1WGET2(1) GNU Wget2 2.1.0 WGET2(1)
2
3
4
6 Wget2 - a recursive metalink/file/website downloader.
7
9 wget2 [options]... [URL]...
10
12 GNU Wget2 is a free utility for non-interactive download of files from
13 the Web. It supports HTTP and HTTPS protocols, as well as retrieval
14 through HTTP(S) proxies.
15
16 Wget2 is non-interactive, meaning that it can work in the background,
17 while the user is not logged on. This allows you to start a retrieval
18 and disconnect from the system, letting Wget2 finish the work. By con‐
19 trast, most of the Web browsers require constant user’s presence, which
20 can be a great hindrance when transferring a lot of data.
21
22 Wget2 can follow links in HTML, XHTML, CSS, RSS, Atom and sitemap files
23 to create local versions of remote web sites, fully recreating the di‐
24 rectory structure of the original site. This is sometimes referred to
25 as recursive downloading. While doing that, Wget2 respects the Robot
26 Exclusion Standard (/robots.txt). Wget2 can be instructed to convert
27 the links in downloaded files to point at the local files, for offline
28 viewing.
29
30 Wget2 has been designed for robustness over slow or unstable network
31 connections; if a download fails due to a network problem, it will keep
32 retrying until the whole file has been retrieved. If the server sup‐
33 ports partial downloads, it may continue the download from where it
34 left off.
35
37 Option Syntax
38 Every option has a long form and sometimes also a short one. Long op‐
39 tions are more convenient to remember, but take time to type. You may
40 freely mix different option styles. Thus you may write:
41
42 wget2 -r --tries=10 https://example.com/ -o log
43
44 The space between the option accepting an argument and the argument may
45 be omitted. Instead of -o log you can write -olog.
46
47 You may put several options that do not require arguments together,
48 like:
49
50 wget2 -drc <URL>
51
52 This is equivalent to:
53
54 wget2 -d -r -c <URL>
55
56 Since the options can be specified after the arguments, you may termi‐
57 nate them with --. So the following will try to download URL -x, re‐
58 porting failure to log:
59
60 wget2 -o log -- -x
61
62 The options that accept comma-separated lists all respect the conven‐
63 tion that prepending --no- clears its value. This can be useful to
64 clear the .wget2rc settings. For instance, if your .wget2rc sets ex‐
65 clude-directories to /cgi-bin, the following example will first reset
66 it, and then set it to exclude /priv and /trash. You can also clear
67 the lists in .wget2rc.
68
69 wget2 --no-exclude-directories -X /priv,/trash
70
71 Most options that do not accept arguments are boolean options, so named
72 because their state can be captured with a yes-or-no (“boolean”) vari‐
73 able. A boolean option is either affirmative or negative (beginning
74 with --no-). All such options share several properties.
75
76 Affirmative options can be negated by prepending the --no- to the op‐
77 tion name; negative options can be negated by omitting the --no- pre‐
78 fix. This might seem superfluous - if the default for an affirmative
79 option is to not do something, then why provide a way to explicitly
80 turn it off? But the startup file may in fact change the default. For
81 instance, using timestamping = on in .wget2rc makes Wget2 download up‐
82 dated files only. Using --no-timestamping is the only way to restore
83 the factory default from the command line.
84
85 Basic Startup Options
86 -V, --version
87 Display the version of Wget2.
88
89 -h, --help
90 Print a help message describing all of Wget2’s command-line options.
91
92 -b, --background
93 Go to background immediately after startup. If no output file is spec‐
94 ified via the -o, output is redirected to wget-log.
95
96 -e, --execute=command
97 Execute command as if it were a part of .wget2rc. A command thus in‐
98 voked will be executed after the commands in .wget2rc, thus taking
99 precedence over them. If you need to specify more than one wget2rc
100 command, use multiple instances of -e.
101
102 --hyperlink
103 Hyperlink names of downloaded files so that they can opened from the
104 terminal by clicking on them. Only a few terminal emulators currently
105 support hyperlinks. Enable this option if you know your terminal sup‐
106 ports hyperlinks.
107
108 Logging and Input File Options
109 -o, --output-file=logfile
110 Log all messages to logfile. The messages are normally reported to
111 standard error.
112
113 -a, --append-output=logfile
114 Append to logfile. This is the same as -o, only it appends to logfile
115 instead of overwriting the old log file. If logfile does not exist, a
116 new file is created.
117
118 -d, --debug
119 Turn on debug output, meaning various information important to the de‐
120 velopers of Wget2 if it does not work properly. Your system adminis‐
121 trator may have chosen to compile Wget2 without debug support, in which
122 case -d will not work. Please note that compiling with debug support
123 is always safe, Wget2 compiled with the debug support will not print
124 any debug info unless requested with -d.
125
126 -q, --quiet
127 Turn off Wget2’s output.
128
129 -v, --verbose
130 Turn on verbose output, with all the available data. The default out‐
131 put is verbose.
132
133 -nv, --no-verbose
134 Turn off verbose without being completely quiet (use -q for that),
135 which means that error messages and basic information still get print‐
136 ed.
137
138 --report-speed=type
139 Output bandwidth as type. The only accepted values are bytes (which is
140 set by default) and bits. This option only works if --progress=bar is
141 also set.
142
143 -i, --input-file=file
144 Read URLs from a local or external file. If - is specified as file,
145 URLs are read from the standard input. Use ./- to read from a file
146 literally named -.
147
148 If this function is used, no URLs need be present on the command line.
149 If there are URLs both on the command line and in an input file, those
150 on the command lines will be the first ones to be retrieved. file is
151 expected to contain one URL per line, except one of the --force- op‐
152 tions specifies a different format.
153
154 If you specify --force-html, the document will be regarded as HTML. In
155 that case you may have problems with relative links, which you can
156 solve either by adding <base href="url"> to the documents or by speci‐
157 fying --base=url on the command line.
158
159 If you specify --force-css, the document will be regarded as CSS.
160
161 If you specify --force-sitemap, the document will be regarded as XML
162 sitemap.
163
164 If you specify --force-atom, the document will be regarded as Atom
165 Feed.
166
167 If you specify --force-rss, the document will be regarded as RSS Feed.
168
169 If you specify --force-metalink, the document will be regarded as Met‐
170 alink description.
171
172 If you have problems with relative links, you should use --base=url on
173 the command line.
174
175 -F, --force-html
176 When input is read from a file, force it to be treated as an HTML file.
177 This enables you to retrieve relative links from existing HTML files on
178 your local disk, by adding “” to HTML, or using the --base command-line
179 option.
180
181 --force-css
182 Read and parse the input file as CSS. This enables you to retrieve
183 links from existing CSS files on your local disk. You will need --base
184 to handle relative links correctly.
185
186 --force-sitemap
187 Read and parse the input file as sitemap XML. This enables you to re‐
188 trieve links from existing sitemap files on your local disk. You will
189 need --base to handle relative links correctly.
190
191 --force-atom
192 Read and parse the input file as Atom Feed XML. This enables you to
193 retrieve links from existing sitemap files on your local disk. You
194 will need --base to handle relative links correctly.
195
196 --force-rss
197 Read and parse the input file as RSS Feed XML. This enables you to re‐
198 trieve links from existing sitemap files on your local disk. You will
199 need --base to handle relative links correctly.
200
201 --force-metalink
202 Read and parse the input file as Metalink. This enables you to re‐
203 trieve links from existing Metalink files on your local disk. You will
204 need --base to handle relative links correctly.
205
206 -B, --base=URL
207 Resolves relative links using URL as the point of reference, when read‐
208 ing links from an HTML file specified via the -i/--input-file option
209 (together with a --force... option, or when the input file was fetched
210 remotely from a server describing it as HTML, CSS, Atom or RSS). This
211 is equivalent to the presence of a “BASE” tag in the HTML input file,
212 with URL as the value for the “href” attribute.
213
214 For instance, if you specify https://example.com/bar/a.html for URL,
215 and Wget2 reads ../baz/b.html from the input file, it would be resolved
216 to https://example.com/baz/b.html.
217
218 --config=FILE
219 Specify the location of configuration files you wish to use. If you
220 specify more than one file, either by using a comma-separated list or
221 several --config options, these files are read in left-to-right order.
222 The files given in $SYSTEM_WGET2RC and ($WGET2RC or ~/.wget2rc) are
223 read in that order and then the user-provided config file(s). If set,
224 $WGET2RC replaces ~/.wget2rc.
225
226 --no-config empties the internal list of config files. So if you want
227 to prevent reading any config files, give --no-config on the command
228 line.
229
230 --no-config followed by --config=file just reads file and skips reading
231 the default config files.
232
233 Wget will attempt to tilde-expand filenames written in the configura‐
234 tion file on supported platforms. To use a file that starts with the
235 character literal `~', use “./~” or an absolute path.
236
237 --rejected-log=logfile [Not implemented yet]
238 Logs all URL rejections to logfile as comma separated values. The val‐
239 ues include the reason of rejection, the URL and the parent URL it was
240 found in.
241
242 --local-db
243 Enables reading/writing to local database files (default: on).
244
245 These are the files for --hsts, --hpkp, --ocsp, etc.
246
247 With --no-local-db you can switch reading/writing off, e.g. useful for
248 testing.
249
250 This option does not influence the reading of config files.
251
252 --stats-dns=[FORMAT:]FILE
253 Save DNS stats in format FORMAT, in file FILE.
254
255 FORMAT can be human or csv. - is shorthand for stdout and h is short‐
256 hand for human.
257
258 The CSV output format is
259
260 Hostname,IP,Port,Duration
261
262 `Duration` is given in milliseconds.
263
264 --stats-tls=[FORMAT:]FILE
265 Save TLS stats in format FORMAT, in file FILE.
266
267 FORMAT can be human or csv. - is shorthand for stdout and h is short‐
268 hand for human.
269
270 The CSV output format is
271
272 Hostname,TLSVersion,FalseStart,TFO,Resumed,ALPN,HTTPVersion,Certifi‐
273 cates,Duration
274
275 `TLSVersion` can be 1,2,3,4,5 for SSL3, TLS1.0, TLS1.1, TLS1.2 and TLS1.3. -1 means 'None'.
276
277 `FalseStart` whether the connection used TLS False Start. -1 if not applicable.
278
279 `TFO` whether the connection used TCP Fast Open. -1 is TFO was disabled.
280
281 `Resumed` whether the TLS session was resumed or not.
282
283 `ALPN` is the ALPN negotiation string.
284
285 `HTTPVersion` is 0 for HTTP 1.1 and 1 is for HTTP 2.0.
286
287 `Certificates` is the size of the server's certificate chain.
288
289 `Duration` is given in milliseconds.
290
291 --stats-ocsp=[FORMAT:]FILE
292 Save OCSP stats in format FORMAT, in file FILE.
293
294 FORMAT can be human or csv. - is shorthand for stdout and h is short‐
295 hand for human.
296
297 The CSV output format is
298
299 Hostname,Stapling,Valid,Revoked,Ignored
300
301 `Stapling` whether an OCSP response was stapled or not.
302
303 `Valid` how many server certificates were valid regarding OCSP.
304
305 `Revoked` how many server certificates were revoked regarding OCSP.
306
307 `Ignored` how many server certificates had been ignored or OCSP responses missing.
308
309 --stats-server=[FORMAT:]FILE
310 Save Server stats in format FORMAT, in file FILE.
311
312 FORMAT can be human or csv. - is shorthand for stdout and h is short‐
313 hand for human.
314
315 The CSV output format is
316
317 Hostname,IP,Scheme,HPKP,NewHPKP,HSTS,CSP
318
319 `Scheme` 0,1,2 mean `None`, `http`, `https`.
320
321 `HPKP` values 0,1,2,3 mean 'No HPKP', 'HPKP matched', 'HPKP doesn't match', 'HPKP error'.
322
323 `NewHPKP` whether server sent HPKP (Public-Key-Pins) header.
324
325 `HSTS` whether server sent HSTS (Strict-Transport-Security) header.
326
327 `CSP` whether server sent CSP (Content-Security-Policy) header.
328
329 --stats-site=[FORMAT:]FILE
330 Save Site stats in format FORMAT, in file FILE.
331
332 FORMAT can be human or csv. - is shorthand for stdout and h is short‐
333 hand for human.
