1curl(1)                           Curl Manual                          curl(1)
2
3
4

NAME

6       curl - transfer a URL
7

SYNOPSIS

9       curl [options / URLs]
10

DESCRIPTION

12       curl  is  a  tool for transfering data from or to a server. It supports
13       these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS,  HTTP,  HTTPS,
14       IMAP,  IMAPS,  LDAP,  LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP,
15       SFTP, SMB, SMBS, SMTP, SMTPS, TELNET or TFTP. The command  is  designed
16       to work without user interaction.
17
18       curl offers a busload of useful tricks like proxy support, user authen‐
19       tication, FTP upload, HTTP post, SSL connections, cookies, file  trans‐
20       fer resume and more. As you will see below, the number of features will
21       make your head spin!
22
23       curl is powered by  libcurl  for  all  transfer-related  features.  See
24       libcurl(3) for details.
25

URL

27       The  URL  syntax is protocol-dependent. You'll find a detailed descrip‐
28       tion in RFC 3986.
29
30       You can specify multiple URLs or parts of URLs  by  writing  part  sets
31       within braces and quoting the URL as in:
32
33         "http://site.{one,two,three}.com"
34
35       or you can get sequences of alphanumeric series by using [] as in:
36
37         "ftp://ftp.example.com/file[1-100].txt"
38
39         "ftp://ftp.example.com/file[001-100].txt"    (with leading zeros)
40
41         "ftp://ftp.example.com/file[a-z].txt"
42
43       Nested  sequences  are not supported, but you can use several ones next
44       to each other:
45
46         "http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html"
47
48       You can specify any amount of URLs on the command line.  They  will  be
49       fetched  in a sequential manner in the specified order. You can specify
50       command line options and URLs mixed and in any  order  on  the  command
51       line.
52
53       You  can  specify a step counter for the ranges to get every Nth number
54       or letter:
55
56         "http://example.com/file[1-100:10].txt"
57
58         "http://example.com/file[a-z:2].txt"
59
60       When using [] or {} sequences when invoked from a command line  prompt,
61       you probably have to put the full URL within double quotes to avoid the
62       shell from interfering with it. This also  goes  for  other  characters
63       treated special, like for example '&', '?' and '*'.
64
65       Provide  the IPv6 zone index in the URL with an escaped percentage sign
66       and the interface name. Like in
67
68         "http://[fe80::3%25eth0]/"
69
70       If you specify URL without protocol:// prefix,  curl  will  attempt  to
71       guess  what  protocol  you might want. It will then default to HTTP but
72       try other protocols based on often-used host name prefixes.  For  exam‐
73       ple,  for  host names starting with "ftp." curl will assume you want to
74       speak FTP.
75
76       curl will do its best to use what you pass to it as a URL.  It  is  not
77       trying  to  validate it as a syntactically correct URL by any means but
78       is instead very liberal with what it accepts.
79
80       curl will attempt to re-use connections for multiple file transfers, so
81       that  getting many files from the same server will not do multiple con‐
82       nects / handshakes. This improves speed. Of course this is only done on
83       files  specified  on  a  single command line and cannot be used between
84       separate curl invocations.
85

OUTPUT

87       If not told otherwise, curl writes the received data to stdout. It  can
88       be  instructed  to  instead save that data into a local file, using the
89       -o, --output or -O, --remote-name options. If curl  is  given  multiple
90       URLs  to  transfer on the command line, it similarly needs multiple op‐
91       tions for where to save them.
92
93       curl does not parse or otherwise "understand" the content  it  gets  or
94       writes  as  output.  It does no encoding or decoding, unless explicitly
95       asked to with dedicated command line options.
96

PROTOCOLS

98       curl supports numerous protocols, or put in URL  terms:  schemes.  Your
99       particular build may not support them all.
100
101       DICT   Lets you lookup words using online dictionaries.
102
103       FILE   Read  or  write  local  files.  curl  does not support accessing
104              file:// URL remotely, but when running on Microsoft Windows  us‐
105              ing the native UNC approach will work.
106
107       FTP(S) curl  supports  the  File Transfer Protocol with a lot of tweaks
108              and levers. With or without using TLS.
109
110       GOPHER(S)
111              Retrieve files.
112
113       HTTP(S)
114              curl supports HTTP with numerous options and variations. It  can
115              speak HTTP version 0.9, 1.0, 1.1, 2 and 3 depending on build op‐
116              tions and the correct command line options.
117
118       IMAP(S)
119              Using the mail reading protocol, curl can "download" emails  for
120              you. With or without using TLS.
121
122       LDAP(S)
123              curl can do directory lookups for you, with or without TLS.
124
125       MQTT   curl supports MQTT version 3. Downloading over MQTT equals "sub‐
126              scribe" to a topic while uploading/posting equals "publish" on a
127              topic. MQTT over TLS is not supported (yet).
128
129       POP3(S)
130              Downloading  from  a  pop3  server means getting a mail. With or
131              without using TLS.
132
133       RTMP(S)
134              The Realtime Messaging Protocol  is  primarily  used  to  server
135              streaming media and curl can download it.
136
137       RTSP   curl supports RTSP 1.0 downloads.
138
139       SCP    curl supports SSH version 2 scp transfers.
140
141       SFTP   curl supports SFTP (draft 5) done over SSH version 2.
142
143       SMB(S) curl supports SMB version 1 for upload and download.
144
145       SMTP(S)
146              Uploading  contents  to  an  SMTP server means sending an email.
147              With or without TLS.
148
149       TELNET Telling curl to fetch a telnet URL starts an interactive session
150              where  it  sends  what  it  reads  on stdin and outputs what the
151              server sends it.
152
153       TFTP   curl can do TFTP downloads and uploads.
154

PROGRESS METER

156       curl normally displays a progress meter during  operations,  indicating
157       the  amount  of  transferred  data,  transfer speeds and estimated time
158       left, etc. The progress meter displays number of bytes and  the  speeds
159       are  in  bytes per second. The suffixes (k, M, G, T, P) are 1024 based.
160       For example 1k is 1024 bytes. 1M is 1048576 bytes.
161
162       curl displays this data to the terminal by default, so  if  you  invoke
163       curl  to do an operation and it is about to write data to the terminal,
164       it disables the progress meter as otherwise it would mess up the output
165       mixing progress meter and response data.
166
167       If you want a progress meter for HTTP POST or PUT requests, you need to
168       redirect the response output to a file, using shell redirect  (>),  -o,
169       --output or similar.
170
171       This  does  not apply to FTP upload as that operation does not spit out
172       any response data to the terminal.
173
174       If you prefer a progress  "bar"  instead  of  the  regular  meter,  -#,
175       --progress-bar  is your friend. You can also disable the progress meter
176       completely with the -s, --silent option.
177

