 The proxy host can be specified the exact same way as the proxy environment
1755 variables, including the protocol prefix (http://) and the embedded user +
1758 If this option is used several times, the last one will be used.
1759 .IP "--proxy1.0 <host[:port]>"
1760 Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
1761 assumed at port 1080.
1763 The only difference between this and the HTTP proxy option \fI-x, --proxy\fP, is that
1764 attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol
1765 instead of the default HTTP 1.1.
1766 .IP "-p, --proxytunnel"
1767 When an HTTP proxy is used \fI-x, --proxy\fP, this option will cause non-HTTP protocols
1768 to attempt to tunnel through the proxy instead of merely using it to do
1769 HTTP-like operations. The tunnel approach is made with the HTTP proxy CONNECT
1770 request and requires that the proxy allows direct connect to the remote port
1771 number curl wants to tunnel through to.
1773 To suppress proxy CONNECT response headers when curl is set to output headers
1774 use \fI--suppress-connect-headers\fP.
1776 See also \fI-x, --proxy\fP.
1777 .IP "--pubkey <key>"
1778 (SFTP SCP) Public key file name. Allows you to provide your public key in this separate
1781 If this option is used several times, the last one will be used.
1783 (As of 7.39.0, curl attempts to automatically extract the public key from the
1784 private key file, so passing this option is generally not required. Note that
1785 this public key extraction requires libcurl to be linked against a copy of
1786 libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
1789 Send an arbitrary command to the remote FTP or SFTP server. Quote commands are
1790 sent BEFORE the transfer takes place (just after the initial PWD command in an
1791 FTP transfer, to be exact). To make commands take place after a successful
1792 transfer, prefix them with a dash '-'. To make commands be sent after curl
1793 has changed the working directory, just before the transfer command(s), prefix
1794 the command with a '+' (this is only supported for FTP). You may specify any
1797 If the server returns failure for one of the commands, the entire operation
1798 will be aborted. You must send syntactically correct FTP commands as RFC 959
1799 defines to FTP servers, or one of the commands listed below to SFTP servers.
1801 This option can be used multiple times. When speaking to an FTP server, prefix
1802 the command with an asterisk (*) to make curl continue even if the command
1803 fails as by default curl will stop at first failure.
1805 SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands
1806 itself before sending them to the server. File names may be quoted
1807 shell-style to embed spaces or special characters. Following is the list of
1808 all supported SFTP quote commands:
1810 .IP "chgrp group file"
1811 The chgrp command sets the group ID of the file named by the file operand to
1812 the group ID specified by the group operand. The group operand is a decimal
1814 .IP "chmod mode file"
1815 The chmod command modifies the file mode bits of the specified file. The
1816 mode operand is an octal integer mode number.
1817 .IP "chown user file"
1818 The chown command sets the owner of the file named by the file operand to the
1819 user ID specified by the user operand. The user operand is a decimal
1821 .IP "ln source_file target_file"
1822 The ln and symlink commands create a symbolic link at the target_file location
1823 pointing to the source_file location.
1824 .IP "mkdir directory_name"
1825 The mkdir command creates the directory named by the directory_name operand.
1827 The pwd command returns the absolute pathname of the current working directory.
1828 .IP "rename source target"
1829 The rename command renames the file or directory named by the source
1830 operand to the destination path named by the target operand.
1832 The rm command removes the file specified by the file operand.
1833 .IP "rmdir directory"
1834 The rmdir command removes the directory entry specified by the directory
1835 operand, provided it is empty.
1836 .IP "symlink source_file target_file"
1839 .IP "--random-file <file>"
1840 Specify the path name to file containing what will be considered as random
1841 data. The data may be used to seed the random engine for SSL connections. See
1842 also the \fI--egd-file\fP option.
1843 .IP "-r, --range <range>"
1844 (HTTP FTP SFTP FILE) Retrieve a byte range (i.e a partial document) from a HTTP/1.1, FTP or SFTP
1845 server or a local FILE. Ranges can be specified in a number of ways.
1849 specifies the first 500 bytes
1852 specifies the second 500 bytes
1855 specifies the last 500 bytes
1858 specifies the bytes from offset 9500 and forward
1861 specifies the first and last byte only(*)(HTTP)
1864 specifies two separate 100-byte ranges(*) (HTTP)
1867 (*) = NOTE that this will cause the server to reply with a multipart
1870 Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the
1871 \&'start-stop' range syntax. If a non-digit character is given in the range,
1872 the server's response will be unspecified, depending on the server's
1875 You should also be aware that many HTTP/1.1 servers do not have this feature
1876 enabled, so that when you attempt to get a range, you'll instead get the whole
1879 FTP and SFTP range downloads only support the simple 'start-stop' syntax
1880 (optionally with one of the numbers omitted). FTP use depends on the extended
1883 If this option is used several times, the last one will be used.
1885 (HTTP) When used, it disables all internal HTTP decoding of content or transfer
1886 encodings and instead makes them passed on unaltered, raw.
