1 .\" **************************************************************************
3 .\" * Project ___| | | | _ \| |
4 .\" * / __| | | | |_) | |
5 .\" * | (__| |_| | _ <| |___
6 .\" * \___|\___/|_| \_\_____|
8 .\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
10 .\" * This software is licensed as described in the file COPYING, which
11 .\" * you should have received as part of this distribution. The terms
12 .\" * are also available at https://curl.haxx.se/docs/copyright.html.
14 .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 .\" * copies of the Software, and permit persons to whom the Software is
16 .\" * furnished to do so, under the terms of the COPYING file.
18 .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 .\" * KIND, either express or implied.
21 .\" **************************************************************************
23 .\" DO NOT EDIT. Generated by the curl project gen.pl man page generator.
25 .TH curl 1 "16 Dec 2016" "Curl 7.52.0" "Curl Manual"
27 curl \- transfer a URL
33 is a tool to transfer data from or to a server, using one of the supported
34 protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP,
35 LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET
36 and TFTP). The command is designed to work without user interaction.
38 curl offers a busload of useful tricks like proxy support, user
39 authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
40 resume, Metalink, and more. As you will see below, the number of features will
43 curl is powered by libcurl for all transfer-related features. See
44 \fIlibcurl(3)\fP for details.
46 The URL syntax is protocol-dependent. You'll find a detailed description in
49 You can specify multiple URLs or parts of URLs by writing part sets within
52 http://site.{one,two,three}.com
54 or you can get sequences of alphanumeric series by using [] as in:
56 ftp://ftp.example.com/file[1-100].txt
58 ftp://ftp.example.com/file[001-100].txt (with leading zeros)
60 ftp://ftp.example.com/file[a-z].txt
62 Nested sequences are not supported, but you can use several ones next to each
65 http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
67 You can specify any amount of URLs on the command line. They will be fetched
68 in a sequential manner in the specified order.
70 You can specify a step counter for the ranges to get every Nth number or
73 http://example.com/file[1-100:10].txt
75 http://example.com/file[a-z:2].txt
77 When using [] or {} sequences when invoked from a command line prompt, you
78 probably have to put the full URL within double quotes to avoid the shell from
79 interfering with it. This also goes for other characters treated special, like
80 for example '&', '?' and '*'.
82 Provide the IPv6 zone index in the URL with an escaped percentage sign and the
83 interface name. Like in
85 http://[fe80::3%25eth0]/
87 If you specify URL without protocol:// prefix, curl will attempt to guess what
88 protocol you might want. It will then default to HTTP but try other protocols
89 based on often-used host name prefixes. For example, for host names starting
90 with "ftp." curl will assume you want to speak FTP.
92 curl will do its best to use what you pass to it as a URL. It is not trying to
93 validate it as a syntactically correct URL by any means but is instead
94 \fBvery\fP liberal with what it accepts.
96 curl will attempt to re-use connections for multiple file transfers, so that
97 getting many files from the same server will not do multiple connects /
98 handshakes. This improves speed. Of course this is only done on files
99 specified on a single command line and cannot be used between separate curl
102 curl normally displays a progress meter during operations, indicating the
103 amount of transferred data, transfer speeds and estimated time left, etc. The
104 progress meter displays number of bytes and the speeds are in bytes per
105 second. The suffixes (k, M, G, T, P) are 1024 based. For example 1k is 1024
106 bytes. 1M is 1048576 bytes.
108 curl displays this data to the terminal by default, so if you invoke curl to
109 do an operation and it is about to write data to the terminal, it
110 \fIdisables\fP the progress meter as otherwise it would mess up the output
111 mixing progress meter and response data.
113 If you want a progress meter for HTTP POST or PUT requests, you need to
114 redirect the response output to a file, using shell redirect (>), \fI-o, --output\fP or
117 It is not the same case for FTP upload as that operation does not spit out
118 any response data to the terminal.
120 If you prefer a progress "bar" instead of the regular meter, \fI-#, --progress-bar\fP is
121 your friend. You can also disable the progress meter completely with the
122 \fI-s, --silent\fP option.
124 Options start with one or two dashes. Many of the options require an
125 additional value next to them.
127 The short "single-dash" form of the options, -d for example, may be used with
128 or without a space between it and its value, although a space is a recommended
129 separator. The long "double-dash" form, \fI-d, --data\fP for example, requires a space
130 between it and its value.
132 Short version options that don't need any additional values can be used
133 immediately next to each other, like for example you can specify all the
134 options -O, -L and -v at once as -OLv.
136 In general, all boolean options are enabled with --\fBoption\fP and yet again
137 disabled with --\fBno-\fPoption. That is, you use the exact same option name
138 but prefix it with "no-". However, in this list we mostly only list and show
139 the --option version of them. (This concept with --no options was added in
140 7.19.0. Previously most options were toggled on/off on repeated use of the
141 same command line option.)
142 .IP "--abstract-unix-socket <path>"
143 (HTTP) Connect through an abstract Unix domain socket, instead of using the network.
144 Note: netstat shows the path of an abstract socket prefixed with '@', however
145 the <path> argument should not have this leading character.
149 (HTTP) Tells curl to figure out authentication method by itself, and use the most
150 secure one the remote site claims to support. This is done by first doing a
151 request and checking the response-headers, thus possibly inducing an extra
152 network round-trip. This is used instead of setting a specific authentication
153 method, which you can do with \fI--basic\fP, \fI--digest\fP, \fI--ntlm\fP, and \fI--negotiate\fP.
155 Using \fI--anyauth\fP is not recommended if you do uploads from stdin, since it may
156 require data to be sent twice and then the client must be able to rewind. If
157 the need should arise when uploading from stdin, the upload operation will
160 Used together with \fI-u, --user\fP.
162 See also \fI--proxy-anyauth\fP and \fI--basic\fP and \fI--digest\fP.
164 (FTP SFTP) When used in an upload, this makes curl append to the target file instead of
165 overwriting it. If the remote file doesn't exist, it will be created. Note
166 that this flag is ignored by some SFTP servers (including OpenSSH).
168 (HTTP) Tells curl to use HTTP Basic authentication with the remote host. This is the
169 default and this option is usually pointless, unless you use it to override a
170 previously set option that sets a different authentication method (such as
171 \fI--ntlm\fP, \fI--digest\fP, or \fI--negotiate\fP).
173 Used together with \fI-u, --user\fP.
175 See also \fI--proxy-basic\fP.
176 .IP "--cacert <CA certificate>"
177 (TLS) Tells curl to use the specified certificate file to verify the peer. The file
178 may contain multiple CA certificates. The certificate(s) must be in PEM
179 format. Normally curl is built to use a default file for this, so this option
180 is typically used to alter that default file.
182 curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
183 set, and uses the given path as a path to a CA cert bundle. This option
184 overrides that variable.
186 The windows version of curl will automatically look for a CA certs file named
187 \'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
188 Current Working Directory, or in any folder along your PATH.
190 If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
191 (libnsspem.so) needs to be available for this option to work properly.
193 (iOS and macOS only) If curl is built against Secure Transport, then this
194 option is supported for backward compatibility with other SSL engines, but it
195 should not be set. If the option is not set, then curl will use the
196 certificates in the system and user Keychain to verify the peer, which is the
197 preferred method of verifying the peer's certificate chain.
199 If this option is used several times, the last one will be used.
201 (TLS) Tells curl to use the specified certificate directory to verify the
202 peer. Multiple paths can be provided by separating them with ":" (e.g.
203 \&"path1:path2:path3"). The certificates must be in PEM format, and if curl is
204 built against OpenSSL, the directory must have been processed using the
205 c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow
206 OpenSSL-powered curl to make SSL-connections much more efficiently than using
207 \fI--cacert\fP if the --cacert file contains many CA certificates.
209 If this option is set, the default capath value will be ignored, and if it is
210 used several times, the last one will be used.
212 (TLS) Tells curl to verify the status of the server certificate by using the
213 Certificate Status Request (aka. OCSP stapling) TLS extension.
215 If this option is enabled and the server sends an invalid (e.g. expired)
216 response, if the response suggests that the server certificate has been revoked,
217 or no response at all is received, the verification fails.
219 This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
222 .IP "--cert-type <type>"
223 (TLS) Tells curl what certificate type the provided certificate is in. PEM, DER and
224 ENG are recognized types. If not specified, PEM is assumed.
226 If this option is used several times, the last one will be used.
228 See also \fI-E, --cert\fP and \fI--key\fP and \fI--key-type\fP.
229 .IP "-E, --cert <certificate[:password]>"
230 (TLS) Tells curl to use the specified client certificate file when getting a file
231 with HTTPS, FTPS or another SSL-based protocol. The certificate must be in
232 PKCS#12 format if using Secure Transport, or PEM format if using any other
233 engine. If the optional password isn't specified, it will be queried for on
234 the terminal. Note that this option assumes a \&"certificate" file that is the
235 private key and the client certificate concatenated! See \fI-E, --cert\fP and \fI--key\fP to
236 specify them independently.
238 If curl is built against the NSS SSL library then this option can tell
239 curl the nickname of the certificate to use within the NSS database defined
240 by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
241 NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
242 loaded. If you want to use a file from the current directory, please precede
243 it with "./" prefix, in order to avoid confusion with a nickname. If the
244 nickname contains ":", it needs to be preceded by "\\" so that it is not
245 recognized as password delimiter. If the nickname contains "\\", it needs to
246 be escaped as "\\\\" so that it is not recognized as an escape character.
248 (iOS and macOS only) If curl is built against Secure Transport, then the
249 certificate string can either be the name of a certificate/private key in the
250 system or user keychain, or the path to a PKCS#12-encoded certificate and
251 private key. If you want to use a file from the current directory, please
252 precede it with "./" prefix, in order to avoid confusion with a nickname.
254 If this option is used several times, the last one will be used.
256 See also \fI--cert-type\fP and \fI--key\fP and \fI--key-type\fP.
257 .IP "--ciphers <list of ciphers>"
258 (TLS) Specifies which ciphers to use in the connection. The list of ciphers must
259 specify valid ciphers. Read up on SSL cipher list details on this URL:
261 https://curl.haxx.se/docs/ssl-ciphers.html
263 If this option is used several times, the last one will be used.
265 (HTTP) Request a compressed response using one of the algorithms curl supports, and
266 save the uncompressed document. If this option is used and the server sends
267 an unsupported encoding, curl will report an error.
268 .IP "-K, --config <file>"
269 Specify which config file to read curl arguments from. The config file is a
270 text file in which command line arguments can be written which then will be
271 used as if they were written on the actual command line.
273 Options and their parameters must be specified on the same config file line,
274 separated by whitespace, colon, or the equals sign. Long option names can
275 optionally be given in the config file without the initial double dashes and
276 if so, the colon or equals characters can be used as separators. If the option
277 is specified with one or two dashes, there can be no colon or equals character
278 between the option and its parameter.
280 If the parameter is to contain whitespace, the parameter must be enclosed
281 within quotes. Within double quotes, the following escape sequences are
282 available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
283 letter is ignored. If the first column of a config line is a '#' character,
284 the rest of the line will be treated as a comment. Only write one option per
285 physical line in the config file.
287 Specify the filename to \fI-K, --config\fP as '-' to make curl read the file from stdin.
289 Note that to be able to specify a URL in the config file, you need to specify
290 it using the \fI--url\fP option, and not by simply writing the URL on its own
291 line. So, it could look similar to this:
293 url = "https://curl.haxx.se/docs/"
295 When curl is invoked, it always (unless \fI-q, --disable\fP is used) checks for a
296 default config file and uses it if found. The default config file is checked
297 for in the following places in this order:
299 1) curl tries to find the "home dir": It first checks for the CURL_HOME and
300 then the HOME environment variables. Failing that, it uses getpwuid() on
301 Unix-like systems (which returns the home dir given the current user in your
302 system). On Windows, it then checks for the APPDATA variable, or as a last
303 resort the '%USERPROFILE%\\Application Data'.
305 2) On windows, if there is no _curlrc file in the home dir, it checks for one
306 in the same dir the curl executable is placed. On Unix-like systems, it will
307 simply try to load .curlrc from the determined home dir.
310 # --- Example file ---
313 output = "curlhere.html"
314 user-agent = "superagent/1.0"
316 # and fetch another URL too
317 url = "example.com/docs/manpage.html"
319 referer = "http://nowhereatall.example.com/"
320 # --- End of example file ---
323 This option can be used multiple times to load multiple config files.
324 .IP "--connect-timeout <seconds>"
325 Maximum time in seconds that you allow curl's connection to take. This only
326 limits the connection phase, so if curl connects within the given period it
327 will continue - if not it will exit. Since version 7.32.0, this option
328 accepts decimal values.