334
335 The CSV output format is
336
337 ID,ParentID,URL,Status,Link,Method,Size,SizeDecompressed,Transfer‐
338 Time,ResponseTime,Encoding,Verification
339
340 `ID` unique ID for a stats record.
341
342 `ParentID` ID of the parent document, relevant for `--recursive` mode.
343
344 `URL` URL of the document.
345
346 `Status` HTTP response code or 0 if not applicable.
347
348 `Link` 1 means 'direkt link', 0 means 'redirection link'.
349
350 `Method` 1,2,3 mean GET, HEAD, POST request type.
351
352 `Size` size of downloaded body (theoretical value for HEAD requests).
353
354 `SizeDecompressed` size of decompressed body (0 for HEAD requests).
355
356 `TransferTime` ms between start of request and completed download.
357
358 `ResponseTime` ms between start of request and first response packet.
359
360 `Encoding` 0,1,2,3,4,5 mean server side compression was 'identity', 'gzip', 'deflate', 'lzma/xz', 'bzip2', 'brotli', 'zstd', 'lzip'
361
362 `Verification` PGP verification status. 0,1,2,3 mean 'none', 'valid', 'invalid', 'bad', 'missing'.
363
364 Download Options
365 --bind-address=ADDRESS
366 When making client TCP/IP connections, bind to ADDRESS on the local ma‐
367 chine. ADDRESS may be specified as a hostname or IP address. This op‐
368 tion can be useful if your machine is bound to multiple IPs.
369
370 --bind-interface=INTERFACE
371 When making client TCP/IP connections, bind to INTERFACE on the local
372 machine. INTERFACE may be specified as the name for a Network Inter‐
373 face. This option can be useful if your machine has multiple Network
374 Interfaces. However, the option works only when wget2 is run with ele‐
375 vated privileges (On GNU/Linux: root / sudo or sudo setcap
376 cap_net_raw+ep <path to wget|wget2>).
377
378 -t, --tries=number
379 Set number of tries to number. Specify 0 or inf for infinite retrying.
380 The default is to retry 20 times, with the exception of fatal errors
381 like “connection refused” or “not found” (404), which are not retried.
382
383 --retry-on-http-error=list
384 Specify a comma-separated list of HTTP codes in which Wget2 will retry
385 the download. The elements of the list may contain wildcards. If an
386 HTTP code starts with the character `!' it won’t be downloaded. This
387 is useful when trying to download something with exceptions. For exam‐
388 ple, retry every failed download if error code is not 404:
389
390 wget2 --retry-on-http-error=*,\!404 https://example.com/
391
392 Please keep in mind that “200” is the only forbidden code. If it is
393 included on the status list Wget2 will ignore it. The max. number of
394 download attempts is given by the --tries option.
395
396 -O, --output-document=file
397 The documents will not be written to the appropriate files, but all
398 will be concatenated together and written to file. If - is used as
399 file, documents will be printed to standard output, disabling link con‐
400 version. Use ./- to print to a file literally named -. To not get
401 Wget2 status messages mixed with file content, use -q in combination
402 with -O- (This is different to how Wget 1.x behaves).
403
404 Using -r or -p with -O may not work as you expect: Wget2 won’t just
405 download the first file to file and then download the rest to their
406 normal names: all downloaded content will be placed in file.
407
408 A combination with -nc is only accepted if the given output file does
409 not exist.
410
411 When used along with the -c option, Wget2 will attempt to continue
412 downloading the file whose name is passed to the option, irrespective
413 of whether the actual file already exists on disk or not. This allows
414 users to download a file with a temporary name alongside the actual
415 file.
416
417 Note that a combination with -k is only permitted when downloading a
418 single document, as in that case it will just convert all relative URIs
419 to external ones; -k makes no sense for multiple URIs when they’re all
420 being downloaded to a single file; -k can be used only when the output
421 is a regular file.
422
423 Compatibility-Note: Wget 1.x used to treat -O as analogous to shell re‐
424 direction. Wget2 does not handle the option similarly. Hence, the
425 file will not always be newly created. The file’s timestamps will not
426 be affected unless it is actually written to. As a result, both -c and
427 -N options are now supported in conjunction with this option.
428
429 -nc, --no-clobber
430 If a file is downloaded more than once in the same directory, Wget2’s
431 behavior depends on a few options, including -nc. In certain cases,
432 the local file will be clobbered, or overwritten, upon repeated down‐
433 load. In other cases it will be preserved.
434
435 When running Wget2 without -N, -nc, -r, or -p, downloading the same
436 file in the same directory will result in the original copy of file be‐
437 ing preserved and the second copy being named file.1. If that file is
438 downloaded yet again, the third copy will be named file.2, and so on.
439 (This is also the behavior with -nd, even if -r or -p are in effect.)
440 Use --keep-extension to use an alternative file naming pattern.
441
442 When -nc is specified, this behavior is suppressed, and Wget2 will
443 refuse to download newer copies of file. Therefore, ““no-clobber”” is
444 actually a misnomer in this mode - it’s not clobbering that’s prevented
445 (as the numeric suffixes were already preventing clobbering), but
446 rather the multiple version saving that’s prevented.
447
448 When running Wget2 with -r or -p, but without -N, -nd, or -nc, re-down‐
449 loading a file will result in the new copy simply overwriting the old.
450 Adding -nc will prevent this behavior, instead causing the original
451 version to be preserved and any newer copies on the server to be ig‐
452 nored.
453
454 When running Wget2 with -N, with or without -r or -p, the decision as
455 to whether or not to download a newer copy of a file depends on the lo‐
456 cal and remote timestamp and size of the file. -nc may not be speci‐
457 fied at the same time as -N.
458
459 A combination with -O/--output-document is only accepted if the given
460 output file does not exist.
461
462 Note that when -nc is specified, files with the suffixes .html or .htm
463 will be loaded from the local disk and parsed as if they had been re‐
464 trieved from the Web.
465
466 --backups=backups
467 Before (over)writing a file, back up an existing file by adding a .1
468 suffix to the file name. Such backup files are rotated to .2, .3, and
469 so on, up to backups (and lost beyond that).
470
471 -c, --continue
472 Continue getting a partially-downloaded file. This is useful when you
473 want to finish up a download started by a previous instance of Wget2,
474 or by another program. For instance:
475
476 wget2 -c https://example.com/tarball.gz
477
478 If there is a file named tarball.gz in the current directory, Wget2
479 will assume that it is the first portion of the remote file, and will
480 ask the server to continue the retrieval from an offset equal to the
481 length of the local file.
482
483 Note that you don’t need to specify this option if you just want the
484 current invocation of Wget2 to retry downloading a file should the con‐
485 nection be lost midway through. This is the default behavior. -c only
486 affects resumption of downloads started prior to this invocation of
487 Wget2, and whose local files are still sitting around.
488
489 Without -c, the previous example would just download the remote file to
490 tarball.gz.1, leaving the truncated tarball.gz file alone.
491
492 If you use -c on a non-empty file, and it turns out that the server
493 does not support continued downloading, Wget2 will refuse to start the
494 download from scratch, which would effectively ruin existing contents.
495 If you really want the download to start from scratch, remove the file.
496
497 If you use -c on a file which is of equal size as the one on the serv‐
498 er, Wget2 will refuse to download the file and print an explanatory
499 message. The same happens when the file is smaller on the server than
500 locally (presumably because it was changed on the server since your
501 last download attempt). Because “continuing” is not meaningful, no
502 download occurs.
503
504 On the other side of the coin, while using -c, any file that’s bigger
505 on the server than locally will be considered an incomplete download
506 and only “(length(remote) - length(local))” bytes will be downloaded
507 and tacked onto the end of the local file. This behavior can be desir‐
508 able in certain cases. For instance, you can use wget2 -c to download
509 just the new portion that’s been appended to a data collection or log
510 file.
511
512 However, if the file is bigger on the server because it’s been changed,
513 as opposed to just appended to, you’ll end up with a garbled file.
514 Wget2 has no way of verifying that the local file is really a valid
515 prefix of the remote file. You need to be especially careful of this
516 when using -c in conjunction with -r, since every file will be consid‐
517 ered as an “incomplete download” candidate.
518
519 Another instance where you’ll get a garbled file if you try to use -c
520 is if you have a lame HTTP proxy that inserts a “transfer interrupted”
521 string into the local file. In the future a “rollback” option may be
522 added to deal with this case.
523
524 Note that -c only works with HTTP servers that support the “Range”
525 header.
526
527 --start-pos=OFFSET
528 Start downloading at zero-based position OFFSET. Offset may be ex‐
529 pressed in bytes, kilobytes with the k' suffix, or megabytes with
530 them’ suffix, etc.
531
532 --start-pos has higher precedence over --continue. When --start-pos
533 and --continue are both specified, Wget2 will emit a warning then pro‐
534 ceed as if --continue was absent.
535
536 Server support for continued download is required, otherwise –start-pos
537 cannot help. See -c for details.
538
539 --progress=type
540 Select the type of the progress indicator you wish to use. Supported
541 indicator types are none and bar.
542
543 Type bar draws an ASCII progress bar graphics (a.k.a “thermometer” dis‐
544 play) indicating the status of retrieval.
545
546 If the output is a TTY, bar is the default. Else, the progress bar
547 will be switched off, except when using --force-progress.
548
549 The type `dot' is currently not supported, but won’t trigger an error
550 to not break wget command lines.
551
552 The parameterized types bar:force and bar:force:noscroll will add the
553 effect of --force-progress. These are accepted for better wget compat‐
554 ibility.
555
556 --force-progress
557 Force Wget2 to display the progress bar in any verbosity.
558
559 By default, Wget2 only displays the progress bar in verbose mode. One
560 may however, want Wget2 to display the progress bar on screen in con‐
561 junction with any other verbosity modes like --no-verbose or --quiet.
562 This is often a desired a property when invoking Wget2 to download sev‐
563 eral small/large files. In such a case, Wget2 could simply be invoked
564 with this parameter to get a much cleaner output on the screen.
565
566 This option will also force the progress bar to be printed to stderr
567 when used alongside the --output-file option.
568
569 -N, --timestamping
570 Turn on time-stamping.
571
572 --no-if-modified-since
573 Do not send If-Modified-Since header in -N mode. Send preliminary HEAD
574 request instead. This has only effect in -N mode.
575
576 --no-use-server-timestamps
577 Don’t set the local file’s timestamp by the one on the server.
578
579 By default, when a file is downloaded, its timestamps are set to match
580 those from the remote file. This allows the use of --timestamping on
581 subsequent invocations of Wget2. However, it is sometimes useful to
582 base the local file’s timestamp on when it was actually downloaded; for
583 that purpose, the --no-use-server-timestamps option has been provided.
584
585 -S, --server-response
586 Print the response headers sent by HTTP servers.
587
588 --spider
589 When invoked with this option, Wget2 will behave as a Web spider, which
590 means that it will not download the pages, just check that they are
591 there. For example, you can use Wget2 to check your bookmarks:
592
593 wget2 --spider --force-html -i bookmarks.html
594
595 This feature needs much more work for Wget2 to get close to the func‐
596 tionality of real web spiders.
597
598 -T seconds, --timeout=seconds
599 Set the network timeout to seconds seconds. This is equivalent to
600 specifying --dns-timeout, --connect-timeout, and --read-timeout, all at
601 the same time.
602
603 When interacting with the network, Wget2 can check for timeout and
604 abort the operation if it takes too long. This prevents anomalies like
605 hanging reads and infinite connects. The only timeout enabled by de‐
606 fault is a 900-second read timeout. Setting a timeout to 0 disables it
607 altogether. Unless you know what you are doing, it is best not to
608 change the default timeout settings.
609
610 All timeout-related options accept decimal values, as well as subsecond
611 values. For example, 0.1 seconds is a legal (though unwise) choice of
612 timeout. Subsecond timeouts are useful for checking server response
613 times or for testing network latency.
614
615 --dns-timeout=seconds
616 Set the DNS lookup timeout to seconds seconds. DNS lookups that don’t
617 complete within the specified time will fail. By default, there is no
618 timeout on DNS lookups, other than that implemented by system li‐
619 braries.