1889 .IP "-e, --referer <URL>"
1890 (HTTP) Sends the "Referrer Page" information to the HTTP server. This can also be set
1891 with the \fI-H, --header\fP flag of course. When used with \fI-L, --location\fP you can append
1892 ";auto" to the \fI-e, --referer\fP URL to make curl automatically set the previous URL
1893 when it follows a Location: header. The \&";auto" string can be used alone,
1894 even if you don't set an initial \fI-e, --referer\fP.
1896 If this option is used several times, the last one will be used.
1898 See also \fI-A, --user-agent\fP and \fI-H, --header\fP.
1899 .IP "-J, --remote-header-name"
1900 (HTTP) This option tells the \fI-O, --remote-name\fP option to use the server-specified
1901 Content-Disposition filename instead of extracting a filename from the URL.
1903 If the server specifies a file name and a file with that name already exists
1904 in the current working directory it will not be overwritten and an error will
1905 occur. If the server doesn't specify a file name then this option has no
1908 There's no attempt to decode %-sequences (yet) in the provided file name, so
1909 this option may provide you with rather unexpected file names.
1911 \fBWARNING\fP: Exercise judicious use of this option, especially on Windows. A
1912 rogue server could send you the name of a DLL or other file that could possibly
1913 be loaded automatically by Windows or some third party software.
1914 .IP "--remote-name-all"
1915 This option changes the default action for all given URLs to be dealt with as
1916 if \fI-O, --remote-name\fP were used for each one. So if you want to disable that for a
1917 specific URL after \fI--remote-name-all\fP has been used, you must use "-o -" or
1921 .IP "-O, --remote-name"
1922 Write output to a local file named like the remote file we get. (Only the file
1923 part of the remote file is used, the path is cut off.)
1925 The file will be saved in the current working directory. If you want the file
1926 saved in a different directory, make sure you change the current working
1927 directory before invoking curl with this option.
1929 The remote file name to use for saving is extracted from the given URL,
1930 nothing else, and if it already exists it will be overwritten. If you want the
1931 server to be able to choose the file name refer to \fI-J, --remote-header-name\fP which
1932 can be used in addition to this option. If the server chooses a file name and
1933 that name already exists it will not be overwritten.
1935 There is no URL decoding done on the file name. If it has %20 or other URL
1936 encoded parts of the name, they will end up as-is as file name.
1938 You may use this option as many times as the number of URLs you have.
1939 .IP "-R, --remote-time"
1940 When used, this will make curl attempt to figure out the timestamp of the
1941 remote file, and if that is available make the local file get that same
1943 .IP "--request-target"
1944 (HTTP) Tells curl to use an alternative "target" (path) instead of using the path as
1945 provided in the URL. Particularly useful when wanting to issue HTTP requests
1946 without leading slash or other data that doesn't follow the regular URL
1947 pattern, like "OPTIONS *".
1950 .IP "-X, --request <command>"
1951 (HTTP) Specifies a custom request method to use when communicating with the
1952 HTTP server. The specified request method will be used instead of the method
1953 otherwise used (which defaults to GET). Read the HTTP 1.1 specification for
1954 details and explanations. Common additional HTTP requests include PUT and
1955 DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
1958 Normally you don't need this option. All sorts of GET, HEAD, POST and PUT
1959 requests are rather invoked by using dedicated command line options.
1961 This option only changes the actual word used in the HTTP request, it does not
1962 alter the way curl behaves. So for example if you want to make a proper HEAD
1963 request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP option.
1965 The method string you set with \fI-X, --request\fP will be used for all requests, which
1966 if you for example use \fI-L, --location\fP may cause unintended side-effects when curl
1967 doesn't change request method according to the HTTP 30x response codes - and
1971 Specifies a custom FTP command to use instead of LIST when doing file lists
1975 Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
1979 Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
1982 Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in 7.34.0)
1984 If this option is used several times, the last one will be used.
1985 .IP "--resolve <host:port:address[,address]...>"
1986 Provide a custom address for a specific host and port pair. Using this, you
1987 can make the curl requests(s) use a specified address and prevent the
1988 otherwise normally resolved address to be used. Consider it a sort of
1989 /etc/hosts alternative provided on the command line. The port number should be
1990 the number used for the specific protocol the host will be used for. It means
1991 you need several entries if you want to provide address for the same host but
1994 The provided address set by this option will be used even if \fI-4, --ipv4\fP or \fI-6, --ipv6\fP
1995 is set to make curl use another IP version.
1997 Support for providing the IP address within [brackets] was added in 7.57.0.
1999 Support for providing multiple IP addresses per entry was added in 7.59.0.
2001 This option can be used many times to add many host names to resolve.
2004 .IP "--retry-connrefused"
2005 In addition to the other conditions, consider ECONNREFUSED as a transient
2006 error too for \fI--retry\fP. This option is used together with --retry.
2009 .IP "--retry-delay <seconds>"
2010 Make curl sleep this amount of time before each retry when a transfer has
2011 failed with a transient error (it changes the default backoff time algorithm
2012 between retries). This option is only interesting if \fI--retry\fP is also
2013 used. Setting this delay to zero will make curl use the default backoff time.