330 If this option is used several times, the last one will be used.
332 See also \fI-m, --max-time\fP.
333 .IP "--connect-to <HOST1:PORT1:HOST2:PORT2>"
335 For a request to the given HOST:PORT pair, connect to
336 CONNECT-TO-HOST:CONNECT-TO-PORT instead. This option is suitable to direct
337 requests at a specific server, e.g. at a specific cluster node in a cluster of
338 servers. This option is only used to establish the network connection. It
339 does NOT affect the hostname/port that is used for TLS/SSL (e.g. SNI,
340 certificate verification) or for the application protocols. "host" and "port"
341 may be the empty string, meaning "any host/port". "connect-to-host" and
342 "connect-to-port" may also be the empty string, meaning "use the request's
345 This option can be used many times to add many connect rules.
347 See also \fI--resolve\fP and \fI-H, --header\fP. Added in 7.49.0.
348 .IP "-C, --continue-at <offset>"
349 Continue/Resume a previous file transfer at the given offset. The given offset
350 is the exact number of bytes that will be skipped, counting from the beginning
351 of the source file before it is transferred to the destination. If used with
352 uploads, the FTP server command SIZE will not be used by curl.
354 Use "-C -" to tell curl to automatically find out where/how to resume the
355 transfer. It then uses the given output/input files to figure that out.
357 If this option is used several times, the last one will be used.
359 See also \fI-r, --range\fP.
360 .IP "-c, --cookie-jar <filename>"
361 (HTTP) Specify to which file you want curl to write all cookies after a completed
362 operation. Curl writes all cookies from its in-memory cookie storage to the
363 given file at the end of operations. If no cookies are known, no data will be
364 written. The file will be written using the Netscape cookie file format. If
365 you set the file name to a single dash, "-", the cookies will be written to
368 This command line option will activate the cookie engine that makes curl
369 record and use cookies. Another way to activate it is to use the \fI-b, --cookie\fP
372 If the cookie jar can't be created or written to, the whole curl operation
373 won't fail or even report an error clearly. Using \fI-v, --verbose\fP will get a warning
374 displayed, but that is the only visible feedback you get about this possibly
377 If this option is used several times, the last specified file name will be
379 .IP "-b, --cookie <data>"
380 (HTTP) Pass the data to the HTTP server in the Cookie header. It is supposedly
381 the data previously received from the server in a "Set-Cookie:" line. The
382 data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
384 If no '=' symbol is used in the argument, it is instead treated as a filename
385 to read previously stored cookie from. This option also activates the cookie
386 engine which will make curl record incoming cookies, which may be handy if
387 you're using this in combination with the \fI-L, --location\fP option or do multiple URL
388 transfers on the same invoke.
390 The file format of the file to read cookies from should be plain HTTP headers
391 (Set-Cookie style) or the Netscape/Mozilla cookie file format.
393 The file specified with \fI-b, --cookie\fP is only used as input. No cookies will be
394 written to the file. To store cookies, use the \fI-c, --cookie-jar\fP option.
396 Exercise caution if you are using this option and multiple transfers may
397 occur. If you use the NAME1=VALUE1; format, or in a file use the Set-Cookie
398 format and don't specify a domain, then the cookie is sent for any domain
399 (even after redirects are followed) and cannot be modified by a server-set
400 cookie. If the cookie engine is enabled and a server sets a cookie of the same
401 name then both will be sent on a future transfer to that server, likely not
402 what you intended. To address these issues set a domain in Set-Cookie (doing
403 that will include sub domains) or use the Netscape format.
405 If this option is used several times, the last one will be used.
407 Users very often want to both read cookies from a file and write updated
408 cookies back to a file, so using both \fI-b, --cookie\fP and \fI-c, --cookie-jar\fP in the same
409 command line is common.
411 When used in conjunction with the \fI-o, --output\fP option, curl will create the
412 necessary local directory hierarchy as needed. This option creates the dirs
413 mentioned with the \fI-o, --output\fP option, nothing else. If the --output file name
414 uses no dir or if the dirs it mentions already exist, no dir will be created.
416 To create remote directories when using FTP or SFTP, try \fI--ftp-create-dirs\fP.
418 (FTP SMTP) Convert LF to CRLF in upload. Useful for MVS (OS/390).
420 (SMTP added in 7.40.0)
421 .IP "--crlfile <file>"
422 (TLS) Provide a file using PEM format with a Certificate Revocation List that may
423 specify peer certificates that are to be considered revoked.
425 If this option is used several times, the last one will be used.
428 .IP "--data-ascii <data>"
429 (HTTP) This is just an alias for \fI-d, --data\fP.
430 .IP "--data-binary <data>"
431 (HTTP) This posts data exactly as specified with no extra processing whatsoever.
433 If you start the data with the letter @, the rest should be a filename. Data
434 is posted in a similar manner as \fI-d, --data\fP does, except that newlines and
435 carriage returns are preserved and conversions are never done.
437 If this option is used several times, the ones following the first will append
438 data as described in \fI-d, --data\fP.
439 .IP "--data-raw <data>"
440 (HTTP) This posts data similarly to \fI-d, --data\fP but without the special
441 interpretation of the @ character.
443 See also \fI-d, --data\fP. Added in 7.43.0.
444 .IP "--data-urlencode <data>"
445 (HTTP) This posts data, similar to the other \fI-d, --data\fP options with the exception
446 that this performs URL-encoding.
448 To be CGI-compliant, the <data> part should begin with a \fIname\fP followed
449 by a separator and a content specification. The <data> part can be passed to
450 curl using one of the following syntaxes:
453 This will make curl URL-encode the content and pass that on. Just be careful
454 so that the content doesn't contain any = or @ symbols, as that will then make
455 the syntax match one of the other cases below!
457 This will make curl URL-encode the content and pass that on. The preceding =
458 symbol is not included in the data.
460 This will make curl URL-encode the content part and pass that on. Note that
461 the name part is expected to be URL-encoded already.
463 This will make curl load data from the given file (including any newlines),
464 URL-encode that data and pass it on in the POST.
466 This will make curl load data from the given file (including any newlines),
467 URL-encode that data and pass it on in the POST. The name part gets an equal
468 sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
469 name is expected to be URL-encoded already.
472 See also \fI-d, --data\fP and \fI--data-raw\fP. Added in 7.18.0.
473 .IP "-d, --data <data>"
474 (HTTP) Sends the specified data in a POST request to the HTTP server, in the same way
475 that a browser does when a user has filled in an HTML form and presses the
476 submit button. This will cause curl to pass the data to the server using the
477 content-type application/x-www-form-urlencoded. Compare to \fI-F, --form\fP.
479 \fI--data-raw\fP is almost the same but does not have a special interpretation of
480 the @ character. To post data purely binary, you should instead use the
481 \fI--data-binary\fP option. To URL-encode the value of a form field you may use
482 \fI--data-urlencode\fP.
484 If any of these options is used more than once on the same command line, the
485 data pieces specified will be merged together with a separating
486 &-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post
487 chunk that looks like \&'name=daniel&skill=lousy'.
489 If you start the data with the letter @, the rest should be a file name to
490 read the data from, or - if you want curl to read the data from
491 stdin. Multiple files can also be specified. Posting data from a file named
492 'foobar' would thus be done with \fI-d, --data\fP @foobar. When --data is told to read
493 from a file like that, carriage returns and newlines will be stripped out. If
494 you don't want the @ character to have a special interpretation use \fI--data-raw\fP
497 See also \fI--data-binary\fP and \fI--data-urlencode\fP and \fI--data-raw\fP. This option overrides \fI-F, --form\fP and \fI-I, --head\fP and \fI--upload\fP.
498 .IP "--delegation <LEVEL>"
499 (GSS/kerberos) Set LEVEL to tell the server what it is allowed to delegate when it
500 comes to user credentials.
503 Don't allow any delegation.
505 Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos
506 service ticket, which is a matter of realm policy.
508 Unconditionally allow the server to delegate.
511 (HTTP) Enables HTTP Digest authentication. This is an authentication scheme that
512 prevents the password from being sent over the wire in clear text. Use this in
513 combination with the normal \fI-u, --user\fP option to set user name and password.
515 If this option is used several times, only the first one is used.
517 See also \fI-u, --user\fP and \fI--proxy-digest\fP and \fI--anyauth\fP. This option overrides \fI--basic\fP and \fI--ntlm\fP and \fI--negotiate\fP.
519 (FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing active
520 FTP transfers. Curl will normally always first attempt to use EPRT, then LPRT
521 before using PORT, but with this option, it will use PORT right away. EPRT and
522 LPRT are extensions to the original FTP protocol, and may not work on all
523 servers, but they enable more functionality in a better way than the
524 traditional PORT command.
526 --eprt can be used to explicitly enable EPRT again and --no-eprt is an alias
527 for \fI--disable-eprt\fP.
529 If the server is accessed using IPv6, this option will have no effect as EPRT
532 Disabling EPRT only changes the active behavior. If you want to switch to
533 passive mode you need to not use \fI-P, --ftp-port\fP or force it with \fI--ftp-pasv\fP.
535 (FTP) (FTP) Tell curl to disable the use of the EPSV command when doing passive FTP
536 transfers. Curl will normally always first attempt to use EPSV before PASV,
537 but with this option, it will not try using EPSV.
539 --epsv can be used to explicitly enable EPSV again and --no-epsv is an alias
540 for \fI--disable-epsv\fP.
542 If the server is an IPv6 host, this option will have no effect as EPSV is
545 Disabling EPSV only changes the passive behavior. If you want to switch to
546 active mode you need to use \fI-P, --ftp-port\fP.
548 If used as the first parameter on the command line, the \fIcurlrc\fP config
549 file will not be read and used. See the \fI-K, --config\fP for details on the default
550 config file search path.
551 .IP "--dns-interface <interface>"
552 (DNS) Tell curl to send outgoing DNS requests through <interface>. This option is a
553 counterpart to \fI--interface\fP (which does not affect DNS). The supplied string
554 must be an interface name (not an address).
556 See also \fI--dns-ipv4-addr\fP and \fI--dns-ipv6-addr\fP. \fI--dns-interface\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
557 .IP "--dns-ipv4-addr <address>"
558 (DNS) Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
559 the DNS requests originate from this address. The argument should be a
562 See also \fI--dns-interface\fP and \fI--dns-ipv6-addr\fP. \fI--dns-ipv4-addr\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
563 .IP "--dns-ipv6-addr <address>"
564 (DNS) Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
565 the DNS requests originate from this address. The argument should be a
568 See also \fI--dns-interface\fP and \fI--dns-ipv4-addr\fP. \fI--dns-ipv6-addr\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
569 .IP "--dns-servers <addresses>"
570 Set the list of DNS servers to be used instead of the system default.
571 The list of IP addresses should be separated with commas. Port numbers
572 may also optionally be given as \fI:<port-number>\fP after each IP
575 \fI--dns-servers\fP requires that the underlying libcurl was built to support c-ares. Added in 7.33.0.
576 .IP "-D, --dump-header <filename>"
577 (HTTP FTP) Write the received protocol headers to the specified file.
579 This option is handy to use when you want to store the headers that an HTTP
580 site sends to you. Cookies from the headers could then be read in a second
581 curl invocation by using the \fI-b, --cookie\fP option! The \fI-c, --cookie-jar\fP option is a
582 better way to store cookies.
584 When used in FTP, the FTP server response lines are considered being "headers"
585 and thus are saved there.
587 If this option is used several times, the last one will be used.
589 See also \fI-o, --output\fP.
590 .IP "--egd-file <file>"
591 (TLS) Specify the path name to the Entropy Gathering Daemon socket. The socket is
592 used to seed the random engine for SSL connections.
594 See also \fI--random-file\fP.
595 .IP "--engine <name>"
596 (TLS) Select the OpenSSL crypto engine to use for cipher operations. Use \fI--engine\fP
597 list to print a list of build-time supported engines. Note that not all (or
598 none) of the engines may be available at run-time.
600 Sets a range of environment variables, using the names the \fI-w, --write-out\fP option
601 supports, to allow easier extraction of useful information after having run
604 \fI--environment\fP requires that the underlying libcurl was built to support RISC OS.
605 .IP "--expect100-timeout <seconds>"
606 (HTTP) Maximum time in seconds that you allow curl to wait for a 100-continue
607 response when curl emits an Expects: 100-continue header in its request. By
608 default curl will wait one second. This option accepts decimal values! When
609 curl stops waiting, it will continue as if the response has been received.
611 See also \fI--connect-timeout\fP. Added in 7.47.0.
613 Fail and exit on first detected error.
615 When curl is used to do multiple transfers on the command line, it will
616 attempt to operate on each given URL, one by one. By default, it will ignore
617 errors if there are more URLs given and the last URL's success will determine
618 the error code curl returns. So early failures will be "hidden" by subsequent
619 successful transfers.
621 Using this option, curl will instead return an error on the first transfers
622 that fails, independent on the amount of more URLs that are given on the
623 command line. This way, no transfer failures go undetected by scripts and
626 This option will apply for all given URLs even if you use \fI-:, --next\fP.
630 (HTTP) Fail silently (no output at all) on server errors. This is mostly done to
631 better enable scripts etc to better deal with failed attempts. In normal cases
632 when an HTTP server fails to deliver a document, it returns an HTML document
633 stating so (which often also describes why and more). This flag will prevent
634 curl from outputting that and return error 22.