620
621 --connect-timeout=seconds
622 Set the connect timeout to seconds seconds. TCP connections that take
623 longer to establish will be aborted. By default, there is no connect
624 timeout, other than that implemented by system libraries.
625
626 --read-timeout=seconds
627 Set the read (and write) timeout to seconds seconds. The “time” of
628 this timeout refers to idle time: if, at any point in the download, no
629 data is received for more than the specified number of seconds, reading
630 fails and the download is restarted. This option does not directly af‐
631 fect the duration of the entire download.
632
633 Of course, the remote server may choose to terminate the connection
634 sooner than this option requires. The default read timeout is 900 sec‐
635 onds.
636
637 --limit-rate=amount
638 Limit the download speed to amount bytes per second. Amount may be ex‐
639 pressed in bytes, kilobytes with the k suffix, or megabytes with the m
640 suffix. For example, --limit-rate=20k will limit the retrieval rate to
641 20KB/s. This is useful when, for whatever reason, you don’t want Wget2
642 to consume the entire available bandwidth.
643
644 This option allows the use of decimal numbers, usually in conjunction
645 with power suffixes; for example, --limit-rate=2.5k is a legal value.
646
647 Note that Wget2 implements the limiting by sleeping the appropriate
648 amount of time after a network read that took less time than specified
649 by the rate. Eventually this strategy causes the TCP transfer to slow
650 down to approximately the specified rate. However, it may take some
651 time for this balance to be achieved, so don’t be surprised if limiting
652 the rate doesn’t work well with very small files.
653
654 -w seconds, --wait=seconds
655 Wait the specified number of seconds between the retrievals. Use of
656 this option is recommended, as it lightens the server load by making
657 the requests less frequent. Instead of in seconds, the time can be
658 specified in minutes using the “m” suffix, in hours using “h” suffix,
659 or in days using “d” suffix.
660
661 Specifying a large value for this option is useful if the network or
662 the destination host is down, so that Wget2 can wait long enough to
663 reasonably expect the network error to be fixed before the retry. The
664 waiting interval specified by this function is influenced by --random-
665 wait, which see.
666
667 --waitretry=seconds
668 If you don’t want Wget2 to wait between every retrieval, but only be‐
669 tween retries of failed downloads, you can use this option. Wget2 will
670 use linear backoff, waiting 1 second after the first failure on a given
671 file, then waiting 2 seconds after the second failure on that file, up
672 to the maximum number of seconds you specify.
673
674 By default, Wget2 will assume a value of 10 seconds.
675
676 --random-wait
677 Some web sites may perform log analysis to identify retrieval programs
678 such as Wget2 by looking for statistically significant similarities in
679 the time between requests. This option causes the time between re‐
680 quests to vary between 0.5 and 1.5 ### wait seconds, where wait was
681 specified using the --wait option, in order to mask Wget2’s presence
682 from such analysis.
683
684 A 2001 article in a publication devoted to development on a popular
685 consumer platform provided code to perform this analysis on the fly.
686 Its author suggested blocking at the class C address level to ensure
687 automated retrieval programs were blocked despite changing DHCP-sup‐
688 plied addresses.
689
690 The --random-wait option was inspired by this ill-advised recommenda‐
691 tion to block many unrelated users from a web site due to the actions
692 of one.
693
694 --no-proxy[=exceptions]
695 If no argument is given, we try to stay backward compatible with
696 Wget1.x and don’t use proxies, even if the appropriate *_proxy environ‐
697 ment variable is defined.
698
699 If a comma-separated list of exceptions (domains/IPs) is given, these
700 exceptions are accessed without using a proxy. It overrides the
701 `no_proxy' environment variable.
702
703 -Q quota, --quota=quota
704 Specify download quota for automatic retrievals. The value can be
705 specified in bytes (default), kilobytes (with k suffix), or megabytes
706 (with m suffix).
707
708 Note that quota will never affect downloading a single file. So if you
709 specify
710
711 wget2 -Q10k https://example.com/bigfile.gz
712
713 all of the bigfile.gz will be downloaded. The same goes even when sev‐
714 eral URLs are specified on the command-line. However, quota is re‐
715 spected when retrieving either recursively, or from an input file.
716 Thus you may safely type
717
718 wget2 -Q2m -i sites
719
720 download will be aborted when the quota is exceeded.
721
722 Setting quota to 0 or to inf unlimits the download quota.
723
724 --restrict-file-names=modes
725 Change which characters found in remote URLs must be escaped during
726 generation of local filenames. Characters that are restricted by this
727 option are escaped, i.e. replaced with %HH, where HH is the hexadecimal
728 number that corresponds to the restricted character. This option may
729 also be used to force all alphabetical cases to be either lower- or up‐
730 percase.
731
732 By default, Wget2 escapes the characters that are not valid or safe as
733 part of file names on your operating system, as well as control charac‐
734 ters that are typically unprintable. This option is useful for chang‐
735 ing these defaults, perhaps because you are downloading to a non-native
736 partition, or because you want to disable escaping of the control char‐
737 acters, or you want to further restrict characters to only those in the
738 ASCII range of values.
739
740 The modes are a comma-separated set of text values. The acceptable
741 values are unix, windows, nocontrol, ascii, lowercase, and uppercase.
742 The values unix and windows are mutually exclusive (one will override
743 the other), as are lowercase and uppercase. Those last are special
744 cases, as they do not change the set of characters that would be es‐
745 caped, but rather force local file paths to be converted either to low‐
746 er- or uppercase.
747
748 When “unix” is specified, Wget2 escapes the character / and the control
749 characters in the ranges 0–31 and 128–159. This is the default on
750 Unix-like operating systems.
751
752 When “windows” is given, Wget2 escapes the characters , |, /, :, ?, “,
753 *, <, >, and the control characters in the ranges 0–31 and 128–159. In
754 addition to this, Wget2 in Windows mode uses + instead of : to separate
755 host and port in local file names, and uses @ instead of ? to separate
756 the query portion of the file name from the rest. Therefore, a URL
757 that would be saved as www.xemacs.org:4300/search.pl?input=blah in Unix
758 mode would be saved as www.xemacs.org+4300/search.pl@input=blah in Win‐
759 dows mode. This mode is the default on Windows.
760
761 If you specify nocontrol, then the escaping of the control characters
762 is also switched off. This option may make sense when you are down‐
763 loading URLs whose names contain UTF-8 characters, on a system which
764 can save and display filenames in UTF-8 (some possible byte values used
765 in UTF-8 byte sequences fall in the range of values designated by Wget2
766 as “controls”).
767
768 The ascii mode is used to specify that any bytes whose values are out‐
769 side the range of ASCII characters (that is, greater than 127) shall be
770 escaped. This can be useful when saving filenames whose encoding does
771 not match the one used locally.
772
773 -4, --inet4-only, -6, --inet6-only
774 Force connecting to IPv4 or IPv6 addresses. With --inet4-only or -4,
775 Wget2 will only connect to IPv4 hosts, ignoring AAAA records in DNS,
776 and refusing to connect to IPv6 addresses specified in URLs. Converse‐
777 ly, with --inet6-only or -6, Wget2 will only connect to IPv6 hosts and
778 ignore A records and IPv4 addresses.
779
780 Neither options should be needed normally. By default, an IPv6-aware
781 Wget2 will use the address family specified by the host’s DNS record.
782 If the DNS responds with both IPv4 and IPv6 addresses, Wget2 will try
783 them in sequence until it finds one it can connect to. (Also see
784 --prefer-family option described below.)
785
786 These options can be used to deliberately force the use of IPv4 or IPv6
787 address families on dual family systems, usually to aid debugging or to
788 deal with broken network configuration. Only one of --inet6-only and
789 --inet4-only may be specified at the same time. Neither option is
790 available in Wget2 compiled without IPv6 support.
791
792 --prefer-family=none/IPv4/IPv6
793 When given a choice of several addresses, connect to the addresses with
794 specified address family first. The address order returned by DNS is
795 used without change by default.
796
797 This avoids spurious errors and connect attempts when accessing hosts
798 that resolve to both IPv6 and IPv4 addresses from IPv4 networks. For
799 example, www.kame.net resolves to 2001:200:0:8002:203:47ff:fea5:3085
800 and to 203.178.141.194. When the preferred family is “IPv4”, the IPv4
801 address is used first; when the preferred family is “IPv6”, the IPv6
802 address is used first; if the specified value is “none”, the address
803 order returned by DNS is used without change.
804
805 Unlike -4 and -6, this option doesn’t inhibit access to any address
806 family, it only changes the order in which the addresses are accessed.
807 Also note that the reordering performed by this option is stable. It
808 doesn’t affect order of addresses of the same family. That is, the
809 relative order of all IPv4 addresses and of all IPv6 addresses remains
810 intact in all cases.
811
812 --tcp-fastopen
813 Enable support for TCP Fast Open (TFO) (default: on).
814
815 TFO reduces connection latency by 1 RT on “hot” connections (2nd+ con‐
816 nection to the same host in a certain amount of time).
817
818 Currently this works on recent Linux and OSX kernels, on HTTP and
819 HTTPS.
820
821 --dns-cache-preload=file
822 Load a list of IP / Name tuples into the DNS cache.
823
824 The format of file is like /etc/hosts: IP-address whitespace Name
825
826 This allows to save domain name lookup time, which is a bottleneck in
827 some use cases. Also, the use of HOSTALIASES (which is not portable)
828 can be mimiced by this option.
829
830 --dns-cache
831 Enable DNS caching (default: on).
832
833 Normally, Wget2 remembers the IP addresses it looked up from DNS so it
834 doesn’t have to repeatedly contact the DNS server for the same (typi‐
835 cally small) set of hosts it retrieves from. This cache exists in mem‐
836 ory only; a new Wget2 run will contact DNS again.
837
838 However, it has been reported that in some situations it is not desir‐
839 able to cache host names, even for the duration of a short-running ap‐
840 plication like Wget2. With --no-dns-cache Wget2 issues a new DNS
841 lookup (more precisely, a new call to “gethostbyname” or “getaddrinfo”)
842 each time it makes a new connection. Please note that this option will
843 not affect caching that might be performed by the resolving library or
844 by an external caching layer, such as NSCD.
845
846 --retry-connrefused
847 Consider “connection refused” a transient error and try again. Normal‐
848 ly Wget2 gives up on a URL when it is unable to connect to the site be‐
849 cause failure to connect is taken as a sign that the server is not run‐
850 ning at all and that retries would not help. This option is for mir‐
851 roring unreliable sites whose servers tend to disappear for short peri‐
852 ods of time.
853
854 --user=user, --password=password
855 Specify the username user and password password for HTTP file re‐
856 trieval. This overrides the lookup of credentials in the .netrc file
857 (--netrc is enabled by default). These parameters can be overridden
858 using the --http-user and --http-password options for HTTP(S) connec‐
859 tions.
860
861 If neither --http-proxy-user nor --http-proxy-password is given these
862 settings are also taken for proxy authentication.
863
864 --ask-password
865 Prompt for a password on the command line. Overrides the password set
866 by --password (if any).
867
868 --use-askpass=command
869 Prompt for a user and password using the specified command. Overrides
870 the user and/or password set by --user/--password (if any).
871
872 --no-iri
873 Turn off internationalized URI (IRI) support. Use --iri to turn it on.
874 IRI support is activated by default.
875
876 You can set the default state of IRI support using the “iri” command in
877 .wget2rc. That setting may be overridden from the command line.
878
879 --local-encoding=encoding
880 Force Wget2 to use encoding as the default system encoding. That af‐
881 fects how Wget2 converts URLs specified as arguments from locale to
882 UTF-8 for IRI support.
883
884 Wget2 use the function “nl_langinfo()” and then the “CHARSET” environ‐
885 ment variable to get the locale. If it fails, ASCII is used.
886
887 --remote-encoding=encoding
888 Force Wget2 to use encoding as the default remote server encoding.
889 That affects how Wget2 converts URIs found in files from remote encod‐
890 ing to UTF-8 during a recursive fetch. This options is only useful for
891 IRI support, for the interpretation of non-ASCII characters.
892
893 For HTTP, remote encoding can be found in HTTP “Content-Type” header
894 and in HTML “Content-Type http-equiv” meta tag.
895
896 --input-encoding=encoding
897 Use the specified encoding for the URLs read from --input-file. The
898 default is the local encoding.