2015 If this option is used several times, the last one will be used.
2018 .IP "--retry-max-time <seconds>"
2019 The retry timer is reset before the first transfer attempt. Retries will be
2020 done as usual (see \fI--retry\fP) as long as the timer hasn't reached this given
2021 limit. Notice that if the timer hasn't reached the limit, the request will be
2022 made and while performing, it may take longer than this given time period. To
2023 limit a single request\'s maximum time, use \fI-m, --max-time\fP. Set this option to
2024 zero to not timeout retries.
2026 If this option is used several times, the last one will be used.
2030 If a transient error is returned when curl tries to perform a transfer, it
2031 will retry this number of times before giving up. Setting the number to 0
2032 makes curl do no retries (which is the default). Transient error means either:
2033 a timeout, an FTP 4xx response code or an HTTP 5xx response code.
2035 When curl is about to retry a transfer, it will first wait one second and then
2036 for all forthcoming retries it will double the waiting time until it reaches
2037 10 minutes which then will be the delay between the rest of the retries. By
2038 using \fI--retry-delay\fP you disable this exponential backoff algorithm. See also
2039 \fI--retry-max-time\fP to limit the total time allowed for retries.
2041 If this option is used several times, the last one will be used.
2045 Enable initial response in SASL authentication.
2048 .IP "--service-name <name>"
2049 This option allows you to change the service name for SPNEGO.
2051 Examples: \fI--negotiate\fP \fI--service-name\fP sockd would use sockd/server-name.
2054 .IP "-S, --show-error"
2055 When used with \fI-s, --silent\fP, it makes curl show an error message if it fails.
2057 Silent or quiet mode. Don't show progress meter or error messages. Makes Curl
2058 mute. It will still output the data you ask for, potentially even to the
2059 terminal/stdout unless you redirect it.
2061 Use \fI-S, --show-error\fP in addition to this option to disable progress meter but
2062 still show error messages.
2064 See also \fI-v, --verbose\fP and \fI--stderr\fP.
2065 .IP "--socks4 <host[:port]>"
2066 Use the specified SOCKS4 proxy. If the port number is not specified, it is
2067 assumed at port 1080.
2069 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
2072 Since 7.21.7, this option is superfluous since you can specify a socks4 proxy
2073 with \fI-x, --proxy\fP using a socks4:// protocol prefix.
2075 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
2076 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
2077 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
2079 If this option is used several times, the last one will be used.
2082 .IP "--socks4a <host[:port]>"
2083 Use the specified SOCKS4a proxy. If the port number is not specified, it is
2084 assumed at port 1080.
2086 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
2089 Since 7.21.7, this option is superfluous since you can specify a socks4a proxy
2090 with \fI-x, --proxy\fP using a socks4a:// protocol prefix.
2092 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
2093 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
2094 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
2096 If this option is used several times, the last one will be used.
2099 .IP "--socks5-basic"
2100 Tells curl to use username/password authentication when connecting to a SOCKS5
2101 proxy. The username/password authentication is enabled by default. Use
2102 \fI--socks5-gssapi\fP to force GSS-API authentication to SOCKS5 proxies.
2105 .IP "--socks5-gssapi-nec"
2106 As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961
2107 says in section 4.3/4.4 it should be protected, but the NEC reference
2108 implementation does not. The option \fI--socks5-gssapi-nec\fP allows the
2109 unprotected exchange of the protection mode negotiation.
2112 .IP "--socks5-gssapi-service <name>"
2113 The default service name for a socks server is rcmd/server-fqdn. This option
2114 allows you to change it.
2116 Examples: \fI--socks5\fP proxy-name \fI--socks5-gssapi-service\fP sockd would use
2117 sockd/proxy-name \fI--socks5\fP proxy-name \fI--socks5-gssapi-service\fP sockd/real-name
2118 would use sockd/real-name for cases where the proxy-name does not match the
2122 .IP "--socks5-gssapi"
2123 Tells curl to use GSS-API authentication when connecting to a SOCKS5 proxy.
2124 The GSS-API authentication is enabled by default (if curl is compiled with
2125 GSS-API support). Use \fI--socks5-basic\fP to force username/password authentication
2129 .IP "--socks5-hostname <host[:port]>"
2130 Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
2131 the port number is not specified, it is assumed at port 1080.
2133 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
2136 Since 7.21.7, this option is superfluous since you can specify a socks5
2137 hostname proxy with \fI-x, --proxy\fP using a socks5h:// protocol prefix.
2139 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
2140 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
2141 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
2143 If this option is used several times, the last one will be used.
2146 .IP "--socks5 <host[:port]>"
2147 Use the specified SOCKS5 proxy - but resolve the host name locally. If the
2148 port number is not specified, it is assumed at port 1080.
2150 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
2153 Since 7.21.7, this option is superfluous since you can specify a socks5 proxy
2154 with \fI-x, --proxy\fP using a socks5:// protocol prefix.
2156 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
2157 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
2158 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
2160 If this option is used several times, the last one will be used.
2162 This option (as well as \fI--socks4\fP) does not work with IPV6, FTPS or LDAP.
2165 .IP "-Y, --speed-limit <speed>"
2166 If a download is slower than this given speed (in bytes per second) for
2167 speed-time seconds it gets aborted. speed-time is set with \fI-y, --speed-time\fP and is
2170 If this option is used several times, the last one will be used.
2171 .IP "-y, --speed-time <seconds>"
2172 If a download is slower than speed-limit bytes per second during a speed-time
2173 period, the download gets aborted. If speed-time is used, the default
2174 speed-limit will be 1 unless set with \fI-Y, --speed-limit\fP.