636 This method is not fail-safe and there are occasions where non-successful
637 response codes will slip through, especially when authentication is involved
638 (response codes 401 and 407).
640 (TLS) Tells curl to use false start during the TLS handshake. False start is a mode
641 where a TLS client will start sending application data before verifying the
642 server's Finished message, thus saving a round trip when performing a full
645 This is currently only implemented in the NSS and Secure Transport (on iOS 7.0
646 or later, or OS X 10.9 or later) backends.
649 .IP "--form-string <name=string>"
650 (HTTP) Similar to \fI-F, --form\fP except that the value string for the named parameter is used
651 literally. Leading \&'@' and \&'<' characters, and the \&';type=' string in
652 the value have no special meaning. Use this in preference to \fI-F, --form\fP if
653 there's any possibility that the string value may accidentally trigger the
654 \&'@' or \&'<' features of \fI-F, --form\fP.
656 See also \fI-F, --form\fP.
657 .IP "-F, --form <name=content>"
658 (HTTP) This lets curl emulate a filled-in form in which a user has pressed the submit
659 button. This causes curl to POST data using the Content-Type
660 multipart/form-data according to RFC 2388. This enables uploading of binary
661 files etc. To force the 'content' part to be a file, prefix the file name with
662 an @ sign. To just get the content part from a file, prefix the file name with
663 the symbol <. The difference between @ and < is then that @ makes a file get
664 attached in the post as a file upload, while the < makes a text field and just
665 get the contents for that text field from a file.
667 Example: to send an image to a server, where \&'profile' is the name of the
668 form-field to which portrait.jpg will be the input:
670 curl -F profile=@portrait.jpg https://example.com/upload.cgi
672 To read content from stdin instead of a file, use - as the filename. This goes
673 for both @ and < constructs. Unfortunately it does not support reading the
674 file from a named pipe or similar, as it needs the full size before the
677 You can also tell curl what Content-Type to use by using 'type=', in a manner
680 curl -F "web=@index.html;type=text/html" example.com
684 curl -F "name=daniel;type=text/foo" example.com
686 You can also explicitly change the name field of a file upload part by setting
687 filename=, like this:
689 curl -F "file=@localfile;filename=nameinpost" example.com
691 If filename/path contains ',' or ';', it must be quoted by double-quotes like:
693 curl -F "file=@\\"localfile\\";filename=\\"nameinpost\\"" example.com
697 curl -F 'file=@"localfile";filename="nameinpost"' example.com
699 Note that if a filename/path is quoted by double-quotes, any double-quote
700 or backslash within the filename must be escaped by backslash.
702 See further examples and details in the MANUAL.
704 This option can be used multiple times.
706 This option overrides \fI-d, --data\fP and \fI-I, --head\fP and \fI--upload\fP.
707 .IP "--ftp-account <data>"
708 (FTP) When an FTP server asks for "account data" after user name and password has
709 been provided, this data is sent off using the ACCT command.
711 If this option is used several times, the last one will be used.
714 .IP "--ftp-alternative-to-user <command>"
715 (FTP) If authenticating with the USER and PASS commands fails, send this command.
716 When connecting to Tumbleweed's Secure Transport server over FTPS using a
717 client certificate, using "SITE AUTH" will tell the server to retrieve the
718 username from the certificate.
721 .IP "--ftp-create-dirs"
722 (FTP SFTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
723 the server, the standard behavior of curl is to fail. Using this option, curl
724 will instead attempt to create missing directories.
726 See also \fI--create-dirs\fP.
727 .IP "--ftp-method <method>"
728 (FTP) Control what method curl should use to reach a file on an FTP(S)
729 server. The method argument should be one of the following alternatives:
732 curl does a single CWD operation for each path part in the given URL. For deep
733 hierarchies this means very many commands. This is how RFC 1738 says it should
734 be done. This is the default but the slowest behavior.
736 curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full
737 path to the server for all these commands. This is the fastest behavior.
739 curl does one CWD with the full target directory and then operates on the file
740 \&"normally" (like in the multicwd case). This is somewhat more standards
741 compliant than 'nocwd' but without the full penalty of 'multicwd'.
746 (FTP) Use passive mode for the data connection. Passive is the internal default
747 behavior, but using this option can be used to override a previous \fI-P, --ftp-port\fP
750 If this option is used several times, only the first one is used. Undoing an
751 enforced passive really isn't doable but you must then instead enforce the
752 correct \fI-P, --ftp-port\fP again.
754 Passive mode means that curl will try the EPSV command first and then PASV,
755 unless \fI--disable-epsv\fP is used.
757 See also \fI--disable-epsv\fP. Added in 7.11.0.
758 .IP "-P, --ftp-port <address>"
759 (FTP) Reverses the default initiator/listener roles when connecting with FTP. This
760 option makes curl use active mode. curl then tells the server to connect back
761 to the client's specified address and port, while passive mode asks the server
762 to setup an IP address and port for it to connect to. <address> should be one
766 i.e "eth0" to specify which interface's IP address you want to use (Unix only)
768 i.e "192.168.10.1" to specify the exact IP address
770 i.e "my.host.domain" to specify the machine
772 make curl pick the same IP address that is already used for the control
776 If this option is used several times, the last one will be used. Disable the
777 use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command
778 instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
780 Since 7.19.5, you can append \&":[start]-[end]\&" to the right of the address,
781 to tell curl what TCP port range to use. That means you specify a port range,
782 from a lower to a higher number. A single number works as well, but do note
783 that it increases the risk of failure since the port may not be available.
785 See also \fI--ftp-pasv\fP and \fI--disable-eprt\fP.
787 (FTP) Tell curl to send a PRET command before PASV (and EPSV). Certain FTP servers,
788 mainly drftpd, require this non-standard command for directory listings as
789 well as up and downloads in PASV mode.
792 .IP "--ftp-skip-pasv-ip"
793 (FTP) Tell curl to not use the IP address the server suggests in its response
794 to curl's PASV command when curl connects the data connection. Instead curl
795 will re-use the same IP address it already uses for the control
798 This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
800 See also \fI--ftp-pasv\fP. Added in 7.14.2.
801 .IP "--ftp-ssl-ccc-mode <active/passive>"
802 (FTP) Sets the CCC mode. The passive mode will not initiate the shutdown, but
803 instead wait for the server to do it, and will not reply to the shutdown from
804 the server. The active mode initiates the shutdown and waits for a reply from
807 See also \fI--ftp-ssl-ccc\fP. Added in 7.16.2.
809 (FTP) Use CCC (Clear Command Channel) Shuts down the SSL/TLS layer after
810 authenticating. The rest of the control channel communication will be
811 unencrypted. This allows NAT routers to follow the FTP transaction. The
812 default mode is passive.
814 See also \fI--ssl\fP and \fI--ftp-ssl-ccc-mode\fP. Added in 7.16.1.
815 .IP "--ftp-ssl-control"
816 (FTP) Require SSL/TLS for the FTP login, clear for transfer. Allows secure
817 authentication, but non-encrypted data transfers for efficiency. Fails the
818 transfer if the server doesn't support SSL/TLS.
822 When used, this option will make all data specified with \fI-d, --data\fP, \fI--data-binary\fP
823 or \fI--data-urlencode\fP to be used in an HTTP GET request instead of the POST
824 request that otherwise would be used. The data will be appended to the URL
825 with a '?' separator.
827 If used in combination with \fI-I, --head\fP, the POST data will instead be appended to
828 the URL with a HEAD request.
830 If this option is used several times, only the first one is used. This is
831 because undoing a GET doesn't make sense, but you should then instead enforce
832 the alternative method you prefer.
834 This option switches off the "URL globbing parser". When you set this option,
835 you can specify URLs that contain the letters {}[] without having them being
836 interpreted by curl itself. Note that these letters are not normal legal URL
837 contents but they should be encoded according to the URI standard.
839 (HTTP FTP FILE) Fetch the headers only! HTTP-servers feature the command HEAD which this uses
840 to get nothing but the header of a document. When used on an FTP or FILE file,
841 curl displays the file size and last modification time only.
842 .IP "-H, --header <header>"
844 Extra header to include in the request when sending HTTP to a server. You may
845 specify any number of extra headers. Note that if you should add a custom
846 header that has the same name as one of the internal ones curl would use, your
847 externally set header will be used instead of the internal one. This allows
848 you to make even trickier stuff than curl would normally do. You should not
849 replace internally set headers without knowing perfectly well what you're
850 doing. Remove an internal header by giving a replacement without content on
851 the right side of the colon, as in: -H \&"Host:". If you send the custom
852 header with no-value then its header must be terminated with a semicolon, such
853 as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
855 curl will make sure that each header you add/replace is sent with the proper
856 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
857 content: do not add newlines or carriage returns, they will only mess things up
860 See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.
862 Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers intended
867 curl -H "X-First-Name: Joe" http://example.com/
869 \fBWARNING\fP: headers set with this option will be set in all requests - even
870 after redirects are followed, like when told with \fI-L, --location\fP. This can lead to
871 the header being sent to other hosts than the original host, so sensitive
872 headers should be used with caution combined with following redirects.
874 This option can be used multiple times to add/replace/remove multiple headers.
876 Usage help. This lists all current command line options with a short
878 .IP "--hostpubmd5 <md5>"
879 (SFTP SCP) Pass a string containing 32 hexadecimal digits. The string should
880 be the 128 bit MD5 checksum of the remote host's public key, curl will refuse
881 the connection with the host unless the md5sums match.
885 (HTTP) Tells curl to use HTTP version 1.0 instead of using its internally preferred
888 This option overrides \fI--http1.1\fP and \fI--http2\fP.
890 (HTTP) Tells curl to use HTTP version 1.1.
892 This option overrides \fI-0, --http1.0\fP and \fI--http2\fP. Added in 7.33.0.
893 .IP "--http2-prior-knowledge"
894 (HTTP) Tells curl to issue its non-TLS HTTP requests using HTTP/2 without HTTP/1.1
895 Upgrade. It requires prior knowledge that the server supports HTTP/2 straight
896 away. HTTPS requests will still do HTTP/2 the standard way with negotiated
897 protocol version in the TLS handshake.
899 \fI--http2-prior-knowledge\fP requires that the underlying libcurl was built to support HTTP/2. This option overrides \fI--http1.1\fP and \fI-0, --http1.0\fP and \fI--http2\fP. Added in 7.49.0.
901 (HTTP) Tells curl to use HTTP version 2.
903 See also \fI--no-alpn\fP. \fI--http2\fP requires that the underlying libcurl was built to support HTTP/2. This option overrides \fI--http1.1\fP and \fI-0, --http1.0\fP and \fI--http2-prior-knowledge\fP. Added in 7.33.0.
904 .IP "--ignore-content-length"
905 (FTP HTTP) For HTTP, Ignore the Content-Length header. This is particularly useful for
906 servers running Apache 1.x, which will report incorrect Content-Length for
907 files larger than 2 gigabytes.
909 For FTP (since 7.46.0), skip the RETR command to figure out the size before
912 Include the HTTP-header in the output. The HTTP-header includes things like
913 server-name, date of the document, HTTP-version and more...
915 See also \fI-v, --verbose\fP.
917 (TLS) This option explicitly allows curl to perform "insecure" SSL connections and
918 transfers. All SSL connections are attempted to be made secure by using the CA
919 certificate bundle installed by default. This makes all connections considered
920 \&"insecure" fail unless \fI-k, --insecure\fP is used.
922 See this online resource for further details:
923 https://curl.haxx.se/docs/sslcerts.html
924 .IP "--interface <name>"
926 Perform an operation using a specified interface. You can enter interface
927 name, IP address or host name. An example could look like:
929 curl --interface eth0:1 https://www.example.com/
931 If this option is used several times, the last one will be used.
933 See also \fI--dns-interface\fP.
935 This option tells curl to resolve names to IPv4 addresses only, and not for
938 See also \fI--http1.1\fP and \fI--http2\fP. This option overrides \fI-6, --ipv6\fP.
940 This option tells curl to resolve names to IPv6 addresses only, and not for
943 See also \fI--http1.1\fP and \fI--http2\fP. This option overrides \fI-6, --ipv6\fP.
944 .IP "-j, --junk-session-cookies"
945 (HTTP) When curl is told to read cookies from a given file, this option will make it
946 discard all "session cookies". This will basically have the same effect as if
947 a new session is started. Typical browsers always discard session cookies when
950 See also \fI-b, --cookie\fP and \fI-c, --cookie-jar\fP.
951 .IP "--keepalive-time <seconds>"
952 This option sets the time a connection needs to remain idle before sending
953 keepalive probes and the time between individual keepalive probes. It is
954 currently effective on operating systems offering the TCP_KEEPIDLE and
955 TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
956 option has no effect if \fI--no-keepalive\fP is used.
