1curl(1)                           curl Manual                          curl(1)
2
3
4

NAME

6       curl - transfer a URL
7

SYNOPSIS

9       curl [options / URLs]
10

DESCRIPTION

12       curl  is  a tool for transferring data from or to a server. It supports
13       these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS,  HTTP,  HTTPS,
14       IMAP,  IMAPS,  LDAP,  LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP,
15       SFTP, SMB, SMBS, SMTP, SMTPS, TELNET or TFTP. The command  is  designed
16       to work without user interaction.
17
18       curl offers a busload of useful tricks like proxy support, user authen‐
19       tication, FTP upload, HTTP post, SSL connections, cookies, file  trans‐
20       fer resume and more. As you will see below, the number of features will
21       make your head spin.
22
23       curl is powered by  libcurl  for  all  transfer-related  features.  See
24       libcurl(3) for details.
25

URL

27       The  URL  syntax is protocol-dependent. You find a detailed description
28       in RFC 3986.
29
30       You can specify multiple URLs or parts of URLs  by  writing  part  sets
31       within braces and quoting the URL as in:
32
33         "http://site.{one,two,three}.com"
34
35       or you can get sequences of alphanumeric series by using [] as in:
36
37         "ftp://ftp.example.com/file[1-100].txt"
38
39         "ftp://ftp.example.com/file[001-100].txt"    (with leading zeros)
40
41         "ftp://ftp.example.com/file[a-z].txt"
42
43       Nested  sequences  are not supported, but you can use several ones next
44       to each other:
45
46         "http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html"
47
48       You can specify any amount of URLs on the command line.  They  will  be
49       fetched  in a sequential manner in the specified order. You can specify
50       command line options and URLs mixed and in any  order  on  the  command
51       line.
52
53       You  can  specify a step counter for the ranges to get every Nth number
54       or letter:
55
56         "http://example.com/file[1-100:10].txt"
57
58         "http://example.com/file[a-z:2].txt"
59
60       When using [] or {} sequences when invoked from a command line  prompt,
61       you probably have to put the full URL within double quotes to avoid the
62       shell from interfering with it. This also  goes  for  other  characters
63       treated special, like for example '&', '?' and '*'.
64
65       Provide  the IPv6 zone index in the URL with an escaped percentage sign
66       and the interface name. Like in
67
68         "http://[fe80::3%25eth0]/"
69
70       If you specify URL without protocol:// prefix,  curl  will  attempt  to
71       guess  what  protocol  you might want. It will then default to HTTP but
72       try other protocols based on often-used host name prefixes.  For  exam‐
73       ple,  for  host names starting with "ftp." curl will assume you want to
74       speak FTP.
75
76       curl will do its best to use what you pass to it as a URL.  It  is  not
77       trying  to  validate it as a syntactically correct URL by any means but
78       is fairly liberal with what it accepts.
79
80       curl will attempt to re-use connections for multiple file transfers, so
81       that  getting many files from the same server will not do multiple con‐
82       nects / handshakes. This improves speed. Of course this is only done on
83       files  specified  on  a  single command line and cannot be used between
84       separate curl invocations.
85

OUTPUT

87       If not told otherwise, curl writes the received data to stdout. It  can
88       be  instructed  to  instead save that data into a local file, using the
89       --output or --remote-name options. If curl is given  multiple  URLs  to
90       transfer  on  the command line, it similarly needs multiple options for
91       where to save them.
92
93       curl does not parse or otherwise "understand" the content  it  gets  or
94       writes  as  output.  It does no encoding or decoding, unless explicitly
95       asked to with dedicated command line options.
96

PROTOCOLS

98       curl supports numerous protocols, or put in URL  terms:  schemes.  Your
99       particular build may not support them all.
100
101       DICT   Lets you lookup words using online dictionaries.
102
103       FILE   Read  or  write  local  files.  curl  does not support accessing
104              file:// URL remotely, but when running on Microsoft Windows  us‐
105              ing the native UNC approach will work.
106
107       FTP(S) curl  supports  the  File Transfer Protocol with a lot of tweaks
108              and levers. With or without using TLS.
109
110       GOPHER(S)
111              Retrieve files.
112
113       HTTP(S)
114              curl supports HTTP with numerous options and variations. It  can
115              speak HTTP version 0.9, 1.0, 1.1, 2 and 3 depending on build op‐
116              tions and the correct command line options.
117
118       IMAP(S)
119              Using the mail reading protocol, curl can "download" emails  for
120              you. With or without using TLS.
121
122       LDAP(S)
123              curl can do directory lookups for you, with or without TLS.
124
125       MQTT   curl supports MQTT version 3. Downloading over MQTT equals "sub‐
126              scribe" to a topic while uploading/posting equals "publish" on a
127              topic. MQTT over TLS is not supported (yet).
128
129       POP3(S)
130              Downloading  from  a  pop3  server means getting a mail. With or
131              without using TLS.
132
133       RTMP(S)
134              The Realtime Messaging Protocol  is  primarily  used  to  server
135              streaming media and curl can download it.
136
137       RTSP   curl supports RTSP 1.0 downloads.
138
139       SCP    curl supports SSH version 2 scp transfers.
140
141       SFTP   curl supports SFTP (draft 5) done over SSH version 2.
142
143       SMB(S) curl supports SMB version 1 for upload and download.
144
145       SMTP(S)
146              Uploading  contents  to  an  SMTP server means sending an email.
147              With or without TLS.
148
149       TELNET Telling curl to fetch a telnet URL starts an interactive session
150              where  it  sends  what  it  reads  on stdin and outputs what the
151              server sends it.
152
153       TFTP   curl can do TFTP downloads and uploads.
154

PROGRESS METER

156       curl normally displays a progress meter during  operations,  indicating
157       the  amount  of  transferred  data,  transfer speeds and estimated time
158       left, etc. The progress meter displays number of bytes and  the  speeds
159       are  in  bytes per second. The suffixes (k, M, G, T, P) are 1024 based.
160       For example 1k is 1024 bytes. 1M is 1048576 bytes.
161
162       curl displays this data to the terminal by default, so  if  you  invoke
163       curl  to do an operation and it is about to write data to the terminal,
164       it disables the progress meter as otherwise it would mess up the output
165       mixing progress meter and response data.
166
167       If you want a progress meter for HTTP POST or PUT requests, you need to
168       redirect the response output to  a  file,  using  shell  redirect  (>),
169       --output or similar.
170
171       This  does  not apply to FTP upload as that operation does not spit out
172       any response data to the terminal.
173
174       If  you  prefer  a  progress  "bar"  instead  of  the  regular   meter,
175       --progress-bar  is your friend. You can also disable the progress meter
176       completely with the --silent option.
177

