<title>curl man page</title>
<meta name="generator" content="roffit">
<STYLE type="text/css">
-P.level0 {
+pre {
+ overflow: auto;
+ margin: 0;
+}
+
+P.level0, pre.level0 {
padding-left: 2em;
}
-P.level1 {
+P.level1, pre.level1 {
padding-left: 4em;
}
-P.level2 {
+P.level2, pre.level2 {
padding-left: 6em;
}
<p class="level0"><span Class="bold">curl [options]</span> <a class="emphasis" href="#URL">[URL...]</a> <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2>
<p class="level0"><span Class="bold">curl</span> is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user interaction.
<p class="level0">curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer resume, Metalink, and more. As you will see below, the number of features will make your head spin!
-<p class="level0">curl is powered by libcurl for all transfer-related features. See <span Class="
manpage">libcurl (3)</span> for details. <a name="URL"></a><h2 class="nroffsh">URL</h2>
+<p class="level0">curl is powered by libcurl for all transfer-related features. See <span Class="
emphasis">libcurl(3)</span> for details. <a name="URL"></a><h2 class="nroffsh">URL</h2>
<p class="level0">The URL syntax is protocol-dependent. You'll find a detailed description in <a href="http://www.ietf.org/rfc/rfc3986.txt">RFC 3986</a>.
<p class="level0">You can specify multiple URLs or parts of URLs by writing part sets within braces as in:
<p class="level0"> <a href="http://site">http://site</a>.{one,two,three}.com
<p class="level0">curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal, it <span Class="emphasis">disables</span> the progress meter as otherwise it would mess up the output mixing progress meter and response data.
<p class="level0">If you want a progress meter for HTTP POST or PUT requests, you need to redirect the response output to a file, using shell redirect (>), -o [file] or similar.
<p class="level0">It is not the same case for FTP upload as that operation does not spit out any response data to the terminal.
-<p class="level0">If you prefer a progress "bar" instead of the regular meter, <
a class="emphasis" href="#-">-#</a> is your friend. <a name="OPTIONS"></a><h2 class="nroffsh">OPTIONS</h2>
+<p class="level0">If you prefer a progress "bar" instead of the regular meter, <
span Class="emphasis">-#</span> is your friend. <a name="OPTIONS"></a><h2 class="nroffsh">OPTIONS</h2>
<p class="level0">Options start with one or two dashes. Many of the options require an additional value next to them.
<p class="level0">The short "single-dash" form of the options, -d for example, may be used with or without a space between it and its value, although a space is a recommended separator. The long "double-dash" form, --data for example, requires a space between it and its value.
<p class="level0">Short version options that don't need any additional values can be used immediately next to each other, like for example you can specify all the options -O, -L and -v at once as -OLv.
<p class="level1">Use "-C -" to tell curl to automatically find out where/how to resume the transfer. It then uses the given output/input files to figure that out.
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="--ciphers"></a><span class="nroffip">--ciphers <list of ciphers></span>
-<p class="level1">(SSL) Specifies which ciphers to use in the connection. The list of ciphers must specify valid ciphers. Read up on SSL cipher list details on this URL: <span Class="emphasis"><a href="http://www.openssl.org/docs/apps/ciphers.html">http://www.openssl.org/docs/apps/ciphers.html</a></span>
-<p class="level1">NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS ciphers is in the NSSCipherSuite entry at this URL: <span Class="emphasis"><a href="http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives">http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives</a></span>
+<p class="level1">(SSL) Specifies which ciphers to use in the connection. The list of ciphers must specify valid ciphers. Read up on SSL cipher list details on this URL: <span Class="emphasis">https://www.openssl.org/docs/apps/ciphers.html</span>
+<p class="level1">NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS ciphers is in the NSSCipherSuite entry at this URL: <span Class="emphasis">https://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives</span>
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="--compressed"></a><span class="nroffip">--compressed</span>
<p class="level1">(HTTP) Request a compressed response using one of the algorithms curl supports, and save the uncompressed document. If this option is used and the server sends an unsupported encoding, curl will report an error.