958 If this option is used several times, the last one will be used. If
959 unspecified, the option defaults to 60 seconds.
962 .IP "--key-type <type>"
963 (TLS) Private key file type. Specify which type your \fI--key\fP provided private key
964 is. DER, PEM, and ENG are supported. If not specified, PEM is assumed.
966 If this option is used several times, the last one will be used.
968 (TLS SSH) Private key file name. Allows you to provide your private key in this separate
969 file. For SSH, if not specified, curl tries the following candidates in order:
970 '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
972 If this option is used several times, the last one will be used.
974 (FTP) Enable Kerberos authentication and use. The level must be entered and should
975 be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a
976 level that is not one of these, 'private' will instead be used.
978 If this option is used several times, the last one will be used.
980 \fI--krb\fP requires that the underlying libcurl was built to support Kerberos.
981 .IP "--libcurl <file>"
982 Append this option to any ordinary curl command line, and you will get a
983 libcurl-using C source code written to the file that does the equivalent
984 of what your command-line operation does!
986 If this option is used several times, the last given file name will be
990 .IP "--limit-rate <speed>"
991 Specify the maximum transfer rate you want curl to use - for both downloads
992 and uploads. This feature is useful if you have a limited pipe and you'd like
993 your transfer not to use your entire bandwidth. To make it slower than it
996 The given speed is measured in bytes/second, unless a suffix is appended.
997 Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it
998 megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G.
1000 If you also use the \fI-Y, --speed-limit\fP option, that option will take precedence and
1001 might cripple the rate-limiting slightly, to help keeping the speed-limit
1004 If this option is used several times, the last one will be used.
1005 .IP "-l, --list-only"
1007 When listing an FTP directory, this switch forces a name-only view. This is
1008 especially useful if the user wants to machine-parse the contents of an FTP
1009 directory since the normal directory view doesn't use a standard look or
1010 format. When used like this, the option causes a NLST command to be sent to
1011 the server instead of LIST.
1013 Note: Some FTP servers list only files in their response to NLST; they do not
1014 include sub-directories and symbolic links.
1017 When retrieving a specific email from POP3, this switch forces a LIST command
1018 to be performed instead of RETR. This is particularly useful if the user wants
1019 to see if a specific message id exists on the server and what size it is.
1021 Note: When combined with \fI-X, --request\fP, this option can be used to send an UIDL
1022 command instead, so the user may use the email's unique identifier rather than
1023 it's message id to make the request.
1026 .IP "--local-port <num/range>"
1027 Set a preferred single number or range (FROM-TO) of local port numbers to use
1028 for the connection(s). Note that port numbers by nature are a scarce resource
1029 that will be busy at times so setting this range to something too narrow might
1030 cause unnecessary connection setup failures.
1033 .IP "--location-trusted"
1034 (HTTP) Like \fI-L, --location\fP, but will allow sending the name + password to all hosts that
1035 the site may redirect to. This may or may not introduce a security breach if
1036 the site redirects you to a site to which you'll send your authentication info
1037 (which is plaintext in the case of HTTP Basic authentication).
1039 See also \fI-u, --user\fP.
1040 .IP "-L, --location"
1041 (HTTP) If the server reports that the requested page has moved to a different
1042 location (indicated with a Location: header and a 3XX response code), this
1043 option will make curl redo the request on the new place. If used together with
1044 \fI-i, --include\fP or \fI-I, --head\fP, headers from all requested pages will be shown. When
1045 authentication is used, curl only sends its credentials to the initial
1046 host. If a redirect takes curl to a different host, it won't be able to
1047 intercept the user+password. See also \fI--location-trusted\fP on how to change
1048 this. You can limit the amount of redirects to follow by using the
1049 \fI--max-redirs\fP option.
1051 When curl follows a redirect and the request is not a plain GET (for example
1052 POST or PUT), it will do the following request with a GET if the HTTP response
1053 was 301, 302, or 303. If the response code was any other 3xx code, curl will
1054 re-send the following request using the same unmodified method.
1056 You can tell curl to not change the non-GET request method to GET after a 30x
1057 response by using the dedicated options for that: \fI--post301\fP, \fI--post302\fP and
1059 .IP "--login-options <options>"
1060 (IMAP POP3 SMTP) Specify the login options to use during server authentication.
1062 You can use the login options to specify protocol specific options that may
1063 be used during authentication. At present only IMAP, POP3 and SMTP support
1064 login options. For more information about the login options please see
1065 RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt
1067 If this option is used several times, the last one will be used.
1070 .IP "--mail-auth <address>"
1071 (SMTP) Specify a single address. This will be used to specify the authentication
1072 address (identity) of a submitted message that is being relayed to another
1075 See also \fI--mail-rcpt\fP and \fI--mail-from\fP. Added in 7.25.0.
1076 .IP "--mail-from <address>"
1077 (SMTP) Specify a single address that the given mail should get sent from.
1079 See also \fI--mail-rcpt\fP and \fI--mail-auth\fP. Added in 7.20.0.
1080 .IP "--mail-rcpt <address>"
1081 (SMTP) Specify a single address, user name or mailing list name. Repeat this
1082 option several times to send to multiple recipients.
1084 When performing a mail transfer, the recipient should specify a valid email
1085 address to send the mail to.
1087 When performing an address verification (VRFY command), the recipient should be
1088 specified as the user name or user name and domain (as per Section 3.5 of
1089 RFC5321). (Added in 7.34.0)
1091 When performing a mailing list expand (EXPN command), the recipient should be
1092 specified using the mailing list name, such as "Friends" or "London-Office".
1097 Manual. Display the huge help text.
1098 .IP "--max-filesize <bytes>"
1099 Specify the maximum size (in bytes) of a file to download. If the file
1100 requested is larger than this value, the transfer will not start and curl will
1101 return with exit code 63.
1103 \fBNOTE:\fP The file size is not always known prior to download, and for such
1104 files this option has no effect even if the file transfer ends up being larger
1105 than this given limit. This concerns both FTP and HTTP transfers.
1107 See also \fI--limit-rate\fP.
1108 .IP "--max-redirs <num>"
1109 (HTTP) Set maximum number of redirection-followings allowed. When \fI-L, --location\fP is used,
1110 is used to prevent curl from following redirections \&"in absurdum". By
1111 default, the limit is set to 50 redirections. Set this option to -1 to make it
1114 If this option is used several times, the last one will be used.
1115 .IP "-m, --max-time <time>"
1116 Maximum time in seconds that you allow the whole operation to take. This is
1117 useful for preventing your batch jobs from hanging for hours due to slow
1118 networks or links going down. Since 7.32.0, this option accepts decimal
1119 values, but the actual timeout will decrease in accuracy as the specified
1120 timeout increases in decimal precision.
1122 If this option is used several times, the last one will be used.
1124 See also \fI--connect-timeout\fP.
1126 This option can tell curl to parse and process a given URI as Metalink file
1127 (both version 3 and 4 (RFC 5854) are supported) and make use of the mirrors
1128 listed within for failover if there are errors (such as the file or server not
1129 being available). It will also verify the hash of the file after the download
1130 completes. The Metalink file itself is downloaded and processed in memory and
1131 not stored in the local file system.
1133 Example to use a remote Metalink file:
1135 curl --metalink http://www.example.com/example.metalink
1137 To use a Metalink file in the local file system, use FILE protocol (file://):
1139 curl --metalink file://example.metalink
1141 Please note that if FILE protocol is disabled, there is no way to use a local
1142 Metalink file at the time of this writing. Also note that if \fI--metalink\fP and
1143 \fI-i, --include\fP are used together, --include will be ignored. This is because
1144 including headers in the response will break Metalink parser and if the
1145 headers are included in the file described in Metalink file, hash check will
1149 \fI--metalink\fP requires that the underlying libcurl was built to support metalink. Added in 7.27.0.
1151 (HTTP) Enables Negotiate (SPNEGO) authentication.
1153 This option requires a library built with GSS-API or SSPI support. Use
1154 \fI-V, --version\fP to see if your curl supports GSS-API/SSPI or SPNEGO.
1156 When using this option, you must also provide a fake \fI-u, --user\fP option to activate
1157 the authentication code properly. Sending a '-u :' is enough as the user name
1158 and password from the \fI-u, --user\fP option aren't actually used.
1160 If this option is used several times, only the first one is used.
1162 See also \fI--basic\fP and \fI--ntlm\fP and \fI--anyauth\fP and \fI--proxy-negotiate\fP.
1163 .IP "--netrc-file <filemame>"
1164 This option is similar to \fI-n, --netrc\fP, except that you provide the path (absolute
1165 or relative) to the netrc file that Curl should use. You can only specify one
1166 netrc file per invocation. If several \fI--netrc-file\fP options are provided,
1167 the last one will be used.
1169 It will abide by \fI--netrc-optional\fP if specified.
1171 This option overrides \fI-n, --netrc\fP. Added in 7.21.5.
1172 .IP "--netrc-optional"
1173 Very similar to \fI-n, --netrc\fP, but this option makes the .netrc usage \fBoptional\fP
1174 and not mandatory as the \fI-n, --netrc\fP option does.
1176 See also \fI--netrc-file\fP. This option overrides \fI-n, --netrc\fP.
1178 Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
1179 home directory for login name and password. This is typically used for FTP on
1180 Unix. If used with HTTP, curl will enable user authentication. See
1181 \fInetrc(5)\fP \fIftp(1)\fP for details on the file format. Curl will not
1182 complain if that file doesn't have the right permissions (it should not be
1183 either world- or group-readable). The environment variable "HOME" is used to
1184 find the home directory.
1186 A quick and very simple example of how to setup a \fI.netrc\fP to allow curl
1187 to FTP to the machine host.domain.com with user name \&'myself' and password
1188 \&'secret' should look similar to:
1190 .B "machine host.domain.com login myself password secret"
1192 Tells curl to use a separate operation for the following URL and associated
1193 options. This allows you to send several URL requests, each with their own
1194 specific options, for example, such as different user names or custom requests
1197 \fI-:, --next\fP will reset all local options and only global ones will have their
1198 values survive over to the operation following the \fI-:, --next\fP instruction. Global
1199 options include \fI-v, --verbose\fP, \fI--trace\fP, \fI--trace-ascii\fP and \fI--fail-early\fP.
1201 For example, you can do both a GET and a POST in a single command line:
1203 curl www1.example.com --next -d postthis www2.example.com
1207 (HTTPS) Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built
1208 with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
1209 HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
1211 See also \fI--no-npn\fP and \fI--http2\fP. \fI--no-alpn\fP requires that the underlying libcurl was built to support TLS. Added in 7.36.0.
1212 .IP "-N, --no-buffer"
1213 Disables the buffering of the output stream. In normal work situations, curl
1214 will use a standard buffered output stream that will have the effect that it
1215 will output the data in chunks, not necessarily exactly when the data arrives.
1216 Using this option will disable that buffering.
1218 Note that this is the negated option name documented. You can thus use
1219 --buffer to enforce the buffering.
1220 .IP "--no-keepalive"
1221 Disables the use of keepalive messages on the TCP connection. curl otherwis
1222 enables them by default.
1224 Note that this is the negated option name documented. You can thus use
1225 --keepalive to enforce keepalive.
1227 (HTTPS) Disable the NPN TLS extension. NPN is enabled by default if libcurl was built
1228 with an SSL library that supports NPN. NPN is used by a libcurl that supports
1229 HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
1231 See also \fI--no-alpn\fP and \fI--http2\fP. \fI--no-npn\fP requires that the underlying libcurl was built to support TLS. Added in 7.36.0.
1232 .IP "--no-sessionid"
1233 (TLS) Disable curl's use of SSL session-ID caching. By default all transfers are
1234 done using the cache. Note that while nothing should ever get hurt by
1235 attempting to reuse SSL session-IDs, there seem to be broken SSL
1236 implementations in the wild that may require you to disable this in order for
1239 Note that this is the negated option name documented. You can thus use
1240 --sessionid to enforce session-ID caching.
1243 .IP "--noproxy <no-proxy-list>"
1244 Comma-separated list of hosts which do not use a proxy, if one is specified.
1245 The only wildcard is a single * character, which matches all hosts, and
1246 effectively disables the proxy. Each name in this list is matched as either
1247 a domain which contains the hostname, or the hostname itself. For example,
1248 local.com would match local.com, local.com:80, and www.local.com, but not
1251 Since 7.53.0, This option overrides the environment variables that disable the
1252 proxy. If there's an environment variable disabling a proxy, you can set
1253 noproxy list to \&"" to override it.
1257 (HTTP) Enables NTLM much in the style \fI--ntlm\fP does, but hand over the authentication
1258 to the separate binary ntlmauth application that is executed when needed.
