Curl Use detailed

Source: Internet
Author: User
Tags ftp connection ftp login http digest authentication openssl stdin urlencode ftp protocol ftp transfer

CURL.1 manual page


Curl-transfer a URL


curl[options] [URL ...]


CURL is a tool that transmits data to or from the server, which supports HTTP, HTTPS,

Protocols such as FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP, or file.

This command is designed to execute without user intervention.

CURL provides a large stack of such things as proxy support, user authentication, FTP uploads, HTTP POST, SSL connection

Then, Cookies, file renewal and so on useful skills. As you will see below, so many special

Sex can make you dizzy.

All transmission-related features of CURL are supported by Libcurl. See Libcurl (3) for details.


The URL syntax is protocol-dependent. You can find detailed explanations in RFC 3986.

You can specify multiple URLs or a collection of URLs that are written in braces {} to form a URL:

Http://site. {one,two,three}.com

Or you can use [] to get a sequential sequence of letters or numbers:

Ftp://[1-100].txt Ftp://[001-100].txt (former

with 0) Ftp://[a-z].txt

Nested sequences are not currently supported, but you can mix multiple sequences in a single URL:


You can specify any number of URLs on the command line. They will be retrieved sequentially in the specified order.

Since Curl 7.15.1 Edition, you can also specify the step range so that you can get all the nth

A number or letter URL:

Http://[1-100:10].txt Http://[a-z:2].txt

If the URL you specify does not have a protocol://prefix, CURL will try to guess the protocol you may need. Default

Uses the HTTP protocol, but attempts to use other protocols based on the common hostname prefix.

For example, for a host name that begins with "FTP", CURL assumes the FTP protocol is used.

CURL will try to reuse the connection for the transport of multiple files, so that getting files from the same server does not

will do multiple connections/handshakes. This method improves the speed. Of course, this is only true for the specified on the same command line

File is valid and cannot be used for calls between individual curl.

Progress indicator

CURL typically displays a progress indicator that shows the amount of data transferred, the speed of transmission, and

Estimate the remaining time and so on.

However, because the curl defaults to display this data on the terminal, if you call curl to do a to terminal

The operation that writes the data, it disables the progress indicator, otherwise it will indicate the progress of the information and the return of the output

Data are mixed together.

If you need a progress indicator for an HTTP POST or put request, you will have to use the shell's reset

Redirects the returned data to the file in the operator (>),-o [filename], or other similar operation.

This is different from the FTP upload operation, which does not output any response data to the terminal.

If you want to use the progress "bar" instead of the default display,-#选项会很有帮助.


For all Boolean options (option), use--option to enable, and use--no-option to disable.

In other words, you use exactly the same option name, but prefix "no-", however, in this list,

We usually only list and display their--option. (--no-option This concept is in version 7.19.0

added. Most of the previous options turned on/off to reuse the same command-line options. )


(FTP/SFTP) when used in an upload operation, this option tells Curl to attach content to the target text

Pieces, rather than covering it. If the file does not exist, a new file is created. Please note that this flag will

is ignored by some SSH servers (including openssh).

-a/--user-agent < user agent string >

(HTTP) Specifies the user agent (User-agent) string to be sent to the HTTP server. If this is not set

For "mozilla/4.0", some poorly designed CGI programs will not work properly. such as String packets

Contains white space characters, this string is enclosed in single quotes. This option can also be set by using-h/--header.

If this option is set more than once, the most recent setting is used.


(HTTP) tells Curl to find the safest authentication method that the remote site declaration supports and use it.

It is implemented by sending a request and checking response-headers, which may induce additional network traffic.

This is used instead of specific validation method settings, you can cooperate with--basic 、--Digest 、--NTLM, and--nagotiate


Please note that if you upload from standard input (stdin), use of--anyauth is not recommended because it may require

To send the data two times and the client must support the rollback (rewind). such as from standard input (stdin)

This demand occurs when uploading, and the upload operation will fail.

-b/--cookie <name=data>

(HTTP) to pass data as a cookie to the HTTP server. This data may be previous from the server

The Set-cookie line returns. These data should be "NAME1=VALUE1;" Name2=value2 "So

's format.

If the ' = ' symbol is not used in the row, it will be treated as a file that holds the previous cookie line

Name if the file matches the last saved Cookie row, it will be read in this session. Use

This method also activates the "Cookie parser", which causes curl to record the incoming cookie at the same time.

This can be easily used in conjunction with the-l/--location option. The file format of the read cookie should be a plain text

This is the HTTP headers or Netscape/mozilla cookie file format.