899
900 --unlink
901 Force Wget2 to unlink file instead of clobbering existing file. This
902 option is useful for downloading to the directory with hardlinks.
903
904 --cut-url-get-vars
905 Remove HTTP GET Variables from URLs. For example “main.css?v=123” will
906 be changed to “main.css”. Be aware that this may have unintended side
907 effects, for example “image.php?name=sun” will be changed to “im‐
908 age.php”. The cutting happens before adding the URL to the download
909 queue.
910
911 --cut-file-get-vars
912 Remove HTTP GET Variables from filenames. For example “main.css?v=123”
913 will be changed to “main.css”.
914
915 Be aware that this may have unintended side effects, for example “im‐
916 age.php?name=sun” will be changed to “image.php”. The cutting happens
917 when saving the file, after downloading.
918
919 File names obtained from a “Content-Disposition” header are not affect‐
920 ed by this setting (see --content-disposition), and can be a solution
921 for this problem.
922
923 When --trust-server-names is used, the redirection URL is affected by
924 this setting.
925
926 --chunk-size=size
927 Download large files in multithreaded chunks. This switch specifies
928 the size of the chunks, given in bytes if no other byte multiple unit
929 is specified. By default it’s set on 0/off.
930
931 --max-threads=number
932 Specifies the maximum number of concurrent download threads for a re‐
933 source. The default is 5 but if you want to allow more or fewer this
934 is the option to use.
935
936 -s, --verify-sig[=fail|no-fail]
937 Enable PGP signature verification (when not prefixed with no-). When
938 enabled Wget2 will attempt to download and verify PGP signatures
939 against their corresponding files. Any file downloaded that has a con‐
940 tent type beginning with application/ will cause Wget2 to request the
941 signature for that file.
942
943 The name of the signature file is computed by appending the extension
944 to the full path of the file that was just downloaded. The extension
945 used is defined by the --signature-extensions option. If the content
946 type for the signature request is application/pgp-signature, Wget2 will
947 attempt to verify the signature against the original file. By default,
948 if a signature file cannot be found (I.E. the request for it gets a
949 404 status code) Wget2 will exit with an error code.
950
951 This behavior can be tuned using the following arguments: * fail: This
952 is the default, meaning that this is the value when you supply the flag
953 without an argument. Indicates that missing signature files will cause
954 Wget2 to exit with an error code. * no-fail: This value allows missing
955 signature files. A 404 message will still be issued, but the program
956 will exit normally (assuming no unrelated errors).
957
958 Additionally, --no-verify-sig disables signature checking altogether
959 --no-verify-sig does not allow any arguments.
960
961 --signature-extensions
962 Specify the file extensions for signature files, without the leading
963 “.”. You may specify multiple extensions as a comma separated list.
964 All the provided extensions will be tried simultaneously when looking
965 for the signature file. The default is “sig”.
966
967 --gnupg-homedir
968 Specifies the gnupg home directory to use when verifying PGP signatures
969 on downloaded files. The default for this is your system’s default
970 home directory.
971
972 --verify-save-failed
973 Instructs Wget2 to keep files that don’t pass PGP signature validation.
974 The default is to delete files that fail validation.
975
976 --xattr
977 Saves documents metadata as “user POSIX Extended Attributes” (default:
978 on). This feature only works if the file system supports it. More in‐
979 fo on https://freedesktop.org/wiki/CommonExtendedAttributes.
980
981 Wget2 currently sets * user.xdg.origin.url * user.xdg.referrer.url *
982 user.mime_type * user.charset
983
984 To display the extended attributes of a file (Linux): getfattr -d
985 <file>
986
987 --metalink
988 Follow/process metalink URLs without saving them (default: on).
989
990 Metalink files describe downloads incl. mirrors, files, checksums, sig‐
991 natures. This allows chunked downloads, automatically taking the near‐
992 est mirrors, preferring the fastest mirrors and checking the download
993 for integrity.
994
995 --fsync-policy
996 Enables disk syncing after each write (default: off).
997
998 --http2-request-window=number
999 Set max. number of parallel streams per HTTP/2 connection (default:
1000 30).
1001
1002 --keep-extension
1003 This option changes the behavior for creating a unique filename if a
1004 file already exists.
1005
1006 The standard (default) pattern for file names is <filename>.<N>, the
1007 new pattern is <basename>_<N>.<ext>.
1008
1009 The idea is to use such files without renaming when the use depends on
1010 the extension, like on Windows.
1011
1012 This option doesn not change the behavior of --backups.
1013
1014 Directory Options
1015 -nd, --no-directories
1016 Do not create a hierarchy of directories when retrieving recursively.
1017 With this option turned on, all files will get saved to the current di‐
1018 rectory, without clobbering (if a name shows up more than once, the
1019 filenames will get extensions .n).
1020
1021 -x, --force-directories
1022 The opposite of -nd: create a hierarchy of directories, even if one
1023 would not have been created otherwise. E.g. wget2 -x https://exam‐
1024 ple.com/robots.txt will save the downloaded file to example.com/ro‐
1025 bots.txt.
1026
1027 -nH, --no-host-directories
1028 Disable generation of host-prefixed directories. By default, invoking
1029 Wget2 with -r https://example.com/ will create a structure of directo‐
1030 ries beginning with example.com/. This option disables such behavior.
1031
1032 --protocol-directories
1033 Use the protocol name as a directory component of local file names.
1034 For example, with this option, wget2 -r https://example.com will save
1035 to https/example.com/... rather than just to example.com/....
1036
1037 --cut-dirs=number
1038 Ignore a number of directory components. This is useful for getting a
1039 fine-grained control over the directory where recursive retrieval will
1040 be saved.
1041
1042 Take, for example, the directory at https://example.com/pub/sub/. If
1043 you retrieve it with -r, it will be saved locally under exam‐
1044 ple.com/pub/sub/. While the -nH option can remove the example.com/
1045 part, you are still stuck with pub/sub/. This is where --cut-dirs
1046 comes in handy; it makes Wget2 not “see” a number of remote directory
1047 components. Here are several examples of how --cut-dirs option works.
1048 No options -> example.com/pub/sub/ --cut-dirs=1 -> ex‐
1049 ample.com/sub/ --cut-dirs=2 -> example.com/ -nH
1050 -> pub/sub/ -nH --cut-dirs=1 -> sub/ -nH --cut-dirs=2 -> .
1051 If you just want to get rid of the directory structure, this option is
1052 similar to a combination of -nd and -P. However, unlike -nd, --cut-
1053 dirs does not lose with subdirectories. For instance, with -nH --cut-
1054 dirs=1, a beta/ subdirectory will be placed to sub/beta/, as one would
1055 expect.
1056
1057 -P prefix, --directory-prefix=prefix
1058 Set directory prefix to prefix. The directory prefix is the directory
1059 where all other files and subdirectories will be saved to, i.e. the top
1060 of the retrieval tree. The default is ., the current directory. If
1061 the directory prefix doesn’t exist, it will be created.
1062
1063 HTTP Options
1064 --default-page=name
1065 Use name as the default file name when it isn’t known (i.e., for URLs
1066 that end in a slash), instead of index.html.
1067
1068 --default-http-port=port
1069 Set the default port for HTTP URLs (default: 80).
1070
1071 This is mainly for testing purposes.
1072
1073 --default-https-port=port
1074 Set the default port for HTTPS URLs (default: 443).
1075
1076 This is mainly for testing purposes.
1077
1078 -E, --adjust-extension
1079 If a file of type application/xhtml+xml or text/html is downloaded and
1080 the URL does not end with the regexp \.[Hh][Tt][Mm][Ll]?, this option
1081 will cause the suffix .html to be appended to the local filename. This
1082 is useful, for instance, when you’re mirroring a remote site that uses
1083 .asp pages, but you want the mirrored pages to be viewable on your
1084 stock Apache server. Another good use for this is when you’re down‐
1085 loading CGI-generated materials. A URL like https://example.com/arti‐
1086 cle.cgi?25 will be saved as article.cgi?25.html.
1087
1088 Note that filenames changed in this way will be re-downloaded every
1089 time you re-mirror a site, because Wget2 can’t tell that the local
1090 X.html file corresponds to remote URL X (since it doesn’t yet know that
1091 the URL produces output of type text/html or application/xhtml+xml.
1092
1093 Wget2 will also ensure that any downloaded files of type text/css end
1094 in the suffix .css.
1095
1096 At some point in the future, this option may well be expanded to in‐
1097 clude suffixes for other types of content, including content types that
1098 are not parsed by Wget.
1099
1100 --http-user=user, --http-password=password
1101 Specify the user and password for HTTP authentication. According to
1102 the type of the challenge, Wget will encode them using either the “ba‐
1103 sic” (insecure), the “digest”, or the Windows “NTLM” authentication
1104 scheme.
1105
1106 If possible, put your credentials into ~/.netrc (see also --netrc and
1107 --netrc-file options) or into .wget2rc. This is far more secure than
1108 using the command line which can be seen by any other user. If the
1109 passwords are really important, do not leave them lying in those files
1110 either. Edit the files and delete them after Wget2 has started the
1111 download.
1112
1113 In ~/.netrc passwords may be double quoted to allow spaces. Also, es‐
1114 cape characters with a backslash if needed. A backslash in a password
1115 always needs to be escaped, so use \\ instead of a single \.
1116
1117 Also see --use-askpass and --ask-password for an interactive method to
1118 provide your password.
1119
1120 --http-proxy-user=user, --http-proxy-password=password
1121 Specify the user and password for HTTP proxy authentication. See
1122 --http-user for details.
1123
1124 --http-proxy=proxies
1125 Set comma-separated list of HTTP proxies. The environment variable
1126 `http_proxy' will be overridden.
1127
1128 Exceptions can be set via the environment variable `no_proxy' or via
1129 --no-proxy.
1130
1131 --https-proxy=proxies
1132 Set comma-separated list of HTTPS proxies. The environment variable
1133 `https_proxy' will be overridden.
1134
1135 Exceptions can be set via the environment variable `no_proxy' or via
1136 --no-proxy.
1137
1138 --no-http-keep-alive
1139 Turn off the “keep-alive” feature for HTTP(S) downloads. Normally,
1140 Wget2 asks the server to keep the connection open so that, when you
1141 download more than one document from the same server, they get trans‐
1142 ferred over the same TCP connection. This saves time and at the same
1143 time reduces the load on the server.
1144
1145 This option is useful when, for some reason, persistent (keep-alive)
1146 connections don’t work for you, for example due to a server bug or due
1147 to the inability of server-side scripts to cope with the connections.
1148
1149 --no-cache
1150 Disable server-side cache. In this case, Wget2 will send the remote
1151 server appropriate directives (Cache-Control: no- cache and Pragma: no-
1152 cache) to get the file from the remote service, rather than returning
1153 the cached version. This is especially useful for retrieving and
1154 flushing out-of-date documents on proxy servers.
1155
1156 Caching is allowed by default.
1157
1158 --no-cookies
1159 Disable the use of cookies. Cookies are a mechanism for maintaining
1160 server-side state. The server sends the client a cookie using the
1161 “Set-Cookie” header, and the client responds with the same cookie upon
1162 further requests. Since cookies allow the server owners to keep track
1163 of visitors and for sites to exchange this information, some consider
1164 them a breach of privacy. The default is to use cookies; however,
1165 storing cookies is not on by default.
1166
1167 --load-cookies file
1168 Load cookies from file before the first HTTP(S) retrieval. file is a
1169 textual file in the format originally used by Netscape’s cookies.txt
1170 file.
1171
1172 You will typically use this option when mirroring sites that require
1173 that you be logged in to access some or all of their content. The lo‐
1174 gin process typically works by the web server issuing an HTTP cookie
1175 upon receiving and verifying your credentials. The cookie is then re‐
1176 sent by the browser when accessing that part of the site, and so proves
1177 your identity.
1178
1179 Mirroring such a site requires Wget2 to send the same cookies your
1180 browser sends when communicating with the site. This is achieved by
1181 --load-cookies: simply point Wget2 to the location of the cookies.txt
1182 file, and it will send the same cookies your browser would send in the
1183 same situation. Different browsers keep textual cookie files in dif‐
1184 ferent locations:
1185
1186 “Netscape 4.x.” The cookies are in ~/.netscape/cookies.txt.