<p class="level1">(Added in 7.19.7)
<p class="level0"><a name="-d"></a><span class="nroffip">-d, --data <data></span>
<p class="level1">(HTTP) Sends the specified data in a POST request to the HTTP server, in the same way that a browser does when a user has filled in an HTML form and presses the submit button. This will cause curl to pass the data to the server using the content-type application/x-www-form-urlencoded. Compare to <a class="emphasis" href="#-F">-F, --form</a>.
-<p class="level1"><a class="emphasis" href="#-d">-d, --data</a> is the same as <a class="emphasis" href="#--data-ascii">--data-ascii</a>. To post data purely binary, you should instead use the <a class="emphasis" href="#--data-binary">--data-binary</a> option. To URL-encode the value of a form field you may use <a class="emphasis" href="#--data-urlencode">--data-urlencode</a>.
+<p class="level1"><a class="emphasis" href="#-d">-d, --data</a> is the same as <a class="emphasis" href="#--data-ascii">--data-ascii</a>.
<a class="emphasis" href="#--data-raw">--data-raw</a> is almost the same but does not have a special interpretation of the @ character. To post data purely binary, you should instead use the <a class="emphasis" href="#--data-binary">--data-binary</a> option. To URL-encode the value of a form field you may use <a class="emphasis" href="#--data-urlencode">--data-urlencode</a>.
<p class="level1">If any of these options is used more than once on the same command line, the data pieces specified will be merged together with a separating &-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post chunk that looks like 'name=daniel&skill=lousy'.
-<p class="level1">If you start the data with the letter @, the rest should be a file name to read the data from, or - if you want curl to read the data from stdin. Multiple files can also be specified. Posting data from a file named 'foobar' would thus be done with <span Class="emphasis">--data</span> @foobar. When --data is told to read from a file like that, carriage returns and newlines will be stripped out.
+<p class="level1">If you start the data with the letter @, the rest should be a file name to read the data from, or - if you want curl to read the data from stdin. Multiple files can also be specified. Posting data from a file named 'foobar' would thus be done with <span Class="emphasis">--data</span> @foobar. When --data is told to read from a file like that, carriage returns and newlines will be stripped out. If you don't want the @ character to have a special interpretation use <a class="emphasis" href="#--data-raw">--data-raw</a> instead.
<p class="level0"><a name="-D"></a><span class="nroffip">-D, --dump-header <file></span>
<p class="level1">Write the protocol headers to the specified file.
<p class="level1">This option is handy to use when you want to store the headers that an HTTP site sends to you. Cookies from the headers could then be read in a second curl invocation by using the <a class="emphasis" href="#-b">-b, --cookie</a> option! The <a class="emphasis" href="#-c">-c, --cookie-jar</a> option is a better way to store cookies.
<p class="level1">(HTTP) This posts data exactly as specified with no extra processing whatsoever.
<p class="level1">If you start the data with the letter @, the rest should be a filename. Data is posted in a similar manner as <a class="emphasis" href="#--data-ascii">--data-ascii</a> does, except that newlines and carriage returns are preserved and conversions are never done.
<p class="level1">If this option is used several times, the ones following the first will append data as described in <a class="emphasis" href="#-d">-d, --data</a>.
+<p class="level0"><a name="--data-raw"></a><span class="nroffip">--data-raw <data></span>
+<p class="level1">(HTTP) This posts data similarly to <span Class="emphasis">--data</span> but without the special interpretation of the @ character. See <a class="emphasis" href="#-d">-d, --data</a>. (Added in 7.43.0)
<p class="level0"><a name="--data-urlencode"></a><span class="nroffip">--data-urlencode <data></span>
<p class="level1">(HTTP) This posts data, similar to the other --data options with the exception that this performs URL-encoding. (Added in 7.18.0)
<p class="level1">To be CGI-compliant, the <data> part should begin with a <span Class="emphasis">name</span> followed by a separator and a content specification. The <data> part can be passed to curl using one of the following syntaxes:
<p class="level1">(HTTP) Sends the "Referrer Page" information to the HTTP server. This can also be set with the <a class="emphasis" href="#-H">-H, --header</a> flag of course. When used with <a class="emphasis" href="#-L">-L, --location</a> you can append ";auto" to the --referer URL to make curl automatically set the previous URL when it follows a Location: header. The ";auto" string can be used alone, even if you don't set an initial --referer.