Please note that the file specified by-b/--cookie can only be used as input, and no cookies will be stored in

File. To store cookies, use the-c/--cookie-jar option or you can even use the-d/--dump-header

Option to save the HTTP header to a file.

If this option is set more than once, the most recent setting is used.


Enable ASCII transport when using FTP or LDAP. When you use FTP, you can also use a

The URL at the end of the "; Type=a" to enforce this option. This option causes the data to be sent in text mode to

Standard output of the WIN32 system (STDOUT).


(HTTP) tells Curl to use HTTP Basic authentication. This is the default option, and this option is usually not

meaning unless you use it to overwrite the options for the different authentication methods you set earlier, such as--NTLM,

--digest, or--negotiate).

--ciphers < encryption Way list >

(SSL) Specifies which encryption methods are used in the connection. The list must be a valid encryption method. This

URL read the details of the SSL encryption method list:


NSS encryption is different from OpenSSL and GnuTLS. Full list of NSS encryption methods at this URL:

Http://'s Nssciphersuite


If this option has been used more than once, the last setting replaces the other.


(HTTP) Requests a compressed response using a compression algorithm supported by Libcurl and returns the uncompressed

Document. If you use this option and the server sends an unsupported compression method, CURL will report


--connect-timeout < sec >

The maximum time, in seconds, that you can take to connect to the server. is limited to the connection phase once the Crul

Already connected, this option will not work. See also-m/--max-time option.

If this option has been used more than once, use the last setting.

-c/--cookie-jar < filename >

Specify which file you want to write all cookies to after you complete the operation Curl. CURL will be written before

All cookies read from the specified file and obtained from the remote server. If there is no cookie information,

is not written to the file. The file will use Netscape's cookie file format. If you set the file

Named Half-width single Dash "-", these cookies information will be written to standard output (stdout).

Note: If the cookie jar cannot be built or written, the entire curl operation will not fail or even

Error. Using-V will get a warning display, but this will be the only visible when a fatal error can occur

of feedback.

If this option has been used more than once, the last file name specified will be used.

-c/--continue-at < offset address >

The file transfer before the specified offset is resumed/resumed. The given offset address is one that will be ignored

The exact number of bytes, calculated from the beginning of the file before the source file is transferred to the destination. If used in the upload,

The size command for the FTP server will not be available for curl.

Use "-C-" to tell curl where and how to automatically resume the transmission. And then use the given output/loss

Into the file to do this.

If this option has been used more than once, use the last setting.


When used with the-o option, CURL establishes the necessary local directory structure as needed. This option establishes

There is no other use for the directory mentioned in the-O option. If the file name that is involved in the-o option

If no directory or directory already exists, the directory will not be created.

Use the--ftp-create-dirs option when you want to create a remote directory using FTP or SFTP.


(FTP) converts LF to CRLF on upload. Useful in MVS (os/390).

-d/--data < data >

(HTTP) post specific data to the server, with the user filling out the form in the browser and pressing the Submit button

The same effect. CURL Use MIME type Content-type

application/x-www-form-urlencoded transmits data to the server. Please compare it with-f/--form.

-d/--data is the same as--data-ascii. If you want to post binary data, you should use the--data-binary

Options. If you want to post a URL-encoded form item, you should use--data-urlencode.

This parameter is used more than once on the same command line, and the data block is submitted by the & symbol merge. Therefore, using the '-D

Name=daniel-d Skill=lousy ' After the submission of the data is ' name=daniel&skill=lousy '.

If your data begins with the character @, the rest should be a file name to read the data, or

You want curl to read data from standard input (stdin). The contents of the file must be URL-coded

Of You can also specify multiple files. For example, to post a file foobar, then the format is--data @foobar.

--data-binary < data >

(HTTP) post binary data.

If your data begins with the character @, the rest should be a filename. Post data is used

--data-ascii in a similar way, the difference is that line wrapping is reserved and not converted.

If this option is used more than once, the data defined for the first time is appended to the data described by-d/--data


--data-urlencode < data >

(HTTP) is the same as the--data option, and the only difference is that URL encoding is used. (added in version 7.18.0)

To do a CGI-compatible,< data > Part should consist of name and subsequent delimiters and specified content. The <

The Data > section uses the following syntax:


will enable curl to encode content and pass it using Url-encode. Just be careful that such content does not contain any

what = or @ symbol, so this will make the syntax match the rest of the following.


will enable curl to encode content and pass it using Url-encode. The previous = number is not included in the data.


will make curl use Url-encode to encode the content part and pass it. Note that part of name has been preloaded

First passed the url-encoded code.


will cause curl to read data from the given file (including any newline characters), Url-encode encoded data

and pass it to it at post.


will cause curl to read data from the given file (including any newline characters), Url-encode encoded data

and pass it to it at post. The name section gets the same addition, causing

Name=urlencoded-file-content. Note that the name has been url-encoded encoded beforehand.