1260 See also \fI--ntlm\fP and \fI--proxy-ntlm\fP.
1262 (HTTP) Enables NTLM authentication. The NTLM authentication method was designed by
1263 Microsoft and is used by IIS web servers. It is a proprietary protocol,
1264 reverse-engineered by clever people and implemented in curl based on their
1265 efforts. This kind of behavior should not be endorsed, you should encourage
1266 everyone who uses NTLM to switch to a public and documented authentication
1267 method instead, such as Digest.
1269 If you want to enable NTLM for your proxy authentication, then use
1272 If this option is used several times, only the first one is used.
1274 See also \fI--proxy-ntlm\fP. \fI--ntlm\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI--basic\fP and \fI--negotiated\fP and \fI--digest\fP and \fI--anyauth\fP.
1275 .IP "--oauth2-bearer"
1276 (IMAP POP3 SMTP) Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token
1277 is used in conjunction with the user name which can be specified as part of
1278 the \fI--url\fP or \fI-u, --user\fP options.
1280 The Bearer Token and user name are formatted according to RFC 6750.
1282 If this option is used several times, the last one will be used.
1283 .IP "-o, --output <file>"
1284 Write output to <file> instead of stdout. If you are using {} or [] to fetch
1285 multiple documents, you can use '#' followed by a number in the <file>
1286 specifier. That variable will be replaced with the current string for the URL
1287 being fetched. Like in:
1289 curl http://{one,two}.example.com -o "file_#1.txt"
1291 or use several variables like:
1293 curl http://{site,host}.host[1-5].com -o "#1_#2"
1295 You may use this option as many times as the number of URLs you have. For
1296 example, if you specify two URLs on the same command line, you can use it like
1299 curl -o aa example.com -o bb example.net
1301 and the order of the -o options and the URLs doesn't matter, just that the
1302 first -o is for the first URL and so on, so the above command line can also be
1305 curl example.com example.net -o aa -o bb
1307 See also the \fI--create-dirs\fP option to create the local directories
1308 dynamically. Specifying the output as '-' (a single dash) will force the
1309 output to be done to stdout.
1311 See also \fI-O, --remote-name\fP and \fI--remote-name-all\fP and \fI-J, --remote-header-name\fP.
1312 .IP "--pass <phrase>"
1313 (SSH TLS) Passphrase for the private key
1315 If this option is used several times, the last one will be used.
1317 Tell curl to not handle sequences of /../ or /./ in the given URL
1318 path. Normally curl will squash or merge them according to standards but with
1319 this option set you tell it not to do that.
1322 .IP "--pinnedpubkey <hashes>"
1323 (TLS) Tells curl to use the specified public key file (or hashes) to verify the
1324 peer. This can be a path to a file which contains a single public key in PEM
1325 or DER format, or any number of base64 encoded sha256 hashes preceded by
1326 \'sha256//\' and separated by \';\'
1328 When negotiating a TLS or SSL connection, the server sends a certificate
1329 indicating its identity. A public key is extracted from this certificate and
1330 if it does not exactly match the public key provided to this option, curl will
1331 abort the connection before sending or receiving any data.
1334 7.39.0: OpenSSL, GnuTLS and GSKit
1335 7.43.0: NSS and wolfSSL/CyaSSL
1339 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
1342 Other SSL backends not supported.
1344 If this option is used several times, the last one will be used.
1346 (HTTP) Tells curl to respect RFC 7231/6.4.2 and not convert POST requests into GET
1347 requests when following a 301 redirection. The non-RFC behaviour is ubiquitous
1348 in web browsers, so curl does the conversion by default to maintain
1349 consistency. However, a server may require a POST to remain a POST after such
1350 a redirection. This option is meaningful only when using \fI-L, --location\fP.
1352 See also \fI--post302\fP and \fI--post303\fP and \fI-L, --location\fP. Added in 7.17.1.
1354 (HTTP) Tells curl to respect RFC 7231/6.4.3 and not convert POST requests into GET
1355 requests when following a 302 redirection. The non-RFC behaviour is ubiquitous
1356 in web browsers, so curl does the conversion by default to maintain
1357 consistency. However, a server may require a POST to remain a POST after such
1358 a redirection. This option is meaningful only when using \fI-L, --location\fP.
1360 See also \fI--post301\fP and \fI--post303\fP and \fI-L, --location\fP. Added in 7.19.1.
1362 (HTTP) Tells curl to respect RFC 7231/6.4.4 and not convert POST requests into GET
1363 requests when following a 303 redirection. The non-RFC behaviour is ubiquitous
1364 in web browsers, so curl does the conversion by default to maintain
1365 consistency. However, a server may require a POST to remain a POST after such
1366 a redirection. This option is meaningful only when using \fI-L, --location\fP.
1368 See also \fI--post302\fP and \fI--post301\fP and \fI-L, --location\fP. Added in 7.26.0.
1369 .IP "--preproxy [protocol://]host[:port]"
1370 Use the specified SOCKS proxy before connecting to an HTTP or HTTPS \fI-x, --proxy\fP. In
1371 such a case curl first connects to the SOCKS proxy and then connects (through
1372 SOCKS) to the HTTP or HTTPS proxy. Hence pre proxy.
1374 The pre proxy string should be specified with a protocol:// prefix to specify
1375 alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
1376 socks5h:// to request the specific SOCKS version to be used. No protocol
1377 specified will make curl default to SOCKS4.
1379 If the port number is not specified in the proxy string, it is assumed to be
1382 User and password that might be provided in the proxy string are URL decoded
1383 by curl. This allows you to pass in special characters such as @ by using %40
1384 or pass in a colon with %3a.
1386 If this option is used several times, the last one will be used.
1389 .IP "-#, --progress-bar"
1390 Make curl display transfer progress as a simple progress bar instead of the
1391 standard, more informational, meter.
1393 This progress bar draws a single line of '#' characters across the screen and
1394 shows a percentage if the transfer size is known. For transfers without a
1395 known size, it will instead output one '#' character for every 1024 bytes
1397 .IP "--proto-default <protocol>"
1398 Tells curl to use \fIprotocol\fP for any URL missing a scheme name.
1402 curl --proto-default https ftp.mozilla.org
1404 An unknown or unsupported protocol causes error
1405 \fICURLE_UNSUPPORTED_PROTOCOL\fP (1).
1407 This option does not change the default proxy protocol (http).
1409 Without this option curl would make a guess based on the host, see \fI--url\fP for
1413 .IP "--proto-redir <protocols>"
1414 Tells curl to limit what protocols it may use on redirect. Protocols denied by
1415 \fI--proto\fP are not overridden by this option. See --proto for how protocols are
1418 Example, allow only HTTP and HTTPS on redirect:
1420 curl --proto-redir -all,http,https http://example.com
1422 By default curl will allow all protocols on redirect except several disabled
1423 for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
1424 SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP enables all
1425 protocols on redirect, including those disabled for security.
1428 .IP "--proto <protocols>"
1429 Tells curl to limit what protocols it may use in the transfer. Protocols are
1430 evaluated left to right, are comma separated, and are each a protocol name or
1431 'all', optionally prefixed by zero or more modifiers. Available modifiers are:
1435 Permit this protocol in addition to protocols already permitted (this is
1436 the default if no modifier is used).
1439 Deny this protocol, removing it from the list of protocols already permitted.
1442 Permit only this protocol (ignoring the list already permitted), though
1443 subject to later modification by subsequent entries in the comma separated
1450 .B \fI--proto\fP -ftps
1451 uses the default protocols, but disables ftps
1453 .B \fI--proto\fP -all,https,+http
1454 only enables http and https
1456 .B \fI--proto\fP =http,https
1457 also only enables http and https
1460 Unknown protocols produce a warning. This allows scripts to safely rely on
1461 being able to disable potentially dangerous protocols, without relying upon
1462 support for that protocol being built into curl to avoid an error.
1464 This option can be used multiple times, in which case the effect is the same
1465 as concatenating the protocols into one instance of the option.
1467 See also \fI--proto-redir\fP and \fI--proto-default\fP. Added in 7.20.2.
1468 .IP "--proxy-anyauth"
1469 Tells curl to pick a suitable authentication method when communicating with
1470 the given HTTP proxy. This might cause an extra request/response round-trip.
1472 See also \fI-x, --proxy\fP and \fI--proxy-basic\fP and \fI--proxy-digest\fP. Added in 7.13.2.
1474 Tells curl to use HTTP Basic authentication when communicating with the given
1475 proxy. Use \fI--basic\fP for enabling HTTP Basic with a remote host. Basic is the
1476 default authentication method curl uses with proxies.
1478 See also \fI-x, --proxy\fP and \fI--proxy-anyauth\fP and \fI--proxy-digest\fP.
1479 .IP "--proxy-cacert <file>"
1480 Same as \fI--cacert\fP but used in HTTPS proxy context.
1482 See also \fI--proxy-capath\fP and \fI--cacert\fP and \fI--capath\fP and \fI-x, --proxy\fP. Added in 7.52.0.
1483 .IP "--proxy-capath <dir>"
1484 Same as \fI--capath\fP but used in HTTPS proxy context.
1486 See also \fI--proxy-cacert\fP and \fI-x, --proxy\fP and \fI--capath\fP. Added in 7.52.0.
1487 .IP "--proxy-cert-type <type>"
1488 Same as \fI--cert-type\fP but used in HTTPS proxy context.
1491 .IP "--proxy-cert <cert[:passwd]>"
1492 Same as \fI-E, --cert\fP but used in HTTPS proxy context.
1495 .IP "--proxy-ciphers <list>"
1496 Same as \fI--ciphers\fP but used in HTTPS proxy context.
1499 .IP "--proxy-crlfile <file>"
1500 Same as \fI--crlfile\fP but used in HTTPS proxy context.
1503 .IP "--proxy-digest"
1504 Tells curl to use HTTP Digest authentication when communicating with the given
1505 proxy. Use \fI--digest\fP for enabling HTTP Digest with a remote host.
1507 See also \fI-x, --proxy\fP and \fI--proxy-anyauth\fP and \fI--proxy-basic\fP.
1508 .IP "--proxy-header <header>"
1509 (HTTP) Extra header to include in the request when sending HTTP to a proxy. You may
1510 specify any number of extra headers. This is the equivalent option to \fI-H, --header\fP
1511 but is for proxy communication only like in CONNECT requests when you want a
1512 separate header sent to the proxy to what is sent to the actual remote host.
1514 curl will make sure that each header you add/replace is sent with the proper
1515 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
1516 content: do not add newlines or carriage returns, they will only mess things
1519 Headers specified with this option will not be included in requests that curl
1520 knows will not be sent to a proxy.
1522 This option can be used multiple times to add/replace/remove multiple headers.
1525 .IP "--proxy-insecure"
1526 Same as \fI-k, --insecure\fP but used in HTTPS proxy context.
1529 .IP "--proxy-key-type <type>"
1530 Same as \fI--key-type\fP but used in HTTPS proxy context.
1533 .IP "--proxy-key <key>"
1534 Same as \fI--key\fP but used in HTTPS proxy context.
1535 .IP "--proxy-negotiate"
1536 Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating
1537 with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate (SPNEGO)
1540 See also \fI--proxy-anyauth\fP and \fI--proxy-basic\fP. Added in 7.17.1.
1542 Tells curl to use HTTP NTLM authentication when communicating with the given
1543 proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
1545 See also \fI--proxy-negotiate\fP and \fI--proxy-anyauth\fP.
1546 .IP "--proxy-pass <phrase>"
1547 Same as \fI--pass\fP but used in HTTPS proxy context.
1550 .IP "--proxy-service-name <name>"
1551 This option allows you to change the service name for proxy negotiation.
1554 .IP "--proxy-ssl-allow-beast"
1555 Same as \fI--ssl-allow-beast\fP but used in HTTPS proxy context.
1558 .IP "--proxy-tlsauthtype <type>"
1559 Same as \fI--tlsauthtype\fP but used in HTTPS proxy context.
1562 .IP "--proxy-tlspassword <string>"
1563 Same as \fI--tlspassword\fP but used in HTTPS proxy context.
1566 .IP "--proxy-tlsuser <name>"
1567 Same as \fI--tlsuser\fP but used in HTTPS proxy context.
1571 Same as \fI-1, --tlsv1\fP but used in HTTPS proxy context.
1574 .IP "-U, --proxy-user <user:password>"
1575 Specify the user name and password to use for proxy authentication.
1577 If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM
1578 authentication then you can tell curl to select the user name and password
1579 from your environment by specifying a single colon with this option: "-U :".
1581 If this option is used several times, the last one will be used.
1582 .IP "-x, --proxy [protocol://]host[:port]"
1583 Use the specified proxy.
1585 The proxy string can be specified with a protocol:// prefix. No protocol
1586 specified or http:// will be treated as HTTP proxy. Use socks4://, socks4a://,
1587 socks5:// or socks5h:// to request a specific SOCKS version to be used.