1187
1188 “Mozilla and Netscape 6.x.” Mozilla’s cookie file is also named cook‐
1189 ies.txt, located somewhere under ~/.mozilla, in the directory of your
1190 profile. The full path usually ends up looking somewhat like ~/.mozil‐
1191 la/default/some-weird- string/cookies.txt.
1192
1193 “Internet Explorer.” You can produce a cookie file Wget2 can use by us‐
1194 ing the File menu, Import and Export, Export Cookies. This has been
1195 tested with Internet Explorer 5; it is not guaranteed to work with ear‐
1196 lier versions.
1197
1198 “Other browsers.” If you are using a different browser to create your
1199 cookies, --load-cookies will only work if you can locate or produce a
1200 cookie file in the Netscape format that Wget2 expects.
1201
1202 If you cannot use --load-cookies, there might still be an alternative.
1203 If your browser supports a “cookie manager”, you can use it to view the
1204 cookies used when accessing the site you’re mirroring. Write down the
1205 name and value of the cookie, and manually instruct Wget2 to send those
1206 cookies, bypassing the “official” cookie support:
1207
1208 wget2 --no-cookies --header "Cookie: <name>=<value>"
1209
1210 --save-cookies file
1211 Save cookies to file before exiting. This will not save cookies that
1212 have expired or that have no expiry time (so-called “session cookies”),
1213 but also see --keep-session-cookies.
1214
1215 --keep-session-cookies
1216 When specified, causes --save-cookies to also save session cookies.
1217 Session cookies are normally not saved because they are meant to be
1218 kept in memory and forgotten when you exit the browser. Saving them is
1219 useful on sites that require you to log in or to visit the home page
1220 before you can access some pages. With this option, multiple Wget2
1221 runs are considered a single browser session as far as the site is con‐
1222 cerned.
1223
1224 Since the cookie file format does not normally carry session cookies,
1225 Wget2 marks them with an expiry timestamp of 0. Wget2’s --load-cookies
1226 recognizes those as session cookies, but it might confuse other
1227 browsers. Also note that cookies so loaded will be treated as other
1228 session cookies, which means that if you want --save-cookies to pre‐
1229 serve them again, you must use --keep-session-cookies again.
1230
1231 --cookie-suffixes=file
1232 Load the public suffixes used for cookie checking from the given file.
1233
1234 Normally, the underlying libpsl loads this data from a system file or
1235 it has the data built in. In some cases you might want to load an up‐
1236 dated PSL, e.g. from https://publicsuffix.org/list/public_suf‐
1237 fix_list.dat.
1238
1239 The PSL allows to prevent setting of “super-cookies” that lead to cook‐
1240 ie privacy leakage. More details can be found on https://publicsuf‐
1241 fix.org/.
1242
1243 --ignore-length
1244 Unfortunately, some HTTP servers (CGI programs, to be more precise)
1245 send out bogus “Content-Length” headers, which makes Wget2 go wild, as
1246 it thinks not all the document was retrieved. You can spot this syn‐
1247 drome if Wget retries getting the same document again and again, each
1248 time claiming that the (otherwise normal) connection has closed on the
1249 very same byte.
1250
1251 With this option, Wget2 will ignore the “Content-Length” header as if
1252 it never existed.
1253
1254 --header=header-line
1255 Send header-line along with the rest of the headers in each HTTP re‐
1256 quest. The supplied header is sent as-is, which means it must contain
1257 name and value separated by colon, and must not contain newlines.
1258
1259 You may define more than one additional header by specifying --header
1260 more than once.
1261
1262 wget2 --header='Accept-Charset: iso-8859-2' \
1263 --header='Accept-Language: hr' \
1264 https://example.com/
1265
1266 Specification of an empty string as the header value will clear all
1267 previous user-defined headers.
1268
1269 This option can be used to override headers otherwise generated auto‐
1270 matically. This example instructs Wget2 to connect to localhost, but
1271 to specify example.com in the “Host” header:
1272
1273 wget2 --header="Host: example.com" http://localhost/
1274
1275 --max-redirect=number
1276 Specifies the maximum number of redirections to follow for a resource.
1277 The default is 20, which is usually far more than necessary. However,
1278 on those occasions where you want to allow more (or fewer), this is the
1279 option to use.
1280
1281 --proxy-user=user, --proxy-password=password [Not implemented, use --http-
1282 proxy-password]
1283 Specify the username user and password password for authentication on a
1284 proxy server. Wget2 will encode them using the “basic” authentication
1285 scheme.
1286
1287 Security considerations similar to those with --http-password pertain
1288 here as well.
1289
1290 --referer=url
1291 Include `Referer: url’ header in HTTP request. Useful for retrieving
1292 documents with server-side processing that assume they are always being
1293 retrieved by interactive web browsers and only come out properly when
1294 Referer is set to one of the pages that point to them.
1295
1296 --save-headers
1297 Save the headers sent by the HTTP server to the file, preceding the ac‐
1298 tual contents, with an empty line as the separator.
1299
1300 -U agent-string, --user-agent=agent-string
1301 Identify as agent-string to the HTTP server.
1302
1303 The HTTP protocol allows the clients to identify themselves using a
1304 “User-Agent” header field. This enables distinguishing the WWW soft‐
1305 ware, usually for statistical purposes or for tracing of protocol vio‐
1306 lations. Wget normally identifies as Wget/version, version being the
1307 current version number of Wget.
1308
1309 However, some sites have been known to impose the policy of tailoring
1310 the output according to the “User-Agent”-supplied information. While
1311 this is not such a bad idea in theory, it has been abused by servers
1312 denying information to clients other than (historically) Netscape or,
1313 more frequently, Microsoft Internet Explorer. This option allows you
1314 to change the “User-Agent” line issued by Wget. Use of this option is
1315 discouraged, unless you really know what you are doing.
1316
1317 Specifying empty user agent with --user-agent="" instructs Wget2 not to
1318 send the “User-Agent” header in HTTP requests.
1319
1320 --post-data=string, --post-file=file
1321 Use POST as the method for all HTTP requests and send the specified da‐
1322 ta in the request body. –post-data sends string as data, whereas
1323 --post-file sends the contents of file. Other than that, they work in
1324 exactly the same way. In particular, they both expect content of the
1325 form “key1=value1&key2=value2”, with percent-encoding for special char‐
1326 acters; the only difference is that one expects its content as a com‐
1327 mand-line parameter and the other accepts its content from a file. In
1328 particular, --post-file is not for transmitting files as form attach‐
1329 ments: those must appear as “key=value” data (with appropriate percent-
1330 coding) just like everything else. Wget2 does not currently support
1331 “multipart/form-data” for transmitting POST data; only “application/x-
1332 www-form-urlencoded”. Only one of --post-data and --post-file should
1333 be specified.
1334
1335 Please note that wget2 does not require the content to be of the form
1336 “key1=value1&key2=value2”, and neither does it test for it. Wget2 will
1337 simply transmit whatever data is provided to it. Most servers however
1338 expect the POST data to be in the above format when processing HTML
1339 Forms.
1340
1341 When sending a POST request using the --post-file option, Wget2 treats
1342 the file as a binary file and will send every character in the POST re‐
1343 quest without stripping trailing newline or formfeed characters. Any
1344 other control characters in the text will also be sent as-is in the
1345 POST request.
1346
1347 Please be aware that Wget2 needs to know the size of the POST data in
1348 advance. Therefore the argument to --post-file must be a regular file;
1349 specifying a FIFO or something like /dev/stdin won’t work. It’s not
1350 quite clear how to work around this limitation inherent in HTTP/1.0.
1351 Although HTTP/1.1 introduces chunked transfer that doesn’t require
1352 knowing the request length in advance, a client can’t use chunked un‐
1353 less it knows it’s talking to an HTTP/1.1 server. And it can’t know
1354 that until it receives a response, which in turn requires the request
1355 to have been completed – a chicken-and-egg problem.
1356
1357 If Wget2 is redirected after the POST request is completed, its behav‐
1358 iour depends on the response code returned by the server. In case of a
1359 301 Moved Permanently, 302 Moved Temporarily or 307 Temporary Redirect,
1360 Wget2 will, in accordance with RFC2616, continue to send a POST re‐
1361 quest. In case a server wants the client to change the Request method
1362 upon redirection, it should send a 303 See Other response code.
1363
1364 This example shows how to log in to a server using POST and then pro‐
1365 ceed to download the desired pages, presumably only accessible to au‐
1366 thorized users:
1367
1368 # Log in to the server. This can be done only once.
1369 wget2 --save-cookies cookies.txt \
1370 --post-data 'user=foo&password=bar' \
1371 http://example.com/auth.php
1372
1373 # Now grab the page or pages we care about.
1374 wget2 --load-cookies cookies.txt \
1375 -p http://example.com/interesting/article.php
1376
1377 If the server is using session cookies to track user authentication,
1378 the above will not work because --save-cookies will not save them (and
1379 neither will browsers) and the cookies.txt file will be empty. In that
1380 case use --keep-session-cookies along with --save-cookies to force sav‐
1381 ing of session cookies.
1382
1383 --method=HTTP-Method
1384 For the purpose of RESTful scripting, Wget2 allows sending of other
1385 HTTP Methods without the need to explicitly set them using --head‐
1386 er=Header-Line. Wget2 will use whatever string is passed to it after
1387 --method as the HTTP Method to the server.
1388
1389 --body-data=Data-String, --body-file=Data-File
1390 Must be set when additional data needs to be sent to the server along
1391 with the Method specified using --method. --body-data sends string as
1392 data, whereas --body-file sends the contents of file. Other than that,
1393 they work in exactly the same way.
1394
1395 Currently, --body-file is not for transmitting files as a whole. Wget2
1396 does not currently support “multipart/form-data” for transmitting data;
1397 only “application/x-www-form-urlencoded”. In the future, this may be
1398 changed so that wget2 sends the --body-file as a complete file instead
1399 of sending its contents to the server. Please be aware that Wget2
1400 needs to know the contents of BODY Data in advance, and hence the argu‐
1401 ment to --body-file should be a regular file. See --post-file for a
1402 more detailed explanation. Only one of --body-data and --body-file
1403 should be specified.
1404
1405 If Wget2 is redirected after the request is completed, Wget2 will sus‐
1406 pend the current method and send a GET request till the redirection is
1407 completed. This is true for all redirection response codes except 307
1408 Temporary Redirect which is used to explicitly specify that the request
1409 method should not change. Another exception is when the method is set
1410 to “POST”, in which case the redirection rules specified under --post-
1411 data are followed.
1412
1413 --content-disposition
1414 If this is set to on, experimental (not fully-functional) support for
1415 “Content-Disposition” headers is enabled. This can currently result in
1416 extra round-trips to the server for a “HEAD” request, and is known to
1417 suffer from a few bugs, which is why it is not currently enabled by de‐
1418 fault.
1419
1420 This option is useful for some file-downloading CGI programs that use
1421 “Content-Disposition” headers to describe what the name of a downloaded
1422 file should be.
1423
1424 --content-on-error
1425 If this is set to on, wget2 will not skip the content when the server
1426 responds with a http status code that indicates error.
1427
1428 --save-content-on
1429 This takes a comma-separated list of HTTP status codes to save the con‐
1430 tent for.
1431
1432 You can use ’*’ for ANY. An exclamation mark (!) in front of a code
1433 means `exception'.
1434
1435 Example 1: --save-content-on="*,!404" would save the content on any
1436 HTTP status, except for 404.
1437
1438 Example 2: --save-content-on=404 would save the content only on HTTP
1439 status 404.
1440
1441 The older --content-on-error behaves like --save-content-on=*.
1442
1443 --trust-server-names
1444 If this is set to on, on a redirect the last component of the redirect‐
1445 ion URL will be used as the local file name. By default it is used the
1446 last component in the original URL.
1447
1448 --auth-no-challenge
1449 If this option is given, Wget2 will send Basic HTTP authentication in‐
1450 formation (plaintext username and password) for all requests.
1451
1452 Use of this option is not recommended, and is intended only to support
1453 some few obscure servers, which never send HTTP authentication chal‐
1454 lenges, but accept unsolicited auth info, say, in addition to form-
1455 based authentication.