2176 This option controls transfers and thus will not affect slow connects etc. If
2177 this is a concern for you, try the \fI--connect-timeout\fP option.
2179 If this option is used several times, the last one will be used.
2180 .IP "--ssl-allow-beast"
2181 This option tells curl to not work around a security flaw in the SSL3 and
2182 TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may
2183 use workarounds known to cause interoperability problems with some older SSL
2184 implementations. WARNING: this option loosens the SSL security, and by using
2185 this flag you ask for exactly that.
2188 .IP "--ssl-no-revoke"
2189 (WinSSL) This option tells curl to disable certificate revocation checks.
2190 WARNING: this option loosens the SSL security, and by using this flag you ask
2195 (FTP IMAP POP3 SMTP) Require SSL/TLS for the connection. Terminates the connection if the server
2196 doesn't support SSL/TLS.
2198 This option was formerly known as --ftp-ssl-reqd.
2202 (FTP IMAP POP3 SMTP)
2203 Try to use SSL/TLS for the connection. Reverts to a non-secure connection if
2204 the server doesn't support SSL/TLS. See also \fI--ftp-ssl-control\fP and \fI--ssl-reqd\fP
2205 for different levels of encryption required.
2207 This option was formerly known as --ftp-ssl (Added in 7.11.0). That option
2208 name can still be used but will be removed in a future version.
2212 (SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
2213 server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
2214 considered insecure (see RFC 6176).
2216 See also \fI--http1.1\fP and \fI--http2\fP. \fI-2, --sslv2\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI-3, --sslv3\fP and \fI-1, --tlsv1\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP.
2218 (SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
2219 server. Sometimes curl is built without SSLv3 support. SSLv3 is widely
2220 considered insecure (see RFC 7568).
2222 See also \fI--http1.1\fP and \fI--http2\fP. \fI-3, --sslv3\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI-2, --sslv2\fP and \fI-1, --tlsv1\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP.
2224 Redirect all writes to stderr to the specified file instead. If the file name
2225 is a plain '-', it is instead written to stdout.
2227 If this option is used several times, the last one will be used.
2229 See also \fI-v, --verbose\fP and \fI-s, --silent\fP.
2230 .IP "--suppress-connect-headers"
2231 When \fI-p, --proxytunnel\fP is used and a CONNECT request is made don't output proxy
2232 CONNECT response headers. This option is meant to be used with \fI-D, --dump-header\fP or
2233 \fI-i, --include\fP which are used to show protocol headers in the output. It has no
2234 effect on debug options such as \fI-v, --verbose\fP or \fI--trace\fP, or any statistics.
2236 See also \fI-D, --dump-header\fP and \fI-i, --include\fP and \fI-p, --proxytunnel\fP.
2237 .IP "--tcp-fastopen"
2238 Enable use of TCP Fast Open (RFC7413).
2242 Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for
2243 details about this option.
2245 Since 7.50.2, curl sets this option by default and you need to explicitly
2246 switch it off if you don't want it on.
2249 .IP "-t, --telnet-option <opt=val>"
2250 Pass options to the telnet protocol. Supported options are:
2252 TTYPE=<term> Sets the terminal type.
2254 XDISPLOC=<X display> Sets the X display location.
2256 NEW_ENV=<var,val> Sets an environment variable.
2257 .IP "--tftp-blksize <value>"
2258 (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that curl will
2259 try to use when transferring data to or from a TFTP server. By default 512
2262 If this option is used several times, the last one will be used.
2265 .IP "--tftp-no-options"
2266 (TFTP) Tells curl not to send TFTP options requests.
2268 This option improves interop with some legacy servers that do not acknowledge
2269 or properly implement TFTP options. When this option is used \fI--tftp-blksize\fP is
2273 .IP "-z, --time-cond <time>"
2274 (HTTP FTP) Request a file that has been modified later than the given time and date, or
2275 one that has been modified before that time. The <date expression> can be all
2276 sorts of date strings or if it doesn't match any internal ones, it is taken as
2277 a filename and tries to get the modification date (mtime) from <file>
2278 instead. See the \fIcurl_getdate(3)\fP man pages for date expression details.
2280 Start the date expression with a dash (-) to make it request for a document
2281 that is older than the given date/time, default is a document that is newer
2282 than the specified date/time.
2284 If this option is used several times, the last one will be used.
2285 .IP "--tls-max <VERSION>"
2286 (SSL) VERSION defines maximum supported TLS version. A minimum is defined
2287 by arguments tlsv1.0 or tlsv1.1 or tlsv1.2.
2291 Use up to recommended TLS version.
2302 See also \fI--tlsv1.0\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP. \fI--tls-max\fP requires that the underlying libcurl was built to support TLS. Added in 7.54.0.