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="-E"></a><span class="nroffip">-E, --cert <certificate[:password]></span>
-<p class="level1">(SSL) Tells curl to use the specified client certificate file when getting a file with HTTPS, FTPS or another SSL-based protocol. The certificate must be in PKCS
#12 format if using Secure Transport, or PEM format if using any other engine. If the optional password isn't specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file that is the private key and the private certificate concatenated! See <span Class="emphasis">--cert</span> and <a class="emphasis" href="#--key">--key</a> to specify them independently.
-<p class="level1">If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. If the nickname contains ":", it needs to be preceded by "\" so that it is not recognized as password delimiter. If the nickname contains "\", it needs to be escaped as "\\" so that it is not recognized as an escape character.
-<p class="level1">(iOS and Mac OS X only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.
+<p class="level1">(SSL) Tells curl to use the specified client certificate file when getting a file with HTTPS, FTPS or another SSL-based protocol. The certificate must be in PKCS
#12 format if using Secure Transport, or PEM format if using any other engine. If the optional password isn't specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file that is the private key and the private certificate concatenated! See <span Class="emphasis">--cert</span> and <a class="emphasis" href="#--key">--key</a> to specify them independently.
+<p class="level1">If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. If the nickname contains ":", it needs to be preceded by "\" so that it is not recognized as password delimiter. If the nickname contains "\", it needs to be escaped as "\\" so that it is not recognized as an escape character.
+<p class="level1">(iOS and Mac OS X only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="--engine"></a><span class="nroffip">--engine <name></span>
<p class="level1">Select the OpenSSL crypto engine to use for cipher operations. Use <a class="emphasis" href="#--engine">--engine list</a> to print a list of build-time supported engines. Note that not all (or none) of the engines may be available at run-time.
<p class="level1">(SSL) Tells curl to use the specified certificate file to verify the peer. The file may contain multiple CA certificates. The certificate(s) must be in PEM format. Normally curl is built to use a default file for this, so this option is typically used to alter that default file.
<p class="level1">curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set, and uses the given path as a path to a CA cert bundle. This option overrides that variable.
<p class="level1">The windows version of curl will automatically look for a CA certs file named ´curl-ca-bundle.crt´, either in the same directory as curl.exe, or in the Current Working Directory, or in any folder along your PATH.
-<p class="level1">If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly.
+<p class="level1">If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly.
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="--capath"></a><span class="nroffip">--capath <CA certificate directory></span>
<p class="level1">(SSL) Tells curl to use the specified certificate directory to verify the peer. Multiple paths can be provided by separating them with ":" (e.g. "path1:path2:path3"). The certificates must be in PEM format, and if curl is built against OpenSSL, the directory must have been processed using the c_rehash utility supplied with OpenSSL. Using <a class="emphasis" href="#--capath">--capath</a> can allow OpenSSL-powered curl to make SSL-connections much more efficiently than using <a class="emphasis" href="#--cacert">--cacert</a> if the <a class="emphasis" href="#--cacert">--cacert</a> file contains many CA certificates.
<p class="level1">If this option is set, the default capath value will be ignored, and if it is used several times, the last one will be used.
-<p class="level0"><a name="--pinnedpubkey"></a><span class="nroffip">--pinnedpubkey <pinned public key></span>
-<p class="level1">(SSL) Tells curl to use the specified public key file to verify the peer. The file must contain a single public key in PEM or DER format.
+<p class="level0"><a name="--pinnedpubkey"></a><span class="nroffip">--pinnedpubkey <pinned public key (hashes)></span>
+<p class="level1">(SSL) Tells curl to use the specified public key file (or hashes) to verify the peer. This can be a path to a file which contains a single public key in PEM or DER format, or any number of base64 encoded sha256 hashes preceded by ´sha256//´ and seperated by ´;´
<p class="level1">When negotiating a TLS or SSL connection, the server sends a certificate indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key provided to this option, curl will abort the connection before sending or receiving any data.
-<p class="level1">This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends.