OPTIONS

179       Options start with one or two dashes. Many of the  options  require  an
180       additional value next to them.
181
182       The  short  "single-dash"  form  of the options, -d for example, may be
183       used with or without a space between it and its value, although a space
184       is a recommended separator. The long "double-dash" form, --data for ex‐
185       ample, requires a space between it and its value.
186
187       Short version options that do not need any  additional  values  can  be
188       used  immediately  next to each other, like for example you can specify
189       all the options -O, -L and -v at once as -OLv.
190
191       In general, all boolean options are enabled with --option and yet again
192       disabled  with  --no-option.  That is, you use the same option name but
193       prefix it with "no-". However, in this list we  mostly  only  list  and
194       show the --option version of them.
195
196       --abstract-unix-socket <path>
197              (HTTP)  Connect  through an abstract Unix domain socket, instead
198              of using the network.  Note: netstat shows the path  of  an  ab‐
199              stract  socket  prefixed  with  '@', however the <path> argument
200              should not have this leading character.
201
202              Example:
203               curl --abstract-unix-socket socketpath https://example.com
204
205              See also --unix-socket. Added in 7.53.0.
206
207       --alt-svc <file name>
208              (HTTPS) This option enables the alt-svc parser in curl.  If  the
209              file name points to an existing alt-svc cache file, that will be
210              used. After a completed transfer, the cache will be saved to the
211              file name again if it has been modified.
212
213              Specify a "" file name (zero length) to avoid loading/saving and
214              make curl just handle the cache in memory.
215
216              If this option is used several times, curl  will  load  contents
217              from all the files but the last one will be used for saving.
218
219              Example:
220               curl --alt-svc svc.txt https://example.com
221
222              See also --resolve and --connect-to. Added in 7.64.1.
223
224       --anyauth
225              (HTTP) Tells curl to figure out authentication method by itself,
226              and use the most secure one the remote site claims  to  support.
227              This is done by first doing a request and checking the response-
228              headers, thus possibly inducing  an  extra  network  round-trip.
229              This  is  used  instead  of  setting  a  specific authentication
230              method, which you can do with  --basic,  --digest,  --ntlm,  and
231              --negotiate.
232
233              Using --anyauth is not recommended if you do uploads from stdin,
234              since it may require data to be sent twice and then  the  client
235              must  be able to rewind. If the need should arise when uploading
236              from stdin, the upload operation will fail.
237
238              Used together with -u, --user.
239
240              Example:
241               curl --anyauth --user me:pwd https://example.com
242
243              See also --proxy-anyauth, --basic and --digest.
244
245       -a, --append
246              (FTP SFTP) When used in an upload, this makes curl append to the
247              target  file  instead of overwriting it. If the remote file does
248              not exist, it will be created. Note that this flag is ignored by
249              some SFTP servers (including OpenSSH).
250
251              Example:
252               curl --upload-file local --append ftp://example.com/
253
254              See also -r, --range and -C, --continue-at.
255
256       --aws-sigv4 <provider1[:provider2[:region[:service]]]>
257              Use AWS V4 signature authentication in the transfer.
258
259              The  provider argument is a string that is used by the algorithm
260              when creating outgoing authentication headers.
261
262              The region argument is a string that points to a geographic area
263              of  a resources collection (region-code) when the region name is
264              omitted from the endpoint.
265
266              The service argument is a string that points to a function  pro‐
267              vided by a cloud (service-code) when the service name is omitted
268              from the endpoint.
269
270              Example:
271               curl --aws-sigv4 "aws:amz:east-2:es" --user "key:secret" https://example.com
272
273              See also --basic and -u, --user. Added in 7.75.0.
274
275       --basic
276              (HTTP) Tells curl to use HTTP Basic authentication with the  re‐
277              mote host. This is the default and this option is usually point‐
278              less, unless you use it to override a previously set option that
279              sets  a  different  authentication method (such as --ntlm, --di‐
280              gest, or --negotiate).
281
282              Used together with -u, --user.
283
284              Example:
285               curl -u name:password --basic https://example.com
286
287              See also --proxy-basic.
288
289       --cacert <file>
290              (TLS) Tells curl to use the specified certificate file to verify
291              the  peer.  The  file  may contain multiple CA certificates. The
292              certificate(s) must be in PEM format. Normally curl is built  to
293              use a default file for this, so this option is typically used to
294              alter that default file.
295
296              curl recognizes the environment variable named  'CURL_CA_BUNDLE'
297              if  it  is  set,  and uses the given path as a path to a CA cert
298              bundle. This option overrides that variable.
299
300              The windows version of curl will automatically  look  for  a  CA
301              certs file named 'curl-ca-bundle.crt', either in the same direc‐
302              tory as curl.exe, or in the Current Working Directory, or in any
303              folder along your PATH.
304
305              If  curl  is  built  against  the  NSS  SSL library, the NSS PEM
306              PKCS#11 module (libnsspem.so) needs to be available for this op‐
307              tion to work properly.
308
309              (iOS  and macOS only) If curl is built against Secure Transport,
310              then this option is supported for  backward  compatibility  with
311              other  SSL  engines,  but it should not be set. If the option is
312              not set, then curl will use the certificates in the  system  and
313              user  Keychain to verify the peer, which is the preferred method
314              of verifying the peer's certificate chain.
315
316              (Schannel only) This option is supported for Schannel in Windows
317              7  or later with libcurl 7.60 or later. This option is supported
318              for backward compatibility with other SSL engines; instead it is
319              recommended  to use Windows' store of root certificates (the de‐
320              fault for Schannel).
321
322              If this option is used several times, the last one will be used.
323
324              Example:
325               curl --cacert CA-file.txt https://example.com
326
327              See also --capath and -k, --insecure.
328
329       --capath <dir>
330              (TLS) Tells curl to use the specified certificate  directory  to
331              verify  the  peer.  Multiple paths can be provided by separating
332              them with ":" (e.g.  "path1:path2:path3"). The certificates must
333              be  in PEM format, and if curl is built against OpenSSL, the di‐
334              rectory must have been processed using the c_rehash utility sup‐
335              plied  with  OpenSSL.  Using  --capath can allow OpenSSL-powered
336              curl to make SSL-connections much more  efficiently  than  using
337              --cacert if the --cacert file contains many CA certificates.
338
339              If this option is set, the default capath value will be ignored,
340              and if it is used several times, the last one will be used.
341
342              Example:
343               curl --capath /local/directory https://example.com
344
345              See also --cacert and -k, --insecure.
346
347       --cert-status
348              (TLS) Tells curl to verify the status of the server  certificate
349              by using the Certificate Status Request (aka. OCSP stapling) TLS
350              extension.
351
352              If this option is enabled and the server sends an invalid  (e.g.
353              expired) response, if the response suggests that the server cer‐
354              tificate has been revoked, or no response at  all  is  received,
355              the verification fails.
356
357              This  is  currently  only implemented in the OpenSSL, GnuTLS and
358              NSS backends.
359
360              Example:
361               curl --cert-status https://example.com
362
363              See also --pinnedpubkey. Added in 7.41.0.
364
365       --cert-type <type>
366              (TLS) Tells curl what type the provided  client  certificate  is
367              using. PEM, DER, ENG and P12 are recognized types. If not speci‐
368              fied, PEM is assumed.
369
370              If this option is used several times, the last one will be used.
371
372              Example:
373               curl --cert-type PEM --cert file https://example.com
374
375              See also -E, --cert, --key and --key-type.
376
377       -E, --cert <certificate[:password]>
378              (TLS) Tells curl to use the specified  client  certificate  file
379              when getting a file with HTTPS, FTPS or another SSL-based proto‐
380              col. The certificate must be in PKCS#12 format if  using  Secure
381              Transport,  or  PEM format if using any other engine. If the op‐
382              tional password is not specified, it will be queried for on  the
383              terminal.  Note  that  this  option assumes a "certificate" file
384              that is the private key and the client certificate concatenated!
385              See --cert and --key to specify them independently.
386
387              If  curl  is  built against the NSS SSL library then this option
388              can tell curl the nickname of the certificate to use within  the
389              NSS  database defined by the environment variable SSL_DIR (or by
390              default /etc/pki/nssdb). If the NSS  PEM  PKCS#11  module  (lib‐
391              nsspem.so)  is  available  then  PEM files may be loaded. If you
392              want to use a file from the current directory, please precede it
393              with  "./"  prefix, in order to avoid confusion with a nickname.
394              If the nickname contains ":", it needs to be preceded by "\"  so
395              that it is not recognized as password delimiter. If the nickname
396              contains "\", it needs to be escaped as "\\" so that it  is  not
397              recognized as an escape character.
398
399              If  curl is built against OpenSSL library, and the engine pkcs11
400              is available, then a PKCS#11 URI (RFC 7512) can be used to spec‐
401              ify  a  certificate located in a PKCS#11 device. A string begin‐
402              ning with "pkcs11:" will be interpreted as a PKCS#11 URI.  If  a
403              PKCS#11 URI is provided, then the --engine option will be set as
404              "pkcs11" if none was provided and the --cert-type option will be
405              set as "ENG" if none was provided.
406
407              (iOS  and macOS only) If curl is built against Secure Transport,
408              then the certificate string can either be the name of a certifi‐
409              cate/private  key in the system or user keychain, or the path to
410              a PKCS#12-encoded certificate and private key. If  you  want  to
411              use  a  file  from the current directory, please precede it with
412              "./" prefix, in order to avoid confusion with a nickname.
413
414              (Schannel only) Client certificates must be specified by a  path
415              expression  to  a  certificate  store.  (Loading PFX is not sup‐
416              ported; you can import it to a store first). You can use "<store
417              location>\<store  name>\<thumbprint>"  to refer to a certificate
418              in  the  system  certificates  store,  for   example,   "Curren‐
419              tUser\MY\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a".   Thumbprint
420              is usually a SHA-1 hex string which you can see  in  certificate
421              details.  Following  store locations are supported: CurrentUser,
422              LocalMachine, CurrentService, Services,  CurrentUserGroupPolicy,
423              LocalMachineGroupPolicy, LocalMachineEnterprise.
424
425              If this option is used several times, the last one will be used.
426
427              Example:
428               curl --cert certfile --key keyfile https://example.com
429
430              See also --cert-type, --key and --key-type.
431
432       --ciphers <list of ciphers>
433              (TLS) Specifies which ciphers to use in the connection. The list
434              of ciphers must specify valid ciphers. Read  up  on  SSL  cipher
435              list details on this URL:
436
437               https://curl.se/docs/ssl-ciphers.html
438
439              If this option is used several times, the last one will be used.
440
441              Example:
442               curl --ciphers ECDHE-ECDSA-AES256-CCM8 https://example.com
443
444              See also --tlsv1.3.
445
446       --compressed-ssh
447              (SCP SFTP) Enables built-in SSH compression.  This is a request,
448              not an order; the server may or may not do it.
449
450              Example:
451               curl --compressed-ssh sftp://example.com/
452
453              See also --compressed. Added in 7.56.0.
454
455       --compressed
456              (HTTP) Request a compressed response using one of the algorithms
457              curl supports, and automatically decompress the content. Headers
458              are not modified.
459
460              If this option is used and the server sends an  unsupported  en‐
461              coding, curl will report an error. This is a request, not an or‐
462              der; the server may or may not deliver data compressed.
463
464              Example:
465               curl --compressed https://example.com
466
467              See also --compressed-ssh.
468
469       -K, --config <file>
470              Specify a text file to read curl  arguments  from.  The  command
471              line  arguments  found  in the text file will be used as if they
472              were provided on the command line.
473
474              Options and their parameters must be specified on the same  line
475              in the file, separated by whitespace, colon, or the equals sign.
476              Long option names can optionally be given  in  the  config  file
477              without the initial double dashes and if so, the colon or equals
478              characters can be used as separators. If the option is specified
479              with  one or two dashes, there can be no colon or equals charac‐
480              ter between the option and its parameter.
481
482              If the parameter contains whitespace (or starts with  :  or  =),
483              the  parameter  must  be  enclosed  within quotes. Within double
484              quotes, the following escape sequences are  available:  \\,  \",
485              \t, \n, \r and \v. A backslash preceding any other letter is ig‐
486              nored.
487
488              If the first column of a config line is  a  '#'  character,  the
489              rest of the line will be treated as a comment.
490
491              Only write one option per physical line in the config file.
492
493              Specify  the  filename  to --config as '-' to make curl read the
494              file from stdin.
495
496              Note that to be able to specify a URL in the  config  file,  you
497              need  to  specify  it  using the --url option, and not by simply
498              writing the URL on its own line. So, it could  look  similar  to
499              this:
500
501              url = "https://curl.se/docs/"
502
503               # --- Example file ---
504               # this is a comment
505               url = "example.com"
506               output = "curlhere.html"
507               user-agent = "superagent/1.0"
508
509               # and fetch another URL too
510               url = "example.com/docs/manpage.html"
511               -O
512               referer = "http://nowhereatall.example.com/"
513               # --- End of example file ---
514
515              When curl is invoked, it (unless --disable is used) checks for a
516              default config file and uses it if found, even when --config  is
517              used.  The  default  config file is checked for in the following
518              places in this order:
519
520              1) "$CURL_HOME/.curlrc"
521
522              2) "$XDG_CONFIG_HOME/.curlrc" (Added in 7.73.0)
523
524              3) "$HOME/.curlrc"
525
526              4) Windows: "%USERPROFILE%\.curlrc"
527
528              5) Windows: "%APPDATA%\.curlrc"
529
530              6) Windows: "%USERPROFILE%\Application Data\.curlrc"
531
532              7) Non-Windows: use getpwuid to find the home directory
533
534              8) On Windows, if it finds no .curlrc file in the  sequence  de‐
535              scribed  above,  it checks for one in the same dir the curl exe‐
536              cutable is placed.
537
538              On Windows two filenames are checked per location:  .curlrc  and
539              _curlrc,  preferring  the  former.  Older  versions  on  Windows
540              checked for _curlrc only.
541
542              This option can be used multiple times to load  multiple  config
543              files.
544
545              Example:
546               curl --config file.txt https://example.com
547
548              See also -q, --disable.
549
550       --connect-timeout <fractional seconds>
551              Maximum  time  in  seconds  that  you allow curl's connection to
552              take.  This only limits the connection phase, so  if  curl  con‐
553              nects  within the given period it will continue - if not it will
554              exit.  Since version 7.32.0, this option accepts decimal values.
555
556              If this option is used several times, the last one will be used.
557
558              Examples:
559               curl --connect-timeout 20 https://example.com
560               curl --connect-timeout 3.14 https://example.com
561
562              See also -m, --max-time.
563
564       --connect-to <HOST1:PORT1:HOST2:PORT2>
565
566              For  a  request  to  the  given  HOST1:PORT1  pair,  connect  to
567              HOST2:PORT2 instead.  This option is suitable to direct requests
568              at a specific server, e.g. at a specific cluster node in a clus‐
569              ter  of  servers. This option is only used to establish the net‐
570              work connection. It does NOT affect the  hostname/port  that  is
571              used for TLS/SSL (e.g. SNI, certificate verification) or for the
572              application protocols. "HOST1" and  "PORT1"  may  be  the  empty
573              string, meaning "any host/port". "HOST2" and "PORT2" may also be
574              the  empty  string,  meaning   "use   the   request's   original
575              host/port".
576
577              A "host" specified to this option is compared as a string, so it
578              needs to match the name used in request URL. It  can  be  either
579              numerical such as "127.0.0.1" or the full host name such as "ex‐
580              ample.org".
581
582              This option can be used many times to add many connect rules.
583
584              Example:
585               curl --connect-to example.com:443:example.net:8443 https://example.com
586
587              See also --resolve and -H, --header. Added in 7.49.0.
588
589       -C, --continue-at <offset>
590              Continue/Resume a previous file transfer at  the  given  offset.
591              The  given  offset  is  the  exact  number of bytes that will be
592              skipped, counting from the beginning of the source  file  before
593              it  is transferred to the destination. If used with uploads, the
594              FTP server command SIZE will not be used by curl.
595
596              Use "-C -" to tell curl to automatically find out  where/how  to
597              resume  the  transfer. It then uses the given output/input files
598              to figure that out.
599
600              If this option is used several times, the last one will be used.
601
602              Examples:
603               curl -C - https://example.com
604               curl -C 400 https://example.com
605
606              See also -r, --range.
607
608       -c, --cookie-jar <filename>
609              (HTTP) Specify to which file you want curl to write all  cookies
610              after  a  completed  operation. Curl writes all cookies from its
611              in-memory cookie storage to the given file at the end of  opera‐
612              tions.  If  no  cookies  are known, no data will be written. The
613              file will be written using the Netscape cookie file  format.  If
614              you set the file name to a single dash, "-", the cookies will be
615              written to stdout.
616
617              This command line option will activate the  cookie  engine  that
618              makes curl record and use cookies. Another way to activate it is
619              to use the --cookie option.
620
621              If the cookie jar cannot be created or  written  to,  the  whole
622              curl  operation  will  not fail or even report an error clearly.
623              Using --verbose will get a warning displayed, but  that  is  the
624              only  visible feedback you get about this possibly lethal situa‐
625              tion.
626
627              If this option is used several times, the  last  specified  file
628              name will be used.
629
630              Examples:
631               curl -c store-here.txt https://example.com
632               curl -c store-here.txt -b read-these https://example.com
633
634              See also -b, --cookie.
635
636       -b, --cookie <data|filename>
637              (HTTP) Pass the data to the HTTP server in the Cookie header. It
638              is supposedly the data previously received from the server in  a
639              "Set-Cookie:"   line.   The   data   should  be  in  the  format
640              "NAME1=VALUE1; NAME2=VALUE2".
641
642              If no '=' symbol is used in the argument, it is instead  treated
643              as a filename to read previously stored cookie from. This option
644              also activates the cookie engine which will make curl record in‐
645              coming cookies, which may be handy if you are using this in com‐
646              bination with the --location option or do multiple URL transfers
647              on  the  same invoke. If the file name is exactly a minus ("-"),
648              curl will instead read the contents from stdin.
649
650              The file format of the file to read cookies from should be plain
651              HTTP  headers  (Set-Cookie style) or the Netscape/Mozilla cookie
652              file format.
653
654              The file specified with --cookie is only used as input. No cook‐
655              ies  will  be  written  to  the  file. To store cookies, use the
656              --cookie-jar option.
657
658              If you use the Set-Cookie file format and do not specify  a  do‐
659              main  then  the  cookie  is not sent since the domain will never
660              match. To address this, set a domain in Set-Cookie  line  (doing
661              that  will  include sub-domains) or preferably: use the Netscape
662              format.
663
664              This option can be used multiple times.
665
666              Users often want to both read cookies from a file and write  up‐
667              dated  cookies  back  to  a  file,  so  using  both --cookie and
668              --cookie-jar in the same command line is common.
669
670              Examples:
671               curl -b cookiefile https://example.com
672               curl -b cookiefile -c cookiefile https://example.com
673
674              See also -c, --cookie-jar and -j, --junk-session-cookies.
675
676       --create-dirs
677              When used in conjunction with the  --output  option,  curl  will
678              create  the  necessary local directory hierarchy as needed. This
679              option creates the directories mentioned with the  --output  op‐
680              tion, nothing else. If the --output file name uses no directory,
681              or if the directories it mentions already exist, no  directories
682              will be created.
683
684              Created dirs are made with mode 0750 on unix style file systems.
685
686              To  create remote directories when using FTP or SFTP, try --ftp-
687              create-dirs.
688
689              Example:
690               curl --create-dirs --output local/dir/file https://example.com