2303 .IP "--tlsauthtype <type>"
2304 Set TLS authentication type. Currently, the only supported option is "SRP",
2305 for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are specified but
2306 \fI--tlsauthtype\fP is not, then this option defaults to "SRP". This option works
2307 only if the underlying libcurl is built with TLS-SRP support, which requires
2308 OpenSSL or GnuTLS with TLS-SRP support.
2312 Set password for use with the TLS authentication method specified with
2313 \fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set.
2316 .IP "--tlsuser <name>"
2317 Set username for use with the TLS authentication method specified with
2318 \fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also is set.
2322 (TLS) Forces curl to use TLS version 1.0 when connecting to a remote TLS server.
2326 (TLS) Forces curl to use TLS version 1.1 when connecting to a remote TLS server.
2330 (TLS) Forces curl to use TLS version 1.2 when connecting to a remote TLS server.
2334 (TLS) Forces curl to use TLS version 1.3 when connecting to a remote TLS server.
2336 Note that TLS 1.3 is only supported by a subset of TLS backends. At the time
2337 of this writing, they are BoringSSL, NSS, and Secure Transport (on iOS 11 or
2338 later, and macOS 10.13 or later).
2342 (SSL) Tells curl to use TLS version 1.x when negotiating with a remote TLS
2343 server. That means TLS version 1.0, 1.1 or 1.2.
2345 See also \fI--http1.1\fP and \fI--http2\fP. \fI-1, --tlsv1\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI--tlsv1.1\fP and \fI--tlsv1.2\fP and \fI--tlsv1.3\fP.
2347 (HTTP) Request a compressed Transfer-Encoding response using one of the algorithms
2348 curl supports, and uncompress the data while receiving it.
2351 .IP "--trace-ascii <file>"
2352 Enables a full trace dump of all incoming and outgoing data, including
2353 descriptive information, to the given output file. Use "-" as filename to have
2354 the output sent to stdout.
2356 This is very similar to \fI--trace\fP, but leaves out the hex part and only shows
2357 the ASCII part of the dump. It makes smaller output that might be easier to
2358 read for untrained humans.
2360 If this option is used several times, the last one will be used.
2362 This option overrides \fI--trace\fP and \fI-v, --verbose\fP.
2364 Prepends a time stamp to each trace or verbose line that curl displays.
2367 .IP "--trace <file>"
2368 Enables a full trace dump of all incoming and outgoing data, including
2369 descriptive information, to the given output file. Use "-" as filename to have
2370 the output sent to stdout. Use "%" as filename to have the output sent to
2373 If this option is used several times, the last one will be used.
2375 This option overrides \fI-v, --verbose\fP and \fI--trace-ascii\fP.
2376 .IP "--unix-socket <path>"
2377 (HTTP) Connect through this Unix domain socket, instead of using the network.
2380 .IP "-T, --upload-file <file>"
2381 This transfers the specified local file to the remote URL. If there is no file
2382 part in the specified URL, curl will append the local file name. NOTE that you
2383 must use a trailing / on the last directory to really prove to Curl that there
2384 is no file name or curl will think that your last directory name is the remote
2385 file name to use. That will most likely cause the upload operation to fail. If
2386 this is used on an HTTP(S) server, the PUT command will be used.
2388 Use the file name "-" (a single dash) to use stdin instead of a given file.
2389 Alternately, the file name "." (a single period) may be specified instead
2390 of "-" to use stdin in non-blocking mode to allow reading server output
2391 while stdin is being uploaded.
2393 You can specify one \fI-T, --upload-file\fP for each URL on the command line. Each
2394 \fI-T, --upload-file\fP + URL pair specifies what to upload and to where. curl also
2395 supports "globbing" of the \fI-T, --upload-file\fP argument, meaning that you can upload
2396 multiple files to a single URL by using the same URL globbing style supported
2397 in the URL, like this:
2399 curl --upload-file "{file1,file2}" http://www.example.com
2403 curl -T "img[1-1000].png" ftp://ftp.example.com/upload/
2405 When uploading to an SMTP server: the uploaded data is assumed to be RFC 5322
2406 formatted. It has to feature the necessary set of headers and mail body
2407 formatted correctly by the user as curl will not transcode nor encode it
2410 Specify a URL to fetch. This option is mostly handy when you want to specify
2411 URL(s) in a config file.
2413 If the given URL is missing a scheme name (such as "http://" or "ftp://" etc)
2414 then curl will make a guess based on the host. If the outermost sub-domain
2415 name matches DICT, FTP, IMAP, LDAP, POP3 or SMTP then that protocol will be
2416 used, otherwise HTTP will be used. Since 7.45.0 guessing can be disabled by
2417 setting a default protocol, see \fI--proto-default\fP for details.
2419 This option may be used any number of times. To control where this URL is
2420 written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options.
2421 .IP "-B, --use-ascii"
2422 (FTP LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using a URL that
2423 ends with ";type=A". This option causes data sent to stdout to be in text mode
2425 .IP "-A, --user-agent <name>"
2427 Specify the User-Agent string to send to the HTTP server. To encode blanks in
2428 the string, surround the string with single quote marks. This can also be set
2429 with the \fI-H, --header\fP option of course.