-<p class="level1">If this option is used several times, the last one will be used. (Added in 7.39.0)
+<p class="level1">Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for NSS and wolfSSL/CyaSSL. sha256 support added in 7.44.0 for OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. Other SSL backends not supported.
+<p class="level1">If this option is used several times, the last one will be used.
+<p class="level0"><a name="--cert-status"></a><span class="nroffip">--cert-status</span>
+<p class="level1">(SSL) Tells curl to verify the status of the server certificate by using the Certificate Status Request (aka. OCSP stapling) TLS extension.
+<p class="level1">If this option is enabled and the server sends an invalid (e.g. expired) response, if the response suggests that the server certificate has been revoked, or no response at all is received, the verification fails.
+<p class="level1">This is currently only implemented in the OpenSSL, GnuTLS and NSS backends. (Added in 7.41.0)
+<p class="level0"><a name="--false-start"></a><span class="nroffip">--false-start</span>
+<p class="level1">
+<p class="level1">(SSL) Tells curl to use false start during the TLS handshake. False start is a mode where a TLS client will start sending application data before verifying the server's Finished message, thus saving a round trip when performing a full handshake.
+<p class="level1">This is currently only implemented in the NSS and Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) backends. (Added in 7.42.0)
<p class="level0"><a name="-f"></a><span class="nroffip">-f, --fail</span>
<p class="level1">(HTTP) Fail silently (no output at all) on server errors. This is mostly done to better enable scripts etc to better deal with failed attempts. In normal cases when an HTTP server fails to deliver a document, it returns an HTML document stating so (which often also describes why and more). This flag will prevent curl from outputting that and return error 22.
<p class="level1">This method is not fail-safe and there are occasions where non-successful response codes will slip through, especially when authentication is involved (response codes 401 and 407).
<p class="level1">(HTTP) This lets curl emulate a filled-in form in which a user has pressed the submit button. This causes curl to POST data using the Content-Type multipart/form-data according to <a href="http://www.ietf.org/rfc/rfc2388.txt">RFC 2388</a>. This enables uploading of binary files etc. To force the 'content' part to be a file, prefix the file name with an @ sign. To just get the content part from a file, prefix the file name with the symbol <. The difference between @ and < is then that @ makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file.
<p class="level1">Example, to send your password file to the server, where 'password' is the name of the form-field to which /etc/passwd will be the input:
<p class="level1"><span Class="bold">curl</span> -F password=@/etc/passwd www.mypasswords.com
-<p class="level1">To read content from stdin instead of a file, use - as the filename. This goes for both @ and < constructs.
+<p class="level1">To read content from stdin instead of a file, use - as the filename. This goes for both @ and < constructs. Unfortunately it does not support reading the file from a named pipe or similar, as it needs the full size before the transfer starts.
<p class="level1">You can also tell curl what Content-Type to use by using 'type=', in a manner similar to:
<p class="level1"><span Class="bold">curl</span> -F "web=@index.html;type=text/html" url.com
<p class="level1">or
<p class="level2">curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full path to the server for all these commands. This is the fastest behavior.
<p class="level1"><a name="singlecwd"></a><span class="nroffip">singlecwd</span>
<p class="level2">curl does one CWD with the full target directory and then operates on the file "normally" (like in the multicwd case). This is somewhat more standards compliant than 'nocwd' but without the full penalty of 'multicwd'.
+<p class="level1">
+<p class="level0"><a name=""></a><span class="nroffip"></span>
<p class="level1">(Added in 7.15.1)
<p class="level0"><a name="--ftp-pasv"></a><span class="nroffip">--ftp-pasv</span>
<p class="level1">(FTP) Use passive mode for the data connection. Passive is the internal default behavior, but using this option can be used to override a previous <span Class="emphasis">-P/-ftp-port</span> option. (Added in 7.11.0)
<p class="level1">See also the <a class="emphasis" href="#-A">-A, --user-agent</a> and <a class="emphasis" href="#-e">-e, --referer</a> options.
<p class="level1">Starting in 7.37.0, you need <a class="emphasis" href="#--proxy-header">--proxy-header</a> to send custom headers intended for a proxy.