691
692              See also --ftp-create-dirs and --output-dir.
693
694       --create-file-mode <mode>
695              (SFTP SCP FILE) When curl is used to create files remotely using
696              one  of  the supported protocols, this option allows the user to
697              set which 'mode' to set on the file at creation time, instead of
698              the default 0644.
699
700              This option takes an octal number as argument.
701
702              If this option is used several times, the last one will be used.
703
704              Example:
705               curl --create-file-mode 0777 -T localfile sftp://example.com/new
706
707              See also --ftp-create-dirs. Added in 7.75.0.
708
709       --crlf (FTP  SMTP)  Convert  LF  to  CRLF  in  upload.  Useful  for MVS
710              (OS/390).
711
712              (SMTP added in 7.40.0)
713
714              Example:
715               curl --crlf -T file ftp://example.com/
716
717              See also -B, --use-ascii.
718
719       --crlfile <file>
720              (TLS) Provide a file using PEM format with a Certificate Revoca‐
721              tion List that may specify peer certificates that are to be con‐
722              sidered revoked.
723
724              If this option is used several times, the last one will be used.
725
726              Example:
727               curl --crlfile rejects.txt https://example.com
728
729              See also --cacert and --capath.
730
731       --curves <algorithm list>
732              (TLS) Tells curl to request specific curves to  use  during  SSL
733              session  establishment according to RFC 8422, 5.1.  Multiple al‐
734              gorithms can be provided  by  separating  them  with  ":"  (e.g.
735              "X25519:P-521").   The parameter is available identically in the
736              "openssl s_client/s_server" utilities.
737
738              --curves allows a OpenSSL powered curl to  make  SSL-connections
739              with  exactly  the  (EC) curve requested by the client, avoiding
740              nontransparent client/server negotiations.
741
742              If this option is  set,  the  default  curves  list  built  into
743              openssl will be ignored.
744
745              Example:
746               curl --curves X25519 https://example.com
747
748              See also --ciphers. Added in 7.73.0.
749
750       --data-ascii <data>
751              (HTTP) This is just an alias for -d, --data.
752
753              Example:
754               curl --data-ascii @file https://example.com
755
756              See also --data-binary, --data-raw and --data-urlencode.
757
758       --data-binary <data>
759              (HTTP)  This  posts data exactly as specified with no extra pro‐
760              cessing whatsoever.
761
762              If you start the data with the letter @, the rest  should  be  a
763              filename. Data is posted in a similar manner as --data does, ex‐
764              cept that newlines and carriage returns are preserved  and  con‐
765              versions are never done.
766
767              Like  --data  the default content-type sent to the server is ap‐
768              plication/x-www-form-urlencoded. If you  want  the  data  to  be
769              treated as arbitrary binary data by the server then set the con‐
770              tent-type to octet-stream: -H "Content-Type:  application/octet-
771              stream".
772
773              If  this  option  is  used several times, the ones following the
774              first will append data as described in -d, --data.
775
776              Example:
777               curl --data-binary @filename https://example.com
778
779              See also --data-ascii.
780
781       --data-raw <data>
782              (HTTP) This posts data similarly to --data but without the  spe‐
783              cial interpretation of the @ character.
784
785              Examples:
786               curl --data-raw "hello" https://example.com
787               curl --data-raw "@at@at@" https://example.com
788
789              See also -d, --data. Added in 7.43.0.
790
791       --data-urlencode <data>
792              (HTTP) This posts data, similar to the other --data options with
793              the exception that this performs URL-encoding.
794
795              To be CGI-compliant, the <data> part should begin  with  a  name
796              followed  by a separator and a content specification. The <data>
797              part can be passed to curl using one of the following syntaxes:
798
799              content
800                     This will make curl URL-encode the content and pass  that
801                     on.  Just be careful so that the content does not contain
802                     any = or @ symbols, as that will  then  make  the  syntax
803                     match one of the other cases below!
804
805              =content
806                     This  will make curl URL-encode the content and pass that
807                     on. The preceding = symbol is not included in the data.
808
809              name=content
810                     This will make curl URL-encode the content part and  pass
811                     that  on.  Note that the name part is expected to be URL-
812                     encoded already.
813
814              @filename
815                     This will make curl load data from the  given  file  (in‐
816                     cluding  any  newlines), URL-encode that data and pass it
817                     on in the POST.
818
819              name@filename
820                     This will make curl load data from the  given  file  (in‐
821                     cluding  any  newlines), URL-encode that data and pass it
822                     on in the POST. The name part  gets  an  equal  sign  ap‐
823                     pended,  resulting  in name=urlencoded-file-content. Note
824                     that the name is expected to be URL-encoded already.
825
826       Examples:
827        curl --data-urlencode name=val https://example.com
828        curl --data-urlencode =encodethis https://example.com
829        curl --data-urlencode name@file https://example.com
830        curl --data-urlencode @fileonly https://example.com
831
832       See also -d, --data and --data-raw.
833
834       -d, --data <data>
835              (HTTP MQTT) Sends the specified data in a POST  request  to  the
836              HTTP server, in the same way that a browser does when a user has
837              filled in an HTML form and presses the submit button. This  will
838              cause curl to pass the data to the server using the content-type
839              application/x-www-form-urlencoded. Compare to -F, --form.
840
841              --data-raw is almost the same but does not have a special inter‐
842              pretation  of  the  @ character. To post data purely binary, you
843              should instead use the --data-binary option. To  URL-encode  the
844              value of a form field you may use --data-urlencode.
845
846              If  any of these options is used more than once on the same com‐
847              mand line, the data pieces specified will be merged with a sepa‐
848              rating  &-symbol.  Thus,  using  '-d name=daniel -d skill=lousy'
849              would    generate    a    post    chunk    that    looks    like
850              'name=daniel&skill=lousy'.
851
852              If  you  start  the data with the letter @, the rest should be a
853              file name to read the data from, or - if you want curl  to  read
854              the  data  from  stdin.  Posting data from a file named 'foobar'
855              would thus be done with -d, --data @foobar. When --data is  told
856              to  read  from  a  file like that, carriage returns and newlines
857              will be stripped out. If you do not want the @ character to have
858              a special interpretation use --data-raw instead.
859
860              Examples:
861               curl -d "name=curl" https://example.com
862               curl -d "name=curl" -d "tool=cmdline" https://example.com
863               curl -d @filename https://example.com
864
865              See  also  --data-binary,  --data-urlencode and --data-raw. This
866              option overrides -F, --form and -I,  --head  and  -T,  --upload-
867              file.
868
869       --delegation <LEVEL>
870              (GSS/kerberos)  Set  LEVEL to tell the server what it is allowed
871              to delegate when it comes to user credentials.
872
873              none   Do not allow any delegation.
874
875              policy Delegates if and only if the OK-AS-DELEGATE flag  is  set
876                     in  the  Kerberos  service  ticket,  which is a matter of
877                     realm policy.
878
879              always Unconditionally allow the server to delegate.
880
881       If this option is used several times, the last one will be used.
882
883       Example:
884        curl --delegation "none" https://example.com
885
886       See also -k, --insecure and --ssl.
887
888       --digest
889              (HTTP) Enables HTTP Digest authentication. This is an  authenti‐
890              cation  scheme  that  prevents the password from being sent over
891              the wire in clear text. Use this in combination with the  normal
892              --user option to set user name and password.
893
894              If  this  option  is  used  several times, only the first one is
895              used.
896
897              Example:
898               curl -u name:password --digest https://example.com
899
900              See also -u, --user, --proxy-digest and --anyauth.  This  option
901              overrides --basic and --ntlm and --negotiate.
902
903       --disable-eprt
904              (FTP) Tell curl to disable the use of the EPRT and LPRT commands
905              when doing active FTP transfers. Curl will normally always first
906              attempt  to use EPRT, then LPRT before using PORT, but with this
907              option, it will use PORT right away. EPRT and  LPRT  are  exten‐
908              sions  to  the  original  FTP  protocol, and may not work on all
909              servers, but they enable more functionality in a better way than
910              the traditional PORT command.
911
912              --eprt can be used to explicitly enable EPRT again and --no-eprt
913              is an alias for --disable-eprt.
914
915              If the server is accessed using IPv6, this option will  have  no
916              effect as EPRT is necessary then.
917
918              Disabling  EPRT only changes the active behavior. If you want to
919              switch to passive mode you need to not use --ftp-port  or  force
920              it with --ftp-pasv.
921
922              Example:
923               curl --disable-eprt ftp://example.com/
924
925              See also --disable-epsv and -P, --ftp-port.
926
927       --disable-epsv
928              (FTP)  Tell curl to disable the use of the EPSV command when do‐
929              ing passive FTP transfers. Curl will normally always  first  at‐
930              tempt to use EPSV before PASV, but with this option, it will not
931              try using EPSV.
932
933              --epsv can be used to explicitly enable EPSV again and --no-epsv
934              is an alias for --disable-epsv.
935
936              If  the  server is an IPv6 host, this option will have no effect
937              as EPSV is necessary then.
938
939              Disabling EPSV only changes the passive behavior. If you want to
940              switch to active mode you need to use -P, --ftp-port.
941
942              Example:
943               curl --disable-epsv ftp://example.com/
944
945              See also --disable-eprt and -P, --ftp-port.
946
947       -q, --disable
948              If  used  as the first parameter on the command line, the curlrc
949              config file will not be read and used. See the --config for  de‐
950              tails on the default config file search path.
951
952              Example:
953               curl -q https://example.com
954
955              See also -K, --config.
956
957       --disallow-username-in-url
958              (HTTP)  This  tells  curl  to  exit if passed a url containing a
959              username. This is probably most useful when  the  URL  is  being
960              provided at run-time or similar.
961
962              Example:
963               curl --disallow-username-in-url https://example.com
964
965              See also --proto. Added in 7.61.0.
966
967       --dns-interface <interface>
968              (DNS)  Tell  curl  to send outgoing DNS requests through <inter‐
969              face>. This option is a counterpart to --interface  (which  does
970              not  affect  DNS). The supplied string must be an interface name
971              (not an address).
972
973              Example:
974               curl --dns-interface eth0 https://example.com
975
976              See also --dns-ipv4-addr  and  --dns-ipv6-addr.  --dns-interface
977              requires  that  the  underlying  libcurl was built to support c-
978              ares. Added in 7.33.0.
979
980       --dns-ipv4-addr <address>
981              (DNS) Tell curl to bind to <ip-address> when making IPv4 DNS re‐
982              quests,  so  that  the DNS requests originate from this address.
983              The argument should be a single IPv4 address.
984
985              If this option is used several times, the last one will be used.
986
987              Example:
988               curl --dns-ipv4-addr 10.1.2.3 https://example.com
989
990              See also --dns-interface  and  --dns-ipv6-addr.  --dns-ipv4-addr
991              requires  that  the  underlying  libcurl was built to support c-
992              ares. Added in 7.33.0.
993
994       --dns-ipv6-addr <address>
995              (DNS) Tell curl to bind to <ip-address> when making IPv6 DNS re‐
996              quests,  so  that  the DNS requests originate from this address.
997              The argument should be a single IPv6 address.
998
999              If this option is used several times, the last one will be used.
1000
1001              Example:
1002               curl --dns-ipv6-addr 2a04:4e42::561 https://example.com
1003
1004              See also --dns-interface  and  --dns-ipv4-addr.  --dns-ipv6-addr
1005              requires  that  the  underlying  libcurl was built to support c-
1006              ares. Added in 7.33.0.
1007
1008       --dns-servers <addresses>
1009              Set the list of DNS servers to be used instead of the system de‐
1010              fault.   The  list of IP addresses should be separated with com‐
1011              mas. Port numbers may also optionally be given as :<port-number>
1012              after each IP address.
1013
1014              If this option is used several times, the last one will be used.
1015
1016              Example:
1017               curl --dns-servers 192.168.0.1,192.168.0.2 https://example.com
1018
1019              See  also --dns-interface and --dns-ipv4-addr. --dns-servers re‐
1020              quires that the underlying libcurl was built to support  c-ares.
1021              Added in 7.33.0.
1022
1023       --doh-cert-status
1024              Same as --cert-status but used for DoH (DNS-over-HTTPS).
1025
1026              Example:
1027               curl --doh-cert-status --doh-url https://doh.example https://example.com
1028
1029              See also --doh-insecure. Added in 7.76.0.
1030
1031       --doh-insecure
1032              Same as --insecure but used for DoH (DNS-over-HTTPS).
1033
1034              Example:
1035               curl --doh-insecure --doh-url https://doh.example https://example.com
1036
1037              See also --doh-url. Added in 7.76.0.
1038
1039       --doh-url <URL>
1040              Specifies  which  DNS-over-HTTPS  (DoH) server to use to resolve
1041              hostnames, instead of using the default name resolver mechanism.
1042              The URL must be HTTPS.
1043
1044              Some  SSL  options  that you set for your transfer will apply to
1045              DoH since the name lookups take place  over  SSL.  However,  the
1046              certificate  verification  settings are not inherited and can be
1047              controlled separately via --doh-insecure and --doh-cert-status.
1048
1049              If this option is used several times, the last one will be used.
1050
1051              Example:
1052               curl --doh-url https://doh.example https://example.com
1053
1054              See also --doh-insecure. Added in 7.62.0.
1055
1056       -D, --dump-header <filename>
1057              (HTTP FTP) Write the received protocol headers to the  specified
1058              file.  If  no  headers are received, the use of this option will
1059              create an empty file.
1060
1061              When used in FTP, the FTP server response lines  are  considered
1062              being "headers" and thus are saved there.
1063
1064              If this option is used several times, the last one will be used.
1065
1066              Example:
1067               curl --dump-header store.txt https://example.com
1068
1069              See also -o, --output.
1070
1071       --egd-file <file>
1072              (TLS)  Specify  the  path  name  to the Entropy Gathering Daemon
1073              socket. The socket is used to seed the  random  engine  for  SSL
1074              connections.
1075
1076              Example:
1077               curl --egd-file /random/here https://example.com
1078
1079              See also --random-file.
1080
1081       --engine <name>
1082              (TLS)  Select the OpenSSL crypto engine to use for cipher opera‐
1083              tions. Use --engine list to print a list of build-time supported
1084              engines.  Note  that  not all (and possibly none) of the engines
1085              may be available at run-time.
1086
1087              Example:
1088               curl --engine flavor https://example.com
1089
1090              See also --ciphers and --curves.
1091
1092       --etag-compare <file>
1093              (HTTP) This option makes a conditional HTTP request for the spe‐
1094              cific ETag read from the given file by sending a custom If-None-
1095              Match header using the stored ETag.
1096
1097              For correct results, make sure that the specified file  contains
1098              only  a  single  line  with  the  desired ETag. An empty file is
1099              parsed as an empty ETag.
1100
1101              Use the option --etag-save to first save the  ETag  from  a  re‐
1102              sponse,  and  then  use this option to compare against the saved
1103              ETag in a subsequent request.
1104
1105              Example:
1106               curl --etag-compare etag.txt https://example.com
1107
1108              See also --etag-save and -z, --time-cond. Added in 7.68.0.
1109
1110       --etag-save <file>
1111              (HTTP) This option saves an HTTP ETag to the specified file.  An
1112              ETag  is  a  caching  related  header, usually returned in a re‐
1113              sponse.
1114
1115              If no ETag is sent by the server, an empty file is created.
1116
1117              Example:
1118               curl --etag-save storetag.txt https://example.com
1119
1120              See also --etag-compare. Added in 7.68.0.
1121
1122       --expect100-timeout <seconds>
1123              (HTTP) Maximum time in seconds that you allow curl to wait for a
1124              100-continue  response  when curl emits an Expects: 100-continue
1125              header in its request. By default curl  will  wait  one  second.
1126              This  option accepts decimal values! When curl stops waiting, it
1127              will continue as if the response has been received.
1128
1129              Example:
1130               curl --expect100-timeout 2.5 -T file https://example.com
1131
1132              See also --connect-timeout. Added in 7.47.0.
1133
1134       --fail-early
1135              Fail and exit on the first detected transfer error.
1136
1137              When curl is used to do multiple transfers on the command  line,
1138              it will attempt to operate on each given URL, one by one. By de‐
1139              fault, it will ignore errors if there are more  URLs  given  and
1140              the  last  URL's  success will determine the error code curl re‐
1141              turns. So early failures will be "hidden" by subsequent success‐
1142              ful transfers.
1143
1144              Using  this  option,  curl  will  instead return an error on the
1145              first transfer that fails, independent of  the  amount  of  URLs
1146              that  are given on the command line. This way, no transfer fail‐
1147              ures go undetected by scripts and similar.
1148
1149              This option is global and does not need to be specified for each
1150              use of -:, --next.
1151
1152              This option does not imply -f, --fail, which causes transfers to
1153              fail due to the server's HTTP status code. You can  combine  the
1154              two  options, however note --fail is not global and is therefore
1155              contained by -:, --next.
1156
1157              Example:
1158               curl --fail-early https://example.com https://two.example
1159
1160              See also -f, --fail and --fail-with-body. Added in 7.52.0.
1161
1162       --fail-with-body
1163              (HTTP) Return an error on server errors where the HTTP  response
1164              code  is  400  or  greater). In normal cases when an HTTP server
1165              fails to deliver a document, it returns an HTML document stating
1166              so  (which  often  also  describes why and more). This flag will
1167              still allow curl to output and save that content but also to re‐
1168              turn error 22.
1169
1170              This  is  an  alternative option to --fail which makes curl fail
1171              for the same circumstances but without saving the content.
1172
1173              Example:
1174               curl --fail-with-body https://example.com
1175
1176              See also -f, --fail. Added in 7.76.0.
1177
1178       -f, --fail
1179              (HTTP) Fail silently (no output at all) on server  errors.  This
1180              is  mostly done to enable scripts etc to better deal with failed
1181              attempts. In normal cases when an HTTP server fails to deliver a
1182              document,  it  returns  an HTML document stating so (which often
1183              also describes why and more). This flag will prevent  curl  from
1184              outputting that and return error 22.
1185
1186              This  method is not fail-safe and there are occasions where non-
1187              successful response codes will slip through, especially when au‐
1188              thentication is involved (response codes 401 and 407).
1189
1190              Example:
1191               curl --fail https://example.com
1192
1193              See also --fail-with-body.
1194
1195       --false-start
1196              (TLS)  Tells  curl  to use false start during the TLS handshake.
1197              False start is a mode where a TLS client will start sending  ap‐
1198              plication  data  before verifying the server's Finished message,
1199              thus saving a round trip when performing a full handshake.
1200
1201              This is currently only implemented in the NSS and Secure  Trans‐
1202              port (on iOS 7.0 or later, or OS X 10.9 or later) backends.
1203
1204              Example:
1205               curl --false-start https://example.com
1206
1207              See also --tcp-fastopen. Added in 7.42.0.
1208
1209       --form-escape
1210              (HTTP)  Tells curl to pass on names of multipart form fields and
1211              files using backslash-escaping instead of percent-encoding.
1212
1213              Example:
1214               curl --form-escape --form 'field\name=curl' 'file=@load"this' https://example.com
1215
1216              See also -F, --form. Added in 7.81.0.
1217
1218       --form-string <name=string>
1219              (HTTP SMTP IMAP) Similar to --form except that the value  string
1220              for  the  named parameter is used literally. Leading '@' and '<'
1221              characters, and the ';type=' string in the value have no special
1222              meaning.  Use this in preference to --form if there's any possi‐
1223              bility that the string value may accidentally trigger the '@' or
1224              '<' features of -F, --form.
1225
1226              Example:
1227               curl --form-string "data" https://example.com
1228
1229              See also -F, --form.
1230
1231       -F, --form <name=content>
1232              (HTTP  SMTP  IMAP) For HTTP protocol family, this lets curl emu‐
1233              late a filled-in form in which a user  has  pressed  the  submit
1234              button.  This  causes  curl  to POST data using the Content-Type
1235              multipart/form-data according to RFC 2388.
1236
1237              For SMTP and IMAP protocols, this is the means to compose a mul‐
1238              tipart mail message to transmit.
1239
1240              This  enables  uploading of binary files etc. To force the 'con‐
1241              tent' part to be a file, prefix the file name with an @ sign. To
1242              just get the content part from a file, prefix the file name with
1243              the symbol <. The difference between @ and  <  is  then  that  @