OPTIONS

179       Options start with one or two dashes. Many of the  options  require  an
180       additional value next to them.
181
182       The  short  "single-dash"  form  of the options, -d for example, may be
183       used with or without a space between it and its value, although a space
184       is a recommended separator. The long "double-dash" form, -d, --data for
185       example, requires a space between it and its value.
186
187       Short version options that don't need any additional values can be used
188       immediately  next  to  each other, like for example you can specify all
189       the options -O, -L and -v at once as -OLv.
190
191       In general, all boolean options are enabled with --option and yet again
192       disabled  with --no-option. That is, you use the exact same option name
193       but prefix it with "no-". However, in this list we mostly only list and
194       show  the --option version of them. (This concept with --no options was
195       added in 7.19.0. Previously most options were  toggled  on/off  through
196       repeated use of the same command line option.)
197
198       --abstract-unix-socket <path>
199              (HTTP)  Connect  through an abstract Unix domain socket, instead
200              of using the network.  Note: netstat shows the path  of  an  ab‐
201              stract  socket  prefixed  with  '@', however the <path> argument
202              should not have this leading character.
203
204              Example:
205               curl --abstract-unix-socket socketpath https://example.com
206
207              Added in 7.53.0.
208
209       --alt-svc <file name>
210              (HTTPS) This option enables the alt-svc parser in curl.  If  the
211              file name points to an existing alt-svc cache file, that will be
212              used. After a completed transfer, the cache will be saved to the
213              file name again if it has been modified.
214
215              Specify a "" file name (zero length) to avoid loading/saving and
216              make curl just handle the cache in memory.
217
218              If this option is used several times, curl  will  load  contents
219              from all the files but the last one will be used for saving.
220
221              Example:
222               curl --alt-svc svc.txt https://example.com
223
224              Added in 7.64.1.
225
226       --anyauth
227              (HTTP) Tells curl to figure out authentication method by itself,
228              and use the most secure one the remote site claims  to  support.
229              This is done by first doing a request and checking the response-
230              headers, thus possibly inducing  an  extra  network  round-trip.
231              This  is  used  instead  of  setting  a  specific authentication
232              method, which you can do with  --basic,  --digest,  --ntlm,  and
233              --negotiate.
234
235              Using --anyauth is not recommended if you do uploads from stdin,
236              since it may require data to be sent twice and then  the  client
237              must  be able to rewind. If the need should arise when uploading
238              from stdin, the upload operation will fail.
239
240              Used together with -u, --user.
241
242              Example:
243               curl --anyauth --user me:pwd https://example.com
244
245              See also --proxy-anyauth, --basic and --digest.
246
247       -a, --append
248              (FTP SFTP) When used in an upload, this makes curl append to the
249              target  file  instead  of  overwriting  it.  If  the remote file
250              doesn't exist, it will be created.  Note that this flag  is  ig‐
251              nored by some SFTP servers (including OpenSSH).
252
253              Example:
254               curl --upload-file local --append ftp://example.com/
255
256       --aws-sigv4 <provider1[:provider2[:region[:service]]]>
257              Use AWS V4 signature authentication in the transfer.
258
259              The  provider argument is a string that is used by the algorithm
260              when creating outgoing authentication headers.
261
262              The region argument is a string that points to a geographic area
263              of  a resources collection (region-code) when the region name is
264              omitted from the endpoint.
265
266              The service argument is a string that points to a function  pro‐
267              vided by a cloud (service-code) when the service name is omitted
268              from the endpoint.
269
270              Example:
271               curl --aws-sigv4 "aws:amz:east-2:es" --user "key:secret" https://example.com
272
273              Added in 7.75.0.
274
275       --basic
276              (HTTP) Tells curl to use HTTP Basic authentication with the  re‐
277              mote host. This is the default and this option is usually point‐
278              less, unless you use it to override a previously set option that
279              sets  a  different  authentication method (such as --ntlm, --di‐
280              gest, or --negotiate).
281
282              Used together with -u, --user.
283
284              Example:
285               curl -u name:password --basic https://example.com
286
287              See also --proxy-basic.
288
289       --cacert <file>
290              (TLS) Tells curl to use the specified certificate file to verify
291              the  peer.  The  file  may contain multiple CA certificates. The
292              certificate(s) must be in PEM format. Normally curl is built  to
293              use a default file for this, so this option is typically used to
294              alter that default file.
295
296              curl recognizes the environment variable named  'CURL_CA_BUNDLE'
297              if  it  is  set,  and uses the given path as a path to a CA cert
298              bundle. This option overrides that variable.
299
300              The windows version of curl will automatically  look  for  a  CA
301              certs file named ´curl-ca-bundle.crt´, either in the same direc‐
302              tory as curl.exe, or in the Current Working Directory, or in any
303              folder along your PATH.
304
305              If  curl  is  built  against  the  NSS  SSL library, the NSS PEM
306              PKCS#11 module (libnsspem.so) needs to be available for this op‐
307              tion to work properly.
308
309              (iOS  and macOS only) If curl is built against Secure Transport,
310              then this option is supported for  backward  compatibility  with
311              other  SSL  engines,  but it should not be set. If the option is
312              not set, then curl will use the certificates in the  system  and
313              user  Keychain to verify the peer, which is the preferred method
314              of verifying the peer's certificate chain.
315
316              (Schannel only) This option is supported for Schannel in Windows
317              7  or later with libcurl 7.60 or later. This option is supported
318              for backward compatibility with other SSL engines; instead it is
319              recommended  to use Windows' store of root certificates (the de‐
320              fault for Schannel).
321
322              If this option is used several times, the last one will be used.
323
324              Example:
325               curl --cacert CA-file.txt https://example.com
326
327       --capath <dir>
328              (TLS) Tells curl to use the specified certificate  directory  to
329              verify  the  peer.  Multiple paths can be provided by separating
330              them with ":" (e.g.  "path1:path2:path3"). The certificates must
331              be  in PEM format, and if curl is built against OpenSSL, the di‐
332              rectory must have been processed using the c_rehash utility sup‐
333              plied  with  OpenSSL.  Using  --capath can allow OpenSSL-powered
334              curl to make SSL-connections much more  efficiently  than  using
335              --cacert if the --cacert file contains many CA certificates.
336
337              If this option is set, the default capath value will be ignored,
338              and if it is used several times, the last one will be used.
339
340              Example:
341               curl --capath /local/directory https://example.com
342
343       --cert-status
344              (TLS) Tells curl to verify the status of the server  certificate
345              by using the Certificate Status Request (aka. OCSP stapling) TLS
346              extension.
347
348              If this option is enabled and the server sends an invalid  (e.g.
349              expired) response, if the response suggests that the server cer‐
350              tificate has been revoked, or no response at  all  is  received,
351              the verification fails.
352
353              This  is  currently  only implemented in the OpenSSL, GnuTLS and
354              NSS backends.
355
356              Example:
357               curl --cert-status https://example.com
358
359              Added in 7.41.0.
360
361       --cert-type <type>
362              (TLS) Tells curl what type the provided  client  certificate  is
363              using. PEM, DER, ENG and P12 are recognized types.  If not spec‐
364              ified, PEM is assumed.
365
366              If this option is used several times, the last one will be used.
367
368              Example:
369               curl --cert-type PEM --cert file https://example.com
370
371              See also -E, --cert, --key and --key-type.
372
373       -E, --cert <certificate[:password]>
374              (TLS) Tells curl to use the specified  client  certificate  file
375              when getting a file with HTTPS, FTPS or another SSL-based proto‐
376              col. The certificate must be in PKCS#12 format if  using  Secure
377              Transport,  or PEM format if using any other engine.  If the op‐
378              tional password isn't specified, it will be queried for  on  the
379              terminal.  Note  that  this  option assumes a "certificate" file
380              that is the private key and the client certificate concatenated!
381              See -E, --cert and --key to specify them independently.
382
383              If  curl  is  built against the NSS SSL library then this option
384              can tell curl the nickname of the certificate to use within  the
385              NSS  database defined by the environment variable SSL_DIR (or by
386              default /etc/pki/nssdb). If the NSS  PEM  PKCS#11  module  (lib‐
387              nsspem.so)  is  available  then  PEM files may be loaded. If you
388              want to use a file from the current directory, please precede it
389              with  "./"  prefix, in order to avoid confusion with a nickname.
390              If the nickname contains ":", it needs to be preceded by "\"  so
391              that  it  is not recognized as password delimiter.  If the nick‐
392              name contains "\", it needs to be escaped as "\\" so that it  is
393              not recognized as an escape character.
394
395              If  curl is built against OpenSSL library, and the engine pkcs11
396              is available, then a PKCS#11 URI (RFC 7512) can be used to spec‐
397              ify  a  certificate located in a PKCS#11 device. A string begin‐
398              ning with "pkcs11:" will be interpreted as a PKCS#11 URI.  If  a
399              PKCS#11 URI is provided, then the --engine option will be set as
400              "pkcs11" if none was provided and the --cert-type option will be
401              set as "ENG" if none was provided.
402
403              (iOS  and macOS only) If curl is built against Secure Transport,
404              then the certificate string can either be the name of a certifi‐
405              cate/private  key in the system or user keychain, or the path to
406              a PKCS#12-encoded certificate and private key. If  you  want  to
407              use  a  file  from the current directory, please precede it with
408              "./" prefix, in order to avoid confusion with a nickname.
409
410              (Schannel only) Client certificates must be specified by a  path
411              expression  to  a  certificate  store.  (Loading PFX is not sup‐
412              ported; you can import it to a store first). You can use "<store
413              location>\<store  name>\<thumbprint>"  to refer to a certificate
414              in  the  system  certificates  store,  for   example,   "Curren‐
415              tUser\MY\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a".   Thumbprint
416              is usually a SHA-1 hex string which you can see  in  certificate
417              details.  Following  store locations are supported: CurrentUser,
418              LocalMachine, CurrentService, Services,  CurrentUserGroupPolicy,
419              LocalMachineGroupPolicy, LocalMachineEnterprise.
420
421              If this option is used several times, the last one will be used.
422
423              Example:
424               curl --cert certfile --key keyfile https://example.com
425
426              See also --cert-type, --key and --key-type.
427
428       --ciphers <list of ciphers>
429              (TLS) Specifies which ciphers to use in the connection. The list
430              of ciphers must specify valid ciphers. Read  up  on  SSL  cipher
431              list details on this URL:
432
433               https://curl.se/docs/ssl-ciphers.html
434
435              If this option is used several times, the last one will be used.
436
437              Example:
438               curl --ciphers ECDHE-ECDSA-AES256-CCM8 https://example.com
439
440       --compressed-ssh
441              (SCP SFTP) Enables built-in SSH compression.  This is a request,
442              not an order; the server may or may not do it.
443
444              Example:
445               curl --compressed-ssh sftp://example.com/
446
447              Added in 7.56.0.
448
449       --compressed
450              (HTTP) Request a compressed response using one of the algorithms
451              curl supports, and automatically decompress the content. Headers
452              are not modified.
453
454              If this option is used and the server sends an  unsupported  en‐
455              coding, curl will report an error. This is a request, not an or‐
456              der; the server may or may not deliver data compressed.
457
458              Example:
459               curl --compressed https://example.com
460
461       -K, --config <file>
462
463              Specify a text file to read curl  arguments  from.  The  command
464              line  arguments  found  in the text file will be used as if they
465              were provided on the command line.
466
467              Options and their parameters must be specified on the same  line
468              in the file, separated by whitespace, colon, or the equals sign.
469              Long option names can optionally be given  in  the  config  file
470              without the initial double dashes and if so, the colon or equals
471              characters can be used as separators. If the option is specified
472              with  one or two dashes, there can be no colon or equals charac‐
473              ter between the option and its parameter.
474
475              If the parameter contains whitespace (or starts with  :  or  =),
476              the  parameter  must  be  enclosed  within quotes. Within double
477              quotes, the following escape sequences are  available:  \\,  \",
478              \t, \n, \r and \v. A backslash preceding any other letter is ig‐
479              nored.
480
481              If the first column of a config line is  a  '#'  character,  the
482              rest of the line will be treated as a comment.
483
484              Only write one option per physical line in the config file.
485
486              Specify  the  filename  to -K, --config as '-' to make curl read
487              the file from stdin.
488
489              Note that to be able to specify a URL in the  config  file,  you
490              need  to  specify  it  using the --url option, and not by simply
491              writing the URL on its own line. So, it could  look  similar  to
492              this:
493
494              url = "https://curl.se/docs/"
495
496              When  curl  is invoked, it (unless -q, --disable is used) checks
497              for a default config file and uses it if found, even  when  this
498              option  is  used.  The default config file is checked for in the
499              following places in this order:
500
501              1) Use the CURL_HOME environment variable if set
502
503              2) Use the XDG_CONFIG_HOME environment variable if set (Added in
504              7.73.0)
505
506              3) Use the HOME environment variable if set
507
508              4) Non-windows: use getpwuid to find the home directory
509
510              5) Windows: use APPDATA if set
511
512              6) Windows: use "USERPROFILE\Application Data" if set
513
514              7)  On  windows, if there is no .curlrc file in the home dir, it
515              checks for one in the same dir the curl executable is placed. On
516              Unix-like  systems,  it will simply try to load .curlrc from the
517              determined home dir.
518
519              # --- Example file ---
520              # this is a comment
521              url = "example.com"
522              output = "curlhere.html"
523              user-agent = "superagent/1.0"
524
525              # and fetch another URL too
526              url = "example.com/docs/manpage.html"
527              -O
528              referer = "http://nowhereatall.example.com/"
529              # --- End of example file ---
530
531              This option can be used multiple times to load  multiple  config
532              files.
533
534              Example:
535               curl --config file.txt https://example.com
536
537       --connect-timeout <fractional seconds>
538              Maximum  time  in  seconds  that  you allow curl's connection to
539              take.  This only limits the connection phase, so  if  curl  con‐
540              nects  within the given period it will continue - if not it will
541              exit.  Since version 7.32.0, this option accepts decimal values.
542
543              If this option is used several times, the last one will be used.
544
545              Examples:
546               curl --connect-timeout 20 https://example.com
547               curl --connect-timeout 3.14 https://example.com
548
549              See also -m, --max-time.
550
551       --connect-to <HOST1:PORT1:HOST2:PORT2>
552
553              For  a  request  to  the  given  HOST1:PORT1  pair,  connect  to
554              HOST2:PORT2 instead.  This option is suitable to direct requests
555              at a specific server, e.g. at a specific cluster node in a clus‐
556              ter  of  servers. This option is only used to establish the net‐
557              work connection. It does NOT affect the  hostname/port  that  is
558              used for TLS/SSL (e.g. SNI, certificate verification) or for the
559              application protocols. "HOST1" and  "PORT1"  may  be  the  empty
560              string, meaning "any host/port". "HOST2" and "PORT2" may also be
561              the  empty  string,  meaning   "use   the   request's   original
562              host/port".
563
564              A "host" specified to this option is compared as a string, so it
565              needs to match the name used in request URL. It  can  be  either
566              numerical such as "127.0.0.1" or the full host name such as "ex‐
567              ample.org".
568
569              This option can be used many times to add many connect rules.
570
571              Example:
572               curl --connect-to example.com:443:example.net:8443 https://example.com
573
574              See also --resolve and -H, --header. Added in 7.49.0.
575
576       -C, --continue-at <offset>
577              Continue/Resume a previous file transfer at  the  given  offset.
578              The  given  offset  is  the  exact  number of bytes that will be
579              skipped, counting from the beginning of the source  file  before
580              it is transferred to the destination.  If used with uploads, the
581              FTP server command SIZE will not be used by curl.
582
583              Use "-C -" to tell curl to automatically find out  where/how  to
584              resume  the  transfer. It then uses the given output/input files
585              to figure that out.
586
587              If this option is used several times, the last one will be used.
588
589              Examples:
590               curl -C - https://example.com
591               curl -C 400 https://example.com
592
593              See also -r, --range.
594
595       -c, --cookie-jar <filename>
596              (HTTP) Specify to which file you want curl to write all  cookies
597              after  a  completed  operation. Curl writes all cookies from its
598              in-memory cookie storage to the given file at the end of  opera‐
599              tions.  If  no  cookies  are known, no data will be written. The
600              file will be written using the Netscape cookie file  format.  If
601              you set the file name to a single dash, "-", the cookies will be
602              written to stdout.
603
604              This command line option will activate the  cookie  engine  that
605              makes curl record and use cookies. Another way to activate it is
606              to use the -b, --cookie option.
607
608              If the cookie jar can't be created or written to, the whole curl
609              operation  won't fail or even report an error clearly. Using -v,
610              --verbose will get a warning displayed, but  that  is  the  only
611              visible feedback you get about this possibly lethal situation.
612
613              If  this  option  is used several times, the last specified file
614              name will be used.
615
616              Examples:
617               curl -c store-here.txt https://example.com
618               curl -c store-here.txt -b read-these https://example.com
619
620       -b, --cookie <data|filename>
621              (HTTP) Pass the data to the HTTP server in the Cookie header. It
622              is  supposedly the data previously received from the server in a
623              "Set-Cookie:"  line.   The  data  should  be   in   the   format
624              "NAME1=VALUE1; NAME2=VALUE2".
625
626              If  no '=' symbol is used in the argument, it is instead treated
627              as a filename to read previously stored cookie from. This option
628              also activates the cookie engine which will make curl record in‐
629              coming cookies, which may be handy if you're using this in  com‐
630              bination  with  the  -L,  --location  option  or do multiple URL
631              transfers on the same invoke. If the file name is exactly a  mi‐
632              nus ("-"), curl will instead read the contents from stdin.
633
634              The file format of the file to read cookies from should be plain
635              HTTP headers (Set-Cookie style) or the  Netscape/Mozilla  cookie
636              file format.
637
638              The  file  specified with -b, --cookie is only used as input. No
639              cookies will be written to the file. To store cookies,  use  the
640              -c, --cookie-jar option.
641
642              If you use the Set-Cookie file format and don't specify a domain
643              then the cookie is not sent since the domain will  never  match.
644              To  address  this,  set  a domain in Set-Cookie line (doing that
645              will include sub-domains) or preferably: use the  Netscape  for‐
646              mat.
647
648              This option can be used multiple times.
649
650              Users very often want to both read cookies from a file and write
651              updated cookies back to a file, so using both -b,  --cookie  and
652              -c, --cookie-jar in the same command line is common.
653
654              Examples:
655               curl -b cookiefile https://example.com
656               curl -b cookiefile -c cookiefile https://example.com
657
658       --create-dirs
659              When used in conjunction with the -o, --output option, curl will
660              create the necessary local directory hierarchy as  needed.  This
661              option  creates  the directories mentioned with the -o, --output
662              option, nothing else. If the --output file name uses  no  direc‐
663              tory, or if the directories it mentions already exist, no direc‐
664              tories will be created.
665
666              Created dirs are made with mode 0750 on unix style file systems.
667
668              To create remote directories when using FTP or SFTP, try  --ftp-
669              create-dirs.
670
671              Example:
672               curl --create-dirs --output local/dir/file https://example.com
673
674       --create-file-mode <mode>
675              (SFTP SCP FILE) When curl is used to create files remotely using
676              one of the supported protocols, this option allows the  user  to
677              set which 'mode' to set on the file at creation time, instead of
678              the default 0644.
679
680              This option takes an octal number as argument.
681
682              If this option is used several times, the last one will be used.
683
684              Example:
685               curl --create-file-mode 0777 -T localfile sftp://example.com/new
686
687              See also --ftp-create-dirs. Added in 7.75.0.
688
689       --crlf (FTP SMTP)  Convert  LF  to  CRLF  in  upload.  Useful  for  MVS
690              (OS/390).
691
692              (SMTP added in 7.40.0)
693
694              Example:
695               curl --crlf -T file ftp://example.com/
696
697       --crlfile <file>
698              (TLS) Provide a file using PEM format with a Certificate Revoca‐
699              tion List that may specify peer certificates that are to be con‐
700              sidered revoked.
701
702              If this option is used several times, the last one will be used.
703
704              Example:
705               curl --crlfile rejects.txt https://example.com
706
707              Added in 7.19.7.
708
709       --curves <algorithm list>
710              (TLS)  Tells  curl  to request specific curves to use during SSL
711              session establishment according to RFC 8422, 5.1.  Multiple  al‐
712              gorithms  can  be  provided  by  separating  them with ":" (e.g.
713              "X25519:P-521").  The parameter is available identically in  the
714              "openssl s_client/s_server" utilities.
715
716              --curves  allows  a OpenSSL powered curl to make SSL-connections
717              with exactly the (EC) curve requested by  the  client,  avoiding
718              intransparent client/server negotiations.
719
720              If  this  option  is  set,  the  default  curves list built into
721              openssl will be ignored.
722
723              Example:
724               curl --curves X25519 https://example.com
725
726              Added in 7.73.0.
727
728       --data-ascii <data>
729              (HTTP) This is just an alias for -d, --data.
730
731              Example:
732               curl --data-ascii @file https://example.com
733
734       --data-binary <data>
735              (HTTP) This posts data exactly as specified with no  extra  pro‐
736              cessing whatsoever.
737
738              If  you  start  the data with the letter @, the rest should be a
739              filename.  Data is posted in a  similar  manner  as  -d,  --data
740              does,  except  that  newlines and carriage returns are preserved
741              and conversions are never done.
742
743              Like -d, --data the default content-type sent to the  server  is
744              application/x-www-form-urlencoded.  If  you  want the data to be
745              treated as arbitrary binary data by the server then set the con‐
746              tent-type  to octet-stream: -H "Content-Type: application/octet-
747              stream".
748
749              If this option is used several times,  the  ones  following  the
750              first will append data as described in -d, --data.
751
752              Example:
753               curl --data-binary @filename https://example.com
754
755       --data-raw <data>
756              (HTTP)  This  posts data similarly to -d, --data but without the
757              special interpretation of the @ character.
758
759              Examples:
760               curl --data-raw "hello" https://example.com
761               curl --data-raw "@at@at@" https://example.com
762
763              See also -d, --data. Added in 7.43.0.
764
765       --data-urlencode <data>
766              (HTTP) This posts data, similar to the other -d, --data  options
767              with the exception that this performs URL-encoding.
768
769              To  be  CGI-compliant,  the <data> part should begin with a name
770              followed by a separator and a content specification. The  <data>
771              part can be passed to curl using one of the following syntaxes:
772
773              content
774                     This  will make curl URL-encode the content and pass that
775                     on. Just be careful so that the content  doesn't  contain
776                     any  =  or  @  symbols, as that will then make the syntax
777                     match one of the other cases below!
778
779              =content
780                     This will make curl URL-encode the content and pass  that
781                     on. The preceding = symbol is not included in the data.
782
783              name=content
784                     This  will make curl URL-encode the content part and pass
785                     that on. Note that the name part is expected to  be  URL-
786                     encoded already.
787
788              @filename
789                     This  will  make  curl load data from the given file (in‐
790                     cluding any newlines), URL-encode that data and  pass  it
791                     on in the POST.
792
793              name@filename
794                     This  will  make  curl load data from the given file (in‐
795                     cluding any newlines), URL-encode that data and  pass  it
796                     on  in  the  POST.  The  name part gets an equal sign ap‐
797                     pended, resulting in  name=urlencoded-file-content.  Note
798                     that the name is expected to be URL-encoded already.
799
800       Examples:
801        curl --data-urlencode name=val https://example.com
802        curl --data-urlencode =encodethis https://example.com
803        curl --data-urlencode name@file https://example.com
804        curl --data-urlencode @fileonly https://example.com
805
806       See also -d, --data and --data-raw. Added in 7.18.0.
807
808       -d, --data <data>
809              (HTTP  MQTT)  Sends  the specified data in a POST request to the
810              HTTP server, in the same way that a browser does when a user has
811              filled  in an HTML form and presses the submit button. This will
812              cause curl to pass the data to the server using the content-type
813              application/x-www-form-urlencoded.  Compare to -F, --form.
814
815              --data-raw is almost the same but does not have a special inter‐
816              pretation of the @ character. To post data  purely  binary,  you
817              should  instead use the --data-binary option.  To URL-encode the
818              value of a form field you may use --data-urlencode.
819
820              If any of these options is used more than once on the same  com‐
821              mand  line,  the  data  pieces specified will be merged together
822              with a separating  &-symbol.  Thus,  using  '-d  name=daniel  -d
823              skill=lousy'  would  generate  a  post  chunk  that  looks  like
824              'name=daniel&skill=lousy'.
825
826              If you start the data with the letter @, the rest  should  be  a
827              file  name  to read the data from, or - if you want curl to read
828              the data from stdin. Posting data from  a  file  named  'foobar'
829              would  thus  be done with -d, --data @foobar. When -d, --data is
830              told to read from a file like that, carriage  returns  and  new‐
831              lines will be stripped out. If you don't want the @ character to
832              have a special interpretation use --data-raw instead.
833
834              Examples:
835               curl -d "name=curl" https://example.com
836               curl -d "name=curl" -d "tool=cmdline" https://example.com
837               curl -d @filename https://example.com
838
839              See also --data-binary, --data-urlencode  and  --data-raw.  This
840              option  overrides  -F,  --form  and -I, --head and -T, --upload-
841              file.
842
843       --delegation <LEVEL>
844              (GSS/kerberos) Set LEVEL to tell the server what it  is  allowed
845              to delegate when it comes to user credentials.
846
847              none   Don't allow any delegation.
848
849              policy Delegates  if  and only if the OK-AS-DELEGATE flag is set
850                     in the Kerberos service ticket,  which  is  a  matter  of
851                     realm policy.
852
853              always Unconditionally allow the server to delegate.
854
855       If this option is used several times, the last one will be used.
856
857       Example:
858        curl --delegation "none" https://example.com
859
860       --digest
861              (HTTP)  Enables HTTP Digest authentication. This is an authenti‐
862              cation scheme that prevents the password from  being  sent  over
863              the  wire in clear text. Use this in combination with the normal
864              -u, --user option to set user name and password.
865
866              If this option is used several times,  only  the  first  one  is
867              used.
868
869              Example:
870               curl -u name:password --digest https://example.com
871
872              See  also  -u, --user, --proxy-digest and --anyauth. This option
873              overrides --basic and --ntlm and --negotiate.