<p class="level1">Example:
-<p class="level1"># curl -H "X-First-Name: Joe" <a href="http://192.168.0.1/">http://192.168.0.1/</a>
+<p class="level1"># curl -H "X-First-Name: Joe" <a href="http://192.168.0.1/">http://192.168.0.1/</a>
+<p class="level1"><span Class="bold">WARNING</span>: headers set with this option will be set in all requests - even after redirects are followed, like when told with <a class="bold" href="#-L">-L, --location</a>. This can lead to the header being sent to other hosts than the original host, so sensitive headers should be used with caution combined with following redirects.
<p class="level1">This option can be used multiple times to add/replace/remove multiple headers.
<p class="level0"><a name="--hostpubmd5"></a><span class="nroffip">--hostpubmd5 <md5></span>
<p class="level1">(SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should be the 128 bit MD5 checksum of the remote host's public key, curl will refuse the connection with the host unless the md5sums match. (Added in 7.17.1)
<p class="level0"><a name="-K"></a><span class="nroffip">-K, --config <config file></span>
<p class="level1">Specify which config file to read curl arguments from. The config file is a text file in which command line arguments can be written which then will be used as if they were written on the actual command line.
<p class="level1">Options and their parameters must be specified on the same config file line, separated by whitespace, colon, or the equals sign. Long option names can optionally be given in the config file without the initial double dashes and if so, the colon or equals characters can be used as separators. If the option is specified with one or two dashes, there can be no colon or equals character between the option and its parameter.
-<p class="level1">If the parameter is to contain whitespace, the parameter must be enclosed within quotes. Within double quotes, the following escape sequences are available: \\, \", \t, \n, \r and \v. A backslash preceding any other letter is ignored. If the first column of a config line is a '#' character, the rest of the line will be treated as a comment. Only write one option per physical line in the config file.
+<p class="level1">If the parameter is to contain whitespace, the parameter must be enclosed within quotes. Within double quotes, the following escape sequences are available: \\, \", \t, \n, \r and \v. A backslash preceding any other letter is ignored. If the first column of a config line is a '#' character, the rest of the line will be treated as a comment. Only write one option per physical line in the config file.
<p class="level1">Specify the filename to -K, --config as '-' to make curl read the file from stdin.
<p class="level1">Note that to be able to specify a URL in the config file, you need to specify it using the <a class="emphasis" href="#--url">--url</a> option, and not by simply writing the URL on its own line. So, it could look similar to this:
<p class="level1">url = "<a href="http://curl.haxx.se/docs/">http://curl.haxx.se/docs/</a>"
<p class="level1">When curl is invoked, it always (unless <a class="emphasis" href="#-q">-q</a> is used) checks for a default config file and uses it if found. The default config file is checked for in the following places in this order:
<p class="level1">1) curl tries to find the "home dir": It first checks for the CURL_HOME and then the HOME environment variables. Failing that, it uses getpwuid() on Unix-like systems (which returns the home dir given the current user in your system). On Windows, it then checks for the APPDATA variable, or as a last resort the '%USERPROFILE%\Application Data'.
<p class="level1">2) On windows, if there is no _curlrc file in the home dir, it checks for one in the same dir the curl executable is placed. On Unix-like systems, it will simply try to load .curlrc from the determined home dir.
-<p class="level1"><pre>
-<p class="level1"># --- Example file ---
- # this is a comment
- url = "curl.haxx.se"
- output = "curlhere.html"
- user-agent = "superagent/1.0"
- <p class="level1"># and fetch another URL too
- url = "curl.haxx.se/docs/manpage.html"
- -O
- referer = "<a href="http://nowhereatall.com/">http://nowhereatall.com/</a>"
- # --- End of example file ---
- </pre>
+<p class="level1"><pre class="level1">
+# --- Example file ---
+# this is a comment
+url = "curl.haxx.se"
+output = "curlhere.html"
+user-agent = "superagent/1.0"
+
+# and fetch another URL too
+url = "curl.haxx.se/docs/manpage.html"
+-O
+referer = "<a href="http://nowhereatall.com/">http://nowhereatall.com/</a>"
+# --- End of example file ---
+</pre>
<p class="level1">
<p class="level1">This option can be used multiple times to load multiple config files.