2431 If this option is used several times, the last one will be used.
2432 .IP "-u, --user <user:password>"
2433 Specify the user name and password to use for server authentication. Overrides
2434 \fI-n, --netrc\fP and \fI--netrc-optional\fP.
2436 If you simply specify the user name, curl will prompt for a password.
2438 The user name and passwords are split up on the first colon, which makes it
2439 impossible to use a colon in the user name with this option. The password can,
2442 When using Kerberos V5 with a Windows based server you should include the
2443 Windows domain name in the user name, in order for the server to successfully
2444 obtain a Kerberos Ticket. If you don't then the initial authentication
2447 When using NTLM, the user name can be specified simply as the user name,
2448 without the domain, if there is a single domain and forest in your setup
2451 To specify the domain name use either Down-Level Logon Name or UPN (User
2452 Principal Name) formats. For example, EXAMPLE\\user and user@example.com
2455 If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
2456 Negotiate, NTLM or Digest authentication then you can tell curl to select
2457 the user name and password from your environment by specifying a single colon
2458 with this option: "-u :".
2460 If this option is used several times, the last one will be used.
2462 Makes curl verbose during the operation. Useful for debugging and seeing
2463 what's going on "under the hood". A line starting with '>' means "header data"
2464 sent by curl, '<' means "header data" received by curl that is hidden in
2465 normal cases, and a line starting with '*' means additional info provided by
2468 If you only want HTTP headers in the output, \fI-i, --include\fP might be the option
2471 If you think this option still doesn't give you enough details, consider using
2472 \fI--trace\fP or \fI--trace-ascii\fP instead.
2474 Use \fI-s, --silent\fP to make curl really quiet.
2476 See also \fI-i, --include\fP. This option overrides \fI--trace\fP and \fI--trace-ascii\fP.
2478 Displays information about curl and the libcurl version it uses.
2480 The first line includes the full version of curl, libcurl and other 3rd party
2481 libraries linked with the executable.
2483 The second line (starts with "Protocols:") shows all protocols that libcurl
2486 The third line (starts with "Features:") shows specific features libcurl
2487 reports to offer. Available features include:
2490 You can use IPv6 with this.
2492 Krb4 for FTP is supported.
2494 SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
2497 Automatic decompression of compressed files over HTTP is supported.
2499 NTLM authentication is supported.
2501 This curl uses a libcurl built with Debug. This enables more error-tracking
2502 and memory debugging etc. For curl-developers only!
2504 This curl uses asynchronous name resolves. Asynchronous name resolves can be
2505 done using either the c-ares or the threaded resolver backends.
2507 SPNEGO authentication is supported.
2509 This curl supports transfers of large files, files larger than 2GB.
2511 This curl supports IDN - international domain names.
2513 GSS-API is supported.
2517 SRP (Secure Remote Password) authentication is supported for TLS.
2519 HTTP/2 support has been built-in.
2521 Unix sockets support is provided.
2523 This curl is built to support HTTPS proxy.
2525 This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
2526 describes mirrors and hashes. curl will use mirrors for failover if
2527 there are errors (such as the file or server not being available).
2529 PSL is short for Public Suffix List and means that this curl has been built
2530 with knowledge about "public suffixes".
2532 .IP "-w, --write-out <format>"
2533 Make curl display information on stdout after a completed transfer. The format
2534 is a string that may contain plain text mixed with any number of
2535 variables. The format can be specified as a literal "string", or you can have
2536 curl read the format from a file with "@filename" and to tell curl to read the
2537 format from stdin you write "@-".
2539 The variables present in the output format will be substituted by the value or
2540 text that curl thinks fit, as described below. All variables are specified as
2541 %{variable_name} and to output a normal % you just write them as %%. You can
2542 output a newline by using \\n, a carriage return with \\r and a tab space with
2546 The %-symbol is a special symbol in the win32-environment, where all
2547 occurrences of % must be doubled when using this option.
2549 The variables available are:
2553 The Content-Type of the requested document, if there was any.
2555 .B filename_effective
2556 The ultimate filename that curl writes out to. This is only meaningful if curl
2557 is told to write to a file with the \fI-O, --remote-name\fP or \fI-o, --output\fP
2558 option. It's most useful in combination with the \fI-J, --remote-header-name\fP
2559 option. (Added in 7.26.0)
2562 The initial path curl ended up in when logging on to the remote FTP
2563 server. (Added in 7.15.4)
2566 The numerical response code that was found in the last retrieved HTTP(S) or
2567 FTP(s) transfer. In 7.18.2 the alias \fBresponse_code\fP was added to show the
2571 The numerical code that was found in the last response (from a proxy) to a
2572 curl CONNECT request. (Added in 7.12.4)
2575 The http version that was effectively used. (Added in 7.50.0)
2578 The IP address of the local end of the most recently done connection - can be
2579 either IPv4 or IPv6 (Added in 7.29.0)
2582 The local port number of the most recently done connection (Added in 7.29.0)
2585 Number of new connects made in the recent transfer. (Added in 7.12.3)
2588 Number of redirects that were followed in the request. (Added in 7.12.3)
2590 .B proxy_ssl_verify_result
2591 The result of the HTTPS proxy's SSL peer certificate verification that was
2592 requested. 0 means the verification was successful. (Added in 7.52.0)
2595 When an HTTP request was made without \fI-L, --location\fP to follow redirects (or when
2596 --max-redir is met), this variable will show the actual URL a redirect
2597 \fIwould\fP have gone to. (Added in 7.18.2)