874
875       --disable-eprt
876              (FTP) Tell curl to disable the use of the EPRT and LPRT commands
877              when doing active FTP transfers. Curl will normally always first
878              attempt to use EPRT, then LPRT before using PORT, but with  this
879              option,  it  will  use PORT right away. EPRT and LPRT are exten‐
880              sions to the original FTP protocol, and  may  not  work  on  all
881              servers, but they enable more functionality in a better way than
882              the traditional PORT command.
883
884              --eprt can be used to explicitly enable EPRT again and --no-eprt
885              is an alias for --disable-eprt.
886
887              If  the  server is accessed using IPv6, this option will have no
888              effect as EPRT is necessary then.
889
890              Disabling EPRT only changes the active behavior. If you want  to
891              switch  to  passive  mode  you need to not use -P, --ftp-port or
892              force it with --ftp-pasv.
893
894              Example:
895               curl --disable-eprt ftp://example.com/
896
897       --disable-epsv
898              (FTP) Tell curl to disable the use of the EPSV command when  do‐
899              ing  passive  FTP transfers. Curl will normally always first at‐
900              tempt to use EPSV before PASV, but with this option, it will not
901              try using EPSV.
902
903              --epsv can be used to explicitly enable EPSV again and --no-epsv
904              is an alias for --disable-epsv.
905
906              If the server is an IPv6 host, this option will have  no  effect
907              as EPSV is necessary then.
908
909              Disabling EPSV only changes the passive behavior. If you want to
910              switch to active mode you need to use -P, --ftp-port.
911
912              Example:
913               curl --disable-epsv ftp://example.com/
914
915       -q, --disable
916              If used as the first parameter on the command line,  the  curlrc
917              config  file will not be read and used. See the -K, --config for
918              details on the default config file search path.
919
920              Example:
921               curl -q https://example.com
922
923       --disallow-username-in-url
924              (HTTP) This tells curl to exit if  passed  a  url  containing  a
925              username.  This  is  probably  most useful when the URL is being
926              provided at run-time or similar.
927
928              Example:
929               curl --disallow-username-in-url https://example.com
930
931              See also --proto. Added in 7.61.0.
932
933       --dns-interface <interface>
934              (DNS) Tell curl to send outgoing DNS  requests  through  <inter‐
935              face>.  This  option is a counterpart to --interface (which does
936              not affect DNS). The supplied string must be an  interface  name
937              (not an address).
938
939              Example:
940               curl --dns-interface eth0 https://example.com
941
942              See  also  --dns-ipv4-addr  and --dns-ipv6-addr. --dns-interface
943              requires that the underlying libcurl was  built  to  support  c-
944              ares. Added in 7.33.0.
945
946       --dns-ipv4-addr <address>
947              (DNS) Tell curl to bind to <ip-address> when making IPv4 DNS re‐
948              quests, so that the DNS requests originate  from  this  address.
949              The argument should be a single IPv4 address.
950
951              If this option is used several times, the last one will be used.
952
953              Example:
954               curl --dns-ipv4-addr 10.1.2.3 https://example.com
955
956              See  also  --dns-interface  and --dns-ipv6-addr. --dns-ipv4-addr
957              requires that the underlying libcurl was  built  to  support  c-
958              ares. Added in 7.33.0.
959
960       --dns-ipv6-addr <address>
961              (DNS) Tell curl to bind to <ip-address> when making IPv6 DNS re‐
962              quests, so that the DNS requests originate  from  this  address.
963              The argument should be a single IPv6 address.
964
965              If this option is used several times, the last one will be used.
966
967              Example:
968               curl --dns-ipv6-addr 2a04:4e42::561 https://example.com
969
970              See  also  --dns-interface  and --dns-ipv4-addr. --dns-ipv6-addr
971              requires that the underlying libcurl was  built  to  support  c-
972              ares. Added in 7.33.0.
973
974       --dns-servers <addresses>
975              Set the list of DNS servers to be used instead of the system de‐
976              fault.  The list of IP addresses should be separated  with  com‐
977              mas. Port numbers may also optionally be given as :<port-number>
978              after each IP address.
979
980              If this option is used several times, the last one will be used.
981
982              Example:
983               curl --dns-servers 192.168.0.1,192.168.0.2 https://example.com
984
985              --dns-servers requires that the underlying libcurl was built  to
986              support c-ares. Added in 7.33.0.
987
988       --doh-cert-status
989              (all) Same as --cert-status but used for DoH (DNS-over-HTTPS).
990
991              Example:
992               curl --doh-cert-status --doh-url https://doh.example https://example.com
993
994              Added in 7.76.0.
995
996       --doh-insecure
997              (all) Same as -k, --insecure but used for DoH (DNS-over-HTTPS).
998
999              Example:
1000               curl --doh-insecure --doh-url https://doh.example https://example.com
1001
1002              Added in 7.76.0.
1003
1004       --doh-url <URL>
1005              (all)  Specifies which DNS-over-HTTPS (DoH) server to use to re‐
1006              solve hostnames, instead of  using  the  default  name  resolver
1007              mechanism. The URL must be HTTPS.
1008
1009              Some  SSL  options  that you set for your transfer will apply to
1010              DoH since the name lookups take place  over  SSL.  However,  the
1011              certificate  verification  settings are not inherited and can be
1012              controlled separately via --doh-insecure and --doh-cert-status.
1013
1014              If this option is used several times, the last one will be used.
1015
1016              Example:
1017               curl --doh-url https://doh.example https://example.com
1018
1019              Added in 7.62.0.
1020
1021       -D, --dump-header <filename>
1022              (HTTP FTP) Write the received protocol headers to the  specified
1023              file.  If  no  headers are received, the use of this option will
1024              create an empty file.
1025
1026              When used in FTP, the FTP server response lines  are  considered
1027              being "headers" and thus are saved there.
1028
1029              If this option is used several times, the last one will be used.
1030
1031              Example:
1032               curl --dump-header store.txt https://example.com
1033
1034              See also -o, --output.
1035
1036       --egd-file <file>
1037              (TLS)  Specify  the  path  name  to the Entropy Gathering Daemon
1038              socket. The socket is used to seed the  random  engine  for  SSL
1039              connections.
1040
1041              Example:
1042               curl --egd-file /random/here https://example.com
1043
1044              See also --random-file.
1045
1046       --engine <name>
1047              (TLS)  Select the OpenSSL crypto engine to use for cipher opera‐
1048              tions. Use --engine list to print a list of build-time supported
1049              engines.  Note  that  not all (and possibly none) of the engines
1050              may be available at run-time.
1051
1052              Example:
1053               curl --engine flavor https://example.com
1054
1055       --etag-compare <file>
1056              (HTTP) This option makes a conditional HTTP request for the spe‐
1057              cific ETag read from the given file by sending a custom If-None-
1058              Match header using the stored ETag.
1059
1060              For correct results, make sure that the specified file  contains
1061              only  a  single  line  with  the  desired ETag. An empty file is
1062              parsed as an empty ETag.
1063
1064              Use the option --etag-save to first save the  ETag  from  a  re‐
1065              sponse,  and  then  use this option to compare against the saved
1066              ETag in a subsequent request.
1067
1068              Example:
1069               curl --etag-compare etag.txt https://example.com
1070
1071              Added in 7.68.0.
1072
1073       --etag-save <file>
1074              (HTTP) This option saves an HTTP ETag to the specified file.  An
1075              ETag  is  a  caching  related  header, usually returned in a re‐
1076              sponse.
1077
1078              If no ETag is sent by the server, an empty file is created.
1079
1080              Example:
1081               curl --etag-save storetag.txt https://example.com
1082
1083              Added in 7.68.0.
1084
1085       --expect100-timeout <seconds>
1086              (HTTP) Maximum time in seconds that you allow curl to wait for a
1087              100-continue  response  when curl emits an Expects: 100-continue
1088              header in its request. By default curl  will  wait  one  second.
1089              This  option accepts decimal values! When curl stops waiting, it
1090              will continue as if the response has been received.
1091
1092              Example:
1093               curl --expect100-timeout 2.5 -T file https://example.com
1094
1095              See also --connect-timeout. Added in 7.47.0.
1096
1097       --fail-early
1098              Fail and exit on the first detected transfer error.
1099
1100              When curl is used to do multiple transfers on the command  line,
1101              it will attempt to operate on each given URL, one by one. By de‐
1102              fault, it will ignore errors if there are more  URLs  given  and
1103              the  last  URL's  success will determine the error code curl re‐
1104              turns. So early failures will be "hidden" by subsequent success‐
1105              ful transfers.
1106
1107              Using  this  option,  curl  will  instead return an error on the
1108              first transfer that fails, independent of  the  amount  of  URLs
1109              that  are given on the command line. This way, no transfer fail‐
1110              ures go undetected by scripts and similar.
1111
1112              This option is global and does not need to be specified for each
1113              use of -:, --next.
1114
1115              This option does not imply -f, --fail, which causes transfers to
1116              fail due to the server's HTTP status code. You can  combine  the
1117              two options, however note -f, --fail is not global and is there‐
1118              fore contained by -:, --next.
1119
1120              Example:
1121               curl --fail-early https://example.com https://two.example
1122
1123              Added in 7.52.0.
1124
1125       --fail-with-body
1126              (HTTP) Return an error on server errors where the HTTP  response
1127              code  is  400  or  greater). In normal cases when an HTTP server
1128              fails to deliver a document, it returns an HTML document stating
1129              so  (which  often  also  describes why and more). This flag will
1130              still allow curl to output and save that content but also to re‐
1131              turn error 22.
1132
1133              This  is  an  alternative  option to -f, --fail which makes curl
1134              fail for the same circumstances but without saving the content.
1135
1136              Example:
1137               curl --fail-with-body https://example.com
1138
1139              See also -f, --fail. Added in 7.76.0.
1140
1141       -f, --fail
1142              (HTTP) Fail silently (no output at all) on server  errors.  This
1143              is  mostly done to enable scripts etc to better deal with failed
1144              attempts. In normal cases when an HTTP server fails to deliver a
1145              document,  it  returns  an HTML document stating so (which often
1146              also describes why and more). This flag will prevent  curl  from
1147              outputting that and return error 22.
1148
1149              This  method is not fail-safe and there are occasions where non-
1150              successful response codes will slip through, especially when au‐
1151              thentication is involved (response codes 401 and 407).
1152
1153              Example:
1154               curl --fail https://example.com
1155
1156              See also --fail-with-body.
1157
1158       --false-start
1159              (TLS)  Tells  curl  to use false start during the TLS handshake.
1160              False start is a mode where a TLS client will start sending  ap‐
1161              plication  data  before verifying the server's Finished message,
1162              thus saving a round trip when performing a full handshake.
1163
1164              This is currently only implemented in the NSS and Secure  Trans‐
1165              port (on iOS 7.0 or later, or OS X 10.9 or later) backends.
1166
1167              Example:
1168               curl --false-start https://example.com
1169
1170              Added in 7.42.0.
1171
1172       --form-string <name=string>
1173              (HTTP  SMTP  IMAP)  Similar  to -F, --form except that the value
1174              string for the named parameter is used  literally.  Leading  '@'
1175              and '<' characters, and the ';type=' string in the value have no
1176              special meaning. Use this in preference to -F, --form if there's
1177              any  possibility  that the string value may accidentally trigger
1178              the '@' or '<' features of -F, --form.
1179
1180              Example:
1181               curl --form-string "data" https://example.com
1182
1183              See also -F, --form.
1184
1185       -F, --form <name=content>
1186              (HTTP SMTP IMAP) For HTTP protocol family, this lets  curl  emu‐
1187              late  a  filled-in  form  in which a user has pressed the submit
1188              button. This causes curl to POST  data  using  the  Content-Type
1189              multipart/form-data according to RFC 2388.
1190
1191              For SMTP and IMAP protocols, this is the means to compose a mul‐
1192              tipart mail message to transmit.
1193
1194              This enables uploading of binary files etc. To force  the  'con‐
1195              tent' part to be a file, prefix the file name with an @ sign. To
1196              just get the content part from a file, prefix the file name with
1197              the  symbol  <.  The  difference  between @ and < is then that @
1198              makes a file get attached in the post as a  file  upload,  while
1199              the < makes a text field and just get the contents for that text
1200              field from a file.
1201
1202              Tell curl to read content from stdin instead of a file by  using
1203              - as filename. This goes for both @ and < constructs. When stdin
1204              is used, the contents is buffered in memory first by curl to de‐
1205              termine its size and allow a possible resend.  Defining a part's
1206              data from a named non-regular file (such as a named pipe or sim‐
1207              ilar)  is unfortunately not subject to buffering and will be ef‐
1208              fectively read at transmission time; since the full size is  un‐
1209              known before the transfer starts, such data is sent as chunks by
1210              HTTP and rejected by IMAP.
1211
1212              Example: send an image to an HTTP server, where 'profile' is the
1213              name  of  the  form-field to which the file portrait.jpg will be
1214              the input:
1215
1216               curl -F profile=@portrait.jpg https://example.com/upload.cgi
1217
1218              Example: send your name and shoe size in two text fields to  the
1219              server:
1220
1221               curl -F name=John -F shoesize=11 https://example.com/
1222
1223              Example:  send your essay in a text field to the server. Send it
1224              as a plain text field, but get the contents for it from a  local
1225              file:
1226
1227               curl -F "story=<hugefile.txt" https://example.com/
1228
1229              You  can  also  tell  curl  what  Content-Type  to  use by using
1230              'type=', in a manner similar to:
1231
1232               curl -F "web=@index.html;type=text/html" example.com
1233
1234              or
1235
1236               curl -F "name=daniel;type=text/foo" example.com
1237
1238              You can also explicitly change the name field of a  file  upload
1239              part by setting filename=, like this:
1240
1241               curl -F "file=@localfile;filename=nameinpost" example.com
1242
1243              If  filename/path contains ',' or ';', it must be quoted by dou‐
1244              ble-quotes like:
1245
1246               curl -F "file=@\"local,file\";filename=\"name;in;post\""  exam‐
1247              ple.com
1248
1249              or
1250
1251               curl   -F   'file=@"local,file";filename="name;in;post"'  exam‐
1252              ple.com
1253
1254              Note that if a filename/path is  quoted  by  double-quotes,  any
1255              double-quote or backslash within the filename must be escaped by
1256              backslash.
1257
1258              Quoting must also be applied to non-file  data  if  it  contains
1259              semicolons, leading/trailing spaces or leading double quotes:
1260
1261               curl  -F  'colors="red;  green;  blue";type=text/x-myapp' exam‐
1262              ple.com
1263
1264              You can add custom headers to the  field  by  setting  headers=,
1265              like
1266
1267                curl -F "submit=OK;headers=\"X-submit-type: OK\"" example.com
1268
1269              or
1270
1271                curl -F "submit=OK;headers=@headerfile" example.com
1272
1273              The  headers=  keyword may appear more that once and above notes
1274              about quoting apply. When headers are read from  a  file,  Empty
1275              lines and lines starting with '#' are comments and ignored; each
1276              header can be folded by splitting between two words and starting
1277              the  continuation  line  with a space; embedded carriage-returns
1278              and trailing spaces are stripped.   Here  is  an  example  of  a
1279              header file contents:
1280
1281                # This file contain two headers.
1282                X-header-1: this is a header
1283
1284                # The following header is folded.
1285                X-header-2: this is
1286                 another header
1287
1288
1289              To  support  sending  multipart mail messages, the syntax is ex‐
1290              tended as follows:
1291              - name can be omitted: the equal sign is the first character  of
1292              the argument,
1293              -  if  data  starts with '(', this signals to start a new multi‐
1294              part: it can be followed by a content type specification.
1295              - a multipart can be terminated with a '=)' argument.
1296
1297              Example: the following command sends an SMTP  mime  e-mail  con‐
1298              sisting in an inline part in two alternative formats: plain text
1299              and HTML. It attaches a text file:
1300
1301               curl -F '=(;type=multipart/alternative' \
1302                       -F '=plain text message' \
1303                       -F '= <body>HTML message</body>;type=text/html' \
1304                    -F '=)' -F '=@textfile.txt' ...  smtp://example.com
1305
1306              Data can be encoded for transfer using encoder=.  Available  en‐
1307              codings are binary and 8bit that do nothing else than adding the
1308              corresponding Content-Transfer-Encoding header, 7bit  that  only
1309              rejects 8-bit characters with a transfer error, quoted-printable
1310              and base64 that encodes  data  according  to  the  corresponding
1311              schemes, limiting lines length to 76 characters.
1312
1313              Example:  send  multipart mail with a quoted-printable text mes‐
1314              sage and a base64 attached file:
1315
1316               curl -F '=text message;encoder=quoted-printable' \
1317                    -F '=@localfile;encoder=base64' ... smtp://example.com
1318
1319              See further examples and details in the MANUAL.
1320
1321              This option can be used multiple times.
1322
1323              Example:
1324               curl --form "name=curl" --form "file=@loadthis" https://example.com
1325
1326              This option overrides -d, --data and -I, --head  and  -T,  --up‐
1327              load-file.
1328
1329       --ftp-account <data>
1330              (FTP) When an FTP server asks for "account data" after user name
1331              and password has been provided, this data is sent off using  the
1332              ACCT command.
1333
1334              If this option is used several times, the last one will be used.
1335
1336              Example:
1337               curl --ftp-account "mr.robot" ftp://example.com/
1338
1339              Added in 7.13.0.
1340
1341       --ftp-alternative-to-user <command>
1342              (FTP)  If  authenticating with the USER and PASS commands fails,
1343              send this  command.   When  connecting  to  Tumbleweed's  Secure
1344              Transport  server  over  FTPS  using a client certificate, using
1345              "SITE AUTH" will tell the server to retrieve the  username  from
1346              the certificate.
1347
1348              Example:
1349               curl --ftp-alternative-to-user "U53r" ftp://example.com
1350
1351              Added in 7.15.5.
1352
1353       --ftp-create-dirs
1354              (FTP  SFTP)  When  an FTP or SFTP URL/operation uses a path that
1355              doesn't currently exist on the server, the standard behavior  of
1356              curl is to fail. Using this option, curl will instead attempt to
1357              create missing directories.
1358
1359              Example:
1360               curl --ftp-create-dirs -T file ftp://example.com/remote/path/file
1361
1362              See also --create-dirs.
1363
1364       --ftp-method <method>
1365              (FTP) Control what method curl should use to reach a file on  an
1366              FTP(S)  server. The method argument should be one of the follow‐
1367              ing alternatives:
1368
1369              multicwd
1370                     curl does a single CWD operation for each  path  part  in
1371                     the  given URL. For deep hierarchies this means very many
1372                     commands. This is how RFC 1738 says it  should  be  done.
1373                     This is the default but the slowest behavior.
1374
1375              nocwd  curl  does  no  CWD at all. curl will do SIZE, RETR, STOR
1376                     etc and give a full path to the server for all these com‐
1377                     mands. This is the fastest behavior.
1378
1379              singlecwd
1380                     curl does one CWD with the full target directory and then
1381                     operates on the file "normally"  (like  in  the  multicwd
1382                     case).  This  is  somewhat  more standards compliant than
1383                     'nocwd' but without the full penalty of 'multicwd'.
1384
1385       Examples:
1386        curl --ftp-method multicwd ftp://example.com/dir1/dir2/file
1387        curl --ftp-method nocwd ftp://example.com/dir1/dir2/file
1388        curl --ftp-method singlecwd ftp://example.com/dir1/dir2/file
1389
1390       Added in 7.15.1.
1391
1392       --ftp-pasv
1393              (FTP) Use passive mode for the data connection. Passive  is  the
1394              internal  default behavior, but using this option can be used to
1395              override a previous -P, --ftp-port option.
1396
1397              If this option is used several times,  only  the  first  one  is
1398              used.  Undoing  an  enforced passive really isn't doable but you
1399              must then instead enforce the correct -P, --ftp-port again.
1400
1401              Passive mode means that curl will try the EPSV command first and
1402              then PASV, unless --disable-epsv is used.
1403
1404              Example:
1405               curl --ftp-pasv ftp://example.com/
1406
1407              See also --disable-epsv. Added in 7.11.0.
1408
1409       -P, --ftp-port <address>
1410              (FTP)  Reverses  the  default initiator/listener roles when con‐
1411              necting with FTP. This option makes curl use active  mode.  curl
1412              then  tells the server to connect back to the client's specified
1413              address and port, while passive mode asks the server to setup an
1414              IP  address  and  port for it to connect to. <address> should be
1415              one of:
1416
1417              interface
1418                     e.g. "eth0" to specify which interface's IP  address  you
1419                     want to use (Unix only)
1420
1421              IP address
1422                     e.g. "192.168.10.1" to specify the exact IP address
1423
1424              host name
1425                     e.g. "my.host.domain" to specify the machine
1426
1427              -      make  curl  pick the same IP address that is already used
1428                     for the control connection
1429
1430       If this option is used several times, the last one will be  used.  Dis‐
1431       able  the  use  of PORT with --ftp-pasv. Disable the attempt to use the
1432       EPRT command instead of PORT by using --disable-eprt.  EPRT  is  really
1433       PORT++.
1434
1435       Since  7.19.5,  you can append ":[start]-[end]" to the right of the ad‐
1436       dress, to tell curl what TCP port range to use. That means you  specify
1437       a port range, from a lower to a higher number. A single number works as
1438       well, but do note that it increases the risk of failure since the  port
1439       may not be available.
1440
1441       Examples:
1442        curl -P - ftp:/example.com
1443        curl -P eth0 ftp:/example.com
1444        curl -P 192.168.0.2 ftp:/example.com
1445
1446       See also --ftp-pasv and --disable-eprt.
1447
1448       --ftp-pret
1449              (FTP)  Tell  curl to send a PRET command before PASV (and EPSV).
1450              Certain FTP servers, mainly drftpd,  require  this  non-standard
1451              command  for  directory  listings as well as up and downloads in
1452              PASV mode.
1453
1454              Example:
1455               curl --ftp-pret ftp://example.com/
1456
1457              Added in 7.20.0.
1458
1459       --ftp-skip-pasv-ip
1460              (FTP) Tell curl to not use the IP address the server suggests in
1461              its  response to curl's PASV command when curl connects the data
1462              connection. Instead curl will re-use the same IP address it  al‐
1463              ready uses for the control connection.
1464
1465              Since curl 7.74.0 this option is enabled by default.
1466
1467              This  option has no effect if PORT, EPRT or EPSV is used instead
1468              of PASV.
1469
1470              Example:
1471               curl --ftp-skip-pasv-ip ftp://example.com/
1472
1473              See also --ftp-pasv. Added in 7.14.2.
1474
1475       --ftp-ssl-ccc-mode <active/passive>
1476              (FTP) Sets the CCC mode. The passive mode will not initiate  the
1477              shutdown, but instead wait for the server to do it, and will not
1478              reply to the shutdown from the server. The active mode initiates
1479              the shutdown and waits for a reply from the server.
1480
1481              Example:
1482               curl --ftp-ssl-ccc-mode active --ftp-ssl-ccc ftps://example.com/
1483
1484              See also --ftp-ssl-ccc. Added in 7.16.2.
1485
1486       --ftp-ssl-ccc
1487              (FTP)  Use  CCC  (Clear  Command Channel) Shuts down the SSL/TLS
1488              layer after authenticating. The rest of the control channel com‐
1489              munication  will be unencrypted. This allows NAT routers to fol‐
1490              low the FTP transaction. The default mode is passive.
1491
1492              Example:
1493               curl --ftp-ssl-ccc ftps://example.com/
1494
1495              See also --ssl and --ftp-ssl-ccc-mode. Added in 7.16.1.
1496
1497       --ftp-ssl-control
1498              (FTP) Require SSL/TLS for the FTP  login,  clear  for  transfer.
1499              Allows  secure  authentication, but non-encrypted data transfers
1500              for efficiency.  Fails the transfer if the server  doesn't  sup‐
1501              port SSL/TLS.
1502
1503              Example:
1504               curl --ftp-ssl-control ftp://example.com
1505
1506              Added in 7.16.0.
1507
1508       -G, --get
1509              When  used,  this  option  will make all data specified with -d,
1510              --data, --data-binary or --data-urlencode to be used in an  HTTP
1511              GET  request instead of the POST request that otherwise would be
1512              used. The data will be appended to the URL with a '?' separator.
1513
1514              If used in combination with -I, --head, the POST data  will  in‐
1515              stead be appended to the URL with a HEAD request.
1516
1517              If  this  option  is  used  several times, only the first one is
1518              used. This is because undoing a GET doesn't make sense, but  you
1519              should then instead enforce the alternative method you prefer.
1520
1521              Examples:
1522               curl --get https://example.com
1523               curl --get -d "tool=curl" -d "age=old" https://example.com
1524               curl --get -I -d "tool=curl" https://example.com
1525
1526       -g, --globoff
1527              This option switches off the "URL globbing parser". When you set
1528              this option, you can specify URLs that contain the letters  {}[]
1529              without  having curl itself interpret them. Note that these let‐
1530              ters are not normal legal URL contents but they  should  be  en‐
1531              coded according to the URI standard.
1532
1533              Example:
1534               curl -g "https://example.com/{[]}}}}"
1535
1536       --happy-eyeballs-timeout-ms <milliseconds>
1537              Happy  Eyeballs is an algorithm that attempts to connect to both
1538              IPv4 and IPv6 addresses for  dual-stack  hosts,  giving  IPv6  a
1539              head-start  of the specified number of milliseconds. If the IPv6
1540              address cannot be connected to within that time, then a  connec‐
1541              tion  attempt is made to the IPv4 address in parallel. The first
1542              connection to be established is the one that is used.
1543
1544              The range of suggested useful values is limited. Happy  Eyeballs
1545              RFC  6555  says  "It  is RECOMMENDED that connection attempts be
1546              paced 150-250 ms apart to balance human factors against  network
1547              load."  libcurl currently defaults to 200 ms. Firefox and Chrome
1548              currently default to 300 ms.
1549
1550              If this option is used several times, the last one will be used.
1551
1552              Example:
1553               curl --happy-eyeballs-timeout-ms 500 https://example.com
1554
1555              Added in 7.59.0.
1556
1557       --haproxy-protocol
1558              (HTTP) Send a HAProxy PROXY protocol v1 header at the  beginning
1559              of  the  connection. This is used by some load balancers and re‐
1560              verse proxies to indicate the client's true IP address and port.
1561
1562              This option is primarily useful when sending test requests to  a
1563              service that expects this header.
1564
1565              Example:
1566               curl --haproxy-protocol https://example.com
1567
1568              Added in 7.60.0.
1569
1570       -I, --head
1571              (HTTP FTP FILE) Fetch the headers only! HTTP-servers feature the
1572              command HEAD which this uses to get nothing but the header of  a
1573              document.  When  used  on an FTP or FILE file, curl displays the
1574              file size and last modification time only.
1575
1576              Example:
1577               curl -I https://example.com
1578
1579       -H, --header <header/@file>
1580              (HTTP) Extra header to include in the request when sending  HTTP
1581              to  a  server. You may specify any number of extra headers. Note
1582              that if you should add a custom header that has the same name as
1583              one  of  the  internal  ones curl would use, your externally set
1584              header will be used instead of the internal one. This allows you
1585              to  make  even  trickier  stuff than curl would normally do. You
1586              should not replace internally set headers without  knowing  per‐
1587              fectly well what you're doing. Remove an internal header by giv‐
1588              ing a replacement without content  on  the  right  side  of  the
1589              colon, as in: -H "Host:". If you send the custom header with no-
1590              value then its header must be terminated with a semicolon,  such
1591              as -H "X-Custom-Header;" to send "X-Custom-Header:".
1592
1593              curl  will  make  sure  that each header you add/replace is sent
1594              with the proper end-of-line marker, you should thus not add that
1595              as a part of the header content: do not add newlines or carriage
1596              returns, they will only mess things up for you.
1597
1598              This option can take an argument in @filename style, which  then
1599              adds  a  header  for  each line in the input file. Using @- will
1600              make curl read the header file from stdin. Added in 7.55.0.
1601
1602              You need --proxy-header to send custom headers  intended  for  a