<p class="level1">Please note that if FILE protocol is disabled, there is no way to use a local Metalink file at the time of this writing. Also note that if <a class="emphasis" href="#--metalink">--metalink</a> and <span Class="emphasis">--include</span> are used together, <span Class="emphasis">--include</span> will be ignored. This is because including headers in the response will break Metalink parser and if the headers are included in the file described in Metalink file, hash check will fail.
<p class="level1">(Added in 7.27.0, if built against the libmetalink library.)
<p class="level0"><a name="-n"></a><span class="nroffip">-n, --netrc</span>
-<p class="level1">Makes curl scan the <span Class="emphasis">.netrc</span> (<span Class="emphasis">_netrc</span> on Windows) file in the user's home directory for login name and password. This is typically used for FTP on Unix. If used with HTTP, curl will enable user authentication. See <span Class="manpage">netrc(4)</span> or <span Class="manpage">ftp(1)</span> for details on the file format. Curl will not complain if that file doesn't have the right permissions (it should not be either world- or group-readable). The environment variable "HOME" is used to find the home directory.
+<p class="level1">Makes curl scan the <span Class="emphasis">.netrc</span> (<span Class="emphasis">_netrc</span> on Windows) file in the user's home directory for login name and password. This is typically used for FTP on Unix. If used with HTTP, curl will enable user authentication. See <span Class="emphasis">netrc(5)</span> <span Class="emphasis">ftp(1)</span> for details on the file format. Curl will not complain if that file doesn't have the right permissions (it should not be either world- or group-readable). The environment variable "HOME" is used to find the home directory.
<p class="level1">A quick and very simple example of how to setup a <span Class="emphasis">.netrc</span> to allow curl to FTP to the machine host.domain.com with user name 'myself' and password 'secret' should look similar to:
<p class="level1"><span Class="bold">machine host.domain.com login myself password secret</span>
<p class="level0"><a name="-N"></a><span class="nroffip">-N, --no-buffer</span>
<p class="level1">This option requires a library built with SSL support. Use <a class="emphasis" href="#-V">-V, --version</a> to see if your curl supports NTLM.
<p class="level1">If this option is used several times, only the first one is used.
<p class="level0"><a name="-o"></a><span class="nroffip">-o, --output <file></span>
-<p class="level1">Write output to <file> instead of stdout. If you are using {} or [] to fetch multiple documents, you can use '#' followed by a number in the <file> specifier. That variable will be replaced with the current string for the URL being fetched. Like in:
-<p class="level1"> curl http://{one,two}.site.com -o "file_#1.txt"
+<p class="level1">Write output to <file> instead of stdout. If you are using {} or [] to fetch multiple documents, you can use '#' followed by a number in the <file> specifier. That variable will be replaced with the current string for the URL being fetched. Like in:
+<p class="level1"> curl http://{one,two}.site.com -o "file_#1.txt"
<p class="level1">or use several variables like:
-<p class="level1"> curl http://{site,host}.host[1-5].com -o "#1_#2"
+<p class="level1"> curl http://{site,host}.host[1-5].com -o "#1_#2"
<p class="level1">You may use this option as many times as the number of URLs you have.
<p class="level1">See also the <a class="emphasis" href="#--create-dirs">--create-dirs</a> option to create the local directories dynamically. Specifying the output as '-' (a single dash) will force the output to be done to stdout.
<p class="level0"><a name="-O"></a><span class="nroffip">-O, --remote-name</span>
<p class="level1"><a name="-"></a><span class="nroffip">-</span>
<p class="level2">make curl pick the same IP address that is already used for the control connection
<p class="level1">
+<p class="level0"><a name=""></a><span class="nroffip"></span>
<p class="level1">If this option is used several times, the last one will be used. Disable the use of PORT with <a class="emphasis" href="#--ftp-pasv">--ftp-pasv</a>. Disable the attempt to use the EPRT command instead of PORT by using <a class="emphasis" href="#--disable-eprt">--disable-eprt</a>. EPRT is really PORT++.