(HTTP) allows HTTP Digest authentication. This is an authentication that avoids passwords being transmitted in clear text. Use this

Option with the-u/--user option to set the user name and password. See also--NTLM 、--negotiate and

--anyauth related options.

If you use this option more than once, the following events do not make any difference.


(FTP) tells Curl to disable Erpt and LPRT commands when making active FTP transfers. CURL in use

PORT command, you usually try to use Eprt first, then lprt, but with this option, you will

Use the port command first. Eprt and LPrt are extensions of the original FTP protocol and may not be available at all

servers, but they have more functionality than the traditional port commands in a better way.

Since cURL7.19.0,--EPRT can be used again to enable EPRT,--NO-EPRT is--DISABLE-EPRT.


Disabling EPRT only changes the active behavior. If you want to switch to passive mode (passive mode) please do not make

Use with-p/--ftp-port or force with--FTP-PASV.


(FTP) tells Curl to disable the EPSV command when doing passive FTP transfer. CURL is using PASV's life.

Before the order, you will usually try to use EPSV first, but after using this option, you will not try the EPSV command first.

Since cURL7.19.0,--EPSV can be used again to enable EPSV,--NO-EPSV is--DISABLE-EPSV


Disabling EPSV only changes the passive behavior. If you want to switch to active mode you need to use the


-d/--dump-header < Documents >

Writes the protocol header to the specified file.

This option is handy when you save HTTP headers sent to you by the HTTP Web site. Save the Protocol header

Cookie data can be invoked by the second curl through the-b/--cookie option. However-c/--cookie-jar election

Item is still a better way to store cookies.

When using FTP, the FTP server's answer line is treated as a "protocol header", which is saved.

If this option has been used more than once, use the last setting.

-e/--referer <URL>

(HTTP) sends information about a "reference page" to an HTTP server. This option, of course, can also be associated with-h/--header

tags are used together. When used with-l/--location, you can attach "; auto" to the--referer URL,

Causes Curl to automatically set the previous URL when it follows Location:header. '; auto ' string

Can be used alone, even if you do not set the initial--referer.

If this option has been used more than once, use the last setting.

--engine <name>

Select the OpenSSL encryption engine for the cryptographic operation. Use the--engine list to print the supported engines at compile time

Single. Note that not all (or no) engines are available at run time.


(RISC operating system only) set up a series of environment variables, using the name supported by the-w option, allow

It is easier to extract useful information after running curl.

--egd-file < Documents >

(SSL) Specifies the path name for the entropy gathering Daemon socket. This socket is used for SSL connection

A random seed is generated. See also the--random-file option.

-e/--cert < certificate [: Password]>

(SSL) tells Curl to use the specified certificate file when obtaining files through HTTPS or FTPs. Certificate

The book must be in PEM format. If an optional password is not specified, input is prompted on the terminal. Note that this

Option assumes a "certificate" file that is a private key and a personal certificate link. See--cert and--key alone to designate them.

If Curl uses the NSS SSL library to compile, then this option tells Curl to use the environment variable ssl_dir (or

Default/etc/pki/nssdb) A certificate alias in the NSS database that is defined. If NSS PEM pkcs#11

Module ( is available, then the Pem file will be loaded.

If this option has been used more than once, use the last setting.

--cert-type < type >

(SSL) tells the curl the type of certificate provided. PEM, DER, and Eng are types that can be recognized. Such as

The fruit is not specified and will be assumed to be PEM.

If this option has been used more than once, use the last setting.

-CACert <ca certificate>

(SSL) tells Curl to use the specified certificate file to verify peer. The file may contain multiple CA certificates.

The certificate must be in PEM format. Typically, Curl uses the built-in default file, so this option is typically used to change

Changes the default file.

Curl confirms that an environment variable named ' Curl_ca_bundle ' has been set and uses the given path as a

A CA certificate with a path bundle. This option will overwrite the variable.

The Windows version of Curl automatically looks for a CA certificate with a file name of ' Curl-ca-bundle.crt ', either

In the same directory as CURL.exe, or under the current working directory, or in any folder in your path

Under any folder.