1603              HTTP proxy. Added in 7.37.0.
1604
1605              Passing  on  a  "Transfer-Encoding: chunked" header when doing a
1606              HTTP request with a request body, will make curl send  the  data
1607              using chunked encoding.
1608
1609              WARNING:  headers  set  with  this option will be set in all re‐
1610              quests - even after redirects are followed, like when told  with
1611              -L,  --location. This can lead to the header being sent to other
1612              hosts than the original host, so  sensitive  headers  should  be
1613              used with caution combined with following redirects.
1614
1615              This  option  can  be  used multiple times to add/replace/remove
1616              multiple headers.
1617
1618              Examples:
1619               curl -H "X-First-Name: Joe" https://example.com
1620               curl -H "User-Agent: yes-please/2000" https://example.com
1621               curl -H "Host:" https://example.com
1622
1623              See also -A, --user-agent and -e, --referer.
1624
1625       -h, --help <category>
1626              Usage help. This lists all commands of the  <category>.   If  no
1627              arg  was  provided, curl will display the most important command
1628              line arguments.  If the argument "all" was provided,  curl  will
1629              display  all  options available.  If the argument "category" was
1630              provided, curl will display all categories and their meanings.
1631
1632              Example:
1633               curl --help all
1634
1635       --hostpubmd5 <md5>
1636              (SFTP SCP) Pass a string containing 32 hexadecimal  digits.  The
1637              string  should  be the 128 bit MD5 checksum of the remote host's
1638              public key, curl will refuse the connection with the host unless
1639              the md5sums match.
1640
1641              Example:
1642               curl --hostpubmd5 e5c1c49020640a5ab0f2034854c321a8 sftp://example.com/
1643
1644              Added in 7.17.1.
1645
1646       --hsts <file name>
1647              (HTTPS)  This  option enables HSTS for the transfer. If the file
1648              name points to an existing HSTS cache file, that will  be  used.
1649              After  a completed transfer, the cache will be saved to the file
1650              name again if it has been modified.
1651
1652              Specify a "" file name (zero length) to avoid loading/saving and
1653              make curl just handle HSTS in memory.
1654
1655              If  this  option  is used several times, curl will load contents
1656              from all the files but the last one will be used for saving.
1657
1658              Example:
1659               curl --hsts cache.txt https://example.com
1660
1661              Added in 7.74.0.
1662
1663       --http0.9
1664              (HTTP) Tells curl to be fine with HTTP version 0.9 response.
1665
1666              HTTP/0.9 is a completely headerless response and  therefore  you
1667              can  also  connect with this to non-HTTP servers and still get a
1668              response since curl will simply transparently downgrade - if al‐
1669              lowed.
1670
1671              Since curl 7.66.0, HTTP/0.9 is disabled by default.
1672
1673              Example:
1674               curl --http0.9 https://example.com
1675
1676       -0, --http1.0
1677              (HTTP)  Tells  curl to use HTTP version 1.0 instead of using its
1678              internally preferred HTTP version.
1679
1680              Example:
1681               curl --http1.0 https://example.com
1682
1683              This option overrides --http1.1 and --http2.
1684
1685       --http1.1
1686              (HTTP) Tells curl to use HTTP version 1.1.
1687
1688              Example:
1689               curl --http1.1 https://example.com
1690
1691              This option  overrides  -0,  --http1.0  and  --http2.  Added  in
1692              7.33.0.
1693
1694       --http2-prior-knowledge
1695              (HTTP)  Tells  curl  to  issue  its  non-TLS HTTP requests using
1696              HTTP/2 without HTTP/1.1 Upgrade.  It  requires  prior  knowledge
1697              that  the  server  supports HTTP/2 straight away. HTTPS requests
1698              will still do HTTP/2 the standard way with  negotiated  protocol
1699              version in the TLS handshake.
1700
1701              Example:
1702               curl --http2-prior-knowledge https://example.com
1703
1704              --http2-prior-knowledge requires that the underlying libcurl was
1705              built to support HTTP/2. This option overrides --http1.1 and -0,
1706              --http1.0 and --http2. Added in 7.49.0.
1707
1708       --http2
1709              (HTTP) Tells curl to use HTTP version 2.
1710
1711              For  HTTPS,  this means curl will attempt to negotiate HTTP/2 in
1712              the TLS handshake. curl does this by default.
1713
1714              For HTTP, this means curl will attempt to upgrade the request to
1715              HTTP/2 using the Upgrade: request header.
1716
1717              Example:
1718               curl --http2 https://example.com
1719
1720              See also --http1.1 and --http3. --http2 requires that the under‐
1721              lying libcurl was built to support HTTP/2. This option overrides
1722              --http1.1  and  -0, --http1.0 and --http2-prior-knowledge. Added
1723              in 7.33.0.
1724
1725       --http3
1726              (HTTP) WARNING: this option is experimental. Do not use in  pro‐
1727              duction.
1728
1729              Tells  curl  to use HTTP version 3 directly to the host and port
1730              number used in the URL. A normal HTTP/3 transaction will be done
1731              to  a  host and then get redirected via Alt-Svc, but this option
1732              allows a user to circumvent that when you know that  the  target
1733              speaks HTTP/3 on the given host and port.
1734
1735              This  option  will make curl fail if a QUIC connection cannot be
1736              established, it cannot fall back to a lower HTTP version on  its
1737              own.
1738
1739              Example:
1740               curl --http3 https://example.com
1741
1742              See also --http1.1 and --http2. --http3 requires that the under‐
1743              lying libcurl was built to support HTTP/3. This option overrides
1744              --http1.1 and -0, --http1.0 and --http2 and --http2-prior-knowl‐
1745              edge. Added in 7.66.0.
1746
1747       --ignore-content-length
1748              (FTP HTTP) For HTTP, Ignore the Content-Length header.  This  is
1749              particularly  useful  for servers running Apache 1.x, which will
1750              report incorrect Content-Length for files larger  than  2  giga‐
1751              bytes.
1752
1753              For  FTP (since 7.46.0), skip the RETR command to figure out the
1754              size before downloading a file.
1755
1756              This option doesn't work for HTTP if libcurl was  built  to  use
1757              hyper.
1758
1759              Example:
1760               curl --ignore-content-length https://example.com
1761
1762       -i, --include
1763              Include  the  HTTP  response headers in the output. The HTTP re‐
1764              sponse headers can include things  like  server  name,  cookies,
1765              date of the document, HTTP version and more...
1766
1767              To view the request headers, consider the -v, --verbose option.
1768
1769              Example:
1770               curl -i https://example.com
1771
1772              See also -v, --verbose.
1773
1774       -k, --insecure
1775              (TLS) By default, every SSL connection curl makes is verified to
1776              be secure. This option allows curl to proceed and  operate  even
1777              for server connections otherwise considered insecure.
1778
1779              The  server  connection  is verified by making sure the server's
1780              certificate contains the right name  and  verifies  successfully
1781              using the cert store.
1782
1783              See this online resource for further details:
1784               https://curl.se/docs/sslcerts.html
1785
1786              WARNING: this makes the transfer insecure.
1787
1788              Example:
1789               curl --insecure https://example.com
1790
1791              See also --proxy-insecure and --cacert.
1792
1793       --interface <name>
1794
1795              Perform  an operation using a specified interface. You can enter
1796              interface name, IP address or host name. An example  could  look
1797              like:
1798
1799               curl --interface eth0:1 https://www.example.com/
1800
1801              If this option is used several times, the last one will be used.
1802
1803              On  Linux  it can be used to specify a VRF, but the binary needs
1804              to either have CAP_NET_RAW or to be run as root.  More  informa‐
1805              tion   about  Linux  VRF:  https://www.kernel.org/doc/Documenta
1806              tion/networking/vrf.txt
1807
1808              Example:
1809               curl --interface eth0 https://example.com
1810
1811              See also --dns-interface.
1812
1813       -4, --ipv4
1814              This option tells curl to resolve names to IPv4 addresses  only,
1815              and not for example try IPv6.
1816
1817              Example:
1818               curl --ipv4 https://example.com
1819
1820              See  also  --http1.1  and  --http2.  This  option  overrides -6,
1821              --ipv6.
1822
1823       -6, --ipv6
1824              This option tells curl to resolve names to IPv6 addresses  only,
1825              and not for example try IPv4.
1826
1827              Example:
1828               curl --ipv6 https://example.com
1829
1830              See  also  --http1.1  and  --http2.  This  option  overrides -4,
1831              --ipv4.
1832
1833       -j, --junk-session-cookies
1834              (HTTP) When curl is told to read cookies from a given file, this
1835              option will make it discard all "session cookies". This will ba‐
1836              sically have the same effect as if a  new  session  is  started.
1837              Typical  browsers  always  discard  session cookies when they're
1838              closed down.
1839
1840              Example:
1841               curl --junk-session-cookies -b cookies.txt https://example.com
1842
1843              See also -b, --cookie and -c, --cookie-jar.
1844
1845       --keepalive-time <seconds>
1846              This option sets the time a connection needs to remain idle  be‐
1847              fore  sending  keepalive  probes and the time between individual
1848              keepalive probes. It is currently effective on operating systems
1849              offering  the  TCP_KEEPIDLE  and  TCP_KEEPINTVL  socket  options
1850              (meaning Linux, recent AIX, HP-UX and more). This option has  no
1851              effect if --no-keepalive is used.
1852
1853              If this option is used several times, the last one will be used.
1854              If unspecified, the option defaults to 60 seconds.
1855
1856              Example:
1857               curl --keepalive-time 20 https://example.com
1858
1859              Added in 7.18.0.
1860
1861       --key-type <type>
1862              (TLS) Private key file type. Specify which type your --key  pro‐
1863              vided  private  key  is. DER, PEM, and ENG are supported. If not
1864              specified, PEM is assumed.
1865
1866              If this option is used several times, the last one will be used.
1867
1868              Example:
1869               curl --key-type DER --key here https://example.com
1870
1871       --key <key>
1872              (TLS SSH) Private key file name. Allows you to provide your pri‐
1873              vate  key in this separate file. For SSH, if not specified, curl
1874              tries  the  following  candidates  in  order:   '~/.ssh/id_rsa',
1875              '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
1876
1877              If  curl is built against OpenSSL library, and the engine pkcs11
1878              is available, then a PKCS#11 URI (RFC 7512) can be used to spec‐
1879              ify  a  private key located in a PKCS#11 device. A string begin‐
1880              ning with "pkcs11:" will be interpreted as a PKCS#11 URI.  If  a
1881              PKCS#11 URI is provided, then the --engine option will be set as
1882              "pkcs11" if none was provided and the --key-type option will  be
1883              set as "ENG" if none was provided.
1884
1885              If this option is used several times, the last one will be used.
1886
1887              Example:
1888               curl --cert certificate --key here https://example.com
1889
1890       --krb <level>
1891              (FTP)  Enable Kerberos authentication and use. The level must be
1892              entered and should be one of 'clear', 'safe', 'confidential', or
1893              'private'.  Should  you  use  a  level that is not one of these,
1894              'private' will instead be used.
1895
1896              If this option is used several times, the last one will be used.
1897
1898              Example:
1899               curl --krb clear ftp://example.com/
1900
1901              --krb requires that the underlying libcurl was built to  support
1902              Kerberos.
1903
1904       --libcurl <file>
1905              Append  this  option  to any ordinary curl command line, and you
1906              will get libcurl-using C source code written to  the  file  that
1907              does the equivalent of what your command-line operation does!
1908
1909              This option is global and does not need to be specified for each
1910              use of -:, --next.
1911
1912              If this option is used several times, the last given  file  name
1913              will be used.
1914
1915              Example:
1916               curl --libcurl client.c https://example.com
1917
1918              Added in 7.16.1.
1919
1920       --limit-rate <speed>
1921              Specify  the  maximum  transfer  rate you want curl to use - for
1922              both downloads and uploads. This feature is useful if you have a
1923              limited pipe and you'd like your transfer not to use your entire
1924              bandwidth. To make it slower than it otherwise would be.
1925
1926              The given speed is measured in bytes/second, unless a suffix  is
1927              appended.   Appending  'k' or 'K' will count the number as kilo‐
1928              bytes, 'm' or 'M' makes it megabytes, while 'g' or 'G' makes  it
1929              gigabytes.  The suffixes (k, M, G, T, P) are 1024 based. For ex‐
1930              ample 1k is 1024. Examples: 200K, 3m and 1G.
1931
1932              If you also use the -Y, --speed-limit option, that  option  will
1933              take precedence and might cripple the rate-limiting slightly, to
1934              help keeping the speed-limit logic working.
1935
1936              If this option is used several times, the last one will be used.
1937
1938              Examples:
1939               curl --limit-rate 100K https://example.com
1940               curl --limit-rate 1000 https://example.com
1941               curl --limit-rate 10M https://example.com
1942
1943       -l, --list-only
1944              (FTP POP3) (FTP) When listing  an  FTP  directory,  this  switch
1945              forces  a  name-only view. This is especially useful if the user
1946              wants to machine-parse the contents of an  FTP  directory  since
1947              the normal directory view doesn't use a standard look or format.
1948              When used like this, the option causes an  NLST  command  to  be
1949              sent to the server instead of LIST.
1950
1951              Note:  Some  FTP  servers  list  only files in their response to
1952              NLST; they do not include sub-directories and symbolic links.
1953
1954              (POP3) When retrieving a specific email from POP3,  this  switch
1955              forces  a  LIST command to be performed instead of RETR. This is
1956              particularly useful if the user wants to see if a specific  mes‐
1957              sage-id exists on the server and what size it is.
1958
1959              Note:  When combined with -X, --request, this option can be used
1960              to send a UIDL command instead, so the user may use the  email's
1961              unique  identifier  rather  than  its message-id to make the re‐
1962              quest.
1963
1964              Example:
1965               curl --list-only ftp://example.com/dir/
1966
1967              Added in 4.0.
1968
1969       --local-port <num/range>
1970              Set a preferred single number or range (FROM-TO) of  local  port
1971              numbers to use for the connection(s).  Note that port numbers by
1972              nature are a scarce resource that will be busy at times so  set‐
1973              ting  this range to something too narrow might cause unnecessary
1974              connection setup failures.
1975
1976              Example:
1977               curl --local-port 1000-3000 https://example.com
1978
1979              Added in 7.15.2.
1980
1981       --location-trusted
1982              (HTTP) Like -L, --location, but will allow sending  the  name  +
1983              password to all hosts that the site may redirect to. This may or
1984              may not introduce a security breach if the site redirects you to
1985              a  site  to which you'll send your authentication info (which is
1986              plaintext in the case of HTTP Basic authentication).
1987
1988              Example:
1989               curl --location-trusted -u user:password https://example.com
1990
1991              See also -u, --user.
1992
1993       -L, --location
1994              (HTTP) If the server reports that the requested page  has  moved
1995              to a different location (indicated with a Location: header and a
1996              3XX response code), this option will make curl redo the  request
1997              on  the  new  place.  If used together with -i, --include or -I,
1998              --head, headers from all requested pages will be shown. When au‐
1999              thentication  is  used,  curl  only sends its credentials to the
2000              initial host. If a redirect takes curl to a different  host,  it
2001              won't  be  able to intercept the user+password. See also --loca‐
2002              tion-trusted on how to change this. You can limit the amount  of
2003              redirects to follow by using the --max-redirs option.
2004
2005              When  curl  follows  a redirect and if the request is a POST, it
2006              will send the following request with a GET if the HTTP  response
2007              was  301,  302,  or  303. If the response code was any other 3xx
2008              code, curl will re-send the following request using the same un‐
2009              modified method.
2010
2011              You can tell curl to not change POST requests to GET after a 30x
2012              response by using the dedicated  options  for  that:  --post301,
2013              --post302 and --post303.
2014
2015              The  method  set  with  -X,  --request overrides the method curl
2016              would otherwise select to use.
2017
2018              Example:
2019               curl -L https://example.com
2020
2021       --login-options <options>
2022              (IMAP POP3 SMTP) Specify the login options to use during  server
2023              authentication.
2024
2025              You  can  use login options to specify protocol specific options
2026              that may be used during authentication. At  present  only  IMAP,
2027              POP3  and SMTP support login options. For more information about
2028              login options please see RFC  2384,  RFC  5092  and  IETF  draft
2029              draft-earhart-url-smtp-00.txt
2030
2031              If this option is used several times, the last one will be used.
2032
2033              Example:
2034               curl --login-options 'AUTH=*' imap://example.com
2035
2036              Added in 7.34.0.
2037
2038       --mail-auth <address>
2039              (SMTP)  Specify  a  single address. This will be used to specify
2040              the authentication address (identity)  of  a  submitted  message
2041              that is being relayed to another server.
2042
2043              Example:
2044               curl --mail-auth user@example.come -T mail smtp://example.com/
2045
2046              See also --mail-rcpt and --mail-from. Added in 7.25.0.
2047
2048       --mail-from <address>
2049              (SMTP)  Specify  a single address that the given mail should get
2050              sent from.
2051
2052              Example:
2053               curl --mail-from user@example.com -T mail smtp://example.com/
2054
2055              See also --mail-rcpt and --mail-auth. Added in 7.20.0.
2056
2057       --mail-rcpt-allowfails
2058              (SMTP) When sending data to multiple recipients, by default curl
2059              will  abort  SMTP conversation if at least one of the recipients
2060              causes RCPT TO command to return an error.
2061
2062              The default behavior can be changed by  passing  --mail-rcpt-al‐
2063              lowfails  command-line option which will make curl ignore errors
2064              and proceed with the remaining valid recipients.
2065
2066              If all recipients trigger RCPT TO  failures  and  this  flag  is
2067              specified,  curl  will still abort the SMTP conversation and re‐
2068              turn the error received from to the last RCPT TO command.
2069
2070              Example:
2071               curl --mail-rcpt-allowfails --mail-rcpt dest@example.com smtp://example.com
2072
2073              Added in 7.69.0.
2074
2075       --mail-rcpt <address>
2076              (SMTP) Specify a single e-mail address,  user  name  or  mailing
2077              list  name. Repeat this option several times to send to multiple
2078              recipients.
2079
2080              When performing an address verification (VRFY command), the  re‐
2081              cipient  should  be  specified as the user name or user name and
2082              domain (as per Section 3.5 of RFC5321). (Added in 7.34.0)
2083
2084              When performing a mailing list expand (EXPN command), the recip‐
2085              ient  should  be  specified using the mailing list name, such as
2086              "Friends" or "London-Office".  (Added in 7.34.0)
2087
2088              Example:
2089               curl --mail-rcpt user@example.net smtp://example.com
2090
2091              Added in 7.20.0.
2092
2093       -M, --manual
2094              Manual. Display the huge help text.
2095
2096              Example:
2097               curl --manual
2098
2099       --max-filesize <bytes>
2100              (FTP HTTP MQTT) Specify the maximum size (in bytes) of a file to
2101              download.  If  the file requested is larger than this value, the
2102              transfer will not start and curl will return with exit code 63.
2103
2104              A size modifier may be used. For example, Appending 'k'  or  'K'
2105              will  count  the  number  as  kilobytes,  'm'  or  'M'  makes it
2106              megabytes, while 'g' or 'G' makes it gigabytes. Examples:  200K,
2107              3m and 1G. (Added in 7.58.0)
2108
2109              NOTE:  The  file size is not always known prior to download, and
2110              for such files this option has no effect even if the file trans‐
2111              fer ends up being larger than this given limit.  Example:
2112               curl --max-filesize 100K https://example.com
2113
2114              See also --limit-rate.
2115
2116       --max-redirs <num>
2117              (HTTP)  Set  maximum  number of redirections to follow. When -L,
2118              --location is used, to prevent  curl  from  following  too  many
2119              redirects,  by  default,  the  limit is set to 50 redirects. Set
2120              this option to -1 to make it unlimited.
2121
2122              If this option is used several times, the last one will be used.
2123
2124              Example:
2125               curl --max-redirs 3 --location https://example.com
2126
2127       -m, --max-time <fractional seconds>
2128              Maximum time in seconds that you allow the  whole  operation  to
2129              take.   This is useful for preventing your batch jobs from hang‐
2130              ing for hours due to slow networks or links going  down.   Since
2131              7.32.0, this option accepts decimal values, but the actual time‐
2132              out will decrease in accuracy as the specified timeout increases
2133              in decimal precision.
2134
2135              If this option is used several times, the last one will be used.
2136
2137              Examples:
2138               curl --max-time 10 https://example.com
2139               curl --max-time 2.92 https://example.com
2140
2141              See also --connect-timeout.
2142
2143       --metalink
2144              This  option was previously used to specify a metalink resource.
2145              Metalink support has been disabled in curl since 7.78.0 for  se‐
2146              curity reasons.
2147
2148              Example:
2149               curl --metalink file https://example.com
2150
2151              Added in 7.27.0.
2152
2153       --negotiate
2154              (HTTP) Enables Negotiate (SPNEGO) authentication.
2155
2156              This  option  requires a library built with GSS-API or SSPI sup‐
2157              port. Use -V, --version  to  see  if  your  curl  supports  GSS-
2158              API/SSPI or SPNEGO.
2159
2160              When  using this option, you must also provide a fake -u, --user
2161              option to activate the authentication code properly.  Sending  a
2162              '-u  :'  is  enough  as  the user name and password from the -u,
2163              --user option aren't actually used.
2164
2165              If this option is used several times,  only  the  first  one  is
2166              used.
2167
2168              Example:
2169               curl --negotiate -u : https://example.com
2170
2171              See also --basic, --ntlm, --anyauth and --proxy-negotiate.
2172
2173       --netrc-file <filename>
2174              This  option  is similar to -n, --netrc, except that you provide
2175              the path (absolute or relative) to  the  netrc  file  that  curl
2176              should use.  You can only specify one netrc file per invocation.
2177              If several --netrc-file options are provided, the last one  will
2178              be used.
2179
2180              It will abide by --netrc-optional if specified.
2181
2182              Example:
2183               curl --netrc-file netrc https://example.com
2184
2185              This option overrides -n, --netrc. Added in 7.21.5.
2186
2187       --netrc-optional
2188              Very  similar  to  -n, --netrc, but this option makes the .netrc
2189              usage optional and not mandatory as the -n, --netrc option does.
2190
2191              Example:
2192               curl --netrc-optional https://example.com
2193
2194              See also --netrc-file. This option overrides -n, --netrc.
2195
2196       -n, --netrc
2197              Makes curl scan the .netrc  (_netrc  on  Windows)  file  in  the
2198              user's home directory for login name and password. This is typi‐
2199              cally used for FTP on Unix. If used with HTTP, curl will  enable
2200              user  authentication. See netrc(5) and ftp(1) for details on the
2201              file format. Curl will not complain if that  file  doesn't  have
2202              the  right  permissions  (it should be neither world- nor group-
2203              readable). The environment variable "HOME" is used to  find  the
2204              home directory.
2205
2206              A  quick and very simple example of how to setup a .netrc to al‐
2207              low curl to FTP to the machine host.domain.com  with  user  name
2208              'myself' and password 'secret' should look similar to:
2209
2210              machine host.domain.com login myself password secret
2211
2212              Example:
2213               curl --netrc https://example.com
2214
2215       -:, --next
2216              Tells curl to use a separate operation for the following URL and
2217              associated options. This allows you  to  send  several  URL  re‐
2218              quests,  each with their own specific options, for example, such
2219              as different user names or custom requests for each.
2220
2221              -:, --next will reset all local options  and  only  global  ones
2222              will  have  their values survive over to the operation following
2223              the -:, --next instruction. Global options  include  -v,  --ver‐
2224              bose, --trace, --trace-ascii and --fail-early.
2225
2226              For  example,  you can do both a GET and a POST in a single com‐
2227              mand line:
2228
2229               curl www1.example.com --next -d postthis www2.example.com
2230
2231              Examples:
2232               curl https://example.com --next -d postthis www2.example.com
2233               curl -I https://example.com --next https://example.net/
2234
2235              Added in 7.36.0.
2236
2237       --no-alpn
2238              (HTTPS) Disable the ALPN TLS extension. ALPN is enabled  by  de‐
2239              fault  if  libcurl  was  built with an SSL library that supports
2240              ALPN. ALPN is used by a libcurl that supports HTTP/2 to  negoti‐
2241              ate HTTP/2 support with the server during https sessions.
2242
2243              Example:
2244               curl --no-alpn https://example.com
2245
2246              See  also  --no-npn and --http2. --no-alpn requires that the un‐
2247              derlying libcurl was built to support TLS. Added in 7.36.0.
2248
2249       -N, --no-buffer
2250              Disables the buffering of the output stream. In normal work sit‐
2251              uations,  curl  will  use a standard buffered output stream that
2252              will have the effect that it will output the data in chunks, not
2253              necessarily  exactly  when  the data arrives.  Using this option
2254              will disable that buffering.
2255
2256              Note that this is the negated option name  documented.  You  can
2257              thus use --buffer to enforce the buffering.
2258
2259              Example:
2260               curl --no-buffer https://example.com
2261
2262       --no-keepalive
2263              Disables  the  use  of keepalive messages on the TCP connection.
2264              curl otherwise enables them by default.
2265
2266              Note that this is the negated option name  documented.  You  can
2267              thus use --keepalive to enforce keepalive.
2268
2269              Example:
2270               curl --no-keepalive https://example.com
2271
2272       --no-npn
2273              (HTTPS) Disable the NPN TLS extension. NPN is enabled by default
2274              if libcurl was built with an SSL library that supports NPN.  NPN
2275              is  used  by  a libcurl that supports HTTP/2 to negotiate HTTP/2
2276              support with the server during https sessions.
2277
2278              Example:
2279               curl --no-npn https://example.com
2280
2281              See also --no-alpn and --http2. --no-npn requires that  the  un‐
2282              derlying libcurl was built to support TLS. Added in 7.36.0.
2283
2284       --no-progress-meter
2285              Option to switch off the progress meter output without muting or
2286              otherwise affecting warning and informational messages like  -s,
2287              --silent does.
2288
2289              Note  that  this  is the negated option name documented. You can
2290              thus use --progress-meter to enable the progress meter again.
2291
2292              Example:
2293               curl --no-progress-meter -o store https://example.com
2294
2295              See also -v, --verbose and -s, --silent. Added in 7.67.0.
2296
2297       --no-sessionid
2298              (TLS) Disable curl's use of SSL session-ID caching.  By  default
2299              all  transfers are done using the cache. Note that while nothing
2300              should ever get hurt by attempting  to  reuse  SSL  session-IDs,
2301              there seem to be broken SSL implementations in the wild that may
2302              require you to disable this in order for you to succeed.
2303
2304              Note that this is the negated option name  documented.  You  can
2305              thus use --sessionid to enforce session-ID caching.
2306
2307              Example:
2308               curl --no-sessionid https://example.com
2309
2310              Added in 7.16.0.
2311
2312       --noproxy <no-proxy-list>
2313              Comma-separated  list  of hosts for which not to use a proxy, if
2314              one is specified. The only wildcard is  a  single  *  character,
2315              which  matches  all  hosts,  and effectively disables the proxy.
2316              Each name in this list is matched as either a domain which  con‐
2317              tains  the  hostname,  or  the hostname itself. For example, lo‐
2318              cal.com would match local.com, local.com:80, and  www.local.com,
2319              but not www.notlocal.com.
2320
2321              Since  7.53.0,  This  option overrides the environment variables
2322              that disable the proxy ('no_proxy' and 'NO_PROXY').  If  there's
2323              an  environment  variable disabling a proxy, you can set the no‐
2324              proxy list to "" to override it.
2325
2326              Example:
2327               curl --noproxy "www.example" https://example.com
2328
2329              Added in 7.19.4.
2330
2331       --ntlm-wb
2332              (HTTP) Enables NTLM much in the style --ntlm does, but hand over
2333              the  authentication  to the separate binary ntlmauth application
2334              that is executed when needed.
2335
2336              Example:
2337               curl --ntlm-wb -u user:password https://example.com
2338
2339              See also --ntlm and --proxy-ntlm.
2340
2341       --ntlm (HTTP) Enables  NTLM  authentication.  The  NTLM  authentication
2342              method was designed by Microsoft and is used by IIS web servers.