1588 (The protocol support was added in curl 7.21.7)
1590 HTTPS proxy support via https:// protocol prefix was added in 7.52.0 for
1591 OpenSSL, GnuTLS and NSS.
1593 Unrecognized and unsupported proxy protocols cause an error since 7.52.0.
1594 Prior versions may ignore the protocol and use http:// instead.
1596 If the port number is not specified in the proxy string, it is assumed to be
1599 This option overrides existing environment variables that set the proxy to
1600 use. If there's an environment variable setting a proxy, you can set proxy to
1601 \&"" to override it.
1603 All operations that are performed over an HTTP proxy will transparently be
1604 converted to HTTP. It means that certain protocol specific operations might
1605 not be available. This is not the case if you can tunnel through the proxy, as
1606 one with the \fI-p, --proxytunnel\fP option.
1608 User and password that might be provided in the proxy string are URL decoded
1609 by curl. This allows you to pass in special characters such as @ by using %40
1610 or pass in a colon with %3a.
1612 The proxy host can be specified the exact same way as the proxy environment
1613 variables, including the protocol prefix (http://) and the embedded user +
1616 If this option is used several times, the last one will be used.
1617 .IP "--proxy1.0 <host[:port]>"
1618 Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
1619 assumed at port 1080.
1621 The only difference between this and the HTTP proxy option \fI-x, --proxy\fP, is that
1622 attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol
1623 instead of the default HTTP 1.1.
1624 .IP "-p, --proxytunnel"
1625 When an HTTP proxy is used \fI-x, --proxy\fP, this option will cause non-HTTP protocols
1626 to attempt to tunnel through the proxy instead of merely using it to do
1627 HTTP-like operations. The tunnel approach is made with the HTTP proxy CONNECT
1628 request and requires that the proxy allows direct connect to the remote port
1629 number curl wants to tunnel through to.
1631 See also \fI-x, --proxy\fP.
1632 .IP "--pubkey <key>"
1633 (SFTP SCP) Public key file name. Allows you to provide your public key in this separate
1636 If this option is used several times, the last one will be used.
1638 (As of 7.39.0, curl attempts to automatically extract the public key from the
1639 private key file, so passing this option is generally not required. Note that
1640 this public key extraction requires libcurl to be linked against a copy of
1641 libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
1644 Send an arbitrary command to the remote FTP or SFTP server. Quote commands are
1645 sent BEFORE the transfer takes place (just after the initial PWD command in an
1646 FTP transfer, to be exact). To make commands take place after a successful
1647 transfer, prefix them with a dash '-'. To make commands be sent after curl
1648 has changed the working directory, just before the transfer command(s), prefix
1649 the command with a '+' (this is only supported for FTP). You may specify any
1652 If the server returns failure for one of the commands, the entire operation
1653 will be aborted. You must send syntactically correct FTP commands as RFC 959
1654 defines to FTP servers, or one of the commands listed below to SFTP servers.
1656 This option can be used multiple times. When speaking to an FTP server, prefix
1657 the command with an asterisk (*) to make curl continue even if the command
1658 fails as by default curl will stop at first failure.
1660 SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands
1661 itself before sending them to the server. File names may be quoted
1662 shell-style to embed spaces or special characters. Following is the list of
1663 all supported SFTP quote commands:
1665 .IP "chgrp group file"
1666 The chgrp command sets the group ID of the file named by the file operand to
1667 the group ID specified by the group operand. The group operand is a decimal
1669 .IP "chmod mode file"
1670 The chmod command modifies the file mode bits of the specified file. The
1671 mode operand is an octal integer mode number.
1672 .IP "chown user file"
1673 The chown command sets the owner of the file named by the file operand to the
1674 user ID specified by the user operand. The user operand is a decimal
1676 .IP "ln source_file target_file"
1677 The ln and symlink commands create a symbolic link at the target_file location
1678 pointing to the source_file location.
1679 .IP "mkdir directory_name"
1680 The mkdir command creates the directory named by the directory_name operand.
1682 The pwd command returns the absolute pathname of the current working directory.
1683 .IP "rename source target"
1684 The rename command renames the file or directory named by the source
1685 operand to the destination path named by the target operand.
1687 The rm command removes the file specified by the file operand.
1688 .IP "rmdir directory"
1689 The rmdir command removes the directory entry specified by the directory
1690 operand, provided it is empty.
1691 .IP "symlink source_file target_file"
1694 .IP "--random-file <file>"
1695 Specify the path name to file containing what will be considered as random
1696 data. The data may be used to seed the random engine for SSL connections. See
1697 also the \fI--egd-file\fP option.
1698 .IP "-r, --range <range>"
1699 (HTTP FTP SFTP FILE) Retrieve a byte range (i.e a partial document) from a HTTP/1.1, FTP or SFTP
1700 server or a local FILE. Ranges can be specified in a number of ways.
1704 specifies the first 500 bytes
1707 specifies the second 500 bytes
1710 specifies the last 500 bytes
1713 specifies the bytes from offset 9500 and forward
1716 specifies the first and last byte only(*)(HTTP)
1719 specifies two separate 100-byte ranges(*) (HTTP)
1722 (*) = NOTE that this will cause the server to reply with a multipart
1725 Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the
1726 \&'start-stop' range syntax. If a non-digit character is given in the range,
1727 the server's response will be unspecified, depending on the server's
1730 You should also be aware that many HTTP/1.1 servers do not have this feature
1731 enabled, so that when you attempt to get a range, you'll instead get the whole
1734 FTP and SFTP range downloads only support the simple 'start-stop' syntax
1735 (optionally with one of the numbers omitted). FTP use depends on the extended
1738 If this option is used several times, the last one will be used.
1740 (HTTP) When used, it disables all internal HTTP decoding of content or transfer
1741 encodings and instead makes them passed on unaltered, raw.
1744 .IP "-e, --referer <URL>"
1745 (HTTP) Sends the "Referrer Page" information to the HTTP server. This can also be set
1746 with the \fI-H, --header\fP flag of course. When used with \fI-L, --location\fP you can append
1747 ";auto" to the \fI-e, --referer\fP URL to make curl automatically set the previous URL
1748 when it follows a Location: header. The \&";auto" string can be used alone,
1749 even if you don't set an initial \fI-e, --referer\fP.
1751 If this option is used several times, the last one will be used.
1753 See also \fI-A, --user-agent\fP and \fI-H, --header\fP.
1754 .IP "-J, --remote-header-name"
1755 (HTTP) This option tells the \fI-O, --remote-name\fP option to use the server-specified
1756 Content-Disposition filename instead of extracting a filename from the URL.
1758 If the server specifies a file name and a file with that name already exists
1759 in the current working directory it will not be overwritten and an error will
1760 occur. If the server doesn't specify a file name then this option has no
1763 There's no attempt to decode %-sequences (yet) in the provided file name, so
1764 this option may provide you with rather unexpected file names.
1766 \fBWARNING\fP: Exercise judicious use of this option, especially on Windows. A
1767 rogue server could send you the name of a DLL or other file that could possibly
1768 be loaded automatically by Windows or some third party software.
1769 .IP "--remote-name-all"
1770 This option changes the default action for all given URLs to be dealt with as
1771 if \fI-O, --remote-name\fP were used for each one. So if you want to disable that for a
1772 specific URL after \fI--remote-name-all\fP has been used, you must use "-o -" or
1776 .IP "-O, --remote-name"
1777 Write output to a local file named like the remote file we get. (Only the file
1778 part of the remote file is used, the path is cut off.)
1780 The file will be saved in the current working directory. If you want the file
1781 saved in a different directory, make sure you change the current working
1782 directory before invoking curl with this option.
1784 The remote file name to use for saving is extracted from the given URL,
1785 nothing else, and if it already exists it will be overwritten. If you want the
1786 server to be able to choose the file name refer to \fI-J, --remote-header-name\fP which
1787 can be used in addition to this option. If the server chooses a file name and
1788 that name already exists it will not be overwritten.
1790 There is no URL decoding done on the file name. If it has %20 or other URL
1791 encoded parts of the name, they will end up as-is as file name.
1793 You may use this option as many times as the number of URLs you have.
1794 .IP "-R, --remote-time"
1795 When used, this will make curl attempt to figure out the timestamp of the
1796 remote file, and if that is available make the local file get that same
1798 .IP "-X, --request <command>"
1799 (HTTP) Specifies a custom request method to use when communicating with the
1800 HTTP server. The specified request method will be used instead of the method
1801 otherwise used (which defaults to GET). Read the HTTP 1.1 specification for
1802 details and explanations. Common additional HTTP requests include PUT and
1803 DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
1806 Normally you don't need this option. All sorts of GET, HEAD, POST and PUT
1807 requests are rather invoked by using dedicated command line options.
1809 This option only changes the actual word used in the HTTP request, it does not
1810 alter the way curl behaves. So for example if you want to make a proper HEAD
1811 request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP option.
1813 The method string you set with \fI-X, --request\fP will be used for all requests, which
1814 if you for example use \fI-L, --location\fP may cause unintended side-effects when curl
1815 doesn't change request method according to the HTTP 30x response codes - and
1819 Specifies a custom FTP command to use instead of LIST when doing file lists
1823 Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
1827 Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
1830 Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in 7.34.0)
1832 If this option is used several times, the last one will be used.
1833 .IP "--resolve <host:port:address>"
1834 Provide a custom address for a specific host and port pair. Using this, you
1835 can make the curl requests(s) use a specified address and prevent the
1836 otherwise normally resolved address to be used. Consider it a sort of
1837 /etc/hosts alternative provided on the command line. The port number should be
1838 the number used for the specific protocol the host will be used for. It means
1839 you need several entries if you want to provide address for the same host but
1842 The provided address set by this option will be used even if \fI-4, --ipv4\fP or \fI-6, --ipv6\fP
1843 is set to make curl use another IP version.
1845 This option can be used many times to add many host names to resolve.
1848 .IP "--retry-connrefused"
1849 In addition to the other conditions, consider ECONNREFUSED as a transient
1850 error too for \fI--retry\fP. This option is used together with --retry.
1853 .IP "--retry-delay <seconds>"
1854 Make curl sleep this amount of time before each retry when a transfer has
1855 failed with a transient error (it changes the default backoff time algorithm
1856 between retries). This option is only interesting if \fI--retry\fP is also
1857 used. Setting this delay to zero will make curl use the default backoff time.
1859 If this option is used several times, the last one will be used.
1862 .IP "--retry-max-time <seconds>"
1863 The retry timer is reset before the first transfer attempt. Retries will be
1864 done as usual (see \fI--retry\fP) as long as the timer hasn't reached this given
1865 limit. Notice that if the timer hasn't reached the limit, the request will be
1866 made and while performing, it may take longer than this given time period. To
1867 limit a single request\'s maximum time, use \fI-m, --max-time\fP. Set this option to
1868 zero to not timeout retries.
1870 If this option is used several times, the last one will be used.
1874 If a transient error is returned when curl tries to perform a transfer, it
1875 will retry this number of times before giving up. Setting the number to 0
1876 makes curl do no retries (which is the default). Transient error means either:
1877 a timeout, an FTP 4xx response code or an HTTP 5xx response code.
1879 When curl is about to retry a transfer, it will first wait one second and then
1880 for all forthcoming retries it will double the waiting time until it reaches
1881 10 minutes which then will be the delay between the rest of the retries. By
1882 using \fI--retry-delay\fP you disable this exponential backoff algorithm. See also
1883 \fI--retry-max-time\fP to limit the total time allowed for retries.
1885 If this option is used several times, the last one will be used.
1889 Enable initial response in SASL authentication.
1892 .IP "--service-name <name>"
1893 This option allows you to change the service name for SPNEGO.
1895 Examples: \fI--negotiate\fP \fI--service-name\fP sockd would use sockd/server-name.
1898 .IP "-S, --show-error"
1899 When used with \fI-s, --silent\fP, it makes curl show an error message if it fails.
1901 Silent or quiet mode. Don't show progress meter or error messages. Makes Curl
1902 mute. It will still output the data you ask for, potentially even to the
1903 terminal/stdout unless you redirect it.
1905 Use \fI-S, --show-error\fP in addition to this option to disable progress meter but
1906 still show error messages.
1908 See also \fI-v, --verbose\fP and \fI--stderr\fP.
1909 .IP "--socks4 <host[:port]>"
1910 Use the specified SOCKS4 proxy. If the port number is not specified, it is
1911 assumed at port 1080.
1913 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
1916 Since 7.21.7, this option is superfluous since you can specify a socks4 proxy
1917 with \fI-x, --proxy\fP using a socks4:// protocol prefix.
1919 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
1920 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
1921 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
1923 If this option is used several times, the last one will be used.
1926 .IP "--socks4a <host[:port]>"
1927 Use the specified SOCKS4a proxy. If the port number is not specified, it is
1928 assumed at port 1080.
1930 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
1933 Since 7.21.7, this option is superfluous since you can specify a socks4a proxy
1934 with \fI-x, --proxy\fP using a socks4a:// protocol prefix.