1456
1457 --compression=TYPE
1458 If this TYPE(identity, gzip, deflate, xz, lzma, br, bzip2, zstd, lzip
1459 or any combination of it) is given, Wget2 will set “Accept-Encoding”
1460 header accordingly. --no-compression means no “Accept-Encoding” header
1461 at all. To set “Accept-Encoding” to a custom value, use --no-compres‐
1462 sion in combination with --header="Accept-Encoding: xxx".
1463
1464 Compatibility-Note: none type in Wget 1.X has the same meaning as iden‐
1465 tity type in Wget2.
1466
1467 --download-attr=[strippath|usepath]
1468 The download HTML5 attribute may specify (or better: suggest) a file
1469 name for the href URL in a and area tags. This option tells Wget2 to
1470 make use of this file name when saving. The two possible values are
1471 `strippath' to strip the path from the file name. This is the default.
1472
1473 The value `usepath' takes the file name as as including the directory.
1474 This is very dangerous and we can’t stress enough not to use it on un‐
1475 trusted input or servers ! Only use this if you really trust the input
1476 or the server.
1477
1478 HTTPS (SSL/TLS) Options
1479 To support encrypted HTTP (HTTPS) downloads, Wget2 must be compiled
1480 with an external SSL library. The current default is GnuTLS. In addi‐
1481 tion, Wget2 also supports HSTS (HTTP Strict Transport Security). If
1482 Wget2 is compiled without SSL support, none of these options are avail‐
1483 able.
1484
1485 --secure-protocol=protocol
1486 Choose the secure protocol to be used (default: auto).
1487
1488 Legal values are auto, SSLv3, TLSv1, TLSv1_1, TLSv1_2, TLSv1_3 and PFS.
1489
1490 If auto is used, the TLS library’s default is used.
1491
1492 Specifying SSLv3 forces the use of the SSL3. This is useful when talk‐
1493 ing to old and buggy SSL server implementations that make it hard for
1494 the underlying TLS library to choose the correct protocol version.
1495
1496 Specifying PFS enforces the use of the so-called Perfect Forward Secu‐
1497 rity cipher suites. In short, PFS adds security by creating a one-time
1498 key for each TLS connection. It has a bit more CPU impact on client
1499 and server. We use known to be secure ciphers (e.g. no MD4) and the
1500 TLS protocol.
1501
1502 TLSv1 enables TLS1.0 or higher. TLSv1_1 enables TLS1.1 or higher.
1503 TLSv1_2 enables TLS1.2 or higher. TLSv1_3 enables TLS1.3 or higher.
1504
1505 Any other protocol string is directly given to the TLS library, cur‐
1506 rently GnuTLS, as a “priority” or “cipher” string. This is for users
1507 who know what they are doing.
1508
1509 --https-only
1510 When in recursive mode, only HTTPS links are followed.
1511
1512 --no-check-certificate
1513 Don’t check the server certificate against the available certificate
1514 authorities. Also don’t require the URL host name to match the common
1515 name presented by the certificate.
1516
1517 The default is to verify the server’s certificate against the recog‐
1518 nized certificate authorities, breaking the SSL handshake and aborting
1519 the download if the verification fails. Although this provides more
1520 secure downloads, it does break interoperability with some sites that
1521 worked with previous Wget versions, particularly those using self-
1522 signed, expired, or otherwise invalid certificates. This option forces
1523 an “insecure” mode of operation that turns the certificate verification
1524 errors into warnings and allows you to proceed.
1525
1526 If you encounter “certificate verification” errors or ones saying that
1527 “common name doesn’t match requested host name”, you can use this op‐
1528 tion to bypass the verification and proceed with the download. Only
1529 use this option if you are otherwise convinced of the site’s authentic‐
1530 ity, or if you really don’t care about the validity of its certificate.
1531 It is almost always a bad idea not to check the certificates when
1532 transmitting confidential or important data. For self-signed/internal
1533 certificates, you should download the certificate and verify against
1534 that instead of forcing this insecure mode. If you are really sure of
1535 not desiring any certificate verification, you can specify --check-cer‐
1536 tificate=quiet to tell Wget2 to not print any warning about invalid
1537 certificates, albeit in most cases this is the wrong thing to do.
1538
1539 --certificate=file
1540 Use the client certificate stored in file. This is needed for servers
1541 that are configured to require certificates from the clients that con‐
1542 nect to them. Normally a certificate is not required and this switch
1543 is optional.
1544
1545 --certificate-type=type
1546 Specify the type of the client certificate. Legal values are PEM (as‐
1547 sumed by default) and DER, also known as ASN1.
1548
1549 --private-key=file
1550 Read the private key from file. This allows you to provide the private
1551 key in a file separate from the certificate.
1552
1553 --private-key-type=type
1554 Specify the type of the private key. Accepted values are PEM (the de‐
1555 fault) and DER.
1556
1557 --ca-certificate=file
1558 Use file as the file with the bundle of certificate authorities (“CA”)
1559 to verify the peers. The certificates must be in PEM format.
1560
1561 Without this option Wget2 looks for CA certificates at the system-spec‐
1562 ified locations, chosen at OpenSSL installation time.
1563
1564 --ca-directory=directory
1565 Specifies directory containing CA certificates in PEM format. Each
1566 file contains one CA certificate, and the file name is based on a hash
1567 value derived from the certificate. This is achieved by processing a
1568 certificate directory with the “c_rehash” utility supplied with
1569 OpenSSL. Using --ca-directory is more efficient than --ca-certificate
1570 when many certificates are installed because it allows Wget2 to fetch
1571 certificates on demand.
1572
1573 Without this option Wget2 looks for CA certificates at the system-spec‐
1574 ified locations, chosen at OpenSSL installation time.
1575
1576 --crl-file=file
1577 Specifies a CRL file in file. This is needed for certificates that
1578 have been revocated by the CAs.
1579
1580 --random-file=file
1581 [OpenSSL and LibreSSL only] Use file as the source of random data for
1582 seeding the pseudo-random number generator on systems without
1583 /dev/urandom.
1584
1585 On such systems the SSL library needs an external source of randomness
1586 to initialize. Randomness may be provided by EGD (see –egd-file below)
1587 or read from an external source specified by the user. If this option
1588 is not specified, Wget2 looks for random data in $RANDFILE or, if that
1589 is unset, in $HOME/.rnd.
1590
1591 If you’re getting the “Could not seed OpenSSL PRNG; disabling SSL.” er‐
1592 ror, you should provide random data using some of the methods described
1593 above.
1594
1595 --egd-file=file
1596 [OpenSSL only] Use file as the EGD socket. EGD stands for Entropy
1597 Gathering Daemon, a user-space program that collects data from various
1598 unpredictable system sources and makes it available to other programs
1599 that might need it. Encryption software, such as the SSL library,
1600 needs sources of non-repeating randomness to seed the random number
1601 generator used to produce cryptographically strong keys.
1602
1603 OpenSSL allows the user to specify his own source of entropy using the
1604 “RAND_FILE” environment variable. If this variable is unset, or if the
1605 specified file does not produce enough randomness, OpenSSL will read
1606 random data from EGD socket specified using this option.
1607
1608 If this option is not specified (and the equivalent startup command is
1609 not used), EGD is never contacted. EGD is not needed on modern Unix
1610 systems that support /dev/urandom.
1611
1612 --hsts
1613 Wget2 supports HSTS (HTTP Strict Transport Security, RFC 6797) by de‐
1614 fault. Use --no-hsts to make Wget2 act as a non-HSTS-compliant UA. As
1615 a consequence, Wget2 would ignore all the “Strict-Transport-Security”
1616 headers, and would not enforce any existing HSTS policy.
1617
1618 --hsts-file=file
1619 By default, Wget2 stores its HSTS data in $XDG_DATA_HOME/wget/.wget-
1620 hsts or, if XDG_DATA_HOME is not set, in ~/.local/wget/.wget-hsts. You
1621 can use --hsts-file to override this.
1622
1623 Wget2 will use the supplied file as the HSTS database. Such file must
1624 conform to the correct HSTS database format used by Wget. If Wget2
1625 cannot parse the provided file, the behaviour is unspecified.
1626
1627 To disable persistent storage use --no-hsts-file.
1628
1629 The Wget2’s HSTS database is a plain text file. Each line contains an
1630 HSTS entry (ie. a site that has issued a “Strict-Transport-Security”
1631 header and that therefore has specified a concrete HSTS policy to be
1632 applied). Lines starting with a dash (“#”) are ignored by Wget.
1633 Please note that in spite of this convenient human-readability hand-
1634 hacking the HSTS database is generally not a good idea.
1635
1636 An HSTS entry line consists of several fields separated by one or more
1637 whitespace:
1638
1639 <hostname> SP [<port>] SP <include subdomains> SP <created> SP <max-age>
1640
1641 The hostname and port fields indicate the hostname and port to which
1642 the given HSTS policy applies. The port field may be zero, and it
1643 will, in most of the cases. That means that the port number will not
1644 be taken into account when deciding whether such HSTS policy should be
1645 applied on a given request (only the hostname will be evaluated). When
1646 port is different to zero, both the target hostname and the port will
1647 be evaluated and the HSTS policy will only be applied if both of them
1648 match. This feature has been included for testing/development purposes
1649 only. The Wget2 testsuite (in testenv/) creates HSTS databases with
1650 explicit ports with the purpose of ensuring Wget2’s correct behaviour.
1651 Applying HSTS policies to ports other than the default ones is discour‐
1652 aged by RFC 6797 (see Appendix B “Differences between HSTS Policy and
1653 Same-Origin Policy”). Thus, this functionality should not be used in
1654 production environments and port will typically be zero. The last
1655 three fields do what they are expected to. The field include_subdo‐
1656 mains can either be 1 or 0 and it signals whether the subdomains of the
1657 target domain should be part of the given HSTS policy as well. The
1658 created and max-age fields hold the timestamp values of when such entry
1659 was created (first seen by Wget) and the HSTS-defined value `max-age',
1660 which states how long should that HSTS policy remain active, measured
1661 in seconds elapsed since the timestamp stored in created. Once that
1662 time has passed, that HSTS policy will no longer be valid and will
1663 eventually be removed from the database.
1664
1665 If you supply your own HSTS database via --hsts-file, be aware that
1666 Wget2 may modify the provided file if any change occurs between the
1667 HSTS policies requested by the remote servers and those in the file.
1668 When Wget2 exits, it effectively updates the HSTS database by rewriting
1669 the database file with the new entries.
1670
1671 If the supplied file does not exist, Wget2 will create one. This file
1672 will contain the new HSTS entries. If no HSTS entries were generated
1673 (no “Strict-Transport-Security” headers were sent by any of the
1674 servers) then no file will be created, not even an empty one. This be‐
1675 haviour applies to the default database file (~/.wget-hsts) as well: it
1676 will not be created until some server enforces an HSTS policy.
1677
1678 Care is taken not to override possible changes made by other Wget2 pro‐
1679 cesses at the same time over the HSTS database. Before dumping the up‐
1680 dated HSTS entries on the file, Wget2 will re-read it and merge the
1681 changes.
1682
1683 Using a custom HSTS database and/or modifying an existing one is dis‐
1684 couraged. For more information about the potential security threats
1685 arose from such practice, see section 14 “Security Considerations” of
1686 RFC 6797, specially section 14.9 “Creative Manipulation of HSTS Policy
1687 Store”.
1688
1689 --hsts-preload
1690 Enable loading of a HSTS Preload List as supported by libhsts. (de‐
1691 fault: on, if built with libhsts).
1692
1693 --hsts-preload-file=file
1694 If built with libhsts, Wget2 uses the HSTS data provided by the distri‐
1695 bution. If there is no such support by the distribution or if you want
1696 to load your own file, use this option.
1697
1698 The data file must be in DAFSA format as generated by libhsts’ tool
1699 hsts-make-dafsa.
1700
1701 --hpkp
1702 Enable HTTP Public Key Pinning (HPKP) (default: on).
1703
1704 This is a Trust On First Use (TOFU) mechanism to add another security
1705 layer to HTTPS (RFC 7469).
1706
1707 The certificate key data of a previously established TLS session will
1708 be compared with the current data. In case both doesn’t match, the
1709 connection will be terminated.