2343              It is a proprietary protocol, reverse-engineered by clever  peo‐
2344              ple and implemented in curl based on their efforts. This kind of
2345              behavior should not be endorsed, you should  encourage  everyone
2346              who  uses  NTLM to switch to a public and documented authentica‐
2347              tion method instead, such as Digest.
2348
2349              If you want to enable NTLM for your proxy  authentication,  then
2350              use --proxy-ntlm.
2351
2352              If  this  option  is  used  several times, only the first one is
2353              used.
2354
2355              Example:
2356               curl --ntlm -u user:password https://example.com
2357
2358              See also  --proxy-ntlm.  --ntlm  requires  that  the  underlying
2359              libcurl  was built to support TLS. This option overrides --basic
2360              and --negotiate and --digest and --anyauth.
2361
2362       --oauth2-bearer <token>
2363              (IMAP POP3 SMTP HTTP) Specify the Bearer  Token  for  OAUTH  2.0
2364              server  authentication.  The Bearer Token is used in conjunction
2365              with the user name which can be specified as part of  the  --url
2366              or -u, --user options.
2367
2368              The  Bearer  Token  and user name are formatted according to RFC
2369              6750.
2370
2371              If this option is used several times, the last one will be used.
2372
2373              Example:
2374               curl --oauth2-bearer "mF_9.B5f-4.1JqM" https://example.com
2375
2376       --output-dir <dir>
2377
2378              This option specifies the directory in  which  files  should  be
2379              stored, when -O, --remote-name or -o, --output are used.
2380
2381              The  given  output directory is used for all URLs and output op‐
2382              tions on the command line, up until the first -:, --next.
2383
2384              If the specified target directory doesn't exist,  the  operation
2385              will fail unless --create-dirs is also used.
2386
2387              If this option is used multiple times, the last specified direc‐
2388              tory will be used.
2389
2390              Example:
2391               curl --output-dir "tmp" -O https://example.com
2392
2393              See also -O, --remote-name and -J,  --remote-header-name.  Added
2394              in 7.73.0.
2395
2396       -o, --output <file>
2397              Write output to <file> instead of stdout. If you are using {} or
2398              [] to fetch multiple documents, you should quote the URL and you
2399              can  use  '#' followed by a number in the <file> specifier. That
2400              variable will be replaced with the current string  for  the  URL
2401              being fetched. Like in:
2402
2403               curl "http://{one,two}.example.com" -o "file_#1.txt"
2404
2405              or use several variables like:
2406
2407               curl "http://{site,host}.host[1-5].com" -o "#1_#2"
2408
2409              You  may use this option as many times as the number of URLs you
2410              have. For example, if you specify two URLs on the  same  command
2411              line, you can use it like this:
2412
2413                curl -o aa example.com -o bb example.net
2414
2415              and  the  order  of  the -o options and the URLs doesn't matter,
2416              just that the first -o is for the first URL and so  on,  so  the
2417              above command line can also be written as
2418
2419                curl example.com example.net -o aa -o bb
2420
2421              See  also  the --create-dirs option to create the local directo‐
2422              ries dynamically. Specifying the output as '-' (a  single  dash)
2423              will force the output to be done to stdout.
2424
2425              To   suppress  response  bodies,  you  can  redirect  output  to
2426              /dev/null:
2427
2428                curl example.com -o /dev/null
2429
2430              Or for Windows use nul:
2431
2432                curl example.com -o nul
2433
2434              Examples:
2435               curl -o file https://example.com
2436               curl "http://{one,two}.example.com" -o "file_#1.txt"
2437               curl "http://{site,host}.host[1-5].com" -o "#1_#2"
2438               curl -o file https://example.com -o file2 https://example.net
2439
2440              See also -O, --remote-name, --remote-name-all and -J,  --remote-
2441              header-name.
2442
2443       --parallel-immediate
2444              When  doing  parallel  transfers, this option will instruct curl
2445              that it should rather prefer opening up more connections in par‐
2446              allel at once rather than waiting to see if new transfers can be
2447              added as multiplexed streams on another connection.
2448
2449              This option is global and does not need to be specified for each
2450              use of -:, --next.
2451
2452              Example:
2453               curl --parallel-immediate -Z https://example.com -o file1 https://example.com -o file2
2454
2455              See also -Z, --parallel and --parallel-max. Added in 7.68.0.
2456
2457       --parallel-max <num>
2458              When  asked to do parallel transfers, using -Z, --parallel, this
2459              option controls the maximum amount of transfers to do simultane‐
2460              ously.
2461
2462              This option is global and does not need to be specified for each
2463              use of -:, --next.
2464
2465              The default is 50.
2466
2467              Example:
2468               curl --parallel-max 100 -Z https://example.com ftp://example.com/
2469
2470              See also -Z, --parallel. Added in 7.66.0.
2471
2472       -Z, --parallel
2473              Makes curl perform its transfers in parallel as compared to  the
2474              regular serial manner.
2475
2476              This option is global and does not need to be specified for each
2477              use of -:, --next.
2478
2479              Example:
2480               curl --parallel https://example.com -o file1 https://example.com -o file2
2481
2482              Added in 7.66.0.
2483
2484       --pass <phrase>
2485              (SSH TLS) Passphrase for the private key.
2486
2487              If this option is used several times, the last one will be used.
2488
2489              Example:
2490               curl --pass secret --key file https://example.com
2491
2492       --path-as-is
2493              Tell curl to not handle sequences of /../ or /./  in  the  given
2494              URL  path.  Normally curl will squash or merge them according to
2495              standards but with this option set you tell it not to do that.
2496
2497              Example:
2498               curl --path-as-is https://example.com/../../etc/passwd
2499
2500              Added in 7.42.0.
2501
2502       --pinnedpubkey <hashes>
2503              (TLS) Tells curl to  use  the  specified  public  key  file  (or
2504              hashes)  to  verify the peer. This can be a path to a file which
2505              contains a single public key in PEM or DER format, or any number
2506              of base64 encoded sha256 hashes preceded by ´sha256//´ and sepa‐
2507              rated by ´;´
2508
2509              When negotiating a TLS or SSL connection,  the  server  sends  a
2510              certificate  indicating  its identity. A public key is extracted
2511              from this certificate and if it does not exactly match the  pub‐
2512              lic  key provided to this option, curl will abort the connection
2513              before sending or receiving any data.
2514
2515              PEM/DER support:
2516
2517              7.39.0: OpenSSL, GnuTLS and GSKit
2518
2519              7.43.0: NSS and wolfSSL
2520
2521              7.47.0: mbedtls
2522
2523              sha256 support:
2524
2525              7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL
2526
2527              7.47.0: mbedtls
2528
2529              Other SSL backends not supported.
2530
2531              If this option is used several times, the last one will be used.
2532
2533              Examples:
2534               curl --pinnedpubkey keyfile https://example.com
2535               curl --pinnedpubkey 'sha256//ce118b51897f4452dc' https://example.com
2536
2537       --post301
2538              (HTTP) Tells curl to respect RFC 7231/6.4.2 and not convert POST
2539              requests into GET requests when following a 301 redirection. The
2540              non-RFC behavior is ubiquitous in web browsers, so curl does the
2541              conversion by default to maintain consistency. However, a server
2542              may require a POST to remain a POST after  such  a  redirection.
2543              This option is meaningful only when using -L, --location.
2544
2545              Example:
2546               curl --post301 --location -d "data" https://example.com
2547
2548              See  also  --post302,  --post303  and  -L,  --location. Added in
2549              7.17.1.
2550
2551       --post302
2552              (HTTP) Tells curl to respect RFC 7231/6.4.3 and not convert POST
2553              requests into GET requests when following a 302 redirection. The
2554              non-RFC behavior is ubiquitous in web browsers, so curl does the
2555              conversion by default to maintain consistency. However, a server
2556              may require a POST to remain a POST after  such  a  redirection.
2557              This option is meaningful only when using -L, --location.
2558
2559              Example:
2560               curl --post302 --location -d "data" https://example.com
2561
2562              See  also  --post301,  --post303  and  -L,  --location. Added in
2563              7.19.1.
2564
2565       --post303
2566              (HTTP) Tells curl to violate RFC 7231/6.4.4 and not convert POST
2567              requests  into  GET  requests when following 303 redirections. A
2568              server may require a POST to remain a POST after a 303 redirect‐
2569              ion. This option is meaningful only when using -L, --location.
2570
2571              Example:
2572               curl --post303 --location -d "data" https://example.com
2573
2574              See  also  --post302,  --post301  and  -L,  --location. Added in
2575              7.26.0.
2576
2577       --preproxy [protocol://]host[:port]
2578              Use the specified SOCKS proxy before connecting to  an  HTTP  or
2579              HTTPS  -x,  --proxy.  In  such a case curl first connects to the
2580              SOCKS proxy and then connects (through SOCKS)  to  the  HTTP  or
2581              HTTPS proxy. Hence pre proxy.
2582
2583              The pre proxy string should be specified with a protocol:// pre‐
2584              fix to  specify  alternative  proxy  protocols.  Use  socks4://,
2585              socks4a://,  socks5://  or  socks5h://  to  request the specific
2586              SOCKS version to be used. No protocol specified will  make  curl
2587              default to SOCKS4.
2588
2589              If  the  port number is not specified in the proxy string, it is
2590              assumed to be 1080.
2591
2592              User and password that might be provided in the proxy string are
2593              URL  decoded by curl. This allows you to pass in special charac‐
2594              ters such as @ by using %40 or pass in a colon with %3a.
2595
2596              If this option is used several times, the last one will be used.
2597
2598              Example:
2599               curl --preproxy socks5://proxy.example -x http://http.example https://example.com
2600
2601              Added in 7.52.0.
2602
2603       -#, --progress-bar
2604              Make curl display transfer progress as a simple progress bar in‐
2605              stead of the standard, more informational, meter.
2606
2607              This  progress  bar draws a single line of '#' characters across
2608              the screen and shows a percentage if the transfer size is known.
2609              For  transfers  without  a  known size, there will be space ship
2610              (-=o=-) that moves back and forth but only while data  is  being
2611              transferred, with a set of flying hash sign symbols on top.
2612
2613              This option is global and does not need to be specified for each
2614              use of -:, --next.
2615
2616              Example:
2617               curl -# -O https://example.com
2618
2619       --proto-default <protocol>
2620              Tells curl to use protocol for any URL missing a scheme name.
2621
2622              An unknown or unsupported  protocol  causes  error  CURLE_UNSUP‐
2623              PORTED_PROTOCOL (1).
2624
2625              This option does not change the default proxy protocol (http).
2626
2627              Without this option set, curl guesses protocol based on the host
2628              name, see --url for details.
2629
2630              Example:
2631               curl --proto-default https ftp.example.com
2632
2633              Added in 7.45.0.
2634
2635       --proto-redir <protocols>
2636              Tells curl to limit what protocols it may use on redirect.  Pro‐
2637              tocols  denied by --proto are not overridden by this option. See
2638              --proto for how protocols are represented.
2639
2640              Example, allow only HTTP and HTTPS on redirect:
2641
2642               curl --proto-redir -all,http,https http://example.com
2643
2644              By default curl will allow HTTP, HTTPS, FTP and FTPS on redirect
2645              (7.65.2).  Older versions of curl allowed all protocols on redi‐
2646              rect except several disabled for security reasons: Since  7.19.4
2647              FILE  and  SCP  are  disabled, and since 7.40.0 SMB and SMBS are
2648              also disabled. Specifying all or +all enables all  protocols  on
2649              redirect, including those disabled for security.
2650
2651              Example:
2652               curl --proto-redir =http,https https://example.com
2653
2654              Added in 7.20.2.
2655
2656       --proto <protocols>
2657              Tells  curl  to  limit  what protocols it may use for transfers.
2658              Protocols are evaluated left to right, are comma separated,  and
2659              are  each  a protocol name or 'all', optionally prefixed by zero
2660              or more modifiers. Available modifiers are:
2661
2662              +  Permit this protocol in addition to protocols already permit‐
2663                 ted (this is the default if no modifier is used).
2664
2665              -  Deny  this  protocol,  removing it from the list of protocols
2666                 already permitted.
2667
2668              =  Permit only this protocol (ignoring the list already  permit‐
2669                 ted),  though subject to later modification by subsequent en‐
2670                 tries in the comma separated list.
2671
2672              For example:
2673
2674              --proto -ftps  uses the default protocols, but disables ftps
2675
2676              --proto -all,https,+http
2677                             only enables http and https
2678
2679              --proto =http,https
2680                             also only enables http and https
2681
2682              Unknown protocols produce a  warning.  This  allows  scripts  to
2683              safely  rely on being able to disable potentially dangerous pro‐
2684              tocols, without relying upon support  for  that  protocol  being
2685              built into curl to avoid an error.
2686
2687              This option can be used multiple times, in which case the effect
2688              is the same as concatenating the protocols into one instance  of
2689              the option.
2690
2691              Example:
2692               curl --proto =http,https,sftp https://example.com
2693
2694              See also --proto-redir and --proto-default. Added in 7.20.2.
2695
2696       --proxy-anyauth
2697              Tells  curl to pick a suitable authentication method when commu‐
2698              nicating with the given HTTP proxy. This might  cause  an  extra
2699              request/response round-trip.
2700
2701              Example:
2702               curl --proxy-anyauth --proxy-user user:passwd -x proxy https://example.com
2703
2704              See also -x, --proxy, --proxy-basic and --proxy-digest. Added in
2705              7.13.2.
2706
2707       --proxy-basic
2708              Tells curl to use HTTP Basic authentication  when  communicating
2709              with the given proxy. Use --basic for enabling HTTP Basic with a
2710              remote host. Basic is the  default  authentication  method  curl
2711              uses with proxies.
2712
2713              Example:
2714               curl --proxy-basic --proxy-user user:passwd -x proxy https://example.com
2715
2716              See also -x, --proxy, --proxy-anyauth and --proxy-digest.
2717
2718       --proxy-cacert <file>
2719              Same as --cacert but used in HTTPS proxy context.
2720
2721              Example:
2722               curl --proxy-cacert CA-file.txt -x https://proxy https://example.com
2723
2724              See  also  --proxy-capath,  --cacert,  --capath and -x, --proxy.
2725              Added in 7.52.0.
2726
2727       --proxy-capath <dir>
2728              Same as --capath but used in HTTPS proxy context.
2729
2730              Example:
2731               curl --proxy-capath /local/directory -x https://proxy https://example.com
2732
2733              See also --proxy-cacert, -x,  --proxy  and  --capath.  Added  in
2734              7.52.0.
2735
2736       --proxy-cert-type <type>
2737              Same as --cert-type but used in HTTPS proxy context.
2738
2739              Example:
2740               curl --proxy-cert-type PEM --proxy-cert file -x https://proxy https://example.com
2741
2742              Added in 7.52.0.
2743
2744       --proxy-cert <cert[:passwd]>
2745              Same as -E, --cert but used in HTTPS proxy context.
2746
2747              Example:
2748               curl --proxy-cert file -x https://proxy https://example.com
2749
2750              Added in 7.52.0.
2751
2752       --proxy-ciphers <list>
2753              Same as --ciphers but used in HTTPS proxy context.
2754
2755              Example:
2756               curl --proxy-ciphers ECDHE-ECDSA-AES256-CCM8 -x https://proxy https://example.com
2757
2758              Added in 7.52.0.
2759
2760       --proxy-crlfile <file>
2761              Same as --crlfile but used in HTTPS proxy context.
2762
2763              Example:
2764               curl --proxy-crlfile rejects.txt -x https://proxy https://example.com
2765
2766              Added in 7.52.0.
2767
2768       --proxy-digest
2769              Tells  curl to use HTTP Digest authentication when communicating
2770              with the given proxy. Use --digest for enabling HTTP Digest with
2771              a remote host.
2772
2773              Example:
2774               curl --proxy-digest --proxy-user user:passwd -x proxy https://example.com
2775
2776              See also -x, --proxy, --proxy-anyauth and --proxy-basic.
2777
2778       --proxy-header <header/@file>
2779              (HTTP)  Extra header to include in the request when sending HTTP
2780              to a proxy. You may specify any number of extra headers. This is
2781              the  equivalent option to -H, --header but is for proxy communi‐
2782              cation only like in CONNECT requests when you  want  a  separate
2783              header  sent  to  the proxy to what is sent to the actual remote
2784              host.
2785
2786              curl will make sure that each header  you  add/replace  is  sent
2787              with the proper end-of-line marker, you should thus not add that
2788              as a part of the header content: do not add newlines or carriage
2789              returns, they will only mess things up for you.
2790
2791              Headers  specified  with this option will not be included in re‐
2792              quests that curl knows will not be sent to a proxy.
2793
2794              Starting in 7.55.0, this option can take an argument  in  @file‐
2795              name  style, which then adds a header for each line in the input
2796              file. Using @- will make curl read the header file from stdin.
2797
2798              This option can be used  multiple  times  to  add/replace/remove
2799              multiple headers.
2800
2801              Examples:
2802               curl --proxy-header "X-First-Name: Joe" -x http://proxy https://example.com
2803               curl --proxy-header "User-Agent: surprise" -x http://proxy https://example.com
2804               curl --proxy-header "Host:" -x http://proxy https://example.com
2805
2806              Added in 7.37.0.
2807
2808       --proxy-insecure
2809              Same as -k, --insecure but used in HTTPS proxy context.
2810
2811              Example:
2812               curl --proxy-insecure -x https://proxy https://example.com
2813
2814              Added in 7.52.0.
2815
2816       --proxy-key-type <type>
2817              Same as --key-type but used in HTTPS proxy context.
2818
2819              Example:
2820               curl --proxy-key-type DER --proxy-key here -x https://proxy https://example.com
2821
2822              Added in 7.52.0.
2823
2824       --proxy-key <key>
2825              Same as --key but used in HTTPS proxy context.
2826
2827              Example:
2828               curl --proxy-key here -x https://proxy https://example.com
2829
2830       --proxy-negotiate
2831              Tells  curl  to  use HTTP Negotiate (SPNEGO) authentication when
2832              communicating with the given proxy. Use --negotiate for enabling
2833              HTTP Negotiate (SPNEGO) with a remote host.
2834
2835              Example:
2836               curl --proxy-negotiate --proxy-user user:passwd -x proxy https://example.com
2837
2838              See also --proxy-anyauth and --proxy-basic. Added in 7.17.1.
2839
2840       --proxy-ntlm
2841              Tells  curl  to  use HTTP NTLM authentication when communicating
2842              with the given proxy. Use --ntlm for enabling NTLM with a remote
2843              host.
2844
2845              Example:
2846               curl --proxy-ntlm --proxy-user user:passwd -x http://proxy https://example.com
2847
2848              See also --proxy-negotiate and --proxy-anyauth.
2849
2850       --proxy-pass <phrase>
2851              Same as --pass but used in HTTPS proxy context.
2852
2853              Example:
2854               curl --proxy-pass secret --proxy-key here -x https://proxy https://example.com
2855
2856              Added in 7.52.0.
2857
2858       --proxy-pinnedpubkey <hashes>
2859              (TLS)  Tells  curl  to  use  the  specified  public key file (or
2860              hashes) to verify the proxy. This can be a path to a file  which
2861              contains a single public key in PEM or DER format, or any number
2862              of base64 encoded sha256 hashes preceded by ´sha256//´ and sepa‐
2863              rated by ´;´
2864
2865              When  negotiating  a  TLS  or SSL connection, the server sends a
2866              certificate indicating its identity. A public key  is  extracted
2867              from  this certificate and if it does not exactly match the pub‐
2868              lic key provided to this option, curl will abort the  connection
2869              before sending or receiving any data.
2870
2871              If this option is used several times, the last one will be used.
2872
2873              Examples:
2874               curl --proxy-pinnedpubkey keyfile https://example.com
2875               curl --proxy-pinnedpubkey 'sha256//ce118b51897f4452dc' https://example.com
2876
2877       --proxy-service-name <name>
2878              This  option allows you to change the service name for proxy ne‐
2879              gotiation.
2880
2881              Example:
2882               curl --proxy-service-name "shrubbery" -x proxy https://example.com
2883
2884              Added in 7.43.0.
2885
2886       --proxy-ssl-allow-beast
2887              Same as --ssl-allow-beast but used in HTTPS proxy context.
2888
2889              Example:
2890               curl --proxy-ssl-allow-beast -x https://proxy https://example.com
2891
2892              Added in 7.52.0.
2893
2894       --proxy-ssl-auto-client-cert
2895              Same as --ssl-auto-client-cert but used in HTTPS proxy context.
2896
2897              Example:
2898               curl --proxy-ssl-auto-client-cert -x https://proxy https://example.com
2899
2900              Added in 7.77.0.
2901
2902       --proxy-tls13-ciphers <ciphersuite list>
2903              (TLS) Specifies which cipher suites to use in the connection  to
2904              your HTTPS proxy when it negotiates TLS 1.3. The list of ciphers
2905              suites must specify valid ciphers. Read up  on  TLS  1.3  cipher
2906              suite details on this URL:
2907
2908               https://curl.se/docs/ssl-ciphers.html
2909
2910              This  option  is  currently  used only when curl is built to use
2911              OpenSSL 1.1.1 or later. If you are using a different SSL backend
2912              you  can try setting TLS 1.3 cipher suites by using the --proxy-
2913              ciphers option.
2914
2915              If this option is used several times, the last one will be used.
2916
2917              Example:
2918               curl --proxy-tls13-ciphers TLS_AES_128_GCM_SHA256 -x proxy https://example.com
2919
2920       --proxy-tlsauthtype <type>
2921              Same as --tlsauthtype but used in HTTPS proxy context.
2922
2923              Example:
2924               curl --proxy-tlsauthtype SRP -x https://proxy https://example.com
2925
2926              Added in 7.52.0.
2927
2928       --proxy-tlspassword <string>
2929              Same as --tlspassword but used in HTTPS proxy context.
2930
2931              Example:
2932               curl --proxy-tlspassword passwd -x https://proxy https://example.com
2933
2934              Added in 7.52.0.
2935
2936       --proxy-tlsuser <name>
2937              Same as --tlsuser but used in HTTPS proxy context.
2938
2939              Example:
2940               curl --proxy-tlsuser smith -x https://proxy https://example.com
2941
2942              Added in 7.52.0.
2943
2944       --proxy-tlsv1
2945              Same as -1, --tlsv1 but used in HTTPS proxy context.
2946
2947              Example:
2948               curl --proxy-tlsv1 -x https://proxy https://example.com
2949
2950              Added in 7.52.0.
2951
2952       -U, --proxy-user <user:password>
2953              Specify the user name and password to use for proxy  authentica‐
2954              tion.
2955
2956              If  you use a Windows SSPI-enabled curl binary and do either Ne‐
2957              gotiate or NTLM authentication then you can tell curl to  select
2958              the user name and password from your environment by specifying a
2959              single colon with this option: "-U :".
2960
2961              On systems where it works, curl will hide the given option argu‐
2962              ment  from  process listings. This is not enough to protect cre‐
2963              dentials from possibly getting seen by other users on  the  same
2964              system  as  they will still be visible for a brief moment before
2965              cleared. Such sensitive data should be retrieved from a file in‐
2966              stead or similar and never used in clear text in a command line.
2967
2968              If this option is used several times, the last one will be used.
2969
2970              Example:
2971               curl --proxy-user name:pwd -x proxy https://example.com
2972
2973       -x, --proxy [protocol://]host[:port]
2974              Use the specified proxy.
2975
2976              The  proxy string can be specified with a protocol:// prefix. No
2977              protocol specified or http:// will be treated as HTTP proxy. Use
2978              socks4://, socks4a://, socks5:// or socks5h:// to request a spe‐
2979              cific SOCKS version to be used.  (The protocol support was added
2980              in curl 7.21.7)
2981
2982              HTTPS  proxy  support  via https:// protocol prefix was added in
2983              7.52.0 for OpenSSL, GnuTLS and NSS.
2984
2985              Unrecognized and unsupported  proxy  protocols  cause  an  error
2986              since  7.52.0.   Prior  versions may ignore the protocol and use
2987              http:// instead.
2988
2989              If the port number is not specified in the proxy string,  it  is
2990              assumed to be 1080.
2991
2992              This  option  overrides  existing environment variables that set
2993              the proxy to use. If there's an environment variable  setting  a
2994              proxy, you can set proxy to "" to override it.
2995
2996              All operations that are performed over an HTTP proxy will trans‐
2997              parently be converted to HTTP. It means  that  certain  protocol
2998              specific operations might not be available. This is not the case
2999              if you can tunnel through the proxy, as one with the -p, --prox‐
3000              ytunnel option.
3001
3002              User and password that might be provided in the proxy string are
3003              URL decoded by curl. This allows you to pass in special  charac‐
3004              ters such as @ by using %40 or pass in a colon with %3a.
3005
3006              The  proxy host can be specified the exact same way as the proxy
3007              environment variables, including the protocol  prefix  (http://)
3008              and the embedded user + password.
3009
3010              If this option is used several times, the last one will be used.
3011
3012              Example:
3013               curl --proxy http://proxy.example https://example.com
3014
3015       --proxy1.0 <host[:port]>
3016              Use  the  specified  HTTP  1.0  proxy. If the port number is not
3017              specified, it is assumed at port 1080.
3018
3019              The only difference between this and the HTTP proxy  option  -x,
3020              --proxy,  is that attempts to use CONNECT through the proxy will
3021              specify an HTTP 1.0 protocol instead of the default HTTP 1.1.
3022
3023              Example:
3024               curl --proxy1.0 -x http://proxy https://example.com
3025
3026       -p, --proxytunnel
3027              When an HTTP proxy is used -x, --proxy, this  option  will  make
3028              curl  tunnel through the proxy. The tunnel approach is made with
3029              the HTTP proxy CONNECT request and requires that the  proxy  al‐
3030              lows direct connect to the remote port number curl wants to tun‐
3031              nel through to.
3032
3033              To suppress proxy CONNECT response headers when curl is  set  to
3034              output headers use --suppress-connect-headers.
3035
3036              Example:
3037               curl --proxytunnel -x http://proxy https://example.com
3038
3039              See also -x, --proxy.
3040
3041       --pubkey <key>
3042              (SFTP SCP) Public key file name. Allows you to provide your pub‐
3043              lic key in this separate file.
3044
3045              If this option is used several times, the last one will be used.
3046
3047              (As of 7.39.0, curl attempts to automatically extract the public
3048              key  from the private key file, so passing this option is gener‐
3049              ally not required. Note that this public key extraction requires
3050              libcurl  to  be linked against a copy of libssh2 1.2.8 or higher
3051              that is itself linked against OpenSSL.)
3052
3053              Example:
3054               curl --pubkey file.pub sftp://example.com/
3055
3056       -Q, --quote <command>
3057              (FTP SFTP) Send an arbitrary command to the remote FTP  or  SFTP
3058              server.  Quote commands are sent BEFORE the transfer takes place
3059              (just after the initial PWD command in an FTP  transfer,  to  be
3060              exact). To make commands take place after a successful transfer,
3061              prefix them with a dash '-'.  To make  commands  be  sent  after
3062              curl has changed the working directory, just before the transfer
3063              command(s), prefix the command with a '+'  (this  is  only  sup‐
3064              ported for FTP). You may specify any number of commands.
3065
3066              By  default  curl  will stop at first failure. To make curl con‐
3067              tinue even if the command fails, prefix the command with an  as‐
3068              terisk  (*). Otherwise, if the server returns failure for one of
3069              the commands, the entire operation will be aborted.
3070
3071              You must send syntactically correct FTP commands as RFC 959  de‐
3072              fines  to  FTP  servers,  or one of the commands listed below to
3073              SFTP servers.
3074
3075              This option can be used multiple times.
3076
3077              SFTP is a binary protocol. Unlike for FTP, curl interprets  SFTP
3078              quote  commands  itself before sending them to the server.  File
3079              names may be quoted shell-style to embed spaces or special char‐
3080              acters.   Following is the list of all supported SFTP quote com‐
3081              mands:
3082
3083              atime date file
3084                     The atime command sets the last access time of  the  file
3085                     named  by  the file operand. The <date expression> can be
3086                     all sorts of date strings, see  the  curl_getdate(3)  man
3087                     page for date expression details. (Added in 7.73.0)
3088
3089              chgrp group file
3090                     The  chgrp command sets the group ID of the file named by
3091                     the file operand to the group ID specified by  the  group
3092                     operand. The group operand is a decimal integer group ID.
3093
3094              chmod mode file
3095                     The  chmod  command  modifies  the  file mode bits of the
3096                     specified file. The mode operand is an octal integer mode
3097                     number.
3098
3099              chown user file
3100                     The chown command sets the owner of the file named by the
3101                     file operand to the user ID specified by the  user  oper‐