1936 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
1937 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
1938 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
1940 If this option is used several times, the last one will be used.
1943 .IP "--socks5-gssapi-nec"
1944 As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961
1945 says in section 4.3/4.4 it should be protected, but the NEC reference
1946 implementation does not. The option \fI--socks5-gssapi-nec\fP allows the
1947 unprotected exchange of the protection mode negotiation.
1950 .IP "--socks5-gssapi-service <name>"
1951 The default service name for a socks server is rcmd/server-fqdn. This option
1952 allows you to change it.
1954 Examples: \fI--socks5\fP proxy-name \fI--socks5-gssapi-service\fP sockd would use
1955 sockd/proxy-name \fI--socks5\fP proxy-name \fI--socks5-gssapi-service\fP sockd/real-name
1956 would use sockd/real-name for cases where the proxy-name does not match the
1960 .IP "--socks5-hostname <host[:port]>"
1961 Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
1962 the port number is not specified, it is assumed at port 1080.
1964 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
1967 Since 7.21.7, this option is superfluous since you can specify a socks5
1968 hostname proxy with \fI-x, --proxy\fP using a socks5h:// protocol prefix.
1970 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
1971 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
1972 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
1974 If this option is used several times, the last one will be used.
1977 .IP "--socks5 <host[:port]>"
1978 Use the specified SOCKS5 proxy - but resolve the host name locally. If the
1979 port number is not specified, it is assumed at port 1080.
1981 This option overrides any previous use of \fI-x, --proxy\fP, as they are mutually
1984 Since 7.21.7, this option is superfluous since you can specify a socks5 proxy
1985 with \fI-x, --proxy\fP using a socks5:// protocol prefix.
1987 Since 7.52.0, \fI--preproxy\fP can be used to specify a SOCKS proxy at the same time
1988 \fI-x, --proxy\fP is used with an HTTP/HTTPS proxy. In such a case curl first connects to
1989 the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
1991 If this option is used several times, the last one will be used.
1993 This option (as well as \fI--socks4\fP) does not work with IPV6, FTPS or LDAP.
1996 .IP "-Y, --speed-limit <speed>"
1997 If a download is slower than this given speed (in bytes per second) for
1998 speed-time seconds it gets aborted. speed-time is set with \fI-y, --speed-time\fP and is
2001 If this option is used several times, the last one will be used.
2002 .IP "-y, --speed-time <seconds>"
2003 If a download is slower than speed-limit bytes per second during a speed-time
2004 period, the download gets aborted. If speed-time is used, the default
2005 speed-limit will be 1 unless set with \fI-Y, --speed-limit\fP.
2007 This option controls transfers and thus will not affect slow connects etc. If
2008 this is a concern for you, try the \fI--connect-timeout\fP option.
2010 If this option is used several times, the last one will be used.
2011 .IP "--ssl-allow-beast"
2012 This option tells curl to not work around a security flaw in the SSL3 and
2013 TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may
2014 use workarounds known to cause interoperability problems with some older SSL
2015 implementations. WARNING: this option loosens the SSL security, and by using
2016 this flag you ask for exactly that.
2019 .IP "--ssl-no-revoke"
2020 (WinSSL) This option tells curl to disable certificate revocation checks.
2021 WARNING: this option loosens the SSL security, and by using this flag you ask
2026 (FTP IMAP POP3 SMTP) Require SSL/TLS for the connection. Terminates the connection if the server
2027 doesn't support SSL/TLS.
2029 This option was formerly known as --ftp-ssl-reqd.
2033 (FTP IMAP POP3 SMTP)
2034 Try to use SSL/TLS for the connection. Reverts to a non-secure connection if
2035 the server doesn't support SSL/TLS. See also \fI--ftp-ssl-control\fP and \fI--ssl-reqd\fP
2036 for different levels of encryption required.
2038 This option was formerly known as --ftp-ssl (Added in 7.11.0). That option
2039 name can still be used but will be removed in a future version.
2043 (SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
2044 server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
2045 considered insecure (see RFC 6176).
2047 See also \fI--http1.1\fP and \fI--http2\fP. \fI-2, --sslv2\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI-3, --sslv3\fP and \fI-1, --tlsv1\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP.
2049 (SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
2050 server. Sometimes curl is built without SSLv3 support. SSLv3 is widely
2051 considered insecure (see RFC 7568).
2053 See also \fI--http1.1\fP and \fI--http2\fP. \fI-3, --sslv3\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI-2, --sslv2\fP and \fI-1, --tlsv1\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP.
2055 Redirect all writes to stderr to the specified file instead. If the file name
2056 is a plain '-', it is instead written to stdout.
2058 If this option is used several times, the last one will be used.
2060 See also \fI-v, --verbose\fP and \fI-s, --silent\fP.
2061 .IP "--tcp-fastopen"
2062 Enable use of TCP Fast Open (RFC7413).
2066 Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for
2067 details about this option.
2069 Since 7.50.2, curl sets this option by default and you need to explictitly
2070 switch it off if you don't want it on.
2073 .IP "-t, --telnet-option <opt=val>"
2074 Pass options to the telnet protocol. Supported options are:
2076 TTYPE=<term> Sets the terminal type.
2078 XDISPLOC=<X display> Sets the X display location.
2080 NEW_ENV=<var,val> Sets an environment variable.
2081 .IP "--tftp-blksize <value>"
2082 (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that curl will
2083 try to use when transferring data to or from a TFTP server. By default 512
2086 If this option is used several times, the last one will be used.
2089 .IP "--tftp-no-options"
2090 (TFTP) Tells curl not to send TFTP options requests.
2092 This option improves interop with some legacy servers that do not acknowledge
2093 or properly implement TFTP options. When this option is used \fI--tftp-blksize\fP is
2097 .IP "-z, --time-cond <time>"
2098 (HTTP FTP) Request a file that has been modified later than the given time and date, or
2099 one that has been modified before that time. The <date expression> can be all
2100 sorts of date strings or if it doesn't match any internal ones, it is taken as
2101 a filename and tries to get the modification date (mtime) from <file>
2102 instead. See the \fIcurl_getdate(3)\fP man pages for date expression details.
2104 Start the date expression with a dash (-) to make it request for a document
2105 that is older than the given date/time, default is a document that is newer
2106 than the specified date/time.
2108 If this option is used several times, the last one will be used.
2109 .IP "--tlsauthtype <type>"
2110 Set TLS authentication type. Currently, the only supported option is "SRP",
2111 for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are specified but
2112 \fI--tlsauthtype\fP is not, then this option defaults to "SRP".
2116 Set password for use with the TLS authentication method specified with
2117 \fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set.
2120 .IP "--tlsuser <name>"
2121 Set username for use with the TLS authentication method specified with
2122 \fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also is set.
2126 (TLS) Forces curl to use TLS version 1.0 when connecting to a remote TLS server.
2130 (TLS) Forces curl to use TLS version 1.1 when connecting to a remote TLS server.
2134 (TLS) Forces curl to use TLS version 1.2 when connecting to a remote TLS server.
2138 (TLS) Forces curl to use TLS version 1.3 when connecting to a remote TLS server.
2140 Note that TLS 1.3 is only supported by a subset of TLS backends. At the time
2141 of writing this, those are BoringSSL and NSS only.
2145 (SSL) Tells curl to use TLS version 1.x when negotiating with a remote TLS
2146 server. That means TLS version 1.0, 1.1 or 1.2.
2148 See also \fI--http1.1\fP and \fI--http2\fP. \fI-1, --tlsv1\fP requires that the underlying libcurl was built to support TLS. This option overrides \fI--tlsv1.1\fP and \fI--tlsv1.2\fP and \fI--tlsv1.3\fP.
2150 (HTTP) Request a compressed Transfer-Encoding response using one of the algorithms
2151 curl supports, and uncompress the data while receiving it.
2154 .IP "--trace-ascii <file>"
2155 Enables a full trace dump of all incoming and outgoing data, including
2156 descriptive information, to the given output file. Use "-" as filename to have
2157 the output sent to stdout.
2159 This is very similar to \fI--trace\fP, but leaves out the hex part and only shows
2160 the ASCII part of the dump. It makes smaller output that might be easier to
2161 read for untrained humans.
2163 If this option is used several times, the last one will be used.
2165 This option overrides \fI--trace\fP and \fI-v, --verbose\fP.
2167 Prepends a time stamp to each trace or verbose line that curl displays.
2170 .IP "--trace <file>"
2171 Enables a full trace dump of all incoming and outgoing data, including
2172 descriptive information, to the given output file. Use "-" as filename to have
2173 the output sent to stdout. Use "%" as filename to have the output sent to
2176 If this option is used several times, the last one will be used.
2178 This option overrides \fI-v, --verbose\fP and \fI--trace-ascii\fP.
2179 .IP "--unix-socket <path>"
2180 (HTTP) Connect through this Unix domain socket, instead of using the network.
2183 .IP "-T, --upload-file <file>"
2184 This transfers the specified local file to the remote URL. If there is no file
2185 part in the specified URL, curl will append the local file name. NOTE that you
2186 must use a trailing / on the last directory to really prove to Curl that there
2187 is no file name or curl will think that your last directory name is the remote
2188 file name to use. That will most likely cause the upload operation to fail. If
2189 this is used on an HTTP(S) server, the PUT command will be used.
2191 Use the file name "-" (a single dash) to use stdin instead of a given file.
2192 Alternately, the file name "." (a single period) may be specified instead
2193 of "-" to use stdin in non-blocking mode to allow reading server output
2194 while stdin is being uploaded.
2196 You can specify one \fI-T, --upload-file\fP for each URL on the command line. Each
2197 \fI-T, --upload-file\fP + URL pair specifies what to upload and to where. curl also
2198 supports "globbing" of the \fI-T, --upload-file\fP argument, meaning that you can upload
2199 multiple files to a single URL by using the same URL globbing style supported
2200 in the URL, like this:
2202 curl --upload-file "{file1,file2}" http://www.example.com
2206 curl -T "img[1-1000].png" ftp://ftp.example.com/upload/
2208 When uploading to an SMTP server: the uploaded data is assumed to be RFC 5322
2209 formatted. It has to feature the necessary set of headers and mail body
2210 formatted correctly by the user as curl will not transcode nor encode it
2213 Specify a URL to fetch. This option is mostly handy when you want to specify
2214 URL(s) in a config file.
2216 If the given URL is missing a scheme name (such as "http://" or "ftp://" etc)
2217 then curl will make a guess based on the host. If the outermost sub-domain
2218 name matches DICT, FTP, IMAP, LDAP, POP3 or SMTP then that protocol will be
2219 used, otherwise HTTP will be used. Since 7.45.0 guessing can be disabled by
2220 setting a default protocol, see \fI--proto-default\fP for details.
2222 This option may be used any number of times. To control where this URL is
2223 written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options.
2224 .IP "-B, --use-ascii"
2225 (FTP LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using a URL that
2226 ends with ";type=A". This option causes data sent to stdout to be in text mode
2228 .IP "-A, --user-agent <name>"
2230 Specify the User-Agent string to send to the HTTP server. To encode blanks in
2231 the string, surround the string with single quote marks. This can also be set
2232 with the \fI-H, --header\fP option of course.
2234 If this option is used several times, the last one will be used.
2235 .IP "-u, --user <user:password>"
2236 Specify the user name and password to use for server authentication. Overrides
2237 \fI-n, --netrc\fP and \fI--netrc-optional\fP.
2239 If you simply specify the user name, curl will prompt for a password.
2241 The user name and passwords are split up on the first colon, which makes it
2242 impossible to use a colon in the user name with this option. The password can,
2245 When using Kerberos V5 with a Windows based server you should include the
2246 Windows domain name in the user name, in order for the server to successfully
2247 obtain a Kerberos Ticket. If you don't then the initial authentication
2250 When using NTLM, the user name can be specified simply as the user name,
2251 without the domain, if there is a single domain and forest in your setup
2254 To specify the domain name use either Down-Level Logon Name or UPN (User
2255 Principal Name) formats. For example, EXAMPLE\\user and user@example.com
2258 If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
2259 Negotiate, NTLM or Digest authentication then you can tell curl to select
2260 the user name and password from your environment by specifying a single colon
2261 with this option: "-u :".
2263 If this option is used several times, the last one will be used.
2265 Makes curl verbose during the operation. Useful for debugging and seeing
2266 what's going on "under the hood". A line starting with '>' means "header data"
2267 sent by curl, '<' means "header data" received by curl that is hidden in
2268 normal cases, and a line starting with '*' means additional info provided by
2271 If you only want HTTP headers in the output, \fI-i, --include\fP might be the option
2274 If you think this option still doesn't give you enough details, consider using
2275 \fI--trace\fP or \fI--trace-ascii\fP instead.
2277 Use \fI-s, --silent\fP to make curl really quiet.
2279 See also \fI-i, --include\fP. This option overrides \fI--trace\fP and \fI--trace-ascii\fP.
2281 Displays information about curl and the libcurl version it uses.
2283 The first line includes the full version of curl, libcurl and other 3rd party
2284 libraries linked with the executable.