1244              makes  a  file  get attached in the post as a file upload, while
1245              the < makes a text field and just get the contents for that text
1246              field from a file.
1247
1248              Tell  curl to read content from stdin instead of a file by using
1249              - as filename. This goes for both @ and < constructs. When stdin
1250              is used, the contents is buffered in memory first by curl to de‐
1251              termine its size and allow a possible resend. Defining a  part's
1252              data from a named non-regular file (such as a named pipe or sim‐
1253              ilar) is unfortunately not subject to buffering and will be  ef‐
1254              fectively  read at transmission time; since the full size is un‐
1255              known before the transfer starts, such data is sent as chunks by
1256              HTTP and rejected by IMAP.
1257
1258              Example: send an image to an HTTP server, where 'profile' is the
1259              name of the form-field to which the file  portrait.jpg  will  be
1260              the input:
1261
1262               curl -F profile=@portrait.jpg https://example.com/upload.cgi
1263
1264              Example:  send your name and shoe size in two text fields to the
1265              server:
1266
1267               curl -F name=John -F shoesize=11 https://example.com/
1268
1269              Example: send your essay in a text field to the server. Send  it
1270              as  a plain text field, but get the contents for it from a local
1271              file:
1272
1273               curl -F "story=<hugefile.txt" https://example.com/
1274
1275              You can also  tell  curl  what  Content-Type  to  use  by  using
1276              'type=', in a manner similar to:
1277
1278               curl -F "web=@index.html;type=text/html" example.com
1279
1280              or
1281
1282               curl -F "name=daniel;type=text/foo" example.com
1283
1284              You  can  also explicitly change the name field of a file upload
1285              part by setting filename=, like this:
1286
1287               curl -F "file=@localfile;filename=nameinpost" example.com
1288
1289              If filename/path contains ',' or ';', it must be quoted by  dou‐
1290              ble-quotes like:
1291
1292               curl -F "file=@\"local,file\";filename=\"name;in;post\"" example.com
1293
1294              or
1295
1296               curl -F 'file=@"local,file";filename="name;in;post"' example.com
1297
1298              Note  that  if  a  filename/path is quoted by double-quotes, any
1299              double-quote or backslash within the filename must be escaped by
1300              backslash.
1301
1302              Quoting  must  also  be  applied to non-file data if it contains
1303              semicolons, leading/trailing spaces or leading double quotes:
1304
1305               curl -F 'colors="red; green; blue";type=text/x-myapp' example.com
1306
1307              You can add custom headers to the  field  by  setting  headers=,
1308              like
1309
1310                curl -F "submit=OK;headers=\"X-submit-type: OK\"" example.com
1311
1312              or
1313
1314                curl -F "submit=OK;headers=@headerfile" example.com
1315
1316              The  headers=  keyword may appear more that once and above notes
1317              about quoting apply. When headers are read from  a  file,  Empty
1318              lines and lines starting with '#' are comments and ignored; each
1319              header can be folded by splitting between two words and starting
1320              the  continuation  line  with a space; embedded carriage-returns
1321              and trailing spaces are stripped.   Here  is  an  example  of  a
1322              header file contents:
1323
1324                # This file contain two headers.
1325                X-header-1: this is a header
1326
1327                # The following header is folded.
1328                X-header-2: this is
1329                 another header
1330
1331              To  support  sending  multipart mail messages, the syntax is ex‐
1332              tended as follows:
1333              - name can be omitted: the equal sign is the first character  of
1334              the argument,
1335              -  if  data  starts with '(', this signals to start a new multi‐
1336              part: it can be followed by a content type specification.
1337              - a multipart can be terminated with a '=)' argument.
1338
1339              Example: the following command sends an SMTP mime email consist‐
1340              ing in an inline part in two alternative formats: plain text and
1341              HTML. It attaches a text file:
1342
1343               curl -F '=(;type=multipart/alternative' \
1344                    -F '=plain text message' \
1345                    -F '= <body>HTML message</body>;type=text/html' \
1346                    -F '=)' -F '=@textfile.txt' ...  smtp://example.com
1347
1348              Data can be encoded for transfer using encoder=.  Available  en‐
1349              codings are binary and 8bit that do nothing else than adding the
1350              corresponding Content-Transfer-Encoding header, 7bit  that  only
1351              rejects 8-bit characters with a transfer error, quoted-printable
1352              and base64 that encodes  data  according  to  the  corresponding
1353              schemes, limiting lines length to 76 characters.
1354
1355              Example:  send  multipart mail with a quoted-printable text mes‐
1356              sage and a base64 attached file:
1357
1358               curl -F '=text message;encoder=quoted-printable' \
1359                    -F '=@localfile;encoder=base64' ... smtp://example.com
1360
1361              See further examples and details in the MANUAL.
1362
1363              This option can be used multiple times.
1364
1365              Example:
1366               curl --form "name=curl" --form "file=@loadthis" https://example.com
1367
1368              See also -d, --data, --form-string and --form-escape.  This  op‐
1369              tion overrides -d, --data and -I, --head and -T, --upload-file.
1370
1371       --ftp-account <data>
1372              (FTP) When an FTP server asks for "account data" after user name
1373              and password has been provided, this data is sent off using  the
1374              ACCT command.
1375
1376              If this option is used several times, the last one will be used.
1377
1378              Example:
1379               curl --ftp-account "mr.robot" ftp://example.com/
1380
1381              See also -u, --user.
1382
1383       --ftp-alternative-to-user <command>
1384              (FTP)  If  authenticating with the USER and PASS commands fails,
1385              send this  command.   When  connecting  to  Tumbleweed's  Secure
1386              Transport  server  over  FTPS  using a client certificate, using
1387              "SITE AUTH" will tell the server to retrieve the  username  from
1388              the certificate.
1389
1390              Example:
1391               curl --ftp-alternative-to-user "U53r" ftp://example.com
1392
1393              See also --ftp-account and -u, --user.
1394
1395       --ftp-create-dirs
1396              (FTP  SFTP)  When  an FTP or SFTP URL/operation uses a path that
1397              does not currently exist on the server, the standard behavior of
1398              curl is to fail. Using this option, curl will instead attempt to
1399              create missing directories.
1400
1401              Example:
1402               curl --ftp-create-dirs -T file ftp://example.com/remote/path/file
1403
1404              See also --create-dirs.
1405
1406       --ftp-method <method>
1407              (FTP) Control what method curl should use to reach a file on  an
1408              FTP(S)  server. The method argument should be one of the follow‐
1409              ing alternatives:
1410
1411              multicwd
1412                     curl does a single CWD operation for each  path  part  in
1413                     the  given URL. For deep hierarchies this means many com‐
1414                     mands. This is how RFC 1738 says it should be done.  This
1415                     is the default but the slowest behavior.
1416
1417              nocwd  curl  does  no  CWD at all. curl will do SIZE, RETR, STOR
1418                     etc and give a full path to the server for all these com‐
1419                     mands. This is the fastest behavior.
1420
1421              singlecwd
1422                     curl does one CWD with the full target directory and then
1423                     operates on the file "normally"  (like  in  the  multicwd
1424                     case).  This  is  somewhat  more standards compliant than
1425                     'nocwd' but without the full penalty of 'multicwd'.
1426
1427       Examples:
1428        curl --ftp-method multicwd ftp://example.com/dir1/dir2/file
1429        curl --ftp-method nocwd ftp://example.com/dir1/dir2/file
1430        curl --ftp-method singlecwd ftp://example.com/dir1/dir2/file
1431
1432       See also -l, --list-only.
1433
1434       --ftp-pasv
1435              (FTP) Use passive mode for the data connection. Passive  is  the
1436              internal  default behavior, but using this option can be used to
1437              override a previous --ftp-port option.
1438
1439              If this option is used several times,  only  the  first  one  is
1440              used.  Undoing  an enforced passive really is not doable but you
1441              must then instead enforce the correct --ftp-port again.
1442
1443              Passive mode means that curl will try the EPSV command first and
1444              then PASV, unless --disable-epsv is used.
1445
1446              Example:
1447               curl --ftp-pasv ftp://example.com/
1448
1449              See also --disable-epsv.
1450
1451       -P, --ftp-port <address>
1452              (FTP)  Reverses  the  default initiator/listener roles when con‐
1453              necting with FTP. This option makes curl use active  mode.  curl
1454              then  tells the server to connect back to the client's specified
1455              address and port, while passive mode asks the server to setup an
1456              IP  address  and  port for it to connect to. <address> should be
1457              one of:
1458
1459              interface
1460                     e.g. "eth0" to specify which interface's IP  address  you
1461                     want to use (Unix only)
1462
1463              IP address
1464                     e.g. "192.168.10.1" to specify the exact IP address
1465
1466              host name
1467                     e.g. "my.host.domain" to specify the machine
1468
1469              -      make  curl  pick the same IP address that is already used
1470                     for the control connection
1471
1472       If this option is used several times, the last one will be  used.  Dis‐
1473       able  the  use  of PORT with --ftp-pasv. Disable the attempt to use the
1474       EPRT command instead of PORT by using --disable-eprt.  EPRT  is  really
1475       PORT++.
1476
1477       You  can  also  append ":[start]-[end]" to the right of the address, to
1478       tell curl what TCP port range to use. That means  you  specify  a  port
1479       range,  from a lower to a higher number. A single number works as well,
1480       but do note that it increases the risk of failure since  the  port  may
1481       not be available.
1482
1483
1484       Examples:
1485        curl -P - ftp:/example.com
1486        curl -P eth0 ftp:/example.com
1487        curl -P 192.168.0.2 ftp:/example.com
1488
1489       See also --ftp-pasv and --disable-eprt.
1490
1491       --ftp-pret
1492              (FTP)  Tell  curl to send a PRET command before PASV (and EPSV).
1493              Certain FTP servers, mainly drftpd,  require  this  non-standard
1494              command  for  directory  listings as well as up and downloads in
1495              PASV mode.
1496
1497              Example:
1498               curl --ftp-pret ftp://example.com/
1499
1500              See also -P, --ftp-port and --ftp-pasv.
1501
1502       --ftp-skip-pasv-ip
1503              (FTP) Tell curl to not use the IP address the server suggests in
1504              its  response to curl's PASV command when curl connects the data
1505              connection. Instead curl will re-use the same IP address it  al‐
1506              ready uses for the control connection.
1507
1508              Since curl 7.74.0 this option is enabled by default.
1509
1510              This  option has no effect if PORT, EPRT or EPSV is used instead
1511              of PASV.
1512
1513              Example:
1514               curl --ftp-skip-pasv-ip ftp://example.com/
1515
1516              See also --ftp-pasv.
1517
1518       --ftp-ssl-ccc-mode <active/passive>
1519              (FTP) Sets the CCC mode. The passive mode will not initiate  the
1520              shutdown, but instead wait for the server to do it, and will not
1521              reply to the shutdown from the server. The active mode initiates
1522              the shutdown and waits for a reply from the server.
1523
1524              Example:
1525               curl --ftp-ssl-ccc-mode active --ftp-ssl-ccc ftps://example.com/
1526
1527              See also --ftp-ssl-ccc.
1528
1529       --ftp-ssl-ccc
1530              (FTP)  Use  CCC  (Clear  Command Channel) Shuts down the SSL/TLS
1531              layer after authenticating. The rest of the control channel com‐
1532              munication  will be unencrypted. This allows NAT routers to fol‐
1533              low the FTP transaction. The default mode is passive.
1534
1535              Example:
1536               curl --ftp-ssl-ccc ftps://example.com/
1537
1538              See also --ssl and --ftp-ssl-ccc-mode.
1539
1540       --ftp-ssl-control
1541              (FTP) Require SSL/TLS for the FTP  login,  clear  for  transfer.
1542              Allows  secure  authentication, but non-encrypted data transfers
1543              for efficiency.  Fails the transfer if the server does not  sup‐
1544              port SSL/TLS.
1545
1546              Example:
1547               curl --ftp-ssl-control ftp://example.com
1548
1549              See also --ssl.
1550
1551       -G, --get
1552              When  used,  this  option  will make all data specified with -d,
1553              --data, --data-binary or --data-urlencode to be used in an  HTTP
1554              GET  request instead of the POST request that otherwise would be
1555              used. The data will be appended to the URL with a '?' separator.
1556
1557              If used in combination with -I, --head, the POST data  will  in‐
1558              stead be appended to the URL with a HEAD request.
1559
1560              If  this  option  is  used  several times, only the first one is
1561              used. This is because undoing a GET does not make sense, but you
1562              should then instead enforce the alternative method you prefer.
1563
1564              Examples:
1565               curl --get https://example.com
1566               curl --get -d "tool=curl" -d "age=old" https://example.com
1567               curl --get -I -d "tool=curl" https://example.com
1568
1569              See also -d, --data and -X, --request.
1570
1571       -g, --globoff
1572              This option switches off the "URL globbing parser". When you set
1573              this option, you can specify URLs that contain the letters  {}[]
1574              without  having curl itself interpret them. Note that these let‐
1575              ters are not normal legal URL contents but they  should  be  en‐
1576              coded according to the URI standard.
1577
1578              Example:
1579               curl -g "https://example.com/{[]}}}}"
1580
1581              See also -K, --config and -q, --disable.
1582
1583       --happy-eyeballs-timeout-ms <milliseconds>
1584              Happy  Eyeballs is an algorithm that attempts to connect to both
1585              IPv4 and IPv6 addresses for  dual-stack  hosts,  giving  IPv6  a
1586              head-start  of the specified number of milliseconds. If the IPv6
1587              address cannot be connected to within that time, then a  connec‐
1588              tion  attempt is made to the IPv4 address in parallel. The first
1589              connection to be established is the one that is used.
1590
1591              The range of suggested useful values is limited. Happy  Eyeballs
1592              RFC  6555  says  "It  is RECOMMENDED that connection attempts be
1593              paced 150-250 ms apart to balance human factors against  network
1594              load."  libcurl currently defaults to 200 ms. Firefox and Chrome
1595              currently default to 300 ms.
1596
1597              If this option is used several times, the last one will be used.
1598
1599              Example:
1600               curl --happy-eyeballs-timeout-ms 500 https://example.com
1601
1602              See also -m, --max-time and --connect-timeout. Added in 7.59.0.
1603
1604       --haproxy-protocol
1605              (HTTP) Send a HAProxy PROXY protocol v1 header at the  beginning
1606              of  the  connection. This is used by some load balancers and re‐
1607              verse proxies to indicate the client's true IP address and port.
1608
1609              This option is primarily useful when sending test requests to  a
1610              service that expects this header.
1611
1612              Example:
1613               curl --haproxy-protocol https://example.com
1614
1615              See also -x, --proxy. Added in 7.60.0.
1616
1617       -I, --head
1618              (HTTP FTP FILE) Fetch the headers only! HTTP-servers feature the
1619              command HEAD which this uses to get nothing but the header of  a
1620              document.  When  used  on an FTP or FILE file, curl displays the
1621              file size and last modification time only.
1622
1623              Example:
1624               curl -I https://example.com
1625
1626              See also -G, --get, -v, --verbose and --trace-ascii.
1627
1628       -H, --header <header/@file>
1629              (HTTP) Extra header to include in the request when sending  HTTP
1630              to  a  server. You may specify any number of extra headers. Note
1631              that if you should add a custom header that has the same name as
1632              one  of  the  internal  ones curl would use, your externally set
1633              header will be used instead of the internal one. This allows you
1634              to  make  even  trickier  stuff than curl would normally do. You
1635              should not replace internally set headers without  knowing  per‐
1636              fectly  well  what  you  are doing. Remove an internal header by
1637              giving a replacement without content on the right  side  of  the
1638              colon, as in: -H "Host:". If you send the custom header with no-
1639              value then its header must be terminated with a semicolon,  such
1640              as -H "X-Custom-Header;" to send "X-Custom-Header:".
1641
1642              curl  will  make  sure  that each header you add/replace is sent
1643              with the proper end-of-line marker, you should thus not add that
1644              as a part of the header content: do not add newlines or carriage
1645              returns, they will only mess things up for you.
1646
1647              This option can take an argument in @filename style, which  then
1648              adds  a  header  for  each line in the input file. Using @- will
1649              make curl read the header file from stdin. Added in 7.55.0.
1650
1651              You need --proxy-header to send custom headers  intended  for  a
1652              HTTP proxy. Added in 7.37.0.
1653
1654              Passing  on  a  "Transfer-Encoding: chunked" header when doing a
1655              HTTP request with a request body, will make curl send  the  data
1656              using chunked encoding.
1657
1658              WARNING:  headers  set  with  this option will be set in all re‐
1659              quests - even after redirects are followed, like when told  with
1660              -L,  --location. This can lead to the header being sent to other
1661              hosts than the original host, so  sensitive  headers  should  be
1662              used with caution combined with following redirects.
1663
1664              This  option  can  be  used multiple times to add/replace/remove
1665              multiple headers.
1666
1667              Examples:
1668               curl -H "X-First-Name: Joe" https://example.com
1669               curl -H "User-Agent: yes-please/2000" https://example.com
1670               curl -H "Host:" https://example.com
1671
1672              See also -A, --user-agent and -e, --referer.
1673
1674       -h, --help <category>
1675              Usage help. This lists all commands of the  <category>.   If  no
1676              arg  was  provided, curl will display the most important command
1677              line arguments.  If the argument "all" was provided,  curl  will
1678              display  all  options available.  If the argument "category" was
1679              provided, curl will display all categories and their meanings.
1680
1681              Example:
1682               curl --help all
1683
1684              See also -v, --verbose.
1685
1686       --hostpubmd5 <md5>
1687              (SFTP SCP) Pass a string containing 32 hexadecimal  digits.  The
1688              string  should  be the 128 bit MD5 checksum of the remote host's
1689              public key, curl will refuse the connection with the host unless
1690              the md5sums match.
1691
1692              Example:
1693               curl --hostpubmd5 e5c1c49020640a5ab0f2034854c321a8 sftp://example.com/
1694
1695              See also --hostpubsha256.
1696
1697       --hostpubsha256 <sha256>
1698              (SFTP SCP) Pass a string containing a Base64-encoded SHA256 hash
1699              of the remote host's public key. Curl will refuse the connection
1700              with the host unless the hashes match.
1701
1702              Example:
1703               curl --hostpubsha256 NDVkMTQxMGQ1ODdmMjQ3MjczYjAyOTY5MmRkMjVmNDQ= sftp://example.com/
1704
1705              See also --hostpubmd5. Added in 7.80.0.
1706
1707       --hsts <file name>
1708              (HTTPS)  This  option enables HSTS for the transfer. If the file
1709              name points to an existing HSTS cache file, that will  be  used.
1710              After  a completed transfer, the cache will be saved to the file
1711              name again if it has been modified.
1712
1713              Specify a "" file name (zero length) to avoid loading/saving and
1714              make curl just handle HSTS in memory.
1715
1716              If  this  option  is used several times, curl will load contents
1717              from all the files but the last one will be used for saving.
1718
1719              Example:
1720               curl --hsts cache.txt https://example.com
1721
1722              See also --proto. Added in 7.74.0.
1723
1724       --http0.9
1725              (HTTP) Tells curl to be fine with HTTP version 0.9 response.
1726
1727              HTTP/0.9 is a completely headerless response and  therefore  you
1728              can  also  connect with this to non-HTTP servers and still get a
1729              response since curl will simply transparently downgrade - if al‐
1730              lowed.
1731
1732              Since curl 7.66.0, HTTP/0.9 is disabled by default.
1733
1734              Example:
1735               curl --http0.9 https://example.com
1736
1737              See also --http1.1, --http2 and --http3. Added in 7.64.0.
1738
1739       -0, --http1.0
1740              (HTTP)  Tells  curl to use HTTP version 1.0 instead of using its
1741              internally preferred HTTP version.
1742
1743              Example:
1744               curl --http1.0 https://example.com
1745
1746              See  also  --http0.9  and  --http1.1.  This   option   overrides
1747              --http1.1 and --http2 and --http2-prior-knowledge and --http3.
1748
1749       --http1.1
1750              (HTTP) Tells curl to use HTTP version 1.1.
1751
1752              Example:
1753               curl --http1.1 https://example.com
1754
1755              See  also -0, --http1.0 and --http0.9. This option overrides -0,
1756              --http1.0 and --http2 and --http2-prior-knowledge  and  --http3.
1757              Added in 7.33.0.
1758
1759       --http2-prior-knowledge
1760              (HTTP)  Tells  curl  to  issue  its  non-TLS HTTP requests using
1761              HTTP/2 without HTTP/1.1 Upgrade.  It  requires  prior  knowledge
1762              that  the  server  supports HTTP/2 straight away. HTTPS requests
1763              will still do HTTP/2 the standard way with  negotiated  protocol
1764              version in the TLS handshake.
1765
1766              Example:
1767               curl --http2-prior-knowledge https://example.com
1768
1769              See  also  --http2 and --http3. --http2-prior-knowledge requires
1770              that the underlying libcurl was built to  support  HTTP/2.  This
1771              option  overrides  --http1.1  and  -0, --http1.0 and --http2 and
1772              --http3. Added in 7.49.0.
1773
1774       --http2
1775              (HTTP) Tells curl to use HTTP version 2.
1776
1777              For HTTPS, this means curl will attempt to negotiate  HTTP/2  in
1778              the TLS handshake. curl does this by default.
1779