1710
1711 --hpkp-file=file
1712 By default, Wget2 stores its HPKP data in $XDG_DATA_HOME/wget/.wget-hp‐
1713 kp or, if XDG_DATA_HOME is not set, in ~/.local/wget/.wget-hpkp. You
1714 can use --hpkp-file to override this.
1715
1716 Wget2 will use the supplied file as the HPKP database. Such file must
1717 conform to the correct HPKP database format used by Wget. If Wget2
1718 cannot parse the provided file, the behaviour is unspecified.
1719
1720 To disable persistent storage use --no-hpkp-file.
1721
1722 --tls-resume
1723 Enable TLS Session Resumption which is disabled as default.
1724
1725 For TLS Session Resumption the session data of a previously established
1726 TLS session is needed.
1727
1728 There are several security flaws related to TLS 1.2 session resumption
1729 which are explained in detail at: https://web.ar‐
1730 chive.org/web/20171103231804/https://blog.filippo.io/we-need-to-talk-
1731 about-session-tickets/
1732
1733 --tls-session-file=file
1734 By default, Wget2 stores its TLS Session data in $XDG_DA‐
1735 TA_HOME/wget/.wget-session or, if XDG_DATA_HOME is not set, in ~/.lo‐
1736 cal/wget/.wget-session. You can use --tls-session-file to override
1737 this.
1738
1739 Wget2 will use the supplied file as the TLS Session database. Such
1740 file must conform to the correct TLS Session database format used by
1741 Wget. If Wget2 cannot parse the provided file, the behaviour is un‐
1742 specified.
1743
1744 To disable persistent storage use --no-tls-session-file.
1745
1746 --tls-false-start
1747 Enable TLS False start (default: on).
1748
1749 This reduces TLS negotiation by one RT and thus speeds up HTTPS connec‐
1750 tions.
1751
1752 More details at https://tools.ietf.org/html/rfc7918.
1753
1754 --check-hostname
1755 Enable TLS SNI verification (default: on).
1756
1757 --ocsp
1758 Enable OCSP server access to check the possible revocation the HTTPS
1759 server certificate(s) (default: on).
1760
1761 This procedure is pretty slow (connect to server, HTTP request, re‐
1762 sponse) and thus we support OSCP stapling (server sends OCSP response
1763 within TLS handshake) and persistent OCSP caching.
1764
1765 --ocsp-date
1766 Check if OCSP response is too old. (default: on)
1767
1768 --ocsp-nonce
1769 Allow nonce checking when verifying OCSP response. (default: on)
1770
1771 --ocsp-server
1772 Set OCSP server address (default: OCSP server given in certificate).
1773
1774 --ocsp-stapling
1775 Enable support for OCSP stapling (default: on).
1776
1777 --ocsp-file=file
1778 By default, Wget2 stores its TLS Session data in $XDG_DA‐
1779 TA_HOME/wget/.wget-ocsp or, if XDG_DATA_HOME is not set, in ~/.lo‐
1780 cal/wget/.wget-ocsp. You can use --ocsp-file to override this.
1781
1782 Wget2 will use the supplied file as the OCSP database. Such file must
1783 conform to the correct OCSP database format used by Wget. If Wget2
1784 cannot parse the provided file, the behaviour is unspecified.
1785
1786 To disable persistent OCSP caching use --no-ocsp-file.
1787
1788 --dane (experimental)
1789 Enable DANE certificate verification (default: off).
1790
1791 In case the server verification fails due to missing CA certificates
1792 (e.g. empty certification pool), this option enables checking the TLSA
1793 DNS entries via DANE.
1794
1795 You should have DNSSEC set up to avoid MITM attacks. Also, the desti‐
1796 nation host’s DNS entries need to be set up for DANE.
1797
1798 Warning: This option or its behavior may change or may be removed with‐
1799 out further notice.
1800
1801 --http2
1802 Enable HTTP/2 protocol (default: on).
1803
1804 Wget2 requests HTTP/2 via ALPN. If available it is preferred over
1805 HTTP/1.1. Up to 30 streams are used in parallel within a single con‐
1806 nection.
1807
1808 --http2-only
1809 Resist on using HTTP/2 and error if a server doesn’t accept it. This
1810 is mainly for testing.
1811
1812 --https-enforce=mode
1813 Sets how to deal with URLs that are not explicitly HTTPS (where scheme
1814 isn’t https://) (default: none)
1815
1816 mode=none
1817 Use HTTP for URLs without scheme. In recursive operation the scheme of
1818 the parent document is taken as default.
1819
1820 mode=soft
1821 Try HTTPS first when the scheme is HTTP or not given. On failure fall
1822 back to HTTP.
1823
1824 mode=hard
1825 Only use HTTPS, no matter if a HTTP scheme is given or not. Do not
1826 fall back to HTTP.
1827
1828 Recursive Retrieval Options
1829 -r, --recursive
1830 Turn on recursive retrieving. The default maximum depth is 5.
1831
1832 -l depth, --level=depth
1833 Specify recursion maximum depth level depth.
1834
1835 --delete-after
1836 This option tells Wget2 to delete every single file it downloads, after
1837 having done so. It is useful for pre- fetching popular pages through a
1838 proxy, e.g.:
1839
1840 wget2 -r -nd --delete-after https://example.com/~popular/page/
1841
1842 The -r option is to retrieve recursively, and -nd to not create direc‐
1843 tories.
1844
1845 Note that when –delete-after is specified, --convert-links is ignored,
1846 so .orig files are simply not created in the first place.
1847
1848 -k, --convert-links
1849 After the download is complete, convert the links in the document to
1850 make them suitable for local viewing. This affects not only the visi‐
1851 ble hyperlinks, but any part of the document that links to external
1852 content, such as embedded images, links to style sheets, hyperlinks to
1853 non-HTML content, etc.
1854
1855 Each link will be changed in one of the two ways:
1856
1857 1. The links to files that have been downloaded by Wget2 will be
1858 changed to refer to the file they point to as a relative link.
1859
1860 Example: if the downloaded file /foo/doc.html links to
1861 /bar/img.gif, also downloaded, then the link in doc.html will be
1862 modified to point to ../bar/img.gif. This kind of transformation
1863 works reliably for arbitrary combinations of directories.
1864
1865 2. The links to files that have not been downloaded by Wget2 will be
1866 changed to include host name and absolute path of the location they
1867 point to.
1868
1869 Example: if the downloaded file /foo/doc.html links to /bar/img.gif
1870 (or to ../bar/img.gif), then the link in doc.html will be modified
1871 to point to https://example.com/bar/img.gif.
1872
1873 Because of this, local browsing works reliably: if a linked file was
1874 downloaded, the link will refer to its local name; if it was not down‐
1875 loaded, the link will refer to its full Internet address rather than
1876 presenting a broken link. The fact that the former links are converted
1877 to relative links ensures that you can move the downloaded hierarchy to
1878 another directory.
1879
1880 Note that only at the end of the download can Wget2 know which links
1881 have been downloaded. Because of that, the work done by -k will be
1882 performed at the end of all the downloads.
1883
1884 --convert-file-only
1885 This option converts only the filename part of the URLs, leaving the
1886 rest of the URLs untouched. This filename part is sometimes referred
1887 to as the “basename”, although we avoid that term here in order not to
1888 cause confusion.
1889
1890 It works particularly well in conjunction with --adjust-extension, al‐
1891 though this coupling is not enforced. It proves useful to populate In‐
1892 ternet caches with files downloaded from different hosts.
1893
1894 Example: if some link points to //foo.com/bar.cgi?xyz with --adjust-ex‐
1895 tension asserted and its local destination is intended to be
1896 ./foo.com/bar.cgi?xyz.css, then the link would be converted to
1897 //foo.com/bar.cgi?xyz.css. Note that only the filename part has been
1898 modified. The rest of the URL has been left untouched, including the
1899 net path (“//”) which would otherwise be processed by Wget2 and con‐
1900 verted to the effective scheme (ie. “https://”).
1901
1902 -K, --backup-converted
1903 When converting a file, back up the original version with a .orig suf‐
1904 fix. Affects the behavior of -N.
1905
1906 -m, --mirror
1907 Turn on options suitable for mirroring. This option turns on recursion
1908 and time-stamping, sets infinite recursion depth. It is currently
1909 equivalent to -r -N -l inf.
1910
1911 -p, --page-requisites
1912 This option causes Wget2 to download all the files that are necessary
1913 to properly display a given HTML page. This includes such things as
1914 inlined images, sounds, and referenced stylesheets.
1915
1916 Ordinarily, when downloading a single HTML page, any requisite docu‐
1917 ments that may be needed to display it properly are not downloaded.
1918 Using -r together with -l can help, but since Wget2 does not ordinarily
1919 distinguish between external and inlined documents, one is generally
1920 left with “leaf documents” that are missing their requisites.
1921
1922 For instance, say document 1.html contains an <IMG> tag referencing
1923 1.gif and an <A> tag pointing to external document 2.html. Say that
1924 2.html is similar but that its image is 2.gif and it links to 3.html.
1925 Say this continues up to some arbitrarily high number.
1926
1927 If one executes the command:
1928
1929 wget2 -r -l 2 https://<site>/1.html
1930
1931 then 1.html, 1.gif, 2.html, 2.gif, and 3.html will be downloaded. As
1932 you can see, 3.html is without its requisite 3.gif because Wget2 is
1933 simply counting the number of hops (up to 2) away from 1.html in order
1934 to determine where to stop the recursion. However, with this command:
1935
1936 wget2 -r -l 2 -p https://<site>/1.html
1937
1938 all the above files and 3.html’s requisite 3.gif will be downloaded.
1939 Similarly,
1940
1941 wget2 -r -l 1 -p https://<site>/1.html
1942
1943 will cause 1.html, 1.gif, 2.html, and 2.gif to be downloaded. One
1944 might think that:
1945
1946 wget2 -r -l 0 -p https://<site>/1.html
1947
1948 would download just 1.html and 1.gif, but unfortunately this is not the
1949 case, because -l 0 is equivalent to -l inf, that is, infinite recur‐
1950 sion. To download a single HTML page (or a handful of them, all speci‐
1951 fied on the command-line or in a -i URL input file) and its (or their)
1952 requisites, simply leave off -r and -l:
1953
1954 wget2 -p https://<site>/1.html
1955
1956 Note that Wget2 will behave as if -r had been specified, but only that
1957 single page and its requisites will be downloaded. Links from that
1958 page to external documents will not be followed. Actually, to download
1959 a single page and all its requisites (even if they exist on separate
1960 websites), and make sure the lot displays properly locally, this author
1961 likes to use a few options in addition to -p:
1962
1963 wget2 -E -H -k -K -p https://<site>/<document>
1964
1965 To finish off this topic, it’s worth knowing that Wget2’s idea of an
1966 external document link is any URL specified in an <A> tag, an <AREA>
1967 tag, or a <LINK> tag other than <LINK REL="stylesheet">.
1968
1969 --strict-comments
1970 Obsolete option for compatibility with Wget1.x. Wget2 always termi‐
1971 nates comments at the first occurrence of -->, as popular browsers do.
1972
1973 --robots
1974 Enable the Robots Exclusion Standard (default: on).
1975
1976 For each visited domain, follow rules specified in /robots.txt. You
1977 should respect the domain owner’s rules and turn this off only for very
1978 good reasons.
1979
1980 Whether enabled or disabled, the robots.txt file is downloaded and
1981 scanned for sitemaps. These are lists of pages / files available for
1982 download that not necessarily are available via recursive scanning.
1983
1984 This behavior can be switched off by --no-follow-sitemaps.
1985
1986 Recursive Accept/Reject Options
1987 -A acclist, --accept=acclist, -R rejlist, --reject=rejlist
1988 Specify comma-separated lists of file name suffixes or patterns to ac‐
1989 cept or reject. Note that if any of the wildcard characters, *, ?, [,
1990 ], appear in an element of acclist or rejlist, it will be treated as a
1991 pattern, rather than a suffix. In this case, you have to enclose the
1992 pattern into quotes to prevent your shell from expanding it, like in -A
1993 "*.mp3" or -A '*.mp3'.
1994
1995 --accept-regex=urlregex, --reject-regex=urlregex
1996 Specify a regular expression to accept or reject file names.
1997
1998 --regex-type=regextype
1999 Specify the regular expression type. Possible types are posix or pcre.
2000 Note that to be able to use pcre type, wget2 has to be compiled with
2001 libpcre support.