<p class="level1">Starting in 7.19.5, you can append ":[start]-[end]" to the right of the address, to tell curl what TCP port range to use. That means you specify a port range, from a lower to a higher number. A single number works as well, but do note that it increases the risk of failure since the port may not be available.
<p class="level0"><a name="--pass"></a><span class="nroffip">--pass <phrase></span>
<p class="level1">(SSL/SSH) Passphrase for the private key
<p class="level1">If this option is used several times, the last one will be used.
+<p class="level0"><a name="--path-as-is"></a><span class="nroffip">--path-as-is</span>
+<p class="level1">Tell curl to not handle sequences of /../ or /./ in the given URL path. Normally curl will squash or merge them according to standards but with this option set you tell it not to do that.
+<p class="level1">(Added in 7.42.0)
<p class="level0"><a name="--post301"></a><span class="nroffip">--post301</span>
<p class="level1">(HTTP) Tells curl to respect <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>/10.3.2 and not convert POST requests into GET requests when following a 301 redirection. The non-RFC behaviour is ubiquitous in web browsers, so curl does the conversion by default to maintain consistency. However, a server may require a POST to remain a POST after such a redirection. This option is meaningful only when using <a class="emphasis" href="#-L">-L, --location</a> (Added in 7.17.1)
<p class="level0"><a name="--post302"></a><span class="nroffip">--post302</span>
<p class="level1">Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating with the given proxy. Use <a class="emphasis" href="#--negotiate">--negotiate</a> for enabling HTTP Negotiate (SPNEGO) with a remote host. (Added in 7.17.1)
<p class="level0"><a name="--proxy-ntlm"></a><span class="nroffip">--proxy-ntlm</span>
<p class="level1">Tells curl to use HTTP NTLM authentication when communicating with the given proxy. Use <a class="emphasis" href="#--ntlm">--ntlm</a> for enabling NTLM with a remote host.
+<p class="level0"><a name="--proxy-service-name"></a><span class="nroffip">--proxy-service-name <servicename></span>
+<p class="level1">This option allows you to change the service name for proxy negotiation.
+<p class="level1">Examples: --proxy-negotiate proxy-name <a class="emphasis" href="#--proxy-service-name">--proxy-service-name</a> sockd would use sockd/proxy-name. (Added in 7.43.0).
<p class="level0"><a name="--proxy10"></a><span class="nroffip">--proxy1.0 <proxyhost[:port]></span>
<p class="level1">Use the specified HTTP 1.0 proxy. If the port number is not specified, it is assumed at port 1080.
<p class="level1">The only difference between this and the HTTP proxy option (<a class="emphasis" href="#-x">-x, --proxy</a>), is that attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol instead of the default HTTP 1.1.
<p class="level2"><span Class="bold">500-700,600-799</span> specifies 300 bytes from offset 500(H)
<p class="level2"><span Class="bold">100-199,500-599</span> specifies two separate 100-byte ranges(*)(H)
<p class="level1">
+<p class="level0"><a name=""></a><span class="nroffip"></span>
<p class="level1">(*) = NOTE that this will cause the server to reply with a multipart response!
<p class="level1">Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the 'start-stop' range syntax. If a non-digit character is given in the range, the server's response will be unspecified, depending on the server's configuration.
<p class="level1">You should also be aware that many HTTP/1.1 servers do not have this feature enabled, so that when you attempt to get a range, you'll instead get the whole document.
<p class="level1">Silent or quiet mode. Don't show progress meter or error messages. Makes Curl mute. It will still output the data you ask for, potentially even to the terminal/stdout unless you redirect it.
<p class="level0"><a name="--sasl-ir"></a><span class="nroffip">--sasl-ir</span>
<p class="level1">Enable initial response in SASL authentication. (Added in 7.31.0)
+<p class="level0"><a name="--service-name"></a><span class="nroffip">--service-name <servicename></span>
+<p class="level1">This option allows you to change the service name for SPNEGO.
+<p class="level1">Examples: --negotiate <a class="emphasis" href="#--service-name">--service-name</a> sockd would use sockd/server-name. (Added in 7.43.0).
<p class="level0"><a name="-S"></a><span class="nroffip">-S, --show-error</span>
<p class="level1">When used with <a class="emphasis" href="#-s">-s</a> it makes curl show an error message if it fails.