1780              For HTTP, this means curl will attempt to upgrade the request to
1781              HTTP/2 using the Upgrade: request header.
1782
1783              When curl uses HTTP/2 over HTTPS, it does not itself  insist  on
1784              TLS 1.2 or higher even though that is required by the specifica‐
1785              tion. A user can add this version requirement with --tlsv1.2.
1786
1787              Example:
1788               curl --http2 https://example.com
1789
1790              See also --http1.1 and --http3. --http2 requires that the under‐
1791              lying libcurl was built to support HTTP/2. This option overrides
1792              --http1.1 and  -0,  --http1.0  and  --http2-prior-knowledge  and
1793              --http3. Added in 7.33.0.
1794
1795       --http3
1796              (HTTP)  WARNING: this option is experimental. Do not use in pro‐
1797              duction.
1798
1799              Tells curl to use HTTP version 3 directly to the host  and  port
1800              number used in the URL. A normal HTTP/3 transaction will be done
1801              to a host and then get redirected via Alt-Svc, but  this  option
1802              allows  a  user to circumvent that when you know that the target
1803              speaks HTTP/3 on the given host and port.
1804
1805              This option will make curl fail if a QUIC connection  cannot  be
1806              established,  it cannot fall back to a lower HTTP version on its
1807              own.
1808
1809              Example:
1810               curl --http3 https://example.com
1811
1812              See also --http1.1 and --http2. --http3 requires that the under‐
1813              lying libcurl was built to support HTTP/3. This option overrides
1814              --http1.1 and -0, --http1.0 and --http2 and --http2-prior-knowl‐
1815              edge. Added in 7.66.0.
1816
1817       --ignore-content-length
1818              (FTP  HTTP)  For HTTP, Ignore the Content-Length header. This is
1819              particularly useful for servers running Apache 1.x,  which  will
1820              report  incorrect  Content-Length  for files larger than 2 giga‐
1821              bytes.
1822
1823              For FTP (since 7.46.0), skip the RETR command to figure out  the
1824              size before downloading a file.
1825
1826              This  option  does not work for HTTP if libcurl was built to use
1827              hyper.
1828
1829              Example:
1830               curl --ignore-content-length https://example.com
1831
1832              See also --ftp-skip-pasv-ip.
1833
1834       -i, --include
1835              Include the HTTP response headers in the output.  The  HTTP  re‐
1836              sponse  headers  can  include  things like server name, cookies,
1837              date of the document, HTTP version and more...
1838
1839              To view the request headers, consider the --verbose option.
1840
1841              Example:
1842               curl -i https://example.com
1843
1844              See also -v, --verbose.
1845
1846       -k, --insecure
1847              (TLS SFTP SCP) By default, every secure connection curl makes is
1848              verified  to be secure before the transfer takes place. This op‐
1849              tion makes curl skip the verification step and  proceed  without
1850              checking.
1851
1852              When this option is not used for protocols using TLS, curl veri‐
1853              fies the server's TLS certificate before it continues: that  the
1854              certificate  contains the right name which matches the host name
1855              used in the URL and that the certificate has been signed by a CA
1856              certificate present in the cert store.  See this online resource
1857              for further details:
1858               https://curl.se/docs/sslcerts.html
1859
1860              For SFTP and SCP, this option makes curl  skip  the  known_hosts
1861              verification.   known_hosts  is  a  file  normally stored in the
1862              user's home directory in the .ssh subdirectory,  which  contains
1863              host names and their public keys.
1864
1865              WARNING: using this option makes the transfer insecure.
1866
1867              Example:
1868               curl --insecure https://example.com
1869
1870              See also --proxy-insecure, --cacert and --capath.
1871
1872       --interface <name>
1873              Perform  an operation using a specified interface. You can enter
1874              interface name, IP address or host name. An example  could  look
1875              like:
1876
1877               curl --interface eth0:1 https://www.example.com/
1878
1879              If this option is used several times, the last one will be used.
1880
1881              On  Linux  it can be used to specify a VRF, but the binary needs
1882              to either have CAP_NET_RAW or to be run as root.  More  informa‐
1883              tion   about  Linux  VRF:  https://www.kernel.org/doc/Documenta
1884              tion/networking/vrf.txt
1885
1886              Example:
1887               curl --interface eth0 https://example.com
1888
1889              See also --dns-interface.
1890
1891       -4, --ipv4
1892              This option tells curl to resolve names to IPv4 addresses  only,
1893              and not for example try IPv6.
1894
1895              Example:
1896               curl --ipv4 https://example.com
1897
1898              See  also  --http1.1  and  --http2.  This  option  overrides -6,
1899              --ipv6.
1900
1901       -6, --ipv6
1902              This option tells curl to resolve names to IPv6 addresses  only,
1903              and not for example try IPv4.
1904
1905              Example:
1906               curl --ipv6 https://example.com
1907
1908              See  also  --http1.1  and  --http2.  This  option  overrides -4,
1909              --ipv4.
1910
1911       --json <data>
1912              (HTTP) Sends the specified JSON data in a POST  request  to  the
1913              HTTP  server.  --json  works  as a shortcut for passing on these
1914              three options:
1915
1916               --data [arg]
1917               --header "Content-Type: application/json"
1918               --header "Accept: application/json"
1919
1920              There is no verification that the passed in data is actual  JSON
1921              or that the syntax is correct.
1922
1923              If  you  start  the data with the letter @, the rest should be a
1924              file name to read the data from, or a single  dash  (-)  if  you
1925              want  curl to read the data from stdin. Posting data from a file
1926              named 'foobar' would thus be done with --json @foobar and to in‐
1927              stead read the data from stdin, use --json @-.
1928
1929              If  this option is used more than once on the same command line,
1930              the additional data pieces will be concatenated to the  previous
1931              before sending.
1932
1933              The  headers  this option sets can be overriden with --header as
1934              usual.
1935
1936              Examples:
1937               curl --json '{ "drink": "coffe" }' https://example.com
1938               curl --json '{ "drink":' --json ' "coffe" }' https://example.com
1939               curl --json @prepared https://example.com
1940               curl --json @- https://example.com < json.txt
1941
1942              See also --data-binary and --data-raw. This option overrides -F,
1943              --form and -I, --head and -T, --upload-file. Added in 7.82.0.
1944
1945       -j, --junk-session-cookies
1946              (HTTP) When curl is told to read cookies from a given file, this
1947              option will make it discard all "session cookies". This will ba‐
1948              sically  have  the  same  effect as if a new session is started.
1949              Typical browsers always discard session cookies  when  they  are
1950              closed down.
1951
1952              Example:
1953               curl --junk-session-cookies -b cookies.txt https://example.com
1954
1955              See also -b, --cookie and -c, --cookie-jar.
1956
1957       --keepalive-time <seconds>
1958              This  option sets the time a connection needs to remain idle be‐
1959              fore sending keepalive probes and the  time  between  individual
1960              keepalive probes. It is currently effective on operating systems
1961              offering  the  TCP_KEEPIDLE  and  TCP_KEEPINTVL  socket  options
1962              (meaning  Linux, recent AIX, HP-UX and more). This option has no
1963              effect if --no-keepalive is used.
1964
1965              If this option is used several times, the last one will be used.
1966              If unspecified, the option defaults to 60 seconds.
1967
1968              Example:
1969               curl --keepalive-time 20 https://example.com
1970
1971              See also --no-keepalive and -m, --max-time.
1972
1973       --key-type <type>
1974              (TLS)  Private key file type. Specify which type your --key pro‐
1975              vided private key is. DER, PEM, and ENG are  supported.  If  not
1976              specified, PEM is assumed.
1977
1978              If this option is used several times, the last one will be used.
1979
1980              Example:
1981               curl --key-type DER --key here https://example.com
1982
1983              See also --key.
1984
1985       --key <key>
1986              (TLS SSH) Private key file name. Allows you to provide your pri‐
1987              vate key in this separate file. For SSH, if not specified,  curl
1988              tries   the  following  candidates  in  order:  '~/.ssh/id_rsa',
1989              '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
1990
1991              If curl is built against OpenSSL library, and the engine  pkcs11
1992              is available, then a PKCS#11 URI (RFC 7512) can be used to spec‐
1993              ify a private key located in a PKCS#11 device. A  string  begin‐
1994              ning  with  "pkcs11:" will be interpreted as a PKCS#11 URI. If a
1995              PKCS#11 URI is provided, then the --engine option will be set as
1996              "pkcs11"  if none was provided and the --key-type option will be
1997              set as "ENG" if none was provided.
1998
1999              If this option is used several times, the last one will be used.
2000
2001              Example:
2002               curl --cert certificate --key here https://example.com
2003
2004              See also --key-type and -E, --cert.
2005
2006       --krb <level>
2007              (FTP) Enable Kerberos authentication and use. The level must  be
2008              entered and should be one of 'clear', 'safe', 'confidential', or
2009              'private'. Should you use a level that  is  not  one  of  these,
2010              'private' will instead be used.
2011
2012              If this option is used several times, the last one will be used.
2013
2014              Example:
2015               curl --krb clear ftp://example.com/
2016
2017              See  also --delegation and --ssl. --krb requires that the under‐
2018              lying libcurl was built to support Kerberos.
2019
2020       --libcurl <file>
2021              Append this option to any ordinary curl command  line,  and  you
2022              will  get  libcurl-using  C source code written to the file that
2023              does the equivalent of what your command-line operation does!
2024
2025              This option is global and does not need to be specified for each
2026              use of -:, --next.
2027
2028              If  this  option is used several times, the last given file name
2029              will be used.
2030
2031              Example:
2032               curl --libcurl client.c https://example.com
2033
2034              See also -v, --verbose.
2035
2036       --limit-rate <speed>
2037              Specify the maximum transfer rate you want curl  to  use  -  for
2038              both downloads and uploads. This feature is useful if you have a
2039              limited pipe and you would like your transfer not  to  use  your
2040              entire bandwidth. To make it slower than it otherwise would be.
2041
2042              The  given speed is measured in bytes/second, unless a suffix is
2043              appended.  Appending 'k' or 'K' will count the number  as  kilo‐
2044              bytes,  'm' or 'M' makes it megabytes, while 'g' or 'G' makes it
2045              gigabytes. The suffixes (k, M, G, T, P) are 1024 based. For  ex‐
2046              ample 1k is 1024. Examples: 200K, 3m and 1G.
2047
2048              The rate limiting logic works on averaging the transfer speed to
2049              no more than the set threshold over a period  of  multiple  sec‐
2050              onds.
2051
2052              If  you also use the --speed-limit option, that option will take
2053              precedence and might cripple the rate-limiting slightly, to help
2054              keeping the speed-limit logic working.
2055
2056              If this option is used several times, the last one will be used.
2057
2058              Examples:
2059               curl --limit-rate 100K https://example.com
2060               curl --limit-rate 1000 https://example.com
2061               curl --limit-rate 10M https://example.com
2062
2063              See also -Y, --speed-limit and -y, --speed-time.
2064
2065       -l, --list-only
2066              (FTP  POP3)  (FTP)  When  listing  an FTP directory, this switch
2067              forces a name-only view. This is especially useful if  the  user
2068              wants  to  machine-parse  the contents of an FTP directory since
2069              the normal directory view does not use a standard look  or  for‐
2070              mat.  When  used like this, the option causes an NLST command to
2071              be sent to the server instead of LIST.
2072
2073              Note: Some FTP servers list only  files  in  their  response  to
2074              NLST; they do not include sub-directories and symbolic links.
2075
2076              (POP3)  When  retrieving a specific email from POP3, this switch
2077              forces a LIST command to be performed instead of RETR.  This  is
2078              particularly  useful if the user wants to see if a specific mes‐
2079              sage-id exists on the server and what size it is.
2080
2081              Note: When combined with -X, --request, this option can be  used
2082              to  send a UIDL command instead, so the user may use the email's
2083              unique identifier rather than its message-id  to  make  the  re‐
2084              quest.
2085
2086              Example:
2087               curl --list-only ftp://example.com/dir/
2088
2089              See also -Q, --quote and -X, --request.
2090
2091       --local-port <num/range>
2092              Set  a  preferred single number or range (FROM-TO) of local port
2093              numbers to use for the connection(s).  Note that port numbers by
2094              nature  are a scarce resource that will be busy at times so set‐
2095              ting this range to something too narrow might cause  unnecessary
2096              connection setup failures.
2097
2098              Example:
2099               curl --local-port 1000-3000 https://example.com
2100
2101              See also -g, --globoff.
2102
2103       --location-trusted
2104              (HTTP)  Like  -L,  --location, but will allow sending the name +
2105              password to all hosts that the site may redirect to. This may or
2106              may not introduce a security breach if the site redirects you to
2107              a site to which you will send your authentication info (which is
2108              plaintext in the case of HTTP Basic authentication).
2109
2110              Example:
2111               curl --location-trusted -u user:password https://example.com
2112
2113              See also -u, --user.
2114
2115       -L, --location
2116              (HTTP)  If  the server reports that the requested page has moved
2117              to a different location (indicated with a Location: header and a
2118              3XX  response code), this option will make curl redo the request
2119              on the new place. If used together with --include or -I, --head,
2120              headers from all requested pages will be shown. When authentica‐
2121              tion is used, curl only sends its  credentials  to  the  initial
2122              host.  If a redirect takes curl to a different host, it will not
2123              be able to intercept the  user+password.  See  also  --location-
2124              trusted on how to change this. You can limit the amount of redi‐
2125              rects to follow by using the --max-redirs option.
2126
2127              When curl follows a redirect and if the request is  a  POST,  it
2128              will  send the following request with a GET if the HTTP response
2129              was 301, 302, or 303. If the response code  was  any  other  3xx
2130              code, curl will re-send the following request using the same un‐
2131              modified method.
2132
2133              You can tell curl to not change POST requests to GET after a 30x
2134              response  by  using  the  dedicated options for that: --post301,
2135              --post302 and --post303.
2136
2137              The method set with --request overrides the  method  curl  would
2138              otherwise select to use.
2139
2140              Example:
2141               curl -L https://example.com
2142
2143              See also --resolve and --alt-svc.
2144
2145       --login-options <options>
2146              (IMAP  LDAP  POP3  SMTP) Specify the login options to use during
2147              server authentication.
2148
2149              You can use login options to specify protocol  specific  options
2150              that  may  be  used during authentication. At present only IMAP,
2151              POP3 and SMTP support login options. For more information  about
2152              login  options  please  see  RFC  2384,  RFC 5092 and IETF draft
2153              draft-earhart-url-smtp-00.txt
2154
2155              If this option is used several times, the last one will be used.
2156
2157              Example:
2158               curl --login-options 'AUTH=*' imap://example.com
2159
2160              See also -u, --user. Added in 7.34.0.
2161
2162       --mail-auth <address>
2163              (SMTP) Specify a single address. This will be  used  to  specify
2164              the  authentication  address  (identity)  of a submitted message
2165              that is being relayed to another server.
2166
2167              Example:
2168               curl --mail-auth user@example.come -T mail smtp://example.com/
2169
2170              See also --mail-rcpt and --mail-from.
2171
2172       --mail-from <address>
2173              (SMTP) Specify a single address that the given mail  should  get
2174              sent from.
2175
2176              Example:
2177               curl --mail-from user@example.com -T mail smtp://example.com/
2178
2179              See also --mail-rcpt and --mail-auth.
2180
2181       --mail-rcpt-allowfails
2182              (SMTP) When sending data to multiple recipients, by default curl
2183              will abort SMTP conversation if at least one of  the  recipients
2184              causes RCPT TO command to return an error.
2185
2186              The  default  behavior can be changed by passing --mail-rcpt-al‐
2187              lowfails command-line option which will make curl ignore  errors
2188              and proceed with the remaining valid recipients.
2189
2190              If  all  recipients  trigger  RCPT  TO failures and this flag is
2191              specified, curl will still abort the SMTP conversation  and  re‐
2192              turn the error received from to the last RCPT TO command.
2193
2194              Example:
2195               curl --mail-rcpt-allowfails --mail-rcpt dest@example.com smtp://example.com
2196
2197              See also --mail-rcpt. Added in 7.69.0.
2198
2199       --mail-rcpt <address>
2200              (SMTP) Specify a single email address, user name or mailing list
2201              name. Repeat this option several times to send to  multiple  re‐
2202              cipients.
2203
2204              When  performing an address verification (VRFY command), the re‐
2205              cipient should be specified as the user name or  user  name  and
2206              domain (as per Section 3.5 of RFC5321). (Added in 7.34.0)
2207
2208              When performing a mailing list expand (EXPN command), the recip‐
2209              ient should be specified using the mailing list  name,  such  as
2210              "Friends" or "London-Office".  (Added in 7.34.0)
2211
2212              Example:
2213               curl --mail-rcpt user@example.net smtp://example.com
2214
2215              See also --mail-rcpt-allowfails.
2216
2217       -M, --manual
2218              Manual. Display the huge help text.
2219
2220              Example:
2221               curl --manual
2222
2223              See also -v, --verbose, --libcurl and --trace.
2224
2225       --max-filesize <bytes>
2226              (FTP HTTP MQTT) Specify the maximum size (in bytes) of a file to
2227              download. If the file requested is larger than this  value,  the
2228              transfer will not start and curl will return with exit code 63.
2229
2230              A  size  modifier may be used. For example, Appending 'k' or 'K'
2231              will count  the  number  as  kilobytes,  'm'  or  'M'  makes  it
2232              megabytes,  while 'g' or 'G' makes it gigabytes. Examples: 200K,
2233              3m and 1G. (Added in 7.58.0)
2234
2235              NOTE: The file size is not always known prior to  download,  and
2236              for such files this option has no effect even if the file trans‐
2237              fer ends up being larger than this given limit.  Example:
2238               curl --max-filesize 100K https://example.com
2239
2240              See also --limit-rate.
2241
2242       --max-redirs <num>
2243              (HTTP) Set maximum number of redirections to follow. When  --lo‐
2244              cation  is  used,  to prevent curl from following too many redi‐
2245              rects, by default, the limit is set to 50  redirects.  Set  this
2246              option to -1 to make it unlimited.
2247
2248              If this option is used several times, the last one will be used.
2249
2250              Example:
2251               curl --max-redirs 3 --location https://example.com
2252
2253              See also -L, --location.
2254
2255       -m, --max-time <fractional seconds>
2256              Maximum  time  in  seconds that you allow the whole operation to
2257              take.  This is useful for preventing your batch jobs from  hang‐
2258              ing  for  hours due to slow networks or links going down.  Since
2259              7.32.0, this option accepts decimal values, but the actual time‐
2260              out will decrease in accuracy as the specified timeout increases
2261              in decimal precision.
2262
2263              If this option is used several times, the last one will be used.
2264
2265              Examples:
2266               curl --max-time 10 https://example.com
2267               curl --max-time 2.92 https://example.com
2268
2269              See also --connect-timeout.
2270
2271       --metalink
2272              This option was previously used to specify a metalink  resource.
2273              Metalink  support has been disabled in curl since 7.78.0 for se‐
2274              curity reasons.
2275
2276              Example:
2277               curl --metalink file https://example.com
2278
2279              See also -Z, --parallel.
2280
2281       --negotiate
2282              (HTTP) Enables Negotiate (SPNEGO) authentication.
2283
2284              This option requires a library built with GSS-API or  SSPI  sup‐
2285              port. Use --version to see if your curl supports GSS-API/SSPI or
2286              SPNEGO.
2287
2288              When using this option, you must also provide a fake --user  op‐
2289              tion to activate the authentication code properly. Sending a '-u
2290              :' is enough as the user name and password from the  --user  op‐
2291              tion are not actually used.
2292
2293              If  this  option  is  used  several times, only the first one is
2294              used.
2295
2296              Example:
2297               curl --negotiate -u : https://example.com
2298
2299              See also --basic, --ntlm, --anyauth and --proxy-negotiate.
2300
2301       --netrc-file <filename>
2302              This option is similar to -n, --netrc, except that  you  provide
2303              the  path  (absolute  or  relative)  to the netrc file that curl
2304              should use. You can only specify one netrc file per  invocation.
2305              If  several --netrc-file options are provided, the last one will
2306              be used.
2307
2308              It will abide by --netrc-optional if specified.
2309
2310              Example:
2311               curl --netrc-file netrc https://example.com
2312
2313              See also -n, --netrc, -u, --user and -K, --config.  This  option
2314              overrides -n, --netrc.
2315
2316       --netrc-optional
2317              Similar  to  -n, --netrc, but this option makes the .netrc usage
2318              optional and not mandatory as the --netrc option does.
2319
2320              Example:
2321               curl --netrc-optional https://example.com