If Curl uses the NSS SSL library to compile, then this option tells Curl to use the environment variable ssl_dir (or

Default/etc/pki/nssdb) A certificate alias in the NSS database that is defined. If NSS PEM pkcs#11

Module ( is available, then the Pem file will be loaded.

If this option has been used more than once, use the last setting.

--capath <CA Certificate Directory >

(SSL) tells Curl to use the specified certificate directory to verify the peer. The certificate must be in PEM format,

And the directory must have been processed using the C_rehash tool provided by OpenSSL. If--cacert means

The file contains many CA certificates, and using--capath enables curl to make SSL connections much more efficient than


If this option has been used more than once, use the last setting.


(HTTP) The error message is masked (without any output) when an error occurs on the server. Do this to better support the script

And so can better deal with the failure of the attempt. Under normal circumstances when an HTTP server is unable to provide documents

, it returns an HTML file explaining its cause. This flag will prevent curl from outputting this document.

and returns error 22.

This method is not foolproof, there is not a successful response code to pass the occasion, especially when participating in the validation (ring

Should be code 401 and 407).

--ftp-account [Data]

(FTP) When an FTP server requests "account data" after providing a username and password, this data is passed through the Acct

command to send. (added in version 7.13.0)

If this option has been used two times, the second time will overwrite the previous use.


(FTP/SFTP) when an FTP or SFTP url/operation uses a path that does not currently exist on the server

, the standard Crul behavior will fail. With this option, curl will attempt to create a missing directory.

--ftp-method [Method]

(FTP) controls the method that curl should use to obtain files in the FTP server. The variable of the method should be a

The following options:


Curl runs a single CWD operation for each path of a given URL. If the directory structure is complex

That would mean a lot of commands. This is described by RFC1738. This is the default, but the slowest behavior.


Curl fully perform the CWD operation, instead using commands such as size, RETR, STOR, and sending to the server

Send all of these commands to the full path. This is the quickest act.


Curl do a CWD operation for the complete target directory, and then "normally" manipulate the file (as in MULTICWD

In the same way). This is better than ' nocwd ', but less expensive than ' MULTICWD '.

(added in version 7.15.1)


(FTP) uses a data connection in passive mode. Passive mode is the internal default behavior, but use this option to

Used to overwrite the previous-p/--ftp-port option. (added in version 7.11.0)

If this option is used more than once, the following events do not make any difference. Canceling the forced passive mode is not feasible,

But you must then force again to replace with the correct-p/--ftp-port.

Passive mode means that curl will first try the EPSV command, and then execute the PASV command, unless you use a

--DISABLE-EPSV option.

--ftp-alternative-to-user < command >

(FTP) If authentication fails with the user and pass commands, this command is sent. When using a client ID

When the book links to the Tumbleweed Secure Transport server on the FTPs, using "SITE AUTH" will tell

Know that the server retrieves the user name from the certificate. (added in version 7.15.5)


(FTP) When Curl Connect to a data connection, tell curl not to use the server in response to Curl PASV

The IP address that is recommended when the command is made. Conversely curl will reuse the same IP address that is used when controlling the connection. (In

7.14.2 version added)

This option is not available if port, Eprt, or EPSV is used instead of PASV.


(FTP) Attempt to use a SSL/TLS FTP connection. If the server does not support SSL/TLS, it returns to a

An unsecured connection. For different levels of encryption requirements see--ftp-ssl-control and--FTP-SSL-REQD. (In

7.11.0 version added)


(FTP) Request Ssl/tls FTP login, unencrypted transmission. Allow security authentication, but for transmission efficiency

Data transfer is not encrypted. If the server does not support SSL/TLS, the transfer fails. (in version 7.16.0, add



(FTP) requests a SSL/TLS FTP connection. Terminates the connection if the server does not support SSL/TLS.

(added in version 7.15.5)


(FTP) After authentication, use the CCC (clear Command Channel) to close the SSL/TLS layer. The rest of the control

Channel traffic will not be encrypted. This operation allows NAT routing to follow the FTP transaction. The default is passive mode. Choose

See--ftp-ssl-ccc-mode for other ways of doing this. (added in version 7.16.1)

--ftp-ssl-ccc-mode [Active/passive]

(FTP) Set up the CCC mode using CCC (Clear Command Channel). Passive mode does not accept

Shutdown the command, but waits for the server to do so, and does not respond to the server's shutdown command.