2600 The remote IP address of the most recently done connection - can be either
2601 IPv4 or IPv6 (Added in 7.29.0)
2604 The remote port number of the most recently done connection (Added in 7.29.0)
2607 The URL scheme (sometimes called protocol) that was effectively used (Added in 7.52.0)
2610 The total amount of bytes that were downloaded.
2613 The total amount of bytes of the downloaded headers.
2616 The total amount of bytes that were sent in the HTTP request.
2619 The total amount of bytes that were uploaded.
2622 The average download speed that curl measured for the complete download. Bytes
2626 The average upload speed that curl measured for the complete upload. Bytes per
2629 .B ssl_verify_result
2630 The result of the SSL peer certificate verification that was requested. 0
2631 means the verification was successful. (Added in 7.19.0)
2634 The time, in seconds, it took from the start until the SSL/SSH/etc
2635 connect/handshake to the remote host was completed. (Added in 7.19.0)
2638 The time, in seconds, it took from the start until the TCP connect to the
2639 remote host (or proxy) was completed.
2642 The time, in seconds, it took from the start until the name resolving was
2646 The time, in seconds, it took from the start until the file transfer was just
2647 about to begin. This includes all pre-transfer commands and negotiations that
2648 are specific to the particular protocol(s) involved.
2651 The time, in seconds, it took for all redirection steps including name lookup,
2652 connect, pretransfer and transfer before the final transaction was
2653 started. time_redirect shows the complete execution time for multiple
2654 redirections. (Added in 7.12.3)
2656 .B time_starttransfer
2657 The time, in seconds, it took from the start until the first byte was just
2658 about to be transferred. This includes time_pretransfer and also the time the
2659 server needed to calculate the result.
2662 The total time, in seconds, that the full operation lasted.
2665 The URL that was fetched last. This is most meaningful if you've told curl
2666 to follow location: headers.
2669 If this option is used several times, the last one will be used.
2671 When saving output to a file, this option tells curl to store certain file
2672 metadata in extended file attributes. Currently, the URL is stored in the
2673 xdg.origin.url attribute and, for HTTP, the content type is stored in
2674 the mime_type attribute. If the file system does not support extended
2675 attributes, a warning is issued.
2679 Default config file, see \fI-K, --config\fP for details.
2681 The environment variables can be specified in lower case or upper case. The
2682 lower case version has precedence. http_proxy is an exception as it is only
2683 available in lower case.
2685 Using an environment variable to set the proxy has the same effect as using
2686 the \fI-x, --proxy\fP option.
2688 .IP "http_proxy [protocol://]<host>[:port]"
2689 Sets the proxy server to use for HTTP.
2690 .IP "HTTPS_PROXY [protocol://]<host>[:port]"
2691 Sets the proxy server to use for HTTPS.
2692 .IP "[url-protocol]_PROXY [protocol://]<host>[:port]"
2693 Sets the proxy server to use for [url-protocol], where the protocol is a
2694 protocol that curl supports and as specified in a URL. FTP, FTPS, POP3, IMAP,
2696 .IP "ALL_PROXY [protocol://]<host>[:port]"
2697 Sets the proxy server to use if no protocol-specific proxy is set.
2698 .IP "NO_PROXY <comma-separated list of hosts>"
2699 list of host names that shouldn't go through any proxy. If set to a asterisk
2700 \&'*' only, it matches all hosts.
2702 This environment variable disables use of the proxy even when specified with
2703 the \fI-x, --proxy\fP option. That is
2704 .B NO_PROXY=direct.example.com curl -x http://proxy.example.com
2705 .B http://direct.example.com
2706 accesses the target URL directly, and
2707 .B NO_PROXY=direct.example.com curl -x http://proxy.example.com
2708 .B http://somewhere.example.com
2709 accesses the target URL through the proxy.
2711 The list of host names can also be include numerical IP addresses, and IPv6
2712 versions should then be given without enclosing brackets.
2714 .SH "PROXY PROTOCOL PREFIXES"
2715 Since curl version 7.21.7, the proxy string may be specified with a
2716 protocol:// prefix to specify alternative proxy protocols.
2718 If no protocol is specified in the proxy string or if the string doesn't match
2719 a supported one, the proxy will be treated as an HTTP proxy.
2721 The supported proxy protocol prefixes are as follows:
2723 Makes it use it as a HTTP proxy. The default if no scheme prefix is used.
2725 Makes it treated as a \fBHTTPS\fP proxy.
2727 Makes it the equivalent of \fI--socks4\fP
2729 Makes it the equivalent of \fI--socks4a\fP
2731 Makes it the equivalent of \fI--socks5\fP
2733 Makes it the equivalent of \fI--socks5-hostname\fP
2735 There are a bunch of different error codes and their corresponding error
2736 messages that may appear during bad conditions. At the time of this writing,
2739 Unsupported protocol. This build of curl has no support for this protocol.
2741 Failed to initialize.
2743 URL malformed. The syntax was not correct.
2745 A feature or option that was needed to perform the desired request was not
2746 enabled or was explicitly disabled at build-time. To make curl able to do
2747 this, you probably need another build of libcurl!