3102                     and. The user operand is a decimal integer user ID.
3103
3104              ln source_file target_file
3105                     The ln and symlink commands create a symbolic link at the
3106                     target_file location pointing to  the  source_file  loca‐
3107                     tion.
3108
3109              mkdir directory_name
3110                     The  mkdir command creates the directory named by the di‐
3111                     rectory_name operand.
3112
3113              mtime date file
3114                     The mtime command sets the last modification time of  the
3115                     file named by the file operand. The <date expression> can
3116                     be all sorts of date strings, see the curl_getdate(3) man
3117                     page for date expression details. (Added in 7.73.0)
3118
3119              pwd    The pwd command returns the absolute pathname of the cur‐
3120                     rent working directory.
3121
3122              rename source target
3123                     The rename command renames the file or directory named by
3124                     the  source  operand to the destination path named by the
3125                     target operand.
3126
3127              rm file
3128                     The rm command removes the file specified by the file op‐
3129                     erand.
3130
3131              rmdir directory
3132                     The  rmdir  command removes the directory entry specified
3133                     by the directory operand, provided it is empty.
3134
3135              symlink source_file target_file
3136                     See ln.
3137
3138       Example:
3139        curl --quote "DELE file" ftp://example.com/foo
3140
3141       --random-file <file>
3142              Specify the path name to file containing what will be considered
3143              as  random  data. The data may be used to seed the random engine
3144              for SSL connections.  See also the --egd-file option.
3145
3146              Example:
3147               curl --random-file rubbish https://example.com
3148
3149       -r, --range <range>
3150              (HTTP FTP SFTP FILE) Retrieve a byte range (i.e. a partial docu‐
3151              ment)  from  an  HTTP/1.1,  FTP  or SFTP server or a local FILE.
3152              Ranges can be specified in a number of ways.
3153
3154              0-499     specifies the first 500 bytes
3155
3156              500-999   specifies the second 500 bytes
3157
3158              -500      specifies the last 500 bytes
3159
3160              9500-     specifies the bytes from offset 9500 and forward
3161
3162              0-0,-1    specifies the first and last byte only(*)(HTTP)
3163
3164              100-199,500-599
3165                        specifies two separate 100-byte ranges(*) (HTTP)
3166
3167              (*) = NOTE that this will cause the server to reply with a  mul‐
3168              tipart  response,  which will be returned as-is by curl! Parsing
3169              or otherwise transforming this response is the responsibility of
3170              the caller.
3171
3172              Only  digit characters (0-9) are valid in the 'start' and 'stop'
3173              fields of the 'start-stop' range syntax. If a non-digit  charac‐
3174              ter is given in the range, the server's response will be unspec‐
3175              ified, depending on the server's configuration.
3176
3177              You should also be aware that many HTTP/1.1 servers do not  have
3178              this  feature  enabled, so that when you attempt to get a range,
3179              you'll instead get the whole document.
3180
3181              FTP and SFTP range downloads only  support  the  simple  'start-
3182              stop'  syntax  (optionally with one of the numbers omitted). FTP
3183              use depends on the extended FTP command SIZE.
3184
3185              If this option is used several times, the last one will be used.
3186
3187              Example:
3188               curl --range 22-44 https://example.com
3189
3190       --raw  (HTTP) When used, it disables all internal HTTP decoding of con‐
3191              tent  or transfer encodings and instead makes them passed on un‐
3192              altered, raw.
3193
3194              Example:
3195               curl --raw https://example.com
3196
3197              Added in 7.16.2.
3198
3199       -e, --referer <URL>
3200              (HTTP) Sends the "Referrer Page" information to the HTTP server.
3201              This can also be set with the -H, --header flag of course.  When
3202              used with -L, --location you  can  append  ";auto"  to  the  -e,
3203              --referer  URL  to  make curl automatically set the previous URL
3204              when it follows a Location: header. The ";auto"  string  can  be
3205              used alone, even if you don't set an initial -e, --referer.
3206
3207              If this option is used several times, the last one will be used.
3208
3209              Examples:
3210               curl --referer "https://fake.example" https://example.com
3211               curl --referer "https://fake.example;auto" -L https://example.com
3212               curl --referer ";auto" -L https://example.com
3213
3214              See also -A, --user-agent and -H, --header.
3215
3216       -J, --remote-header-name
3217              (HTTP) This option tells the -O, --remote-name option to use the
3218              server-specified Content-Disposition  filename  instead  of  ex‐
3219              tracting a filename from the URL.
3220
3221              If  the  server  specifies a file name and a file with that name
3222              already exists in the current working directory it will  not  be
3223              overwritten and an error will occur. If the server doesn't spec‐
3224              ify a file name then this option has no effect.
3225
3226              There's no attempt to decode %-sequences (yet) in  the  provided
3227              file name, so this option may provide you with rather unexpected
3228              file names.
3229
3230              WARNING: Exercise judicious use of this  option,  especially  on
3231              Windows.  A  rogue  server  could  send you the name of a DLL or
3232              other file that could possibly be loaded automatically  by  Win‐
3233              dows or some third party software.
3234
3235              Example:
3236               curl -OJ https://example.com/file
3237
3238       --remote-name-all
3239              This  option changes the default action for all given URLs to be
3240              dealt with as if -O, --remote-name were used for each one. So if
3241              you want to disable that for a specific URL after --remote-name-
3242              all has been used, you must use "-o -" or --no-remote-name.
3243
3244              Example:
3245               curl --remote-name-all ftp://example.com/file1 ftp://example.com/file2
3246
3247              Added in 7.19.0.
3248
3249       -O, --remote-name
3250              Write output to a local file named like the remote file we  get.
3251              (Only  the file part of the remote file is used, the path is cut
3252              off.)
3253
3254              The file will be saved in the current working directory. If  you
3255              want  the  file  saved  in  a different directory, make sure you
3256              change the current working directory before invoking  curl  with
3257              this option.
3258
3259              The  remote  file  name  to use for saving is extracted from the
3260              given URL, nothing else, and if it already  exists  it  will  be
3261              overwritten.  If  you  want  the server to be able to choose the
3262              file name refer to -J, --remote-header-name which can be used in
3263              addition  to  this option. If the server chooses a file name and
3264              that name already exists it will not be overwritten.
3265
3266              There is no URL decoding done on the file name. If it has %20 or
3267              other  URL  encoded parts of the name, they will end up as-is as
3268              file name.
3269
3270              You may use this option as many times as the number of URLs  you
3271              have.
3272
3273              Example:
3274               curl -O https://example.com/filename
3275
3276       -R, --remote-time
3277              When  used,  this will make curl attempt to figure out the time‐
3278              stamp of the remote file, and if that is available make the  lo‐
3279              cal file get that same timestamp.
3280
3281              Example:
3282               curl --remote-time -o foo https://example.com
3283
3284       --request-target <path>
3285              (HTTP)  Tells curl to use an alternative "target" (path) instead
3286              of using the path as provided in the  URL.  Particularly  useful
3287              when  wanting  to  issue  HTTP requests without leading slash or
3288              other data that doesn't follow the  regular  URL  pattern,  like
3289              "OPTIONS *".
3290
3291              Example:
3292               curl --request-target "*" -X OPTIONS https://example.com
3293
3294              Added in 7.55.0.
3295
3296       -X, --request <command>
3297              (HTTP) Specifies a custom request method to use when communicat‐
3298              ing with the HTTP server.  The specified request method will  be
3299              used  instead  of  the  method otherwise used (which defaults to
3300              GET). Read the HTTP 1.1 specification for details  and  explana‐
3301              tions.  Common  additional HTTP requests include PUT and DELETE,
3302              but related technologies like WebDAV offers PROPFIND, COPY, MOVE
3303              and more.
3304
3305              Normally  you  don't  need  this option. All sorts of GET, HEAD,
3306              POST and PUT requests are rather invoked by using dedicated com‐
3307              mand line options.
3308
3309              This  option  only  changes the actual word used in the HTTP re‐
3310              quest, it does not alter the way curl behaves. So for example if
3311              you  want  to make a proper HEAD request, using -X HEAD will not
3312              suffice. You need to use the -I, --head option.
3313
3314              The method string you set with -X, --request will  be  used  for
3315              all  requests,  which  if you for example use -L, --location may
3316              cause unintended side-effects when curl doesn't  change  request
3317              method according to the HTTP 30x response codes - and similar.
3318
3319              (FTP) Specifies a custom FTP command to use instead of LIST when
3320              doing file lists with FTP.
3321
3322              (POP3) Specifies a custom POP3 command to use instead of LIST or
3323              RETR. (Added in 7.26.0)
3324
3325              (IMAP)  Specifies  a custom IMAP command to use instead of LIST.
3326              (Added in 7.30.0)
3327
3328              (SMTP) Specifies a custom SMTP command to use instead of HELP or
3329              VRFY. (Added in 7.34.0)
3330
3331              If this option is used several times, the last one will be used.
3332
3333              Examples:
3334               curl -X "DELETE" https://example.com
3335               curl -X NLST ftp://example.com/
3336
3337       --resolve <[+]host:port:addr[,addr]...>
3338              Provide  a custom address for a specific host and port pair. Us‐
3339              ing this, you can make the curl requests(s) use a specified  ad‐
3340              dress  and prevent the otherwise normally resolved address to be
3341              used. Consider it a sort of /etc/hosts alternative  provided  on
3342              the  command line. The port number should be the number used for
3343              the specific protocol the host will be used for.  It  means  you
3344              need several entries if you want to provide address for the same
3345              host but different ports.
3346
3347              By specifying '*' as host you can tell curl to resolve any  host
3348              and specific port pair to the specified address. Wildcard is re‐
3349              solved last so any --resolve with a specific host and port  will
3350              be used first.
3351
3352              The provided address set by this option will be used even if -4,
3353              --ipv4 or -6, --ipv6 is set to make curl use another IP version.
3354
3355              By prefixing the host with a '+' you can make the entry time out
3356              after  curl's  default  timeout  (1 minute). Note that this will
3357              only make sense for long running parallel transfers with  a  lot
3358              of files. In such cases, if this option is used curl will try to
3359              resolve the host as it normally would once the timeout  has  ex‐
3360              pired.
3361
3362              Support for providing the IP address within [brackets] was added
3363              in 7.57.0.
3364
3365              Support for providing multiple IP addresses per entry was  added
3366              in 7.59.0.
3367
3368              Support for resolving with wildcard was added in 7.64.0.
3369
3370              Support for the '+' prefix was was added in 7.75.0.
3371
3372              This option can be used many times to add many host names to re‐
3373              solve.
3374
3375              Example:
3376               curl --resolve example.com:443:127.0.0.1 https://example.com
3377
3378              Added in 7.21.3.
3379
3380       --retry-all-errors
3381              Retry on any error. This option is used together with --retry.
3382
3383              This option is the "sledgehammer" of retrying. Do not  use  this
3384              option by default (eg in curlrc), there may be unintended conse‐
3385              quences such as sending or receiving duplicate data. Do not  use
3386              with  redirected  input or output. You'd be much better off han‐
3387              dling your unique problems in shell script. Please read the  ex‐
3388              ample below.
3389
3390              WARNING:  For server compatibility curl attempts to retry failed
3391              flaky transfers as close as possible to how they  were  started,
3392              but  this  is  not possible with redirected input or output. For
3393              example, before retrying it removes output data  from  a  failed
3394              partial  transfer  that  was  written to an output file. However
3395              this is not true of data redirected to a | pipe or > file, which
3396              are  not reset. We strongly suggest don't parse or record output
3397              via redirect in combination with this option, since you may  re‐
3398              ceive duplicate data.
3399
3400              By default curl will not error on an HTTP response code that in‐
3401              dicates an HTTP error, if the transfer was successful. For exam‐
3402              ple,  if  a  server replies 404 Not Found and the reply is fully
3403              received then that is not an error. When --retry  is  used  then
3404              curl  will retry on some HTTP response codes that indicate tran‐
3405              sient HTTP errors, but that does not include most  4xx  response
3406              codes  such  as  404. If you want to retry on all response codes
3407              that indicate HTTP errors (4xx and 5xx) then  combine  with  -f,
3408              --fail.
3409
3410              Example:
3411               curl --retry-all-errors https://example.com
3412
3413              Added in 7.71.0.
3414
3415       --retry-connrefused
3416              In  addition to the other conditions, consider ECONNREFUSED as a
3417              transient error too for --retry. This option  is  used  together
3418              with --retry.
3419
3420              Example:
3421               curl --retry-connrefused --retry https://example.com
3422
3423              Added in 7.52.0.
3424
3425       --retry-delay <seconds>
3426              Make  curl  sleep  this  amount of time before each retry when a
3427              transfer has failed with a transient error (it changes  the  de‐
3428              fault  backoff  time  algorithm between retries). This option is
3429              only interesting if --retry is also used. Setting this delay  to
3430              zero will make curl use the default backoff time.
3431
3432              If this option is used several times, the last one will be used.
3433
3434              Example:
3435               curl --retry-delay 5 --retry https://example.com
3436
3437              Added in 7.12.3.
3438
3439       --retry-max-time <seconds>
3440              The  retry timer is reset before the first transfer attempt. Re‐
3441              tries will be done as usual (see --retry) as long as  the  timer
3442              hasn't reached this given limit. Notice that if the timer hasn't
3443              reached the limit, the request will be made and  while  perform‐
3444              ing,  it may take longer than this given time period. To limit a
3445              single request´s maximum time, use -m, --max-time.  Set this op‐
3446              tion to zero to not timeout retries.
3447
3448              If this option is used several times, the last one will be used.
3449
3450              Example:
3451               curl --retry-max-time 30 --retry 10 https://example.com
3452
3453              Added in 7.12.3.
3454
3455       --retry <num>
3456              If  a  transient  error is returned when curl tries to perform a
3457              transfer, it will retry this number of times before  giving  up.
3458              Setting  the  number to 0 makes curl do no retries (which is the
3459              default). Transient error means either: a timeout,  an  FTP  4xx
3460              response code or an HTTP 408, 429, 500, 502, 503 or 504 response
3461              code.
3462
3463              When curl is about to retry a transfer, it will first  wait  one
3464              second  and  then for all forthcoming retries it will double the
3465              waiting time until it reaches 10 minutes which then will be  the
3466              delay  between  the rest of the retries.  By using --retry-delay
3467              you  disable  this  exponential  backoff  algorithm.  See   also
3468              --retry-max-time to limit the total time allowed for retries.
3469
3470              Since  curl  7.66.0,  curl will comply with the Retry-After: re‐
3471              sponse header if one was present to know when to issue the  next
3472              retry.
3473
3474              If this option is used several times, the last one will be used.
3475
3476              Example:
3477               curl --retry 7 https://example.com
3478
3479              Added in 7.12.3.
3480
3481       --sasl-authzid <identity>
3482              Use this authorisation identity (authzid), during SASL PLAIN au‐
3483              thentication, in addition to the authentication identity  (auth‐
3484              cid) as specified by -u, --user.
3485
3486              If  the  option  isn't specified, the server will derive the au‐
3487              thzid from the authcid, but if specified, and depending  on  the
3488              server  implementation,  it may be used to access another user's
3489              inbox, that the user has been granted access  to,  or  a  shared
3490              mailbox for example.
3491
3492              Example:
3493               curl --sasl-authzid zid imap://example.com/
3494
3495              Added in 7.66.0.
3496
3497       --sasl-ir
3498              Enable initial response in SASL authentication.
3499
3500              Example:
3501               curl --sasl-ir imap://example.com/
3502
3503              Added in 7.31.0.
3504
3505       --service-name <name>
3506              This option allows you to change the service name for SPNEGO.
3507
3508              Examples:    --negotiate    --service-name   sockd   would   use
3509              sockd/server-name.
3510
3511              Example:
3512               curl --service-name sockd/server https://example.com
3513
3514              Added in 7.43.0.
3515
3516       -S, --show-error
3517              When used with -s, --silent, it makes curl show an error message
3518              if it fails.
3519
3520              This option is global and does not need to be specified for each
3521              use of -:, --next.
3522
3523              Example:
3524               curl --show-error --silent https://example.com
3525
3526              See also --no-progress-meter.
3527
3528       -s, --silent
3529              Silent or quiet mode. Don't show progress meter  or  error  mes‐
3530              sages.   Makes  Curl mute. It will still output the data you ask
3531              for, potentially even to the terminal/stdout unless you redirect
3532              it.
3533
3534              Use  -S,  --show-error  in  addition  to  this option to disable
3535              progress meter but still show error messages.
3536
3537              Example:
3538               curl -s https://example.com
3539
3540              See also -v, --verbose, --stderr and --no-progress-meter.
3541
3542       --socks4 <host[:port]>
3543              Use the specified SOCKS4 proxy. If the port number is not speci‐
3544              fied,  it  is  assumed at port 1080. Using this socket type make
3545              curl resolve the host name and passing the  address  on  to  the
3546              proxy.
3547
3548              This  option  overrides any previous use of -x, --proxy, as they
3549              are mutually exclusive.
3550
3551              Since 7.21.7, this option is superfluous since you can specify a
3552              socks4 proxy with -x, --proxy using a socks4:// protocol prefix.
3553
3554              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3555              the same time -x, --proxy is used with an HTTP/HTTPS  proxy.  In
3556              such a case curl first connects to the SOCKS proxy and then con‐
3557              nects (through SOCKS) to the HTTP or HTTPS proxy.
3558
3559              If this option is used several times, the last one will be used.
3560
3561              Example:
3562               curl --socks4 hostname:4096 https://example.com
3563
3564              Added in 7.15.2.
3565
3566       --socks4a <host[:port]>
3567              Use the specified SOCKS4a proxy. If the port number is not spec‐
3568              ified,  it  is  assumed at port 1080. This asks the proxy to re‐
3569              solve the host name.
3570
3571              This option overrides any previous use of -x, --proxy,  as  they
3572              are mutually exclusive.
3573
3574              Since 7.21.7, this option is superfluous since you can specify a
3575              socks4a proxy with -x, --proxy using a socks4a:// protocol  pre‐
3576              fix.
3577
3578              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3579              the same time -x, --proxy is used with an HTTP/HTTPS  proxy.  In
3580              such a case curl first connects to the SOCKS proxy and then con‐
3581              nects (through SOCKS) to the HTTP or HTTPS proxy.
3582
3583              If this option is used several times, the last one will be used.
3584
3585              Example:
3586               curl --socks4a hostname:4096 https://example.com
3587
3588              Added in 7.18.0.
3589
3590       --socks5-basic
3591              Tells curl to use username/password authentication when connect‐
3592              ing  to a SOCKS5 proxy.  The username/password authentication is
3593              enabled by default.  Use --socks5-gssapi to  force  GSS-API  au‐
3594              thentication to SOCKS5 proxies.
3595
3596              Example:
3597               curl --socks5-basic --socks5 hostname:4096 https://example.com
3598
3599              Added in 7.55.0.
3600
3601       --socks5-gssapi-nec
3602              As  part of the GSS-API negotiation a protection mode is negoti‐
3603              ated. RFC 1961 says in section 4.3/4.4 it should  be  protected,
3604              but  the  NEC  reference  implementation  does  not.  The option
3605              --socks5-gssapi-nec allows the unprotected exchange of the  pro‐
3606              tection mode negotiation.
3607
3608              Example:
3609               curl --socks5-gssapi-nec --socks5 hostname:4096 https://example.com
3610
3611              Added in 7.19.4.
3612
3613       --socks5-gssapi-service <name>
3614              The default service name for a socks server is rcmd/server-fqdn.
3615              This option allows you to change it.
3616
3617              Examples:  --socks5  proxy-name  --socks5-gssapi-service   sockd
3618              would  use sockd/proxy-name --socks5 proxy-name --socks5-gssapi-
3619              service sockd/real-name  would  use  sockd/real-name  for  cases
3620              where the proxy-name does not match the principal name.
3621
3622              Example:
3623               curl --socks5-gssapi-service sockd --socks5 hostname:4096 https://example.com
3624
3625              Added in 7.19.4.
3626
3627       --socks5-gssapi
3628              Tells  curl  to  use GSS-API authentication when connecting to a
3629              SOCKS5 proxy.  The GSS-API authentication is enabled by  default
3630              (if  curl is compiled with GSS-API support).  Use --socks5-basic
3631              to force username/password authentication to SOCKS5 proxies.
3632
3633              Example:
3634               curl --socks5-gssapi --socks5 hostname:4096 https://example.com
3635
3636              Added in 7.55.0.
3637
3638       --socks5-hostname <host[:port]>
3639              Use the specified SOCKS5 proxy (and let the  proxy  resolve  the
3640              host  name).  If the port number is not specified, it is assumed
3641              at port 1080.
3642
3643              This option overrides any previous use of -x, --proxy,  as  they
3644              are mutually exclusive.
3645
3646              Since 7.21.7, this option is superfluous since you can specify a
3647              socks5 hostname proxy with -x, --proxy using a socks5h:// proto‐
3648              col prefix.
3649
3650              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3651              the same time -x, --proxy is used with an HTTP/HTTPS  proxy.  In
3652              such a case curl first connects to the SOCKS proxy and then con‐
3653              nects (through SOCKS) to the HTTP or HTTPS proxy.
3654
3655              If this option is used several times, the last one will be used.
3656
3657              Example:
3658               curl --socks5-hostname proxy.example:7000 https://example.com
3659
3660              Added in 7.18.0.
3661
3662       --socks5 <host[:port]>
3663              Use the specified SOCKS5 proxy - but resolve the host  name  lo‐
3664              cally.  If  the  port  number is not specified, it is assumed at
3665              port 1080.
3666
3667              This option overrides any previous use of -x, --proxy,  as  they
3668              are mutually exclusive.
3669
3670              Since 7.21.7, this option is superfluous since you can specify a
3671              socks5 proxy with -x, --proxy using a socks5:// protocol prefix.
3672
3673              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3674              the  same  time -x, --proxy is used with an HTTP/HTTPS proxy. In
3675              such a case curl first connects to the SOCKS proxy and then con‐
3676              nects (through SOCKS) to the HTTP or HTTPS proxy.
3677
3678              If this option is used several times, the last one will be used.
3679
3680              This  option (as well as --socks4) does not work with IPV6, FTPS
3681              or LDAP.
3682
3683              Example:
3684               curl --socks5 proxy.example:7000 https://example.com
3685
3686              Added in 7.18.0.
3687
3688       -Y, --speed-limit <speed>
3689              If a download is slower than this given speed (in bytes per sec‐
3690              ond)  for  speed-time seconds it gets aborted. speed-time is set
3691              with -y, --speed-time and is 30 if not set.
3692
3693              If this option is used several times, the last one will be used.
3694
3695              Example:
3696               curl --speed-limit 300 --speed-time 10 https://example.com
3697
3698       -y, --speed-time <seconds>
3699              If a download is slower than speed-limit bytes per second during
3700              a speed-time period, the download gets aborted. If speed-time is
3701              used, the default speed-limit will be  1  unless  set  with  -Y,
3702              --speed-limit.
3703
3704              This  option  controls  transfers  and thus will not affect slow
3705              connects etc. If this is a concern for you, try  the  --connect-
3706              timeout option.
3707
3708              If this option is used several times, the last one will be used.
3709
3710              Example:
3711               curl --speed-limit 300 --speed-time 10 https://example.com
3712
3713       --ssl-allow-beast
3714              This option tells curl to not work around a security flaw in the
3715              SSL3 and TLS1.0 protocols known as BEAST.  If this option  isn't
3716              used,  the SSL layer may use workarounds known to cause interop‐
3717              erability problems with some older SSL implementations.
3718
3719              WARNING: this option loosens the SSL security, and by using this
3720              flag you ask for exactly that.
3721
3722              Example:
3723               curl --ssl-allow-beast https://example.com
3724
3725              Added in 7.25.0.
3726
3727       --ssl-auto-client-cert
3728              Tell  libcurl  to automatically locate and use a client certifi‐
3729              cate for authentication, when requested by the server. This  op‐
3730              tion  is only supported for Schannel (the native Windows SSL li‐
3731              brary). Prior to 7.77.0 this was the default behavior in libcurl
3732              with Schannel. Since the server can request any certificate that
3733              supports client authentication in the OS  certificate  store  it
3734              could be a privacy violation and unexpected.
3735
3736              Example:
3737               curl --ssl-auto-client-cert https://example.com
3738
3739              See also --proxy-ssl-auto-client-cert. Added in 7.77.0.
3740
3741       --ssl-no-revoke
3742              (Schannel) This option tells curl to disable certificate revoca‐
3743              tion checks.  WARNING: this option loosens the SSL security, and
3744              by using this flag you ask for exactly that.
3745
3746              Example:
3747               curl --ssl-no-revoke https://example.com
3748
3749              Added in 7.44.0.
3750
3751       --ssl-reqd
3752              (FTP IMAP POP3 SMTP) Require SSL/TLS for the connection.  Termi‐
3753              nates the connection if the server doesn't support SSL/TLS.
3754
3755              This option was formerly known as --ftp-ssl-reqd.
3756
3757              Example:
3758               curl --ssl-reqd ftp://example.com
3759
3760              Added in 7.20.0.
3761
3762       --ssl-revoke-best-effort
3763              (Schannel) This option tells curl to ignore certificate  revoca‐
3764              tion checks when they failed due to missing/offline distribution
3765              points for the revocation check lists.
3766
3767              Example:
3768               curl --ssl-revoke-best-effort https://example.com
3769
3770              Added in 7.70.0.
3771
3772       --ssl  (FTP IMAP POP3 SMTP) Try to use SSL/TLS for the connection.  Re‐
3773              verts  to  a non-secure connection if the server doesn't support
3774              SSL/TLS.  See also --ftp-ssl-control and --ssl-reqd for  differ‐
3775              ent levels of encryption required.
3776
3777              This  option  was formerly known as --ftp-ssl (Added in 7.11.0).
3778              That option name can still be used but will be removed in a  fu‐
3779              ture version.
3780
3781              Example:
3782               curl --ssl pop3://example.com/
3783
3784              Added in 7.20.0.
3785
3786       -2, --sslv2
3787              (SSL) This option previously asked curl to use SSLv2, but start‐
3788              ing in curl 7.77.0 this instruction is ignored. SSLv2 is  widely
3789              considered insecure (see RFC 6176).
3790
3791              Example:
3792               curl --sslv2 https://example.com
3793
3794              See  also  --http1.1  and --http2. -2, --sslv2 requires that the
3795              underlying libcurl was built to support TLS. This  option  over‐
3796              rides -3, --sslv3 and -1, --tlsv1 and --tlsv1.1 and --tlsv1.2.
3797
3798       -3, --sslv3
3799              (SSL) This option previously asked curl to use SSLv3, but start‐
3800              ing in curl 7.77.0 this instruction is ignored. SSLv3 is  widely
3801              considered insecure (see RFC 7568).
3802
3803              Example:
3804               curl --sslv3 https://example.com
3805
3806              See  also  --http1.1  and --http2. -3, --sslv3 requires that the
3807              underlying libcurl was built to support TLS. This  option  over‐
3808              rides -2, --sslv2 and -1, --tlsv1 and --tlsv1.1 and --tlsv1.2.
3809
3810       --stderr <file>
3811              Redirect  all writes to stderr to the specified file instead. If
3812              the file name is a plain '-', it is instead written to stdout.
3813
3814              This option is global and does not need to be specified for each
3815              use of -:, --next.
3816
3817              If this option is used several times, the last one will be used.
3818
3819              Example:
3820               curl --stderr output.txt https://example.com
3821
3822              See also -v, --verbose and -s, --silent.
3823
3824       --styled-output
3825              Enables  the automatic use of bold font styles when writing HTTP
3826              headers to the terminal. Use --no-styled-output to  switch  them
3827              off.
3828
3829              This option is global and does not need to be specified for each
3830              use of -:, --next.
3831
3832              Example:
3833               curl --styled-output -I https://example.com
3834
3835              Added in 7.61.0.
3836
3837       --suppress-connect-headers
3838              When -p, --proxytunnel is used and a  CONNECT  request  is  made