2322
2323              See also --netrc-file. This option overrides -n, --netrc.
2324
2325       -n, --netrc
2326              Makes curl scan the .netrc  (_netrc  on  Windows)  file  in  the
2327              user's home directory for login name and password. This is typi‐
2328              cally used for FTP on Unix. If used with HTTP, curl will  enable
2329              user  authentication. See netrc(5) and ftp(1) for details on the
2330              file format. Curl will not complain if that file does  not  have
2331              the  right  permissions  (it should be neither world- nor group-
2332              readable). The environment variable "HOME" is used to  find  the
2333              home directory.
2334
2335              A  quick  and  simple  example of how to setup a .netrc to allow
2336              curl to FTP to the machine host.domain.com with user  name  'my‐
2337              self' and password 'secret' could look similar to:
2338
2339               machine host.domain.com
2340               login myself
2341               password secret"
2342
2343              Example:
2344               curl --netrc https://example.com
2345
2346              See also --netrc-file, -K, --config and -u, --user.
2347
2348       -:, --next
2349              Tells curl to use a separate operation for the following URL and
2350              associated options. This allows you  to  send  several  URL  re‐
2351              quests,  each with their own specific options, for example, such
2352              as different user names or custom requests for each.
2353
2354              --next will reset all local options and only  global  ones  will
2355              have  their  values  survive over to the operation following the
2356              --next  instruction.  Global  options  include  -v,   --verbose,
2357              --trace, --trace-ascii and --fail-early.
2358
2359              For  example,  you can do both a GET and a POST in a single com‐
2360              mand line:
2361
2362               curl www1.example.com --next -d postthis www2.example.com
2363
2364              Examples:
2365               curl https://example.com --next -d postthis www2.example.com
2366               curl -I https://example.com --next https://example.net/
2367
2368              See also -Z, --parallel and -K, --config. Added in 7.36.0.
2369
2370       --no-alpn
2371              (HTTPS) Disable the ALPN TLS extension. ALPN is enabled  by  de‐
2372              fault  if  libcurl  was  built with an SSL library that supports
2373              ALPN. ALPN is used by a libcurl that supports HTTP/2 to  negoti‐
2374              ate HTTP/2 support with the server during https sessions.
2375
2376              Example:
2377               curl --no-alpn https://example.com
2378
2379              See  also  --no-npn and --http2. --no-alpn requires that the un‐
2380              derlying libcurl was built to support TLS. Added in 7.36.0.
2381
2382       -N, --no-buffer
2383              Disables the buffering of the output stream. In normal work sit‐
2384              uations,  curl  will  use a standard buffered output stream that
2385              will have the effect that it will output the data in chunks, not
2386              necessarily  exactly  when  the data arrives.  Using this option
2387              will disable that buffering.
2388
2389              Note that this is the negated option name  documented.  You  can
2390              thus use --buffer to enforce the buffering.
2391
2392              Example:
2393               curl --no-buffer https://example.com
2394
2395              See also -#, --progress-bar.
2396
2397       --no-keepalive
2398              Disables  the  use  of keepalive messages on the TCP connection.
2399              curl otherwise enables them by default.
2400
2401              Note that this is the negated option name  documented.  You  can
2402              thus use --keepalive to enforce keepalive.
2403
2404              Example:
2405               curl --no-keepalive https://example.com
2406
2407              See also --keepalive-time.
2408
2409       --no-npn
2410              (HTTPS) Disable the NPN TLS extension. NPN is enabled by default
2411              if libcurl was built with an SSL library that supports NPN.  NPN
2412              is  used  by  a libcurl that supports HTTP/2 to negotiate HTTP/2
2413              support with the server during https sessions.
2414
2415              Example:
2416               curl --no-npn https://example.com
2417
2418              See also --no-alpn and --http2. --no-npn requires that  the  un‐
2419              derlying libcurl was built to support TLS. Added in 7.36.0.
2420
2421       --no-progress-meter
2422              Option to switch off the progress meter output without muting or
2423              otherwise affecting  warning  and  informational  messages  like
2424              --silent does.
2425
2426              Note  that  this  is the negated option name documented. You can
2427              thus use --progress-meter to enable the progress meter again.
2428
2429              Example:
2430               curl --no-progress-meter -o store https://example.com
2431
2432              See also -v, --verbose and -s, --silent. Added in 7.67.0.
2433
2434       --no-sessionid
2435              (TLS) Disable curl's use of SSL session-ID caching.  By  default
2436              all  transfers are done using the cache. Note that while nothing
2437              should ever get hurt by attempting  to  reuse  SSL  session-IDs,
2438              there seem to be broken SSL implementations in the wild that may
2439              require you to disable this in order for you to succeed.
2440
2441              Note that this is the negated option name  documented.  You  can
2442              thus use --sessionid to enforce session-ID caching.
2443
2444              Example:
2445               curl --no-sessionid https://example.com
2446
2447              See also -k, --insecure.
2448
2449       --noproxy <no-proxy-list>
2450              Comma-separated  list  of hosts for which not to use a proxy, if
2451              one is specified. The only wildcard is  a  single  *  character,
2452              which  matches  all  hosts,  and effectively disables the proxy.
2453              Each name in this list is matched as either a domain which  con‐
2454              tains  the  hostname,  or  the hostname itself. For example, lo‐
2455              cal.com would match local.com, local.com:80, and  www.local.com,
2456              but not www.notlocal.com.
2457
2458              Since  7.53.0,  This  option overrides the environment variables
2459              that disable the proxy ('no_proxy' and 'NO_PROXY').  If  there's
2460              an  environment  variable disabling a proxy, you can set the no‐
2461              proxy list to "" to override it.
2462
2463              Example:
2464               curl --noproxy "www.example" https://example.com
2465
2466              See also -x, --proxy.
2467
2468       --ntlm-wb
2469              (HTTP) Enables NTLM much in the style --ntlm does, but hand over
2470              the  authentication  to the separate binary ntlmauth application
2471              that is executed when needed.
2472
2473              Example:
2474               curl --ntlm-wb -u user:password https://example.com
2475
2476              See also --ntlm and --proxy-ntlm.
2477
2478       --ntlm (HTTP) Enables  NTLM  authentication.  The  NTLM  authentication
2479              method was designed by Microsoft and is used by IIS web servers.
2480              It is a proprietary protocol, reverse-engineered by clever  peo‐
2481              ple and implemented in curl based on their efforts. This kind of
2482              behavior should not be endorsed, you should  encourage  everyone
2483              who  uses  NTLM to switch to a public and documented authentica‐
2484              tion method instead, such as Digest.
2485
2486              If you want to enable NTLM for your proxy  authentication,  then
2487              use --proxy-ntlm.
2488
2489              If  this  option  is  used  several times, only the first one is
2490              used.
2491
2492              Example:
2493               curl --ntlm -u user:password https://example.com
2494
2495              See also  --proxy-ntlm.  --ntlm  requires  that  the  underlying
2496              libcurl  was built to support TLS. This option overrides --basic
2497              and --negotiate and --digest and --anyauth.
2498
2499       --oauth2-bearer <token>
2500              (IMAP LDAP POP3 SMTP HTTP) Specify the Bearer  Token  for  OAUTH
2501              2.0  server authentication. The Bearer Token is used in conjunc‐
2502              tion with the user name which can be specified as  part  of  the
2503              --url or --user options.
2504
2505              The  Bearer  Token  and user name are formatted according to RFC
2506              6750.
2507
2508              If this option is used several times, the last one will be used.
2509
2510              Example:
2511               curl --oauth2-bearer "mF_9.B5f-4.1JqM" https://example.com
2512
2513              See also --basic, --ntlm and --digest. Added in 7.33.0.
2514
2515       --output-dir <dir>
2516
2517              This option specifies the directory in  which  files  should  be
2518              stored, when --remote-name or --output are used.
2519
2520              The  given  output directory is used for all URLs and output op‐
2521              tions on the command line, up until the first -:, --next.
2522
2523              If the specified target directory does not exist, the  operation
2524              will fail unless --create-dirs is also used.
2525
2526              If this option is used multiple times, the last specified direc‐
2527              tory will be used.
2528
2529              Example:
2530               curl --output-dir "tmp" -O https://example.com
2531
2532              See also -O, --remote-name and -J,  --remote-header-name.  Added
2533              in 7.73.0.
2534
2535       -o, --output <file>
2536              Write output to <file> instead of stdout. If you are using {} or
2537              [] to fetch multiple documents, you should quote the URL and you
2538              can  use  '#' followed by a number in the <file> specifier. That
2539              variable will be replaced with the current string  for  the  URL
2540              being fetched. Like in:
2541
2542               curl "http://{one,two}.example.com" -o "file_#1.txt"
2543
2544              or use several variables like:
2545
2546               curl "http://{site,host}.host[1-5].com" -o "#1_#2"
2547
2548              You  may use this option as many times as the number of URLs you
2549              have. For example, if you specify two URLs on the  same  command
2550              line, you can use it like this:
2551
2552                curl -o aa example.com -o bb example.net
2553
2554              and  the  order  of the -o options and the URLs does not matter,
2555              just that the first -o is for the first URL and so  on,  so  the
2556              above command line can also be written as
2557
2558                curl example.com example.net -o aa -o bb
2559
2560              See  also  the --create-dirs option to create the local directo‐
2561              ries dynamically. Specifying the output as '-' (a  single  dash)
2562              will force the output to be done to stdout.
2563
2564              To   suppress  response  bodies,  you  can  redirect  output  to
2565              /dev/null:
2566
2567                curl example.com -o /dev/null
2568
2569              Or for Windows use nul:
2570
2571                curl example.com -o nul
2572
2573              Examples:
2574               curl -o file https://example.com
2575               curl "http://{one,two}.example.com" -o "file_#1.txt"
2576               curl "http://{site,host}.host[1-5].com" -o "#1_#2"
2577               curl -o file https://example.com -o file2 https://example.net
2578
2579              See also -O, --remote-name, --remote-name-all and -J,  --remote-
2580              header-name.
2581
2582       --parallel-immediate
2583              When  doing  parallel  transfers, this option will instruct curl
2584              that it should rather prefer opening up more connections in par‐
2585              allel at once rather than waiting to see if new transfers can be
2586              added as multiplexed streams on another connection.
2587
2588              This option is global and does not need to be specified for each
2589              use of -:, --next.
2590
2591              Example:
2592               curl --parallel-immediate -Z https://example.com -o file1 https://example.com -o file2
2593
2594              See also -Z, --parallel and --parallel-max. Added in 7.68.0.
2595
2596       --parallel-max <num>
2597              When  asked to do parallel transfers, using -Z, --parallel, this
2598              option controls the maximum amount of transfers to do simultane‐
2599              ously.
2600
2601              This option is global and does not need to be specified for each
2602              use of -:, --next.
2603
2604              The default is 50.
2605
2606              Example:
2607               curl --parallel-max 100 -Z https://example.com ftp://example.com/
2608
2609              See also -Z, --parallel. Added in 7.66.0.
2610
2611       -Z, --parallel
2612              Makes curl perform its transfers in parallel as compared to  the
2613              regular serial manner.
2614
2615              This option is global and does not need to be specified for each
2616              use of -:, --next.
2617
2618              Example:
2619               curl --parallel https://example.com -o file1 https://example.com -o file2
2620
2621              See also -:, --next and -v, --verbose. Added in 7.66.0.
2622
2623       --pass <phrase>
2624              (SSH TLS) Passphrase for the private key.
2625
2626              If this option is used several times, the last one will be used.
2627
2628              Example:
2629               curl --pass secret --key file https://example.com
2630
2631              See also --key and -u, --user.
2632
2633       --path-as-is
2634              Tell curl to not handle sequences of /../ or /./  in  the  given
2635              URL  path.  Normally curl will squash or merge them according to
2636              standards but with this option set you tell it not to do that.
2637
2638              Example:
2639               curl --path-as-is https://example.com/../../etc/passwd
2640
2641              See also --request-target. Added in 7.42.0.
2642
2643       --pinnedpubkey <hashes>
2644              (TLS) Tells curl to  use  the  specified  public  key  file  (or
2645              hashes)  to  verify the peer. This can be a path to a file which
2646              contains a single public key in PEM or DER format, or any number
2647              of base64 encoded sha256 hashes preceded by 'sha256//' and sepa‐
2648              rated by ';'.
2649
2650              When negotiating a TLS or SSL connection,  the  server  sends  a
2651              certificate  indicating  its identity. A public key is extracted
2652              from this certificate and if it does not exactly match the  pub‐
2653              lic  key provided to this option, curl will abort the connection
2654              before sending or receiving any data.
2655
2656              PEM/DER support:
2657
2658              7.39.0: OpenSSL, GnuTLS and GSKit
2659
2660              7.43.0: NSS and wolfSSL
2661
2662              7.47.0: mbedtls
2663
2664              sha256 support:
2665
2666              7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL
2667
2668              7.47.0: mbedtls
2669
2670              Other SSL backends not supported.
2671
2672              If this option is used several times, the last one will be used.
2673
2674              Examples:
2675               curl --pinnedpubkey keyfile https://example.com
2676               curl --pinnedpubkey 'sha256//ce118b51897f4452dc' https://example.com
2677
2678              See also --hostpubsha256. Added in 7.39.0.
2679
2680       --post301
2681              (HTTP) Tells curl to respect RFC 7231/6.4.2 and not convert POST
2682              requests into GET requests when following a 301 redirection. The
2683              non-RFC behavior is ubiquitous in web browsers, so curl does the
2684              conversion by default to maintain consistency. However, a server
2685              may require a POST to remain a POST after  such  a  redirection.
2686              This option is meaningful only when using -L, --location.
2687
2688              Example:
2689               curl --post301 --location -d "data" https://example.com
2690
2691              See also --post302, --post303 and -L, --location.
2692
2693       --post302
2694              (HTTP) Tells curl to respect RFC 7231/6.4.3 and not convert POST
2695              requests into GET requests when following a 302 redirection. The
2696              non-RFC behavior is ubiquitous in web browsers, so curl does the
2697              conversion by default to maintain consistency. However, a server
2698              may  require  a  POST to remain a POST after such a redirection.
2699              This option is meaningful only when using -L, --location.
2700
2701              Example:
2702               curl --post302 --location -d "data" https://example.com
2703
2704              See also --post301, --post303 and -L, --location.
2705
2706       --post303
2707              (HTTP) Tells curl to violate RFC 7231/6.4.4 and not convert POST
2708              requests  into  GET  requests when following 303 redirections. A
2709              server may require a POST to remain a POST after a 303 redirect‐
2710              ion. This option is meaningful only when using -L, --location.
2711
2712              Example:
2713               curl --post303 --location -d "data" https://example.com
2714
2715              See also --post302, --post301 and -L, --location.
2716
2717       --preproxy [protocol://]host[:port]
2718              Use  the  specified  SOCKS proxy before connecting to an HTTP or
2719              HTTPS -x, --proxy. In such a case curl  first  connects  to  the
2720              SOCKS  proxy  and  then  connects (through SOCKS) to the HTTP or
2721              HTTPS proxy. Hence pre proxy.
2722
2723              The pre proxy string should be specified with a protocol:// pre‐
2724              fix  to  specify  alternative  proxy  protocols.  Use socks4://,
2725              socks4a://, socks5:// or  socks5h://  to  request  the  specific
2726              SOCKS  version  to be used. No protocol specified will make curl
2727              default to SOCKS4.
2728
2729              If the port number is not specified in the proxy string,  it  is
2730              assumed to be 1080.
2731
2732              User and password that might be provided in the proxy string are
2733              URL decoded by curl. This allows you to pass in special  charac‐
2734              ters such as @ by using %40 or pass in a colon with %3a.
2735
2736              If this option is used several times, the last one will be used.
2737
2738              Example:
2739               curl --preproxy socks5://proxy.example -x http://http.example https://example.com
2740
2741              See also -x, --proxy and --socks5. Added in 7.52.0.
2742
2743       -#, --progress-bar
2744              Make curl display transfer progress as a simple progress bar in‐
2745              stead of the standard, more informational, meter.
2746
2747              This progress bar draws a single line of '#'  characters  across
2748              the screen and shows a percentage if the transfer size is known.
2749              For transfers without a known size, there  will  be  space  ship
2750              (-=o=-)  that  moves back and forth but only while data is being
2751              transferred, with a set of flying hash sign symbols on top.
2752
2753              This option is global and does not need to be specified for each
2754              use of -:, --next.
2755
2756              Example:
2757               curl -# -O https://example.com
2758
2759              See also --styled-output.
2760
2761       --proto-default <protocol>
2762              Tells curl to use protocol for any URL missing a scheme name.
2763
2764              An  unknown  or  unsupported  protocol causes error CURLE_UNSUP‐
2765              PORTED_PROTOCOL (1).
2766
2767              This option does not change the default proxy protocol (http).
2768
2769              Without this option set, curl guesses protocol based on the host
2770              name, see --url for details.
2771
2772              Example:
2773               curl --proto-default https ftp.example.com
2774
2775              See also --proto and --proto-redir. Added in 7.45.0.
2776
2777       --proto-redir <protocols>
2778              Tells  curl to limit what protocols it may use on redirect. Pro‐
2779              tocols denied by --proto are not overridden by this option.  See
2780              --proto for how protocols are represented.
2781
2782              Example, allow only HTTP and HTTPS on redirect:
2783
2784               curl --proto-redir -all,http,https http://example.com
2785
2786              By default curl will only allow HTTP, HTTPS, FTP and FTPS on re‐
2787              direct (since 7.65.2). Specifying all or +all enables all proto‐
2788              cols on redirects, which is not good for security.
2789
2790              Example:
2791               curl --proto-redir =http,https https://example.com
2792
2793              See also --proto.
2794
2795       --proto <protocols>
2796              Tells  curl  to  limit  what protocols it may use for transfers.
2797              Protocols are evaluated left to right, are comma separated,  and
2798              are  each  a protocol name or 'all', optionally prefixed by zero
2799              or more modifiers. Available modifiers are:
2800
2801              +  Permit this protocol in addition to protocols already permit‐
2802                 ted (this is the default if no modifier is used).
2803
2804              -  Deny  this  protocol,  removing it from the list of protocols
2805                 already permitted.
2806
2807              =  Permit only this protocol (ignoring the list already  permit‐
2808                 ted),  though subject to later modification by subsequent en‐
2809                 tries in the comma separated list.
2810
2811              For example:
2812
2813              --proto -ftps  uses the default protocols, but disables ftps
2814
2815              --proto -all,https,+http
2816                             only enables http and https
2817
2818              --proto =http,https
2819                             also only enables http and https
2820
2821              Unknown protocols produce a  warning.  This  allows  scripts  to
2822              safely  rely on being able to disable potentially dangerous pro‐
2823              tocols, without relying upon support  for  that  protocol  being
2824              built into curl to avoid an error.
2825
2826              This option can be used multiple times, in which case the effect
2827              is the same as concatenating the protocols into one instance  of
2828              the option.
2829
2830              Example:
2831               curl --proto =http,https,sftp https://example.com
2832
2833              See also --proto-redir and --proto-default.
2834
2835       --proxy-anyauth
2836              Tells  curl to pick a suitable authentication method when commu‐
2837              nicating with the given HTTP proxy. This might  cause  an  extra
2838              request/response round-trip.
2839
2840              Example:
2841               curl --proxy-anyauth --proxy-user user:passwd -x proxy https://example.com
2842
2843              See also -x, --proxy, --proxy-basic and --proxy-digest.
2844
2845       --proxy-basic
2846              Tells  curl  to use HTTP Basic authentication when communicating
2847              with the given proxy. Use --basic for enabling HTTP Basic with a
2848              remote  host.  Basic  is  the default authentication method curl
2849              uses with proxies.
2850
2851              Example:
2852               curl --proxy-basic --proxy-user user:passwd -x proxy https://example.com
2853
2854              See also -x, --proxy, --proxy-anyauth and --proxy-digest.
2855
2856       --proxy-cacert <file>
2857              Same as --cacert but used in HTTPS proxy context.
2858
2859              Example:
2860               curl --proxy-cacert CA-file.txt -x https://proxy https://example.com
2861
2862              See also --proxy-capath, --cacert,  --capath  and  -x,  --proxy.
2863              Added in 7.52.0.
2864
2865       --proxy-capath <dir>
2866              Same as --capath but used in HTTPS proxy context.
2867
2868              Example:
2869               curl --proxy-capath /local/directory -x https://proxy https://example.com
2870
2871              See  also  --proxy-cacert,  -x,  --proxy  and --capath. Added in
2872              7.52.0.
2873
2874       --proxy-cert-type <type>
2875              Same as --cert-type but used in HTTPS proxy context.
2876
2877              Example:
2878               curl --proxy-cert-type PEM --proxy-cert file -x https://proxy https://example.com
2879
2880              See also --proxy-cert. Added in 7.52.0.
2881
2882       --proxy-cert <cert[:passwd]>
2883              Same as --cert but used in HTTPS proxy context.
2884
2885              Example:
2886               curl --proxy-cert file -x https://proxy https://example.com
2887
2888              See also --proxy-cert-type. Added in 7.52.0.
2889
2890       --proxy-ciphers <list>
2891              Same as --ciphers but used in HTTPS proxy context.
2892
2893              Example:
2894               curl --proxy-ciphers ECDHE-ECDSA-AES256-CCM8 -x https://proxy https://example.com
2895
2896              See also --ciphers, --curves and -x, --proxy. Added in 7.52.0.
2897
2898       --proxy-crlfile <file>
2899              Same as --crlfile but used in HTTPS proxy context.
2900
2901              Example:
2902               curl --proxy-crlfile rejects.txt -x https://proxy https://example.com
2903
2904              See also --crlfile and -x, --proxy. Added in 7.52.0.
2905
2906       --proxy-digest
2907              Tells curl to use HTTP Digest authentication when  communicating
2908              with the given proxy. Use --digest for enabling HTTP Digest with
2909              a remote host.
2910
2911              Example:
2912               curl --proxy-digest --proxy-user user:passwd -x proxy https://example.com
2913
2914              See also -x, --proxy, --proxy-anyauth and --proxy-basic.
2915
2916       --proxy-header <header/@file>
2917              (HTTP) Extra header to include in the request when sending  HTTP
2918              to a proxy. You may specify any number of extra headers. This is
2919              the equivalent option to --header but is for proxy communication
2920              only  like  in  CONNECT requests when you want a separate header
2921              sent to the proxy to what is sent to the actual remote host.
2922
2923              curl will make sure that each header  you  add/replace  is  sent
2924              with the proper end-of-line marker, you should thus not add that
2925              as a part of the header content: do not add newlines or carriage
2926              returns, they will only mess things up for you.
2927
2928              Headers  specified  with this option will not be included in re‐
2929              quests that curl knows will not be sent to a proxy.
2930
2931              Starting in 7.55.0, this option can take an argument  in  @file‐
2932              name  style, which then adds a header for each line in the input
2933              file. Using @- will make curl read the header file from stdin.
2934
2935              This option can be used  multiple  times  to  add/replace/remove
2936              multiple headers.
2937
2938              Examples:
2939               curl --proxy-header "X-First-Name: Joe" -x http://proxy https://example.com
2940               curl --proxy-header "User-Agent: surprise" -x http://proxy https://example.com
2941               curl --proxy-header "Host:" -x http://proxy https://example.com
2942
2943              See also -x, --proxy. Added in 7.37.0.
2944
2945       --proxy-insecure
2946              Same as --insecure but used in HTTPS proxy context.
2947
2948              Example:
2949               curl --proxy-insecure -x https://proxy https://example.com
2950
2951              See also -x, --proxy and -k, --insecure. Added in 7.52.0.
2952
2953       --proxy-key-type <type>
2954              Same as --key-type but used in HTTPS proxy context.
2955
2956              Example:
2957               curl --proxy-key-type DER --proxy-key here -x https://proxy https://example.com
2958
2959              See also --proxy-key and -x, --proxy. Added in 7.52.0.
2960
2961       --proxy-key <key>
2962              Same as --key but used in HTTPS proxy context.
2963
2964              Example:
2965               curl --proxy-key here -x https://proxy https://example.com
2966
2967              See also --proxy-key-type and -x, --proxy. Added in 7.52.0.
2968
2969       --proxy-negotiate
2970              Tells  curl  to  use HTTP Negotiate (SPNEGO) authentication when
2971              communicating with the given proxy. Use --negotiate for enabling
2972              HTTP Negotiate (SPNEGO) with a remote host.
2973
2974              Example:
2975               curl --proxy-negotiate --proxy-user user:passwd -x proxy https://example.com
2976
2977              See also --proxy-anyauth and --proxy-basic.
2978
2979       --proxy-ntlm
2980              Tells  curl  to  use HTTP NTLM authentication when communicating
2981              with the given proxy. Use --ntlm for enabling NTLM with a remote
2982              host.
2983
2984              Example:
2985               curl --proxy-ntlm --proxy-user user:passwd -x http://proxy https://example.com
2986
2987              See also --proxy-negotiate and --proxy-anyauth.
2988
2989       --proxy-pass <phrase>
2990              Same as --pass but used in HTTPS proxy context.
2991
2992              Example:
2993               curl --proxy-pass secret --proxy-key here -x https://proxy https://example.com
2994
2995              See also -x, --proxy and --proxy-key. Added in 7.52.0.
2996
2997       --proxy-pinnedpubkey <hashes>
2998              (TLS)  Tells  curl  to  use  the  specified  public key file (or
2999              hashes) to verify the proxy. This can be a path to a file  which
3000              contains a single public key in PEM or DER format, or any number
3001              of base64 encoded sha256 hashes preceded by 'sha256//' and sepa‐
3002              rated by ';'.
3003
3004              When  negotiating  a  TLS  or SSL connection, the server sends a
3005              certificate indicating its identity. A public key  is  extracted
3006              from  this certificate and if it does not exactly match the pub‐
3007              lic key provided to this option, curl will abort the  connection
3008              before sending or receiving any data.
3009
3010              If this option is used several times, the last one will be used.
3011
3012              Examples:
3013               curl --proxy-pinnedpubkey keyfile https://example.com
3014               curl --proxy-pinnedpubkey 'sha256//ce118b51897f4452dc' https://example.com
3015
3016              See also --pinnedpubkey and -x, --proxy. Added in 7.59.0.
3017
3018       --proxy-service-name <name>
3019              This  option allows you to change the service name for proxy ne‐
3020              gotiation.
3021
3022              Example:
3023               curl --proxy-service-name "shrubbery" -x proxy https://example.com
3024
3025              See also --service-name and -x, --proxy. Added in 7.43.0.
3026
3027       --proxy-ssl-allow-beast
3028              Same as --ssl-allow-beast but used in HTTPS proxy context.
3029
3030              Example:
3031               curl --proxy-ssl-allow-beast -x https://proxy https://example.com
3032
3033              See also --ssl-allow-beast and -x, --proxy. Added in 7.52.0.
3034
3035       --proxy-ssl-auto-client-cert
3036              Same as --ssl-auto-client-cert but used in HTTPS proxy context.
3037
3038              Example:
3039               curl --proxy-ssl-auto-client-cert -x https://proxy https://example.com
3040
3041              See  also  --ssl-auto-client-cert  and  -x,  --proxy.  Added  in
3042              7.77.0.
3043
3044       --proxy-tls13-ciphers <ciphersuite list>
3045              (TLS)  Specifies which cipher suites to use in the connection to
3046              your HTTPS proxy when it negotiates TLS 1.3. The list of ciphers
3047              suites  must  specify  valid  ciphers. Read up on TLS 1.3 cipher
3048              suite details on this URL:
3049
3050               https://curl.se/docs/ssl-ciphers.html
3051
3052              This option is currently used only when curl  is  built  to  use
3053              OpenSSL 1.1.1 or later. If you are using a different SSL backend
3054              you can try setting TLS 1.3 cipher suites by using the  --proxy-
3055              ciphers option.
3056
3057              If this option is used several times, the last one will be used.
3058
3059              Example:
3060               curl --proxy-tls13-ciphers TLS_AES_128_GCM_SHA256 -x proxy https://example.com
3061
3062              See also --tls13-ciphers and --curves. Added in 7.61.0.
3063
3064       --proxy-tlsauthtype <type>
3065              Same as --tlsauthtype but used in HTTPS proxy context.
3066
3067              Example:
3068               curl --proxy-tlsauthtype SRP -x https://proxy https://example.com
3069
3070              See also -x, --proxy and --proxy-tlsuser. Added in 7.52.0.
3071
3072       --proxy-tlspassword <string>
3073              Same as --tlspassword but used in HTTPS proxy context.
3074
3075              Example:
3076               curl --proxy-tlspassword passwd -x https://proxy https://example.com
3077
3078              See also -x, --proxy and --proxy-tlsuser. Added in 7.52.0.
3079
3080       --proxy-tlsuser <name>
3081              Same as --tlsuser but used in HTTPS proxy context.
3082
3083              Example:
3084               curl --proxy-tlsuser smith -x https://proxy https://example.com
3085
3086              See also -x, --proxy and --proxy-tlspassword. Added in 7.52.0.
3087
3088       --proxy-tlsv1
3089              Same as --tlsv1 but used in HTTPS proxy context.
3090
3091              Example:
3092               curl --proxy-tlsv1 -x https://proxy https://example.com
3093
3094              See also -x, --proxy. Added in 7.52.0.
3095
3096       -U, --proxy-user <user:password>
3097              Specify  the user name and password to use for proxy authentica‐
3098              tion.
3099
3100              If you use a Windows SSPI-enabled curl binary and do either  Ne‐
3101              gotiate  or NTLM authentication then you can tell curl to select
3102              the user name and password from your environment by specifying a
3103              single colon with this option: "-U :".
3104
3105              On systems where it works, curl will hide the given option argu‐
3106              ment from process listings. This is not enough to  protect  cre‐
3107              dentials  from  possibly getting seen by other users on the same
3108              system as they  will  still  be  visible  for  a  moment  before
3109              cleared. Such sensitive data should be retrieved from a file in‐
3110              stead or similar and never used in clear text in a command line.
3111
3112              If this option is used several times, the last one will be used.
3113
3114              Example:
3115               curl --proxy-user name:pwd -x proxy https://example.com
3116
3117              See also --proxy-pass.
3118
3119       -x, --proxy [protocol://]host[:port]
3120              Use the specified proxy.
3121
3122              The proxy string can be specified with a protocol:// prefix.  No
3123              protocol specified or http:// will be treated as HTTP proxy. Use
3124              socks4://, socks4a://, socks5:// or socks5h:// to request a spe‐
3125              cific SOCKS version to be used.
3126
3127
3128              HTTPS  proxy  support  via https:// protocol prefix was added in
3129              7.52.0 for OpenSSL, GnuTLS and NSS.
3130
3131              Unrecognized and unsupported  proxy  protocols  cause  an  error
3132              since  7.52.0.   Prior  versions may ignore the protocol and use
3133              http:// instead.
3134
3135              If the port number is not specified in the proxy string,  it  is
3136              assumed to be 1080.
3137
3138              This  option  overrides  existing environment variables that set
3139              the proxy to use. If there's an environment variable  setting  a
3140              proxy, you can set proxy to "" to override it.
3141
3142              All operations that are performed over an HTTP proxy will trans‐
3143              parently be converted to HTTP. It means  that  certain  protocol
3144              specific operations might not be available. This is not the case
3145              if you can tunnel through the proxy, as one with the --proxytun‐
3146              nel option.
3147
3148              User and password that might be provided in the proxy string are
3149              URL decoded by curl. This allows you to pass in special  charac‐
3150              ters such as @ by using %40 or pass in a colon with %3a.
3151
3152              The  proxy host can be specified the same way as the proxy envi‐
3153              ronment variables, including the protocol prefix  (http://)  and
3154              the embedded user + password.
3155
3156              If this option is used several times, the last one will be used.
3157
3158              Example:
3159               curl --proxy http://proxy.example https://example.com
3160
3161              See also --socks5 and --proxy-basic.
3162
3163       --proxy1.0 <host[:port]>
3164              Use  the  specified  HTTP  1.0  proxy. If the port number is not
3165              specified, it is assumed at port 1080.
3166
3167              The only difference between this and the HTTP proxy  option  -x,
3168              --proxy,  is that attempts to use CONNECT through the proxy will
3169              specify an HTTP 1.0 protocol instead of the default HTTP 1.1.
3170
3171              Example:
3172               curl --proxy1.0 -x http://proxy https://example.com
3173
3174              See also -x, --proxy, --socks5 and --preproxy.
3175
3176       -p, --proxytunnel
3177              When an HTTP proxy is used -x, --proxy, this  option  will  make
3178              curl  tunnel through the proxy. The tunnel approach is made with
3179              the HTTP proxy CONNECT request and requires that the  proxy  al‐
3180              lows direct connect to the remote port number curl wants to tun‐
3181              nel through to.
3182
3183              To suppress proxy CONNECT response headers when curl is  set  to
3184              output headers use --suppress-connect-headers.
3185
3186              Example:
3187               curl --proxytunnel -x http://proxy https://example.com
3188
3189              See also -x, --proxy.
3190
3191       --pubkey <key>
3192              (SFTP SCP) Public key file name. Allows you to provide your pub‐
3193              lic key in this separate file.
3194
3195              If this option is used several times, the last one will be used.
3196
3197              (As of 7.39.0, curl attempts to automatically extract the public
3198              key  from the private key file, so passing this option is gener‐
3199              ally not required. Note that this public key extraction requires
3200              libcurl  to  be linked against a copy of libssh2 1.2.8 or higher
3201              that is itself linked against OpenSSL.)
3202
3203              Example:
3204               curl --pubkey file.pub sftp://example.com/
3205
3206              See also --pass.
3207
3208       -Q, --quote <command>
3209              (FTP SFTP) Send an arbitrary command to the remote FTP  or  SFTP
3210              server.  Quote commands are sent BEFORE the transfer takes place
3211              (just after the initial PWD command in an FTP  transfer,  to  be
3212              exact). To make commands take place after a successful transfer,
3213              prefix them with a dash '-'. To make commands be sent after curl
3214              has changed the working directory, just before the transfer com‐
3215              mand(s), prefix the command with a '+' (this is  only  supported
3216              for FTP). You may specify any number of commands.
3217
3218              By  default  curl  will stop at first failure. To make curl con‐
3219              tinue even if the command fails, prefix the command with an  as‐
3220              terisk  (*). Otherwise, if the server returns failure for one of
3221              the commands, the entire operation will be aborted.
3222
3223              You must send syntactically correct FTP commands as RFC 959  de‐
3224              fines  to  FTP  servers,  or one of the commands listed below to
3225              SFTP servers.
3226
3227              This option can be used multiple times.
3228
3229              SFTP is a binary protocol. Unlike for FTP, curl interprets  SFTP
3230              quote  commands  itself  before sending them to the server. File
3231              names may be quoted shell-style to embed spaces or special char‐
3232              acters.  Following  is the list of all supported SFTP quote com‐
3233              mands:
3234
3235              atime date file
3236                     The atime command sets the last access time of  the  file
3237                     named  by  the file operand. The <date expression> can be
3238                     all sorts of date strings, see  the  curl_getdate(3)  man
3239                     page for date expression details. (Added in 7.73.0)
3240
3241              chgrp group file
3242                     The  chgrp command sets the group ID of the file named by
3243                     the file operand to the group ID specified by  the  group
3244                     operand. The group operand is a decimal integer group ID.
3245
3246              chmod mode file
3247                     The  chmod  command  modifies  the  file mode bits of the
3248                     specified file. The mode operand is an octal integer mode
3249                     number.
3250
3251              chown user file
3252                     The chown command sets the owner of the file named by the
3253                     file operand to the user ID specified by the  user  oper‐
3254                     and. The user operand is a decimal integer user ID.
3255
3256              ln source_file target_file
3257                     The ln and symlink commands create a symbolic link at the
3258                     target_file location pointing to  the  source_file  loca‐
3259                     tion.
3260
3261              mkdir directory_name
3262                     The  mkdir command creates the directory named by the di‐
3263                     rectory_name operand.
3264
3265              mtime date file
3266                     The mtime command sets the last modification time of  the
3267                     file named by the file operand. The <date expression> can
3268                     be all sorts of date strings, see the curl_getdate(3) man
3269                     page for date expression details. (Added in 7.73.0)
3270
3271              pwd    The pwd command returns the absolute pathname of the cur‐
3272                     rent working directory.
3273
3274              rename source target
3275                     The rename command renames the file or directory named by
3276                     the  source  operand to the destination path named by the
3277                     target operand.
3278
3279              rm file
3280                     The rm command removes the file specified by the file op‐
3281                     erand.
3282
3283              rmdir directory
3284                     The  rmdir  command removes the directory entry specified
3285                     by the directory operand, provided it is empty.
3286
3287              symlink source_file target_file
3288                     See ln.
3289
3290       Example:
3291        curl --quote "DELE file" ftp://example.com/foo
3292
3293       See also -X, --request.
3294
3295       --random-file <file>
3296              Specify the path name to file containing what will be considered
3297              as  random  data. The data may be used to seed the random engine
3298              for SSL connections. See also the --egd-file option.
3299
3300              Example:
3301               curl --random-file rubbish https://example.com
3302
3303              See also --egd-file.
3304
3305       -r, --range <range>
3306              (HTTP FTP SFTP FILE) Retrieve a byte range (i.e. a partial docu‐
3307              ment)  from  an  HTTP/1.1,  FTP  or SFTP server or a local FILE.
3308              Ranges can be specified in a number of ways.
3309
3310              0-499     specifies the first 500 bytes
3311
3312              500-999   specifies the second 500 bytes
3313
3314              -500      specifies the last 500 bytes
3315
3316              9500-     specifies the bytes from offset 9500 and forward
3317
3318              0-0,-1    specifies the first and last byte only(*)(HTTP)
3319
3320              100-199,500-599
3321                        specifies two separate 100-byte ranges(*) (HTTP)
3322
3323              (*) = NOTE that this will cause the server to reply with a  mul‐
3324              tipart  response,  which will be returned as-is by curl! Parsing
3325              or otherwise transforming this response is the responsibility of
3326              the caller.
3327
3328              Only  digit characters (0-9) are valid in the 'start' and 'stop'
3329              fields of the 'start-stop' range syntax. If a non-digit  charac‐
3330              ter is given in the range, the server's response will be unspec‐
3331              ified, depending on the server's configuration.
3332
3333              You should also be aware that many HTTP/1.1 servers do not  have
3334              this  feature  enabled, so that when you attempt to get a range,
3335              you will instead get the whole document.
3336
3337              FTP and SFTP range downloads only  support  the  simple  'start-
3338              stop'  syntax  (optionally with one of the numbers omitted). FTP
3339              use depends on the extended FTP command SIZE.
3340
3341              If this option is used several times, the last one will be used.
3342
3343              Example:
3344               curl --range 22-44 https://example.com
3345
3346              See also -C, --continue-at and -a, --append.
3347
3348       --raw  (HTTP) When used, it disables all internal HTTP decoding of con‐
3349              tent  or transfer encodings and instead makes them passed on un‐
3350              altered, raw.
3351
3352              Example:
3353               curl --raw https://example.com
3354
3355              See also --tr-encoding.
3356
3357       -e, --referer <URL>
3358              (HTTP) Sends the "Referrer Page" information to the HTTP server.
3359              This can also be set with the --header flag of course. When used
3360              with --location you can append ";auto" to the --referer  URL  to
3361              make  curl  automatically set the previous URL when it follows a
3362              Location: header. The ";auto" string can be used alone, even  if
3363              you do not set an initial -e, --referer.
3364
3365              If this option is used several times, the last one will be used.
3366
3367              Examples:
3368               curl --referer "https://fake.example" https://example.com
3369               curl --referer "https://fake.example;auto" -L https://example.com
3370               curl --referer ";auto" -L https://example.com
3371
3372              See also -A, --user-agent and -H, --header.
3373
3374       -J, --remote-header-name
3375              (HTTP)  This  option  tells  the --remote-name option to use the
3376              server-specified Content-Disposition  filename  instead  of  ex‐
3377              tracting  a  filename  from the URL. If the server-provided file
3378              name contains a path, that will be stripped off before the  file
3379              name is used.
3380
3381              The  file is saved in the current directory, or in the directory
3382              specified with --output-dir.
3383
3384              If the server specifies a file name and a file  with  that  name
3385              already  exists  in  the  destination  directory, it will not be
3386              overwritten and an error will occur.  If  the  server  does  not
3387              specify a file name then this option has no effect.
3388
3389              There's  no  attempt to decode %-sequences (yet) in the provided
3390              file name, so this option may provide you with rather unexpected
3391              file names.
3392
3393              WARNING:  Exercise  judicious  use of this option, especially on
3394              Windows. A rogue server could send you the  name  of  a  DLL  or
3395              other file that could be loaded automatically by Windows or some
3396              third party software.
3397
3398              Example:
3399               curl -OJ https://example.com/file
3400
3401              See also -O, --remote-name.
3402
3403       --remote-name-all
3404              This option changes the default action for all given URLs to  be
3405              dealt with as if --remote-name were used for each one. So if you
3406              want to disable that for a specific URL after  --remote-name-all
3407              has been used, you must use "-o -" or --no-remote-name.
3408
3409              Example:
3410               curl --remote-name-all ftp://example.com/file1 ftp://example.com/file2
3411
3412              See also -O, --remote-name.
3413
3414       -O, --remote-name
3415              Write  output to a local file named like the remote file we get.
3416              (Only the file part of the remote file is used, the path is  cut
3417              off.)
3418
3419              The  file will be saved in the current working directory. If you
3420              want the file saved in a  different  directory,  make  sure  you
3421              change  the  current working directory before invoking curl with
3422              this option.
3423
3424              The remote file name to use for saving  is  extracted  from  the
3425              given  URL,  nothing  else,  and if it already exists it will be
3426              overwritten. If you want the server to be  able  to  choose  the
3427              file name refer to --remote-header-name which can be used in ad‐