The active mode accepts the shutdown command and waits for the server to respond. (added in version 7.16.2)

-f/--form <name=content>

(HTTP) Curl simulate fill out the form and press the Submit button. This will enable curl to use according to RFC1867

Content-type Multipart/form-data to post data. This will allow binary files to be uploaded, etc.

Force the ' content ' section to be a file, preceded by the prefix @ number in the filename. Just get the content from the file

section of the content, using prefix < before the filename. @ and < difference in with, @ Let a file in post

Action is uploaded as a file, and < only gets content from the file as a text field.

For example, if you want to send a password file to the server, ' password ' is the name of the form field, which will be filled in

/etc/passwd file:

Curl-f password=@/etc/passwd

If you want to get input in standard input (stdin) in place of the file, make it available at the location where the file name should be provided

Use-Replace. The same applies to the @ and < structures.

You can also use '; Type= ' to tell Curl what Content-type is, similar to:

Curl-f "web= @index. html;type=text/html"


Curl-f "Name=daniel;type=text/foo"

You can also set the ' filename= ' to explicitly change a file upload section of the Name field, just like this:

Curl-f "file= @localfile; filename=nameinpost"

See manuals for more examples and details.

This option can be used more than once.

--form-string <name=string>

(HTTP) is similar to--form, except that the value string of a named parameter is literal meaning. Open with ' @ ' and ' < '

The '; type= ' string in the header character and the value has no special meaning. If the string value may happen to trigger

--form ' @ ' or ' < ' feature, this parameter is preferred in--form.


This option closes the URL wildcard Analyzer. When you set this option, you can specify a name that contains the {}[] character

URL without being interpreted by the curl itself. Note that these characters are not normal legitimate URL content,

However, it should be encoded according to the standard URI.


This option uses the specified data for all-d/--data or--data-binary in HTTP GET requests instead of

Post request, otherwise the post will be used. The data and the '? ' The delimiter is appended to the URL.

If combined-I is used, the POST data is replaced and appended to the URL with the head request.

If this option is used more than once, the following events do not make any difference. This is because undo get is no way

, but you should choose the method you prefer to replace.


Use Help.


(HTTP) uses an extra header when fetching a Web page. You can specify any number of additional headers.

Note that if you want to add a custom header with the same header name used internally by curl, you

The external header setting replaces the default. In this way, you can do more than the curl can generally do

Thing If you do not fully understand what you are doing, you should not replace the internal set header. is risking

The right side of the number gives a no content replacement to remove an internal header, such as:-H "host:".

CURL will ensure that each header that you add/replace is sent with the normal end-of-line tag, so

You should not add it as a header: Do not add line breaks or enter, they will only

Make a mess of your things.

See also-a/--user-agent and-e/--referer options.

This option can be used multiple times to add/replace/Remove multiple headers.

-Hostpubmd5 <md5>

Passes a string that contains 32 hexadecimal digits. The string should be 128 bits of the remote host public key

MD5 Verify that the curl will reject the connection unless the Md5sums match. This option is available only for SCP and

SFTP transmission. (added in version 7.17.1)


(HTTP) ignores the content-length header. The server running apache1.x is more than 2G bytes

This option is useful for files that report incorrect content-length.


(HTTP) The http-header contained in the output. Http-header contains the name of a server

Claim, document date, version of HTTP protocol, and more information ...

--interface< name >

Performs an operation using the specified interface. You can enter the interface name, IP address, or host name. An example can be

Can be shown as follows:

Curl--interface eth0:1

If this option has been used more than once, use the last setting.


(HTTP/FTP/archives) only get http-header. HTTP Server function command head to make

Use this option to get only the header of the document. When using FTP or file files, CURL only displays files

Size and last modified time.


(HTTP) When Curl is told to read a cookie in a given file, this option discards all "session

Cookies ". This will basically have the same effect as starting a new session. When a typical browser shuts down

The session cookie is always discarded.


(SSL) This option explicitly allows curl to perform "unsafe" SSL connections and transmissions. All SSL connections

Use the CA certificate bundled with the default installation to try to make it secure. This makes it possible to use-k/--insecure unless

All connections are considered "unsafe" and fail.

For further details, please see online resources:

--keepalive-time < sec >

This option sets a connection to the free time before sending the active probe and the independent retention activity.

The interval of the needle. This is the Tcp_keepidle and TCP_KEEPINTVL set currently available in the operating system

The socket options are valid (meaning Linux, AIX, HP-UX, and so on). If you use the--no-keepalive selection

Item, this option does not take effect. (added in version 7.18.0)

If you use this option more than once, the last setting works.

--key < private key >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.