3839              don't  output  proxy  CONNECT  response  headers. This option is
3840              meant to be used with -D, --dump-header or -i,  --include  which
3841              are  used  to show protocol headers in the output. It has no ef‐
3842              fect on debug options such as -v, --verbose or --trace,  or  any
3843              statistics.
3844
3845              Example:
3846               curl --suppress-connect-headers --include -x proxy https://example.com
3847
3848              See also -D, --dump-header, -i, --include and -p, --proxytunnel.
3849
3850       --tcp-fastopen
3851              Enable use of TCP Fast Open (RFC7413).
3852
3853              Example:
3854               curl --tcp-fastopen https://example.com
3855
3856              Added in 7.49.0.
3857
3858       --tcp-nodelay
3859              Turn  on the TCP_NODELAY option. See the curl_easy_setopt(3) man
3860              page for details about this option.
3861
3862              Since 7.50.2, curl sets this option by default and you  need  to
3863              explicitly switch it off if you don't want it on.
3864
3865              Example:
3866               curl --tcp-nodelay https://example.com
3867
3868              Added in 7.11.2.
3869
3870       -t, --telnet-option <opt=val>
3871              Pass options to the telnet protocol. Supported options are:
3872
3873              TTYPE=<term> Sets the terminal type.
3874
3875              XDISPLOC=<X display> Sets the X display location.
3876
3877              NEW_ENV=<var,val> Sets an environment variable.
3878
3879              Example:
3880               curl -t TTYPE=vt100 telnet://example.com/
3881
3882       --tftp-blksize <value>
3883              (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block
3884              size that curl will try to use when transferring data to or from
3885              a TFTP server. By default 512 bytes will be used.
3886
3887              If this option is used several times, the last one will be used.
3888
3889              Example:
3890               curl --tftp-blksize 1024 tftp://example.com/file
3891
3892              Added in 7.20.0.
3893
3894       --tftp-no-options
3895              (TFTP) Tells curl not to send TFTP options requests.
3896
3897              This  option  improves  interop with some legacy servers that do
3898              not acknowledge or properly implement TFTP  options.  When  this
3899              option is used --tftp-blksize is ignored.
3900
3901              Example:
3902               curl --tftp-no-options tftp://192.168.0.1/
3903
3904              Added in 7.48.0.
3905
3906       -z, --time-cond <time>
3907              (HTTP  FTP) Request a file that has been modified later than the
3908              given time and date, or one that has been modified  before  that
3909              time.  The <date expression> can be all sorts of date strings or
3910              if it doesn't match any internal ones, it is taken as a filename
3911              and  tries  to get the modification date (mtime) from <file> in‐
3912              stead. See the curl_getdate(3) man pages for date expression de‐
3913              tails.
3914
3915              Start the date expression with a dash (-) to make it request for
3916              a document that is older than the given date/time, default is  a
3917              document that is newer than the specified date/time.
3918
3919              If this option is used several times, the last one will be used.
3920
3921              Examples:
3922               curl -z "Wed 01 Sep 2021 12:18:00" https://example.com
3923               curl -z "-Wed 01 Sep 2021 12:18:00" https://example.com
3924               curl -z file https://example.com
3925
3926       --tls-max <VERSION>
3927              (SSL) VERSION defines maximum supported TLS version. The minimum
3928              acceptable version  is  set  by  tlsv1.0,  tlsv1.1,  tlsv1.2  or
3929              tlsv1.3.
3930
3931              If  the  connection  is done without TLS, this option has no ef‐
3932              fect. This includes QUIC-using (HTTP/3) transfers.
3933
3934
3935              default
3936                     Use up to recommended TLS version.
3937
3938              1.0    Use up to TLSv1.0.
3939
3940              1.1    Use up to TLSv1.1.
3941
3942              1.2    Use up to TLSv1.2.
3943
3944              1.3    Use up to TLSv1.3.
3945
3946       Examples:
3947        curl --tls-max 1.2 https://example.com
3948        curl --tls-max 1.3 --tlsv1.2 https://example.com
3949
3950       See also --tlsv1.0, --tlsv1.1, --tlsv1.2 and --tlsv1.3.  --tls-max  re‐
3951       quires  that  the underlying libcurl was built to support TLS. Added in
3952       7.54.0.
3953
3954       --tls13-ciphers <ciphersuite list>
3955              (TLS) Specifies which cipher suites to use in the connection  if
3956              it  negotiates  TLS 1.3. The list of ciphers suites must specify
3957              valid ciphers. Read up on TLS 1.3 cipher suite details  on  this
3958              URL:
3959
3960               https://curl.se/docs/ssl-ciphers.html
3961
3962              This  option  is  currently  used only when curl is built to use
3963              OpenSSL 1.1.1 or later. If you are using a different SSL backend
3964              you can try setting TLS 1.3 cipher suites by using the --ciphers
3965              option.
3966
3967              If this option is used several times, the last one will be used.
3968
3969              Example:
3970               curl --tls13-ciphers TLS_AES_128_GCM_SHA256 https://example.com
3971
3972       --tlsauthtype <type>
3973              Set TLS authentication type. Currently, the only  supported  op‐
3974              tion  is  "SRP",  for  TLS-SRP  (RFC  5054).  If  --tlsuser  and
3975              --tlspassword are specified but --tlsauthtype is not, then  this
3976              option  defaults to "SRP".  This option works only if the under‐
3977              lying libcurl is built  with  TLS-SRP  support,  which  requires
3978              OpenSSL or GnuTLS with TLS-SRP support.
3979
3980              Example:
3981               curl --tlsauthtype SRP https://example.com
3982
3983              Added in 7.21.4.
3984
3985       --tlspassword <string>
3986              Set  password  for use with the TLS authentication method speci‐
3987              fied with --tlsauthtype. Requires that --tlsuser also be set.
3988
3989              This doesn't work with TLS 1.3.
3990
3991              Example:
3992               curl --tlspassword pwd --tlsuser user https://example.com
3993
3994              Added in 7.21.4.
3995
3996       --tlsuser <name>
3997              Set username for use with the TLS authentication  method  speci‐
3998              fied  with  --tlsauthtype.  Requires  that --tlspassword also is
3999              set.
4000
4001              This doesn't work with TLS 1.3.
4002
4003              Example:
4004               curl --tlspassword pwd --tlsuser user https://example.com
4005
4006              Added in 7.21.4.
4007
4008       --tlsv1.0
4009              (TLS) Forces curl to use TLS version 1.0 or later when  connect‐
4010              ing to a remote TLS server.
4011
4012              In  old  versions  of  curl  this option was documented to allow
4013              _only_ TLS 1.0, but behavior was inconsistent depending  on  the
4014              TLS library. Use --tls-max if you want to set a maximum TLS ver‐
4015              sion.
4016
4017              Example:
4018               curl --tlsv1.0 https://example.com
4019
4020              Added in 7.34.0.
4021
4022       --tlsv1.1
4023              (TLS) Forces curl to use TLS version 1.1 or later when  connect‐
4024              ing to a remote TLS server.
4025
4026              In  old  versions  of  curl  this option was documented to allow
4027              _only_ TLS 1.1, but behavior was inconsistent depending  on  the
4028              TLS library. Use --tls-max if you want to set a maximum TLS ver‐
4029              sion.
4030
4031              Example:
4032               curl --tlsv1.1 https://example.com
4033
4034              Added in 7.34.0.
4035
4036       --tlsv1.2
4037              (TLS) Forces curl to use TLS version 1.2 or later when  connect‐
4038              ing to a remote TLS server.
4039
4040              In  old  versions  of  curl  this option was documented to allow
4041              _only_ TLS 1.2, but behavior was inconsistent depending  on  the
4042              TLS library. Use --tls-max if you want to set a maximum TLS ver‐
4043              sion.
4044
4045              Example:
4046               curl --tlsv1.2 https://example.com
4047
4048              Added in 7.34.0.
4049
4050       --tlsv1.3
4051              (TLS) Forces curl to use TLS version 1.3 or later when  connect‐
4052              ing to a remote TLS server.
4053
4054              If  the  connection  is done without TLS, this option has no ef‐
4055              fect. This includes QUIC-using (HTTP/3) transfers.
4056
4057              Note that TLS 1.3 is not supported by all TLS backends.
4058
4059              Example:
4060               curl --tlsv1.3 https://example.com
4061
4062              Added in 7.52.0.
4063
4064       -1, --tlsv1
4065              (SSL) Tells curl to use at least TLS version 1.x when  negotiat‐
4066              ing  with  a  remote  TLS  server. That means TLS version 1.0 or
4067              higher
4068
4069              Example:
4070               curl --tlsv1 https://example.com
4071
4072              See also --http1.1 and --http2. -1, --tlsv1  requires  that  the
4073              underlying  libcurl  was built to support TLS. This option over‐
4074              rides --tlsv1.1 and --tlsv1.2 and --tlsv1.3.
4075
4076       --tr-encoding
4077              (HTTP) Request a compressed Transfer-Encoding response using one
4078              of  the  algorithms curl supports, and uncompress the data while
4079              receiving it.
4080
4081              Example:
4082               curl --tr-encoding https://example.com
4083
4084              Added in 7.21.6.
4085
4086       --trace-ascii <file>
4087              Enables a full trace dump of all incoming and outgoing data, in‐
4088              cluding  descriptive  information, to the given output file. Use
4089              "-" as filename to have the output sent to stdout.
4090
4091              This is very similar to --trace, but leaves out the hex part and
4092              only  shows  the ASCII part of the dump. It makes smaller output
4093              that might be easier to read for untrained humans.
4094
4095              This option is global and does not need to be specified for each
4096              use of -:, --next.
4097
4098              If this option is used several times, the last one will be used.
4099
4100              Example:
4101               curl --trace-ascii log.txt https://example.com
4102
4103              This option overrides --trace and -v, --verbose.
4104
4105       --trace-time
4106              Prepends  a  time  stamp to each trace or verbose line that curl
4107              displays.
4108
4109              This option is global and does not need to be specified for each
4110              use of -:, --next.
4111
4112              Example:
4113               curl --trace-time --trace-ascii output https://example.com
4114
4115              Added in 7.14.0.
4116
4117       --trace <file>
4118              Enables a full trace dump of all incoming and outgoing data, in‐
4119              cluding descriptive information, to the given output  file.  Use
4120              "-"  as  filename  to have the output sent to stdout. Use "%" as
4121              filename to have the output sent to stderr.
4122
4123              This option is global and does not need to be specified for each
4124              use of -:, --next.
4125
4126              If this option is used several times, the last one will be used.
4127
4128              Example:
4129               curl --trace log.txt https://example.com
4130
4131              This option overrides -v, --verbose and --trace-ascii.
4132
4133       --unix-socket <path>
4134              (HTTP) Connect through this Unix domain socket, instead of using
4135              the network.
4136
4137              Example:
4138               curl --unix-socket socket-path https://example.com
4139
4140              Added in 7.40.0.
4141
4142       -T, --upload-file <file>
4143              This transfers the specified local file to the  remote  URL.  If
4144              there is no file part in the specified URL, curl will append the
4145              local file name. NOTE that you must use a trailing / on the last
4146              directory  to really prove to Curl that there is no file name or
4147              curl will think that your last directory name is the remote file
4148              name to use. That will most likely cause the upload operation to
4149              fail. If this is used on an HTTP(S) server, the PUT command will
4150              be used.
4151
4152              Use  the file name "-" (a single dash) to use stdin instead of a
4153              given file.  Alternately, the file name "."  (a  single  period)
4154              may  be  specified  instead  of "-" to use stdin in non-blocking
4155              mode to allow reading server output while  stdin  is  being  up‐
4156              loaded.
4157
4158              You  can  specify one -T, --upload-file for each URL on the com‐
4159              mand line. Each -T, --upload-file + URL pair specifies  what  to
4160              upload  and  to  where. curl also supports "globbing" of the -T,
4161              --upload-file argument, meaning that  you  can  upload  multiple
4162              files  to a single URL by using the same URL globbing style sup‐
4163              ported in the URL.
4164
4165              When uploading to an SMTP server: the uploaded data  is  assumed
4166              to be RFC 5322 formatted. It has to feature the necessary set of
4167              headers and mail body formatted correctly by the  user  as  curl
4168              will not transcode nor encode it further in any way.
4169
4170              Examples:
4171               curl -T file https://example.com
4172               curl -T "img[1-1000].png" ftp://ftp.example.com/
4173               curl --upload-file "{file1,file2}" https://example.com
4174
4175       --url <url>
4176              Specify  a  URL  to  fetch. This option is mostly handy when you
4177              want to specify URL(s) in a config file.
4178
4179              If the given URL is missing a scheme name (such as "http://"  or
4180              "ftp://"  etc) then curl will make a guess based on the host. If
4181              the outermost sub-domain name matches  DICT,  FTP,  IMAP,  LDAP,
4182              POP3  or  SMTP  then  that protocol will be used, otherwise HTTP
4183              will be used. Since 7.45.0 guessing can be disabled by setting a
4184              default protocol, see --proto-default for details.
4185
4186              This  option  may  be used any number of times. To control where
4187              this URL is written, use the -o, --output or the  -O,  --remote-
4188              name options.
4189
4190              WARNING:  On  Windows,  particular  file:// accesses can be con‐
4191              verted to network accesses by the operating system. Beware!
4192
4193              Example:
4194               curl --url https://example.com
4195
4196       -B, --use-ascii
4197              (FTP LDAP) Enable ASCII transfer. For FTP, this can also be  en‐
4198              forced  by  using  a  URL  that ends with ";type=A". This option
4199              causes data sent to stdout to be in text mode for win32 systems.
4200
4201              Example:
4202               curl -B ftp://example.com/README
4203
4204       -A, --user-agent <name>
4205              (HTTP) Specify the User-Agent string to send to the HTTP server.
4206              To  encode blanks in the string, surround the string with single
4207              quote marks. This header can also be set with the  -H,  --header
4208              or the --proxy-header options.
4209
4210              If  you give an empty argument to -A, --user-agent (""), it will
4211              remove the header completely from the request. If you  prefer  a
4212              blank header, you can set it to a single space (" ").
4213
4214              If this option is used several times, the last one will be used.
4215
4216              Example:
4217               curl -A "Agent 007" https://example.com
4218
4219       -u, --user <user:password>
4220              Specify the user name and password to use for server authentica‐
4221              tion. Overrides -n, --netrc and --netrc-optional.
4222
4223              If you simply specify the user name,  curl  will  prompt  for  a
4224              password.
4225
4226              The  user  name  and  passwords are split up on the first colon,
4227              which makes it impossible to use a colon in the user  name  with
4228              this option. The password can, still.
4229
4230              On systems where it works, curl will hide the given option argu‐
4231              ment from process listings. This is not enough to  protect  cre‐
4232              dentials  from  possibly getting seen by other users on the same
4233              system as they will still be visible for a brief  moment  before
4234              cleared. Such sensitive data should be retrieved from a file in‐
4235              stead or similar and never used in clear text in a command line.
4236
4237              When using Kerberos V5 with a Windows based  server  you  should
4238              include  the  Windows domain name in the user name, in order for
4239              the server to successfully obtain  a  Kerberos  Ticket.  If  you
4240              don't then the initial authentication handshake may fail.
4241
4242              When  using  NTLM,  the user name can be specified simply as the
4243              user name, without the domain, if there is a single  domain  and
4244              forest in your setup for example.
4245
4246              To  specify  the domain name use either Down-Level Logon Name or
4247              UPN (User Principal Name) formats. For example, EXAMPLE\user and
4248              user@example.com respectively.
4249
4250              If  you  use a Windows SSPI-enabled curl binary and perform Ker‐
4251              beros V5, Negotiate, NTLM or Digest authentication then you  can
4252              tell  curl  to select the user name and password from your envi‐
4253              ronment by specifying a single colon with this option: "-u :".
4254
4255              If this option is used several times, the last one will be used.
4256
4257              Example:
4258               curl -u user:secret https://example.com
4259
4260       -v, --verbose
4261              Makes curl verbose during the operation.  Useful  for  debugging
4262              and  seeing  what's  going  on "under the hood". A line starting
4263              with '>' means "header data" sent by  curl,  '<'  means  "header
4264              data"  received  by  curl  that is hidden in normal cases, and a
4265              line starting with '*' means additional info provided by curl.
4266
4267              If you only want HTTP headers in the output, -i, --include might
4268              be the option you're looking for.
4269
4270              If  you think this option still doesn't give you enough details,
4271              consider using --trace or --trace-ascii instead.
4272
4273              This option is global and does not need to be specified for each
4274              use of -:, --next.
4275
4276              Use -s, --silent to make curl really quiet.
4277
4278              Example:
4279               curl --verbose https://example.com
4280
4281              See  also  -i,  --include.  This  option  overrides  --trace and
4282              --trace-ascii.
4283
4284       -V, --version
4285              Displays information about curl and the libcurl version it uses.
4286
4287              The first line includes the full version of  curl,  libcurl  and
4288              other 3rd party libraries linked with the executable.
4289
4290              The  second  line (starts with "Protocols:") shows all protocols
4291              that libcurl reports to support.
4292
4293              The third line (starts with "Features:") shows specific features
4294              libcurl reports to offer. Available features include:
4295
4296              alt-svc
4297                     Support for the Alt-Svc: header is provided.
4298
4299              AsynchDNS
4300                     This  curl  uses asynchronous name resolves. Asynchronous
4301                     name resolves can be done using either the c-ares or  the
4302                     threaded resolver backends.
4303
4304              brotli Support for automatic brotli compression over HTTP(S).
4305
4306              CharConv
4307                     curl was built with support for character set conversions
4308                     (like EBCDIC)
4309
4310              Debug  This curl uses a libcurl built with Debug.  This  enables
4311                     more  error-tracking  and memory debugging etc. For curl-
4312                     developers only!
4313
4314              gsasl  The built-in SASL authentication includes  extensions  to
4315                     support SCRAM because libcurl was built with libgsasl.
4316
4317              GSS-API
4318                     GSS-API is supported.
4319
4320              HSTS   HSTS support is present.
4321
4322              HTTP2  HTTP/2 support has been built-in.
4323
4324              HTTP3  HTTP/3 support has been built-in.
4325
4326              HTTPS-proxy
4327                     This curl is built to support HTTPS proxy.
4328
4329              IDN    This curl supports IDN - international domain names.
4330
4331              IPv6   You can use IPv6 with this.
4332
4333              Kerberos
4334                     Kerberos V5 authentication is supported.
4335
4336              Largefile
4337                     This curl supports transfers of large files, files larger
4338                     than 2GB.
4339
4340              libz   Automatic decompression (via gzip, deflate) of compressed
4341                     files over HTTP is supported.
4342
4343              MultiSSL
4344                     This curl supports multiple TLS backends.
4345
4346              NTLM   NTLM authentication is supported.
4347
4348              NTLM_WB
4349                     NTLM delegation to winbind helper is supported.
4350
4351              PSL    PSL  is  short for Public Suffix List and means that this
4352                     curl has been built with  knowledge  about  "public  suf‐
4353                     fixes".
4354
4355              SPNEGO SPNEGO authentication is supported.
4356
4357              SSL    SSL  versions of various protocols are supported, such as
4358                     HTTPS, FTPS, POP3S and so on.
4359
4360              SSPI   SSPI is supported.
4361
4362              TLS-SRP
4363                     SRP (Secure Remote Password) authentication is  supported
4364                     for TLS.
4365
4366              TrackMemory
4367                     Debug memory tracking is supported.
4368
4369              Unicode
4370                     Unicode support on Windows.
4371
4372              UnixSockets
4373                     Unix sockets support is provided.
4374
4375              zstd   Automatic  decompression  (via  zstd) of compressed files
4376                     over HTTP is supported.
4377
4378       Example:
4379        curl --version
4380
4381       -w, --write-out <format>
4382              Make curl display information on stdout after a completed trans‐
4383              fer.  The  format  is a string that may contain plain text mixed
4384              with any number of variables. The format can be specified  as  a
4385              literal  "string",  or  you can have curl read the format from a
4386              file with "@filename" and to tell curl to read the  format  from
4387              stdin you write "@-".
4388
4389              The  variables  present in the output format will be substituted
4390              by the value or text that curl thinks fit, as  described  below.
4391              All  variables are specified as %{variable_name} and to output a
4392              normal % you just write them as %%. You can output a newline  by
4393              using \n, a carriage return with \r and a tab space with \t.
4394
4395              The  output  will be written to standard output, but this can be
4396              switched to standard error by using %{stderr}.
4397
4398              NOTE: The %-symbol is a special symbol in the win32-environment,
4399              where  all  occurrences of % must be doubled when using this op‐
4400              tion.
4401
4402              The variables available are:
4403
4404              content_type   The Content-Type of the  requested  document,  if
4405                             there was any.
4406
4407              errormsg       The error message. (Added in 7.75.0)
4408
4409              exitcode       The numerical exitcode of the transfer. (Added in
4410                             7.75.0)
4411
4412              filename_effective
4413                             The ultimate filename that curl  writes  out  to.
4414                             This  is only meaningful if curl is told to write
4415                             to a file  with  the  -O,  --remote-name  or  -o,
4416                             --output  option. It's most useful in combination
4417                             with the -J, --remote-header-name option.  (Added
4418                             in 7.26.0)
4419
4420              ftp_entry_path The initial path curl ended up in when logging on
4421                             to the remote FTP server. (Added in 7.15.4)
4422
4423              http_code      The numerical response code that was found in the
4424                             last  retrieved  HTTP(S)  or  FTP(s) transfer. In
4425                             7.18.2 the alias response_code was added to  show
4426                             the same info.
4427
4428              http_connect   The numerical code that was found in the last re‐
4429                             sponse (from a proxy) to a curl CONNECT  request.
4430                             (Added in 7.12.4)
4431
4432              http_version   The  http  version  that  was  effectively  used.
4433                             (Added in 7.50.0)
4434
4435              json           A JSON object with all available keys.
4436
4437              local_ip       The IP address of the local end of the  most  re‐
4438                             cently  done  connection  - can be either IPv4 or
4439                             IPv6. (Added in 7.29.0)
4440
4441              local_port     The local port number of the most  recently  done
4442                             connection. (Added in 7.29.0)
4443
4444              method         The  http method used in the most recent HTTP re‐
4445                             quest. (Added in 7.72.0)
4446
4447              num_connects   Number of new connects made in the recent  trans‐
4448                             fer. (Added in 7.12.3)
4449
4450              num_headers    The number of response headers in the most recent
4451                             request (restarted at each
4452                              redirect). Note that the status line  IS  NOT  a
4453                             header. (Added in 7.73.0)
4454
4455              num_redirects  Number of redirects that were followed in the re‐
4456                             quest. (Added in 7.12.3)
4457
4458              onerror        The rest of the  output  is  only  shown  if  the
4459                             transfer  returned  a  non-zero  error  (Added in
4460                             7.75.0)
4461
4462              proxy_ssl_verify_result
4463                             The result of the HTTPS proxy's SSL peer certifi‐
4464                             cate verification that was requested. 0 means the
4465                             verification was successful. (Added in 7.52.0)
4466
4467              redirect_url   When an HTTP request was made without -L, --loca‐
4468                             tion to follow redirects (or when --max-redirs is
4469                             met), this variable will show the  actual  URL  a
4470                             redirect would have gone to. (Added in 7.18.2)
4471
4472              referer        The  Referer: header, if there was any. (Added in
4473                             7.76.0)
4474
4475              remote_ip      The remote IP address of the most  recently  done
4476                             connection  -  can be either IPv4 or IPv6. (Added
4477                             in 7.29.0)
4478
4479              remote_port    The remote port number of the most recently  done
4480                             connection. (Added in 7.29.0)
4481
4482              response_code  The numerical response code that was found in the
4483                             last transfer (formerly  known  as  "http_code").
4484                             (Added in 7.18.2)
4485
4486              scheme         The  URL  scheme (sometimes called protocol) that
4487                             was effectively used. (Added in 7.52.0)
4488
4489              size_download  The total amount of bytes that  were  downloaded.
4490                             This is the size of the body/data that was trans‐
4491                             fered, excluding headers.
4492
4493              size_header    The total amount of bytes of the downloaded head‐
4494                             ers.
4495
4496              size_request   The  total  amount of bytes that were sent in the
4497                             HTTP request.
4498
4499              size_upload    The total amount of  bytes  that  were  uploaded.
4500                             This is the size of the body/data that was trans‐
4501                             fered, excluding headers.
4502
4503              speed_download The average download speed that curl measured for
4504                             the complete download. Bytes per second.
4505
4506              speed_upload   The  average  upload speed that curl measured for
4507                             the complete upload. Bytes per second.
4508
4509              ssl_verify_result
4510                             The result of the SSL peer certificate  verifica‐
4511                             tion that was requested. 0 means the verification
4512                             was successful. (Added in 7.19.0)
4513
4514              stderr         From this point on, the  -w,  --write-out  output
4515                             will  be  written  to  standard  error. (Added in
4516                             7.63.0)
4517
4518              stdout         From this point on, the  -w,  --write-out  output
4519                             will  be written to standard output.  This is the
4520                             default, but can be used  to  switch  back  after
4521                             switching to stderr.  (Added in 7.63.0)
4522
4523              time_appconnect
4524                             The  time, in seconds, it took from the start un‐
4525                             til the SSL/SSH/etc connect/handshake to the  re‐
4526                             mote host was completed. (Added in 7.19.0)
4527
4528              time_connect   The  time, in seconds, it took from the start un‐
4529                             til the TCP connect to the remote host (or proxy)
4530                             was completed.
4531
4532              time_namelookup
4533                             The  time, in seconds, it took from the start un‐
4534                             til the name resolving was completed.
4535
4536              time_pretransfer
4537                             The time, in seconds, it took from the start  un‐
4538                             til  the  file  transfer was just about to begin.
4539                             This includes all pre-transfer commands and nego‐
4540                             tiations that are specific to the particular pro‐
4541                             tocol(s) involved.
4542
4543              time_redirect  The time, in seconds, it took for all redirection
4544                             steps including name lookup, connect, pretransfer
4545                             and transfer before  the  final  transaction  was
4546                             started.  time_redirect shows the complete execu‐
4547                             tion time for multiple  redirections.  (Added  in
4548                             7.12.3)
4549
4550              time_starttransfer
4551                             The  time, in seconds, it took from the start un‐
4552                             til the first byte was just about  to  be  trans‐
4553                             ferred.  This  includes time_pretransfer and also
4554                             the time the server needed to calculate  the  re‐
4555                             sult.
4556
4557              time_total     The  total time, in seconds, that the full opera‐
4558                             tion lasted.
4559
4560              url            The URL that was fetched. (Added in 7.75.0)
4561
4562              urlnum         The URL index number of this transfer, 0-indexed.
4563                             De-globbed  URLs  share  the same index number as
4564                             the origin globbed URL. (Added in 7.75.0)
4565
4566              url_effective  The URL that was fetched last. This is most mean‐
4567                             ingful  if  you've  told curl to follow location:
4568                             headers.
4569
4570              If this option is used several times, the last one will be used.
4571
4572              Example:
4573               curl -w '%{http_code}\n' https://example.com
4574
4575       --xattr
4576              When saving output to a file, this option tells  curl  to  store
4577              certain  file  metadata  in extended file attributes. Currently,
4578              the URL is stored in the xdg.origin.url attribute and, for HTTP,
4579              the  content  type  is stored in the mime_type attribute. If the
4580              file system does not support extended attributes, a  warning  is
4581              issued.
4582
4583              Example:
4584               curl --xattr -o storage https://example.com
4585