2002
2003 --filter-urls
2004 Apply the accept and reject filters on the URL before starting a down‐
2005 load.
2006
2007 -D domain-list, --domains=domain-list
2008 Set domains to be followed. domain-list is a comma-separated list of
2009 domains. Note that it does not turn on -H.
2010
2011 --exclude-domains=domain-list
2012 Specify the domains that are not to be followed.
2013
2014 --follow-sitemaps
2015 Parsing the sitemaps from robots.txt and follow the links. (default:
2016 on).
2017
2018 This option is on for recursive downloads whether you specify --robots
2019 or -no-robots. Following the URLs found in sitemaps can be switched
2020 off with --no-follow-sitemaps.
2021
2022 --follow-tags=list
2023 Wget2 has an internal table of HTML tag / attribute pairs that it con‐
2024 siders when looking for linked documents during a recursive retrieval.
2025 If a user wants only a subset of those tags to be considered, however,
2026 he or she should be specify such tags in a comma-separated list with
2027 this option.
2028
2029 --ignore-tags=list
2030 This is the opposite of the --follow-tags option. To skip certain HTML
2031 tags when recursively looking for documents to download, specify them
2032 in a comma-separated list.
2033
2034 In the past, this option was the best bet for downloading a single page
2035 and its requisites, using a command-line like:
2036
2037 wget2 --ignore-tags=a,area -H -k -K -r https://<site>/<document>
2038
2039 However, the author of this option came across a page with tags like “”
2040 and came to the realization that specifying tags to ignore was not
2041 enough. One can’t just tell Wget2 to ignore “”, because then
2042 stylesheets will not be downloaded. Now the best bet for downloading a
2043 single page and its requisites is the dedicated --page-requisites op‐
2044 tion.
2045
2046 --ignore-case
2047 Ignore case when matching files and directories. This influences the
2048 behavior of -R, -A, -I, and -X options. For example, with this option,
2049 -A “*.txt” will match file1.txt, but also file2.TXT, file3.TxT, and so
2050 on. The quotes in the example are to prevent the shell from expanding
2051 the pattern.
2052
2053 -H, --span-hosts
2054 Enable spanning across hosts when doing recursive retrieving.
2055
2056 -L, --relative [Not implemented yet]
2057 Follow relative links only. Useful for retrieving a specific home page
2058 without any distractions, not even those from the same hosts.
2059
2060 -I list, --include-directories=list
2061 Specify a comma-separated list of directories you wish to follow when
2062 downloading. Elements of the list may contain wildcards.
2063
2064 wget2 -r https://webpage.domain --include-directories=*/pub/*/
2065
2066 Please keep in mind that */pub/*/ is the same as /*/pub/*/ and that it
2067 matches directories, not strings. This means that */pub doesn’t affect
2068 files contained at e.g. /directory/something/pub but /pub/* matches ev‐
2069 ery subdir of /pub.
2070
2071 -X list, --exclude-directories=list
2072 Specify a comma-separated list of directories you wish to exclude from
2073 download. Elements of the list may contain wildcards.
2074
2075 wget2 -r https://gnu.org --exclude-directories=/software
2076
2077 -I / -X combinations
2078 Please be aware that the behavior of this combination of flags works
2079 slightly different than in wget1.x.
2080
2081 If -I is given first, the default is `exclude all'. If -X is given
2082 first, the default is `include all'.
2083
2084 Multiple -I/-X options are processed `first to last'. The last match
2085 is relevant.
2086
2087 Example: `-I /pub -X /pub/trash` would download all from /pub/ except from /pub/trash.
2088 Example: `-X /pub -I /pub/important` would download all except from /pub where only /pub/important would be downloaded.
2089
2090 To reset the list (e.g. to ignore -I/-X from .wget2rc files) use --no-
2091 include-directories or --no-exclude-directories.
2092
2093 -np, --no-parent
2094 Do not ever ascend to the parent directory when retrieving recursively.
2095 This is a useful option, since it guarantees that only the files below
2096 a certain hierarchy will be downloaded.
2097
2098 --filter-mime-type=list
2099 Specify a comma-separated list of MIME types that will be downloaded.
2100 Elements of list may contain wildcards. If a MIME type starts with the
2101 character `!' it won’t be downloaded, this is useful when trying to
2102 download something with exceptions. If server doesn’t specify the MIME
2103 type of a file it will be considered as `application/octet-stream'.
2104 For example, download everything except images:
2105
2106 wget2 -r https://<site>/<document> --filter-mime-type=*,\!image/*
2107
2108 It is also useful to download files that are compatible with an appli‐
2109 cation of your system. For instance, download every file that is com‐
2110 patible with LibreOffice Writer from a website using the recursive
2111 mode:
2112
2113 wget2 -r https://<site>/<document> --filter-mime-type=$(sed -r '/^MimeType=/!d;s/^MimeType=//;s/;/,/g' /usr/share/applications/libreoffice-writer.desktop)
2114
2115 Plugin Options
2116 --list-plugins
2117 Print a list all available plugins and exit.
2118
2119 --local-plugin=file
2120 Load file as plugin.
2121
2122 --plugin=name
2123 Load a plugin with a given name from the configured plugin directories.
2124
2125 --plugin-dirs=directories
2126 Set plugin directories. directories is a comma-separated list of di‐
2127 rectories.
2128
2129 --plugin-help
2130 Print the help messages from all loaded plugins.
2131
2132 --plugin-opt=option
2133 Set a plugin specific command line option.
2134
2135 option is in the format <plugin_name>.<option>[=value].
2136
2138 Wget2 supports proxies for both HTTP and HTTPS retrievals. The stan‐
2139 dard way to specify proxy location, which Wget recognizes, is using the
2140 following environment variables:
2141
2142 http_proxy
2143
2144 https_proxy
2145
2146 If set, the http_proxy and https_proxy variables should contain the
2147 URLs of the proxies for HTTP and HTTPS connections respectively.
2148
2149 no_proxy
2150
2151 This variable should contain a comma-separated list of domain exten‐
2152 sions proxy should not be used for. For instance, if the value of
2153 no_proxy is .example.com, proxy will not be used to retrieve documents
2154 from *.example.com.
2155
2157 Wget2 may return one of several error codes if it encounters problems.
2158
2159 0 No problems occurred.
2160
2161 1 Generic error code.
2162
2163 2 Parse error. For instance, when parsing command-line options, the .wget2rc or .netrc...
2164
2165 3 File I/O error.
2166
2167 4 Network failure.
2168
2169 5 SSL verification failure.
2170
2171 6 Username/password authentication failure.
2172
2173 7 Protocol errors.
2174
2175 8 Server issued an error response.
2176
2177 9 Public key missing from keyring.
2178
2179 10 A Signature verification failed.
2180
2181 With the exceptions of 0 and 1, the lower-numbered exit codes take
2182 precedence over higher-numbered ones, when multiple types of errors are
2183 encountered.
2184
2186 Sometimes you may wish to permanently change the default behaviour of
2187 GNU Wget2. There is a better way to do this than setting an alias in
2188 your shell. GNU Wget2 allows you to set all options permanently
2189 through its startup up, .wget2rc.
2190
2191 While .wget2rc is the main initialization file used by GNU Wget2, it is
2192 not a good idea to store passwords in this file. This is because the
2193 startup file maybe publicly readable or backed up in version control.
2194 This is why Wget2 also reads the contents of $HOME/.netrc when re‐
2195 quired.
2196
2197 The .wget2rc file follows a very similar syntax to the .wgetrc that is
2198 read by GNU Wget. It varies in only those places where the command
2199 line options vary between Wget1.x and Wget2.
2200
2201 Wget2rc Location
2202 When initializing, Wget2 will attempt to read the “global” startup
2203 file, which is located at `/usr/local/etc/wget2rc' by default (or some
2204 prefix other than `/usr/local', if Wget2 was not installed there). The
2205 global startup file is useful for system administrators to enforce a
2206 default policy, such as setting the path to the certificate store,
2207 preloading a HSTS list, etc.
2208
2209 Then, Wget2 will look for the user’s initialization file. If the user
2210 has passed the --config command line option, Wget2 will try to load the
2211 file that it points to. If file does not exist, or if it cannot be
2212 read, Wget2 will make no further attempts to read any initialization
2213 files.
2214
2215 If the environment variable WGET2RC is set, Wget2 will try to load the
2216 file at this location. If the file does not exist, or if it cannot be
2217 read, Wget2 will make no further attempts to read an initialization
2218 file.
2219
2220 If, --config is not passed and WGET2RC is not set, Wget2 will attempt
2221 to load the user’s initialization file from a location as defined by
2222 the XDG Base Directory Specification. It will read the first, and only
2223 the first file it finds from the following locations:
2224
2225 1. $XDG_CONFIG_HOME/wget/wget2rc
2226
2227 2. $HOME/.config/wget/wget2rc
2228
2229 3. $HOME/.wget2rc
2230
2231 Having an initialization file at $HOME/.wget2rc is deprecated. If a
2232 file is found there, Wget2 will print a warning about it. Support for
2233 reading from this file will be removed in the future.
2234
2235 The fact that the user’s settings are loaded after the system-wide ones
2236 means that in case of a collision, the user’s wget2rc overrides the
2237 global wget2rc.
2238
2240 You are welcome to submit bug reports via the GNU Wget2 bug tracker
2241 (https://gitlab.com/gnuwget/wget2/issues).
2242
2243 Before actually submitting a bug report, please try to follow a few
2244 simple guidelines.
2245
2246 1. Please try to ascertain that the behavior you see really is a bug.
2247 If Wget2 crashes, it’s a bug. If Wget2 does not behave as document‐
2248 ed, it’s a bug. If things work strange, but you are not sure about
2249 the way they are supposed to work, it might well be a bug, but you
2250 might want to double-check the documentation and the mailing lists.
2251
2252 2. Try to repeat the bug in as simple circumstances as possible. E.g.
2253 if Wget2 crashes while downloading wget2 -rl0 -kKE -t5 --no-proxy
2254 https://example.com -o /tmp/log, you should try to see if the crash
2255 is repeatable, and if will occur with a simpler set of options. You
2256 might even try to start the download at the page where the crash oc‐
2257 curred to see if that page somehow triggered the crash.
2258
2259 Also, while I will probably be interested to know the contents of your
2260 .wget2rc file, just dumping it into the debug message is probably a bad
2261 idea. Instead, you should first try to see if the bug repeats with
2262 .wget2rc moved out of the way. Only if it turns out that .wget2rc set‐
2263 tings affect the bug, mail me the relevant parts of the file.
2264
2265 3. Please start Wget2 with -d option and send us the resulting output
2266 (or relevant parts thereof). If Wget2 was compiled without debug
2267 support, recompile it. It is much easier to trace bugs with debug
2268 support on.
2269
2270 Note: please make sure to remove any potentially sensitive information
2271 from the debug log before sending it to the bug address. The -d won’t
2272 go out of its way to collect sensitive information, but the log will
2273 contain a fairly complete transcript of Wget2’s communication with the
2274 server, which may include passwords and pieces of downloaded data.
2275 Since the bug address is publicly archived, you may assume that all bug
2276 reports are visible to the public.
2277
2278 4. If Wget2 has crashed, try to run it in a debugger, e.g. gdb `which
2279 wget` core and type “where” to get the backtrace. This may not work
2280 if the system administrator has disabled core files, but it is safe
2281 to try.
2282
2284 Wget2 written by Tim Rühsen <tim.ruehsen@gmx.de>
2285
2286 Wget 1.x originally written by Hrvoje Nikšić <hniksic@xemacs.org>
2287
2289 Copyright (C) 2012-2015 Tim Rühsen
2290
2291 Copyright (C) 2015-2023 Free Software Foundation, Inc.
2292
2293 Permission is granted to copy, distribute and/or modify this document
2294 under the terms of the GNU Free Documentation License, Version 1.3 or
2295 any later version published by the Free Software Foundation; with no
2296 Invariant Sections, with no Front-Cover Texts, and with no Back-Cover
2297 Texts. A copy of the license is included in the section entitled “GNU
2298 Free Documentation License”.
2299
2300
2301
2302GNU Wget2 User Manual WGET2(1)