<p class="level0"><a name="--ssl"></a><span class="nroffip">--ssl</span>
<p class="level1">This option was formerly known as <span Class="emphasis">--ftp-ssl-reqd</span> (added in 7.15.5). That option name can still be used but will be removed in a future version.
<p class="level0"><a name="--ssl-allow-beast"></a><span class="nroffip">--ssl-allow-beast</span>
<p class="level1">(SSL) This option tells curl to not work around a security flaw in the SSL3 and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may use workarounds known to cause interoperability problems with some older SSL implementations. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that. (Added in 7.25.0)
+<p class="level0"><a name="--ssl-no-revoke"></a><span class="nroffip">--ssl-no-revoke</span>
+<p class="level1">(WinSSL) This option tells curl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that. (Added in 7.44.0)
<p class="level0"><a name="--socks4"></a><span class="nroffip">--socks4 <host[:port]></span>
<p class="level1">Use the specified SOCKS4 proxy. If the port number is not specified, it is assumed at port 1080. (Added in 7.15.2)
<p class="level1">This option overrides any previous use of <a class="emphasis" href="#-x">-x, --proxy</a>, as they are mutually exclusive.
<p class="level1">Specify the user name and password to use for server authentication. Overrides <a class="emphasis" href="#-n">-n, --netrc</a> and <a class="emphasis" href="#--netrc-optional">--netrc-optional</a>.
<p class="level1">If you simply specify the user name, curl will prompt for a password.
<p class="level1">The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still.
-<p class="level1">When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to succesfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.
+<p class="level1">When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to successfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.
<p class="level1">When using NTLM, the user name can be specified simply as the user name, without the domain, if there is a single domain and forest in your setup for example.
<p class="level1">To specify the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLE\user and user@example.com respectively.
<p class="level1">If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".
<p class="level2"><span Class="bold">time_total</span> The total time, in seconds, that the full operation lasted. The time will be displayed with millisecond resolution.
<p class="level2"><span Class="bold">url_effective</span> The URL that was fetched last. This is most meaningful if you've told curl to follow location: headers.
<p class="level1">
+<p class="level0"><a name=""></a><span class="nroffip"></span>
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="-x"></a><span class="nroffip">-x, --proxy <[protocol://][user:password@]proxyhost[:port]></span>
<p class="level1">Use the specified proxy.
<p class="level1">The proxy host can be specified the exact same way as the proxy environment variables, including the protocol prefix (http://) and the embedded user + password.
<p class="level1">If this option is used several times, the last one will be used.
<p class="level0"><a name="-X"></a><span class="nroffip">-X, --request <command></span>
-<p class="level1">(HTTP) Specifies a custom request method to use when communicating with the HTTP server. The specified request will be used instead of the method otherwise used (which defaults to GET). Read the HTTP 1.1 specification for details and explanations. Common additional HTTP requests include PUT and DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and more.
+<p class="level1">(HTTP) Specifies a custom request method to use when communicating with the HTTP server. The specified request method will be used instead of the method otherwise used (which defaults to GET). Read the HTTP 1.1 specification for details and explanations. Common additional HTTP requests include PUT and DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and more.
<p class="level1">Normally you don't need this option. All sorts of GET, HEAD, POST and PUT requests are rather invoked by using dedicated command line options.
<p class="level1">This option only changes the actual word used in the HTTP request, it does not alter the way curl behaves. So for example if you want to make a proper HEAD request, using -X HEAD will not suffice. You need to use the <a class="emphasis" href="#-I">-I, --head</a> option.
+<p class="level1">The method string you set with -X will be used for all requests, which if you for example use <a class="bold" href="#-L">-L, --location</a> may cause unintended side-effects when curl doesn't change request method according to the HTTP 30x response codes - and similar.
<p class="level1">(FTP) Specifies a custom FTP command to use instead of LIST when doing file lists with FTP.
<p class="level1">(POP3) Specifies a custom POP3 command to use instead of LIST or RETR. (Added in 7.26.0)
<p class="level1">(IMAP) Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
projects / platform / upstream / curl.git / blobdiff