FILES

4587       ~/.curlrc
4588              Default config file, see -K, --config for details.
4589

ENVIRONMENT

4591       The environment variables can be specified in lower case or upper case.
4592       The lower case version has precedence. http_proxy is an exception as it
4593       is only available in lower case.
4594
4595       Using  an  environment variable to set the proxy has the same effect as
4596       using the -x, --proxy option.
4597
4598
4599       http_proxy [protocol://]<host>[:port]
4600              Sets the proxy server to use for HTTP.
4601
4602       HTTPS_PROXY [protocol://]<host>[:port]
4603              Sets the proxy server to use for HTTPS.
4604
4605       [url-protocol]_PROXY [protocol://]<host>[:port]
4606              Sets the proxy server to use for [url-protocol], where the  pro‐
4607              tocol  is  a  protocol  that curl supports and as specified in a
4608              URL. FTP, FTPS, POP3, IMAP, SMTP, LDAP, etc.
4609
4610       ALL_PROXY [protocol://]<host>[:port]
4611              Sets the proxy server to use if no  protocol-specific  proxy  is
4612              set.
4613
4614       NO_PROXY <comma-separated list of hosts/domains>
4615              list  of  host names that shouldn't go through any proxy. If set
4616              to an asterisk '*' only, it matches all hosts. Each name in this
4617              list is matched as either a domain name which contains the host‐
4618              name, or the hostname itself.
4619
4620              This environment variable disables use of the  proxy  even  when
4621              specified  with  the  -x,  --proxy  option. That is NO_PROXY=di‐
4622              rect.example.com  curl  -x  http://proxy.example.com  http://di
4623              rect.example.com   accesses   the   target   URL  directly,  and
4624              NO_PROXY=direct.example.com  curl  -x   http://proxy.example.com
4625              http://somewhere.example.com accesses the target URL through the
4626              proxy.
4627
4628              The list of host names can also  be  include  numerical  IP  ad‐
4629              dresses,  and IPv6 versions should then be given without enclos‐
4630              ing brackets.
4631
4632              IPv6 numerical addresses are compared as strings, so  they  will
4633              only  match  if  the  representations are the same: "::1" is the
4634              same as "::0:1" but they don't match.
4635
4636       CURL_SSL_BACKEND <TLS backend>
4637              If curl was built with support for "MultiSSL", meaning  that  it
4638              has  built-in  support for more than one TLS backend, this envi‐
4639              ronment variable can be set to the case insensitive name of  the
4640              particular  backend  to use when curl is invoked. Setting a name
4641              that isn't a built-in alternative will make curl stay  with  the
4642              default.
4643
4644              SSL  backend  names  (case-insensitive): bearssl, gnutls, gskit,
4645              mbedtls, mesalink, nss, openssl, rustls, schannel, secure-trans‐
4646              port, wolfssl
4647
4648       QLOGDIR <directory name>
4649              If  curl was built with HTTP/3 support, setting this environment
4650              variable to a local directory will make curl  produce  qlogs  in
4651              that  directory,  using  file  names named after the destination
4652              connection id (in hex). Do note  that  these  files  can  become
4653              rather large. Works with both QUIC backends.
4654
4655       SSLKEYLOGFILE <file name>
4656              If  you  set this environment variable to a file name, curl will
4657              store TLS secrets from its connections in that file when invoked
4658              to enable you to analyze the TLS traffic in real time using net‐
4659              work analyzing tools such as Wireshark. This works with the fol‐
4660              lowing  TLS  backends: OpenSSL, libressl, BoringSSL, GnuTLS, NSS
4661              and wolfSSL.
4662

PROXY PROTOCOL PREFIXES

4664       Since curl version 7.21.7, the proxy string may  be  specified  with  a
4665       protocol:// prefix to specify alternative proxy protocols.
4666
4667       If  no  protocol  is  specified  in  the  proxy string or if the string
4668       doesn't match a supported one, the proxy will be  treated  as  an  HTTP
4669       proxy.
4670
4671       The supported proxy protocol prefixes are as follows:
4672
4673       http://
4674              Makes  it use it as an HTTP proxy. The default if no scheme pre‐
4675              fix is used.
4676
4677       https://
4678              Makes it treated as an HTTPS proxy.
4679
4680       socks4://
4681              Makes it the equivalent of --socks4
4682
4683       socks4a://
4684              Makes it the equivalent of --socks4a
4685
4686       socks5://
4687              Makes it the equivalent of --socks5
4688
4689       socks5h://
4690              Makes it the equivalent of --socks5-hostname
4691

EXIT CODES

4693       There are a bunch of different error codes and their corresponding  er‐
4694       ror  messages  that  may  appear under error conditions. At the time of
4695       this writing, the exit codes are:
4696
4697       1      Unsupported protocol. This build of curl has no support for this
4698              protocol.
4699
4700       2      Failed to initialize.
4701
4702       3      URL malformed. The syntax was not correct.
4703
4704       4      A  feature  or option that was needed to perform the desired re‐
4705              quest was not enabled or was explicitly disabled at  build-time.
4706              To make curl able to do this, you probably need another build of
4707              libcurl!
4708
4709       5      Couldn't resolve proxy. The given proxy host could  not  be  re‐
4710              solved.
4711
4712       6      Couldn't  resolve  host.  The given remote host could not be re‐
4713              solved.
4714
4715       7      Failed to connect to host.
4716
4717       8      Weird server reply. The server sent data curl couldn't parse.
4718
4719       9      FTP access denied. The server denied login or denied  access  to
4720              the  particular  resource or directory you wanted to reach. Most
4721              often you tried to change to a directory that doesn't  exist  on
4722              the server.
4723
4724       10     FTP  accept failed. While waiting for the server to connect back
4725              when an active FTP session is used, an error code was sent  over
4726              the control connection or similar.
4727
4728       11     FTP  weird PASS reply. Curl couldn't parse the reply sent to the
4729              PASS request.
4730
4731       12     During an active FTP session while waiting  for  the  server  to
4732              connect back to curl, the timeout expired.
4733
4734       13     FTP  weird PASV reply, Curl couldn't parse the reply sent to the
4735              PASV request.
4736
4737       14     FTP weird 227 format.  Curl  couldn't  parse  the  227-line  the
4738              server sent.
4739
4740       15     FTP  can't  get host. Couldn't resolve the host IP we got in the
4741              227-line.
4742
4743       16     HTTP/2 error. A problem was detected in the HTTP2 framing layer.
4744              This is somewhat generic and can be one out of several problems,
4745              see the error message for details.
4746
4747       17     FTP couldn't set binary. Couldn't change transfer method to  bi‐
4748              nary.
4749
4750       18     Partial file. Only a part of the file was transferred.
4751
4752       19     FTP  couldn't download/access the given file, the RETR (or simi‐
4753              lar) command failed.
4754
4755       21     FTP quote error. A quote command returned error from the server.
4756
4757       22     HTTP page not retrieved. The requested url was not found or  re‐
4758              turned  another  error  with  the  HTTP  error code being 400 or
4759              above. This return code only appears if -f, --fail is used.
4760
4761       23     Write error. Curl couldn't write data to a local  filesystem  or
4762              similar.
4763
4764       25     FTP  couldn't  STOR  file. The server denied the STOR operation,
4765              used for FTP uploading.
4766
4767       26     Read error. Various reading problems.
4768
4769       27     Out of memory. A memory allocation request failed.
4770
4771       28     Operation timeout. The specified time-out period was reached ac‐
4772              cording to the conditions.
4773
4774       30     FTP  PORT  failed.  The PORT command failed. Not all FTP servers
4775              support the PORT command, try doing a transfer  using  PASV  in‐
4776              stead!
4777
4778       31     FTP  couldn't use REST. The REST command failed. This command is
4779              used for resumed FTP transfers.
4780
4781       33     HTTP range error. The range "command" didn't work.
4782
4783       34     HTTP post error. Internal post-request generation error.
4784
4785       35     SSL connect error. The SSL handshaking failed.
4786
4787       36     Bad download resume. Couldn't continue an earlier aborted  down‐
4788              load.
4789
4790       37     FILE couldn't read file. Failed to open the file. Permissions?
4791
4792       38     LDAP cannot bind. LDAP bind operation failed.
4793
4794       39     LDAP search failed.
4795
4796       41     Function not found. A required LDAP function was not found.
4797
4798       42     Aborted by callback. An application told curl to abort the oper‐
4799              ation.
4800
4801       43     Internal error. A function was called with a bad parameter.
4802
4803       45     Interface error. A specified outgoing  interface  could  not  be
4804              used.
4805
4806       47     Too many redirects. When following redirects, curl hit the maxi‐
4807              mum amount.
4808
4809       48     Unknown option specified to libcurl.  This  indicates  that  you
4810              passed  a weird option to curl that was passed on to libcurl and
4811              rejected. Read up in the manual!
4812
4813       49     Malformed telnet option.
4814
4815       51     The peer's SSL certificate or SSH MD5 fingerprint was not OK.
4816
4817       52     The server didn't reply anything, which here  is  considered  an
4818              error.
4819
4820       53     SSL crypto engine not found.
4821
4822       54     Cannot set SSL crypto engine as default.
4823
4824       55     Failed sending network data.
4825
4826       56     Failure in receiving network data.
4827
4828       58     Problem with the local certificate.
4829
4830       59     Couldn't use specified SSL cipher.
4831
4832       60     Peer  certificate cannot be authenticated with known CA certifi‐
4833              cates.
4834
4835       61     Unrecognized transfer encoding.
4836
4837       62     Invalid LDAP URL.
4838
4839       63     Maximum file size exceeded.
4840
4841       64     Requested FTP SSL level failed.
4842
4843       65     Sending the data requires a rewind that failed.
4844
4845       66     Failed to initialise SSL Engine.
4846
4847       67     The user name, password, or similar was not  accepted  and  curl
4848              failed to log in.
4849
4850       68     File not found on TFTP server.
4851
4852       69     Permission problem on TFTP server.
4853
4854       70     Out of disk space on TFTP server.
4855
4856       71     Illegal TFTP operation.
4857
4858       72     Unknown TFTP transfer ID.
4859
4860       73     File already exists (TFTP).
4861
4862       74     No such user (TFTP).
4863
4864       75     Character conversion failed.
4865
4866       76     Character conversion functions required.
4867
4868       77     Problem reading the SSL CA cert (path? access rights?).
4869
4870       78     The resource referenced in the URL does not exist.
4871
4872       79     An unspecified error occurred during the SSH session.
4873
4874       80     Failed to shut down the SSL connection.
4875
4876       82     Could  not  load  CRL  file,  missing  or wrong format (added in
4877              7.19.0).
4878
4879       83     Issuer check failed (added in 7.19.0).
4880
4881       84     The FTP PRET command failed.
4882
4883       85     Mismatch of RTSP CSeq numbers.
4884
4885       86     Mismatch of RTSP Session Identifiers.
4886
4887       87     Unable to parse FTP file list.
4888
4889       88     FTP chunk callback reported error.
4890
4891       89     No connection available, the session will be queued.
4892
4893       90     SSL public key does not matched pinned public key.
4894
4895       91     Invalid SSL certificate status.
4896
4897       92     Stream error in HTTP/2 framing layer.
4898
4899       93     An API function was called from inside a callback.
4900
4901       94     An authentication function returned an error.
4902
4903       95     A problem was detected in the HTTP/3  layer.  This  is  somewhat
4904              generic  and  can  be one out of several problems, see the error
4905              message for details.
4906
4907       96     QUIC connection error. This error may be caused by  an  SSL  li‐
4908              brary error. QUIC is the protocol used for HTTP/3 transfers.
4909
4910       XX     More error codes will appear here in future releases. The exist‐
4911              ing ones are meant to never change.
4912

AUTHORS / CONTRIBUTORS

4914       Daniel Stenberg is the main author, but the whole list of  contributors
4915       is found in the separate THANKS file.
4916

WWW

4918       https://curl.se
4919

SEE ALSO

4921       ftp(1), wget(1)
4922
4923
4924
4925Curl 7.79.1                    November 16, 2016                       curl(1)
Impressum