2286 The second line (starts with "Protocols:") shows all protocols that libcurl
2289 The third line (starts with "Features:") shows specific features libcurl
2290 reports to offer. Available features include:
2293 You can use IPv6 with this.
2295 Krb4 for FTP is supported.
2297 SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
2300 Automatic decompression of compressed files over HTTP is supported.
2302 NTLM authentication is supported.
2304 This curl uses a libcurl built with Debug. This enables more error-tracking
2305 and memory debugging etc. For curl-developers only!
2307 This curl uses asynchronous name resolves. Asynchronous name resolves can be
2308 done using either the c-ares or the threaded resolver backends.
2310 SPNEGO authentication is supported.
2312 This curl supports transfers of large files, files larger than 2GB.
2314 This curl supports IDN - international domain names.
2316 GSS-API is supported.
2320 SRP (Secure Remote Password) authentication is supported for TLS.
2322 HTTP/2 support has been built-in.
2324 Unix sockets support is provided.
2326 This curl is built to support HTTPS proxy.
2328 This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
2329 describes mirrors and hashes. curl will use mirrors for failover if
2330 there are errors (such as the file or server not being available).
2332 PSL is short for Public Suffix List and means that this curl has been built
2333 with knowledge about "public suffixes".
2335 .IP "-w, --write-out <format>"
2336 Make curl display information on stdout after a completed transfer. The format
2337 is a string that may contain plain text mixed with any number of
2338 variables. The format can be specified as a literal "string", or you can have
2339 curl read the format from a file with "@filename" and to tell curl to read the
2340 format from stdin you write "@-".
2342 The variables present in the output format will be substituted by the value or
2343 text that curl thinks fit, as described below. All variables are specified as
2344 %{variable_name} and to output a normal % you just write them as %%. You can
2345 output a newline by using \\n, a carriage return with \\r and a tab space with
2349 The %-symbol is a special symbol in the win32-environment, where all
2350 occurrences of % must be doubled when using this option.
2352 The variables available are:
2356 The Content-Type of the requested document, if there was any.
2358 .B filename_effective
2359 The ultimate filename that curl writes out to. This is only meaningful if curl
2360 is told to write to a file with the \fI-O, --remote-name\fP or \fI-o, --output\fP
2361 option. It's most useful in combination with the \fI-J, --remote-header-name\fP
2362 option. (Added in 7.26.0)
2365 The initial path curl ended up in when logging on to the remote FTP
2366 server. (Added in 7.15.4)
2369 The numerical response code that was found in the last retrieved HTTP(S) or
2370 FTP(s) transfer. In 7.18.2 the alias \fBresponse_code\fP was added to show the
2374 The numerical code that was found in the last response (from a proxy) to a
2375 curl CONNECT request. (Added in 7.12.4)
2378 The http version that was effectively used. (Added in 7.50.0)
2381 The IP address of the local end of the most recently done connection - can be
2382 either IPv4 or IPv6 (Added in 7.29.0)
2385 The local port number of the most recently done connection (Added in 7.29.0)
2388 Number of new connects made in the recent transfer. (Added in 7.12.3)
2391 Number of redirects that were followed in the request. (Added in 7.12.3)
2393 .B proxy_ssl_verify_result
2394 The result of the HTTPS proxy's SSL peer certificate verification that was
2395 requested. 0 means the verification was successful. (Added in 7.52.0)
2398 When an HTTP request was made without -L to follow redirects, this variable
2399 will show the actual URL a redirect \fIwould\fP take you to. (Added in 7.18.2)
2402 The remote IP address of the most recently done connection - can be either
2403 IPv4 or IPv6 (Added in 7.29.0)
2406 The remote port number of the most recently done connection (Added in 7.29.0)
2409 The URL scheme (sometimes called protocol) that was effectively used (Added in 7.52.0)
2412 The total amount of bytes that were downloaded.
2415 The total amount of bytes of the downloaded headers.
2418 The total amount of bytes that were sent in the HTTP request.
2421 The total amount of bytes that were uploaded.
2424 The average download speed that curl measured for the complete download. Bytes
2428 The average upload speed that curl measured for the complete upload. Bytes per
2431 .B ssl_verify_result
2432 The result of the SSL peer certificate verification that was requested. 0
2433 means the verification was successful. (Added in 7.19.0)
2436 The time, in seconds, it took from the start until the SSL/SSH/etc
2437 connect/handshake to the remote host was completed. (Added in 7.19.0)
2440 The time, in seconds, it took from the start until the TCP connect to the
2441 remote host (or proxy) was completed.
2444 The time, in seconds, it took from the start until the name resolving was
2448 The time, in seconds, it took from the start until the file transfer was just
2449 about to begin. This includes all pre-transfer commands and negotiations that
2450 are specific to the particular protocol(s) involved.
2453 The time, in seconds, it took for all redirection steps include name lookup,
2454 connect, pretransfer and transfer before the final transaction was
2455 started. time_redirect shows the complete execution time for multiple
2456 redirections. (Added in 7.12.3)
2458 .B time_starttransfer
2459 The time, in seconds, it took from the start until the first byte was just
2460 about to be transferred. This includes time_pretransfer and also the time the
2461 server needed to calculate the result.
2464 The total time, in seconds, that the full operation lasted.
2467 The URL that was fetched last. This is most meaningful if you've told curl
2468 to follow location: headers.
2471 If this option is used several times, the last one will be used.
2473 When saving output to a file, this option tells curl to store certain file
2474 metadata in extended file attributes. Currently, the URL is stored in the
2475 xdg.origin.url attribute and, for HTTP, the content type is stored in
2476 the mime_type attribute. If the file system does not support extended
2477 attributes, a warning is issued.
2481 Default config file, see \fI-K, --config\fP for details.
2483 The environment variables can be specified in lower case or upper case. The
2484 lower case version has precedence. http_proxy is an exception as it is only
2485 available in lower case.
2487 Using an environment variable to set the proxy has the same effect as using
2488 the \fI-x, --proxy\fP option.
2490 .IP "http_proxy [protocol://]<host>[:port]"
2491 Sets the proxy server to use for HTTP.
2492 .IP "HTTPS_PROXY [protocol://]<host>[:port]"
2493 Sets the proxy server to use for HTTPS.
2494 .IP "[url-protocol]_PROXY [protocol://]<host>[:port]"
2495 Sets the proxy server to use for [url-protocol], where the protocol is a
2496 protocol that curl supports and as specified in a URL. FTP, FTPS, POP3, IMAP,
2498 .IP "ALL_PROXY [protocol://]<host>[:port]"
2499 Sets the proxy server to use if no protocol-specific proxy is set.
2500 .IP "NO_PROXY <comma-separated list of hosts>"
2501 list of host names that shouldn't go through any proxy. If set to a asterisk
2502 \&'*' only, it matches all hosts.
2504 Since 7.53.0, this environment variable disable the proxy even if specify
2505 \fI-x, --proxy\fP option. That is
2506 .B NO_PROXY=direct.example.com curl -x http://proxy.example.com
2507 .B http://direct.example.com
2508 accesses the target URL directly, and
2509 .B NO_PROXY=direct.example.com curl -x http://proxy.example.com
2510 .B http://somewhere.example.com
2511 accesses the target URL through proxy.
2513 .SH "PROXY PROTOCOL PREFIXES"
2514 Since curl version 7.21.7, the proxy string may be specified with a
2515 protocol:// prefix to specify alternative proxy protocols.
2517 If no protocol is specified in the proxy string or if the string doesn't match
2518 a supported one, the proxy will be treated as an HTTP proxy.
2520 The supported proxy protocol prefixes are as follows:
2522 Makes it the equivalent of \fI--socks4\fP
2524 Makes it the equivalent of \fI--socks4a\fP
2526 Makes it the equivalent of \fI--socks5\fP
2528 Makes it the equivalent of \fI--socks5-hostname\fP
2530 There are a bunch of different error codes and their corresponding error
2531 messages that may appear during bad conditions. At the time of this writing,
2534 Unsupported protocol. This build of curl has no support for this protocol.
2536 Failed to initialize.
2538 URL malformed. The syntax was not correct.
2540 A feature or option that was needed to perform the desired request was not
2541 enabled or was explicitly disabled at build-time. To make curl able to do
2542 this, you probably need another build of libcurl!
2544 Couldn't resolve proxy. The given proxy host could not be resolved.
2546 Couldn't resolve host. The given remote host was not resolved.
2548 Failed to connect to host.
2550 Weird server reply. The server sent data curl couldn't parse.
2552 FTP access denied. The server denied login or denied access to the particular
2553 resource or directory you wanted to reach. Most often you tried to change to a
2554 directory that doesn't exist on the server.
2556 FTP accept failed. While waiting for the server to connect back when an active
2557 FTP session is used, an error code was sent over the control connection or
2560 FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request.
2562 During an active FTP session while waiting for the server to connect back to
2563 curl, the timeout expired.
2565 FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request.
2567 FTP weird 227 format. Curl couldn't parse the 227-line the server sent.
2569 FTP can't get host. Couldn't resolve the host IP we got in the 227-line.
2571 HTTP/2 error. A problem was detected in the HTTP2 framing layer. This is
2572 somewhat generic and can be one out of several problems, see the error message
2575 FTP couldn't set binary. Couldn't change transfer method to binary.
2577 Partial file. Only a part of the file was transferred.
2579 FTP couldn't download/access the given file, the RETR (or similar) command
2582 FTP quote error. A quote command returned error from the server.
2584 HTTP page not retrieved. The requested url was not found or returned another
2585 error with the HTTP error code being 400 or above. This return code only
2586 appears if \fI-f, --fail\fP is used.
2588 Write error. Curl couldn't write data to a local filesystem or similar.
2590 FTP couldn't STOR file. The server denied the STOR operation, used for FTP
2593 Read error. Various reading problems.
2595 Out of memory. A memory allocation request failed.
2597 Operation timeout. The specified time-out period was reached according to the
2600 FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT
2601 command, try doing a transfer using PASV instead!
2603 FTP couldn't use REST. The REST command failed. This command is used for
2604 resumed FTP transfers.
2606 HTTP range error. The range "command" didn't work.
2608 HTTP post error. Internal post-request generation error.
2610 SSL connect error. The SSL handshaking failed.
2612 Bad download resume. Couldn't continue an earlier aborted download.
2614 FILE couldn't read file. Failed to open the file. Permissions?
2616 LDAP cannot bind. LDAP bind operation failed.
2620 Function not found. A required LDAP function was not found.
2622 Aborted by callback. An application told curl to abort the operation.
2624 Internal error. A function was called with a bad parameter.
2626 Interface error. A specified outgoing interface could not be used.
2628 Too many redirects. When following redirects, curl hit the maximum amount.
2630 Unknown option specified to libcurl. This indicates that you passed a weird
2631 option to curl that was passed on to libcurl and rejected. Read up in the
2634 Malformed telnet option.
2636 The peer's SSL certificate or SSH MD5 fingerprint was not OK.
2638 The server didn't reply anything, which here is considered an error.
2640 SSL crypto engine not found.
2642 Cannot set SSL crypto engine as default.
2644 Failed sending network data.
2646 Failure in receiving network data.
2648 Problem with the local certificate.
2650 Couldn't use specified SSL cipher.
2652 Peer certificate cannot be authenticated with known CA certificates.
2654 Unrecognized transfer encoding.
2658 Maximum file size exceeded.
2660 Requested FTP SSL level failed.
2662 Sending the data requires a rewind that failed.
2664 Failed to initialise SSL Engine.
2666 The user name, password, or similar was not accepted and curl failed to log in.
2668 File not found on TFTP server.
2670 Permission problem on TFTP server.
2672 Out of disk space on TFTP server.
2674 Illegal TFTP operation.
2676 Unknown TFTP transfer ID.
2678 File already exists (TFTP).
2680 No such user (TFTP).
2682 Character conversion failed.
2684 Character conversion functions required.
2686 Problem with reading the SSL CA cert (path? access rights?).
2688 The resource referenced in the URL does not exist.
2690 An unspecified error occurred during the SSH session.
2692 Failed to shut down the SSL connection.
2694 Could not load CRL file, missing or wrong format (added in 7.19.0).
2696 Issuer check failed (added in 7.19.0).
2698 The FTP PRET command failed
2700 RTSP: mismatch of CSeq numbers
2702 RTSP: mismatch of Session Identifiers
2704 unable to parse FTP file list
2706 FTP chunk callback reported error
2708 No connection available, the session will be queued
2710 SSL public key does not matched pinned public key
2712 More error codes will appear here in future releases. The existing ones
2713 are meant to never change.
2714 .SH AUTHORS / CONTRIBUTORS
2715 Daniel Stenberg is the main author, but the whole list of contributors is
2716 found in the separate THANKS file.
2718 https://curl.haxx.se