2749 Couldn't resolve proxy. The given proxy host could not be resolved.
2751 Couldn't resolve host. The given remote host was not resolved.
2753 Failed to connect to host.
2755 Weird server reply. The server sent data curl couldn't parse.
2757 FTP access denied. The server denied login or denied access to the particular
2758 resource or directory you wanted to reach. Most often you tried to change to a
2759 directory that doesn't exist on the server.
2761 FTP accept failed. While waiting for the server to connect back when an active
2762 FTP session is used, an error code was sent over the control connection or
2765 FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request.
2767 During an active FTP session while waiting for the server to connect back to
2768 curl, the timeout expired.
2770 FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request.
2772 FTP weird 227 format. Curl couldn't parse the 227-line the server sent.
2774 FTP can't get host. Couldn't resolve the host IP we got in the 227-line.
2776 HTTP/2 error. A problem was detected in the HTTP2 framing layer. This is
2777 somewhat generic and can be one out of several problems, see the error message
2780 FTP couldn't set binary. Couldn't change transfer method to binary.
2782 Partial file. Only a part of the file was transferred.
2784 FTP couldn't download/access the given file, the RETR (or similar) command
2787 FTP quote error. A quote command returned error from the server.
2789 HTTP page not retrieved. The requested url was not found or returned another
2790 error with the HTTP error code being 400 or above. This return code only
2791 appears if \fI-f, --fail\fP is used.
2793 Write error. Curl couldn't write data to a local filesystem or similar.
2795 FTP couldn't STOR file. The server denied the STOR operation, used for FTP
2798 Read error. Various reading problems.
2800 Out of memory. A memory allocation request failed.
2802 Operation timeout. The specified time-out period was reached according to the
2805 FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT
2806 command, try doing a transfer using PASV instead!
2808 FTP couldn't use REST. The REST command failed. This command is used for
2809 resumed FTP transfers.
2811 HTTP range error. The range "command" didn't work.
2813 HTTP post error. Internal post-request generation error.
2815 SSL connect error. The SSL handshaking failed.
2817 Bad download resume. Couldn't continue an earlier aborted download.
2819 FILE couldn't read file. Failed to open the file. Permissions?
2821 LDAP cannot bind. LDAP bind operation failed.
2825 Function not found. A required LDAP function was not found.
2827 Aborted by callback. An application told curl to abort the operation.
2829 Internal error. A function was called with a bad parameter.
2831 Interface error. A specified outgoing interface could not be used.
2833 Too many redirects. When following redirects, curl hit the maximum amount.
2835 Unknown option specified to libcurl. This indicates that you passed a weird
2836 option to curl that was passed on to libcurl and rejected. Read up in the
2839 Malformed telnet option.
2841 The peer's SSL certificate or SSH MD5 fingerprint was not OK.
2843 The server didn't reply anything, which here is considered an error.
2845 SSL crypto engine not found.
2847 Cannot set SSL crypto engine as default.
2849 Failed sending network data.
2851 Failure in receiving network data.
2853 Problem with the local certificate.
2855 Couldn't use specified SSL cipher.
2857 Peer certificate cannot be authenticated with known CA certificates.
2859 Unrecognized transfer encoding.
2863 Maximum file size exceeded.
2865 Requested FTP SSL level failed.
2867 Sending the data requires a rewind that failed.
2869 Failed to initialise SSL Engine.
2871 The user name, password, or similar was not accepted and curl failed to log in.
2873 File not found on TFTP server.
2875 Permission problem on TFTP server.
2877 Out of disk space on TFTP server.
2879 Illegal TFTP operation.
2881 Unknown TFTP transfer ID.
2883 File already exists (TFTP).
2885 No such user (TFTP).
2887 Character conversion failed.
2889 Character conversion functions required.
2891 Problem with reading the SSL CA cert (path? access rights?).
2893 The resource referenced in the URL does not exist.
2895 An unspecified error occurred during the SSH session.
2897 Failed to shut down the SSL connection.
2899 Could not load CRL file, missing or wrong format (added in 7.19.0).
2901 Issuer check failed (added in 7.19.0).
2903 The FTP PRET command failed
2905 RTSP: mismatch of CSeq numbers
2907 RTSP: mismatch of Session Identifiers
2909 unable to parse FTP file list
2911 FTP chunk callback reported error
2913 No connection available, the session will be queued
2915 SSL public key does not matched pinned public key
2917 Invalid SSL certificate status.
2919 Stream error in HTTP/2 framing layer.
2921 More error codes will appear here in future releases. The existing ones
2922 are meant to never change.
2923 .SH AUTHORS / CONTRIBUTORS
2924 Daniel Stenberg is the main author, but the whole list of contributors is
2925 found in the separate THANKS file.
2927 https://curl.haxx.se