3428              dition to this option. If the server chooses  a  file  name  and
3429              that name already exists it will not be overwritten.
3430
3431              There is no URL decoding done on the file name. If it has %20 or
3432              other URL encoded parts of the name, they will end up  as-is  as
3433              file name.
3434
3435              You  may use this option as many times as the number of URLs you
3436              have.
3437
3438              Example:
3439               curl -O https://example.com/filename
3440
3441              See also --remote-name-all.
3442
3443       -R, --remote-time
3444              When used, this will make curl attempt to figure out  the  time‐
3445              stamp  of the remote file, and if that is available make the lo‐
3446              cal file get that same timestamp.
3447
3448              Example:
3449               curl --remote-time -o foo https://example.com
3450
3451              See also -O, --remote-name and -z, --time-cond.
3452
3453       --request-target <path>
3454              (HTTP) Tells curl to use an alternative "target" (path)  instead
3455              of  using  the  path as provided in the URL. Particularly useful
3456              when wanting to issue HTTP requests  without  leading  slash  or
3457              other  data  that  does not follow the regular URL pattern, like
3458              "OPTIONS *".
3459
3460              Example:
3461               curl --request-target "*" -X OPTIONS https://example.com
3462
3463              See also -X, --request. Added in 7.55.0.
3464
3465       -X, --request <method>
3466              (HTTP) Specifies a custom request method to use when communicat‐
3467              ing  with  the HTTP server. The specified request method will be
3468              used instead of the method otherwise  used  (which  defaults  to
3469              GET).  Read  the HTTP 1.1 specification for details and explana‐
3470              tions. Common additional HTTP requests include PUT  and  DELETE,
3471              but related technologies like WebDAV offers PROPFIND, COPY, MOVE
3472              and more.
3473
3474              Normally you do not need this option. All sorts  of  GET,  HEAD,
3475              POST and PUT requests are rather invoked by using dedicated com‐
3476              mand line options.
3477
3478              This option only changes the actual word used in  the  HTTP  re‐
3479              quest, it does not alter the way curl behaves. So for example if
3480              you want to make a proper HEAD request, using -X HEAD  will  not
3481              suffice. You need to use the --head option.
3482
3483              The  method  string  you set with --request will be used for all
3484              requests, which if you for example use --location may cause  un‐
3485              intended  side-effects  when curl does not change request method
3486              according to the HTTP 30x response codes - and similar.
3487
3488              (FTP) Specifies a custom FTP command to use instead of LIST when
3489              doing file lists with FTP.
3490
3491              (POP3) Specifies a custom POP3 command to use instead of LIST or
3492              RETR.
3493
3494
3495              (IMAP) Specifies a custom IMAP command to use instead  of  LIST.
3496              (Added in 7.30.0)
3497
3498              (SMTP) Specifies a custom SMTP command to use instead of HELP or
3499              VRFY. (Added in 7.34.0)
3500
3501              If this option is used several times, the last one will be used.
3502
3503              Examples:
3504               curl -X "DELETE" https://example.com
3505               curl -X NLST ftp://example.com/
3506
3507              See also --request-target.
3508
3509       --resolve <[+]host:port:addr[,addr]...>
3510              Provide a custom address for a specific host and port pair.  Us‐
3511              ing  this, you can make the curl requests(s) use a specified ad‐
3512              dress and prevent the otherwise normally resolved address to  be
3513              used.  Consider  it a sort of /etc/hosts alternative provided on
3514              the command line. The port number should be the number used  for
3515              the  specific  protocol  the host will be used for. It means you
3516              need several entries if you want to provide address for the same
3517              host but different ports.
3518
3519              By  specifying '*' as host you can tell curl to resolve any host
3520              and specific port pair to the specified address. Wildcard is re‐
3521              solved  last so any --resolve with a specific host and port will
3522              be used first.
3523
3524              The provided address set by this option will  be  used  even  if
3525              --ipv4 or --ipv6 is set to make curl use another IP version.
3526
3527              By prefixing the host with a '+' you can make the entry time out
3528              after curl's default timeout (1 minute).  Note  that  this  will
3529              only  make  sense for long running parallel transfers with a lot
3530              of files. In such cases, if this option is used curl will try to
3531              resolve  the  host as it normally would once the timeout has ex‐
3532              pired.
3533
3534              Support for providing the IP address within [brackets] was added
3535              in 7.57.0.
3536
3537              Support  for providing multiple IP addresses per entry was added
3538              in 7.59.0.
3539
3540              Support for resolving with wildcard was added in 7.64.0.
3541
3542              Support for the '+' prefix was was added in 7.75.0.
3543
3544              This option can be used many times to add many host names to re‐
3545              solve.
3546
3547              Example:
3548               curl --resolve example.com:443:127.0.0.1 https://example.com
3549
3550              See also --connect-to and --alt-svc.
3551
3552       --retry-all-errors
3553              Retry on any error. This option is used together with --retry.
3554
3555              This  option  is the "sledgehammer" of retrying. Do not use this
3556              option by default (eg in curlrc), there may be unintended conse‐
3557              quences  such as sending or receiving duplicate data. Do not use
3558              with redirected input or output. You'd be much better  off  han‐
3559              dling  your unique problems in shell script. Please read the ex‐
3560              ample below.
3561
3562              WARNING: For server compatibility curl attempts to retry  failed
3563              flaky  transfers  as close as possible to how they were started,
3564              but this is not possible with redirected input  or  output.  For
3565              example,  before  retrying  it removes output data from a failed
3566              partial transfer that was written to  an  output  file.  However
3567              this is not true of data redirected to a | pipe or > file, which
3568              are not reset. We strongly suggest you do not  parse  or  record
3569              output  via  redirect in combination with this option, since you
3570              may receive duplicate data.
3571
3572              By default curl will not error on an HTTP response code that in‐
3573              dicates an HTTP error, if the transfer was successful. For exam‐
3574              ple, if a server replies 404 Not Found and the  reply  is  fully
3575              received  then  that  is not an error. When --retry is used then
3576              curl will retry on some HTTP response codes that indicate  tran‐
3577              sient  HTTP  errors, but that does not include most 4xx response
3578              codes such as 404. If you want to retry on  all  response  codes
3579              that  indicate  HTTP  errors (4xx and 5xx) then combine with -f,
3580              --fail.
3581
3582              Example:
3583               curl --retry 5 --retry-all-errors https://example.com
3584
3585              See also --retry. Added in 7.71.0.
3586
3587       --retry-connrefused
3588              In addition to the other conditions, consider ECONNREFUSED as  a
3589              transient  error  too  for --retry. This option is used together
3590              with --retry.
3591
3592              Example:
3593               curl --retry-connrefused --retry https://example.com
3594
3595              See also --retry and --retry-all-errors. Added in 7.52.0.
3596
3597       --retry-delay <seconds>
3598              Make curl sleep this amount of time before  each  retry  when  a
3599              transfer  has  failed with a transient error (it changes the de‐
3600              fault backoff time algorithm between retries).  This  option  is
3601              only  interesting if --retry is also used. Setting this delay to
3602              zero will make curl use the default backoff time.
3603
3604              If this option is used several times, the last one will be used.
3605
3606              Example:
3607               curl --retry-delay 5 --retry https://example.com
3608
3609              See also --retry.
3610
3611       --retry-max-time <seconds>
3612              The retry timer is reset before the first transfer attempt.  Re‐
3613              tries  will  be done as usual (see --retry) as long as the timer
3614              has not reached this given limit. Notice that if the  timer  has
3615              not  reached  the limit, the request will be made and while per‐
3616              forming, it may take longer than  this  given  time  period.  To
3617              limit  a  single request's maximum time, use -m, --max-time. Set
3618              this option to zero to not timeout retries.
3619
3620              If this option is used several times, the last one will be used.
3621
3622              Example:
3623               curl --retry-max-time 30 --retry 10 https://example.com
3624
3625              See also --retry.
3626
3627       --retry <num>
3628              If a transient error is returned when curl tries  to  perform  a
3629              transfer,  it  will retry this number of times before giving up.
3630              Setting the number to 0 makes curl do no retries (which  is  the
3631              default).  Transient  error  means either: a timeout, an FTP 4xx
3632              response code or an HTTP 408, 429, 500, 502, 503 or 504 response
3633              code.
3634
3635              When  curl  is about to retry a transfer, it will first wait one
3636              second and then for all forthcoming retries it will  double  the
3637              waiting  time until it reaches 10 minutes which then will be the
3638              delay between the rest of the retries.  By  using  --retry-delay
3639              you   disable  this  exponential  backoff  algorithm.  See  also
3640              --retry-max-time to limit the total time allowed for retries.
3641
3642              Since curl 7.66.0, curl will comply with  the  Retry-After:  re‐
3643              sponse  header if one was present to know when to issue the next
3644              retry.
3645
3646              If this option is used several times, the last one will be used.
3647
3648              Example:
3649               curl --retry 7 https://example.com
3650
3651              See also --retry-max-time.
3652
3653       --sasl-authzid <identity>
3654              Use this authorisation identity (authzid), during SASL PLAIN au‐
3655              thentication,  in addition to the authentication identity (auth‐
3656              cid) as specified by -u, --user.
3657
3658              If the option is not specified, the server will derive  the  au‐
3659              thzid  from  the authcid, but if specified, and depending on the
3660              server implementation, it may be used to access  another  user's
3661              inbox,  that  the  user  has been granted access to, or a shared
3662              mailbox for example.
3663
3664              Example:
3665               curl --sasl-authzid zid imap://example.com/
3666
3667              See also --login-options. Added in 7.66.0.
3668
3669       --sasl-ir
3670              Enable initial response in SASL authentication.
3671
3672              Example:
3673               curl --sasl-ir imap://example.com/
3674
3675              See also --sasl-authzid. Added in 7.31.0.
3676
3677       --service-name <name>
3678              This option allows you to change the service name for SPNEGO.
3679
3680              Examples:   --negotiate   --service-name   sockd    would    use
3681              sockd/server-name.
3682
3683              Example:
3684               curl --service-name sockd/server https://example.com
3685
3686              See also --negotiate and --proxy-service-name. Added in 7.43.0.
3687
3688       -S, --show-error
3689              When used with -s, --silent, it makes curl show an error message
3690              if it fails.
3691
3692              This option is global and does not need to be specified for each
3693              use of -:, --next.
3694
3695              Example:
3696               curl --show-error --silent https://example.com
3697
3698              See also --no-progress-meter.
3699
3700       -s, --silent
3701              Silent  or  quiet mode. Do not show progress meter or error mes‐
3702              sages. Makes Curl mute. It will still output the  data  you  ask
3703              for, potentially even to the terminal/stdout unless you redirect
3704              it.
3705
3706              Use --show-error in addition to this option to disable  progress
3707              meter but still show error messages.
3708
3709              Example:
3710               curl -s https://example.com
3711
3712              See also -v, --verbose, --stderr and --no-progress-meter.
3713
3714       --socks4 <host[:port]>
3715              Use the specified SOCKS4 proxy. If the port number is not speci‐
3716              fied, it is assumed at port 1080. Using this  socket  type  make
3717              curl  resolve  the  host  name and passing the address on to the
3718              proxy.
3719
3720              This option overrides any previous use of -x, --proxy,  as  they
3721              are mutually exclusive.
3722
3723              This  option is superfluous since you can specify a socks4 proxy
3724              with --proxy using a socks4:// protocol prefix.
3725
3726              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3727              the  same time --proxy is used with an HTTP/HTTPS proxy. In such
3728              a case curl first connects to the SOCKS proxy and then  connects
3729              (through SOCKS) to the HTTP or HTTPS proxy.
3730
3731              If this option is used several times, the last one will be used.
3732
3733              Example:
3734               curl --socks4 hostname:4096 https://example.com
3735
3736              See also --socks4a, --socks5 and --socks5-hostname.
3737
3738       --socks4a <host[:port]>
3739              Use the specified SOCKS4a proxy. If the port number is not spec‐
3740              ified, it is assumed at port 1080. This asks the  proxy  to  re‐
3741              solve the host name.
3742
3743              This  option  overrides any previous use of -x, --proxy, as they
3744              are mutually exclusive.
3745
3746              This option is superfluous since you can specify a socks4a proxy
3747              with --proxy using a socks4a:// protocol prefix.
3748
3749              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3750              the same time --proxy is used with an HTTP/HTTPS proxy. In  such
3751              a  case curl first connects to the SOCKS proxy and then connects
3752              (through SOCKS) to the HTTP or HTTPS proxy.
3753
3754              If this option is used several times, the last one will be used.
3755
3756              Example:
3757               curl --socks4a hostname:4096 https://example.com
3758
3759              See also --socks4, --socks5 and --socks5-hostname.
3760
3761       --socks5-basic
3762              Tells curl to use username/password authentication when connect‐
3763              ing  to a SOCKS5 proxy.  The username/password authentication is
3764              enabled by default.  Use --socks5-gssapi to  force  GSS-API  au‐
3765              thentication to SOCKS5 proxies.
3766
3767              Example:
3768               curl --socks5-basic --socks5 hostname:4096 https://example.com
3769
3770              See also --socks5. Added in 7.55.0.
3771
3772       --socks5-gssapi-nec
3773              As  part of the GSS-API negotiation a protection mode is negoti‐
3774              ated. RFC 1961 says in section 4.3/4.4 it should  be  protected,
3775              but  the  NEC  reference  implementation  does  not.  The option
3776              --socks5-gssapi-nec allows the unprotected exchange of the  pro‐
3777              tection mode negotiation.
3778
3779              Example:
3780               curl --socks5-gssapi-nec --socks5 hostname:4096 https://example.com
3781
3782              See also --socks5.
3783
3784       --socks5-gssapi-service <name>
3785              The default service name for a socks server is rcmd/server-fqdn.
3786              This option allows you to change it.
3787
3788              Examples:  --socks5  proxy-name  --socks5-gssapi-service   sockd
3789              would  use sockd/proxy-name --socks5 proxy-name --socks5-gssapi-
3790              service sockd/real-name  would  use  sockd/real-name  for  cases
3791              where the proxy-name does not match the principal name.
3792
3793              Example:
3794               curl --socks5-gssapi-service sockd --socks5 hostname:4096 https://example.com
3795
3796              See also --socks5.
3797
3798       --socks5-gssapi
3799              Tells  curl  to  use GSS-API authentication when connecting to a
3800              SOCKS5 proxy.  The GSS-API authentication is enabled by  default
3801              (if  curl is compiled with GSS-API support).  Use --socks5-basic
3802              to force username/password authentication to SOCKS5 proxies.
3803
3804              Example:
3805               curl --socks5-gssapi --socks5 hostname:4096 https://example.com
3806
3807              See also --socks5. Added in 7.55.0.
3808
3809       --socks5-hostname <host[:port]>
3810              Use the specified SOCKS5 proxy (and let the  proxy  resolve  the
3811              host  name).  If the port number is not specified, it is assumed
3812              at port 1080.
3813
3814              This option overrides any previous use of -x, --proxy,  as  they
3815              are mutually exclusive.
3816
3817              This  option is superfluous since you can specify a socks5 host‐
3818              name proxy with --proxy using a socks5h:// protocol prefix.
3819
3820              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3821              the  same time --proxy is used with an HTTP/HTTPS proxy. In such
3822              a case curl first connects to the SOCKS proxy and then  connects
3823              (through SOCKS) to the HTTP or HTTPS proxy.
3824
3825              If this option is used several times, the last one will be used.
3826
3827              Example:
3828               curl --socks5-hostname proxy.example:7000 https://example.com
3829
3830              See also --socks5 and --socks4a.
3831
3832       --socks5 <host[:port]>
3833              Use  the  specified SOCKS5 proxy - but resolve the host name lo‐
3834              cally. If the port number is not specified,  it  is  assumed  at
3835              port 1080.
3836
3837              This  option  overrides any previous use of -x, --proxy, as they
3838              are mutually exclusive.
3839
3840              This option is superfluous since you can specify a socks5  proxy
3841              with --proxy using a socks5:// protocol prefix.
3842
3843              Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at
3844              the same time --proxy is used with an HTTP/HTTPS proxy. In  such
3845              a  case curl first connects to the SOCKS proxy and then connects
3846              (through SOCKS) to the HTTP or HTTPS proxy.
3847
3848              If this option is used several times, the last one will be used.
3849
3850              This option (as well as --socks4) does not work with IPV6,  FTPS
3851              or LDAP.
3852
3853              Example:
3854               curl --socks5 proxy.example:7000 https://example.com
3855
3856              See also --socks5-hostname and --socks4a.
3857
3858       -Y, --speed-limit <speed>
3859              If a download is slower than this given speed (in bytes per sec‐
3860              ond) for speed-time seconds it gets aborted. speed-time  is  set
3861              with --speed-time and is 30 if not set.
3862
3863              If this option is used several times, the last one will be used.
3864
3865              Example:
3866               curl --speed-limit 300 --speed-time 10 https://example.com
3867
3868              See also -y, --speed-time, --limit-rate and -m, --max-time.
3869
3870       -y, --speed-time <seconds>
3871              If a download is slower than speed-limit bytes per second during
3872              a speed-time period, the download gets aborted. If speed-time is
3873              used,  the  default  speed-limit  will  be 1 unless set with -Y,
3874              --speed-limit.
3875
3876              This option controls transfers and thus  will  not  affect  slow
3877              connects  etc.  If this is a concern for you, try the --connect-
3878              timeout option.
3879
3880              If this option is used several times, the last one will be used.
3881
3882              Example:
3883               curl --speed-limit 300 --speed-time 10 https://example.com
3884
3885              See also -Y, --speed-limit and --limit-rate.
3886
3887       --ssl-allow-beast
3888              This option tells curl to not work around a security flaw in the
3889              SSL3 and TLS1.0 protocols known as BEAST.  If this option is not
3890              used, the SSL layer may use workarounds known to cause  interop‐
3891              erability problems with some older SSL implementations.
3892
3893              WARNING: this option loosens the SSL security, and by using this
3894              flag you ask for exactly that.
3895
3896              Example:
3897               curl --ssl-allow-beast https://example.com
3898
3899              See also --proxy-ssl-allow-beast and -k, --insecure.
3900
3901       --ssl-auto-client-cert
3902              Tell libcurl to automatically locate and use a  client  certifi‐
3903              cate  for authentication, when requested by the server. This op‐
3904              tion is only supported for Schannel (the native Windows SSL  li‐
3905              brary). Prior to 7.77.0 this was the default behavior in libcurl
3906              with Schannel. Since the server can request any certificate that
3907              supports  client  authentication  in the OS certificate store it
3908              could be a privacy violation and unexpected.
3909
3910              Example:
3911               curl --ssl-auto-client-cert https://example.com
3912
3913              See also --proxy-ssl-auto-client-cert. Added in 7.77.0.
3914
3915       --ssl-no-revoke
3916              (Schannel) This option tells curl to disable certificate revoca‐
3917              tion checks.  WARNING: this option loosens the SSL security, and
3918              by using this flag you ask for exactly that.
3919
3920              Example:
3921               curl --ssl-no-revoke https://example.com
3922
3923              See also --crlfile. Added in 7.44.0.
3924
3925       --ssl-reqd
3926              (FTP IMAP POP3 SMTP LDAP) Require SSL/TLS  for  the  connection.
3927              Terminates  the  connection  if  the  server  does  not  support
3928              SSL/TLS.
3929
3930              This option is handled in LDAP since version 7.81.0. It is fully
3931              supported  by  the  openldap backend and rejected by the generic
3932              ldap backend if explicit TLS is required.
3933
3934              This option was formerly known as --ftp-ssl-reqd.
3935
3936              Example:
3937               curl --ssl-reqd ftp://example.com
3938
3939              See also --ssl and -k, --insecure.
3940
3941       --ssl-revoke-best-effort
3942              (Schannel) This option tells curl to ignore certificate  revoca‐
3943              tion checks when they failed due to missing/offline distribution
3944              points for the revocation check lists.
3945
3946              Example:
3947               curl --ssl-revoke-best-effort https://example.com
3948
3949              See also --crlfile and -k, --insecure. Added in 7.70.0.
3950
3951       --ssl  (FTP IMAP POP3 SMTP LDAP) Try to use SSL/TLS for the connection.
3952              Reverts  to  a non-secure connection if the server does not sup‐
3953              port SSL/TLS. See also --ftp-ssl-control and --ssl-reqd for dif‐
3954              ferent levels of encryption required.
3955
3956              This option is handled in LDAP since version 7.81.0. It is fully
3957              supported by the openldap backend and  ignored  by  the  generic
3958              ldap backend.
3959
3960              Please  note that a server may close the connection if the nego‐
3961              tiation does not succeed.
3962
3963              This option was formerly known as --ftp-ssl.  That  option  name
3964              can still be used but will be removed in a future version.
3965
3966              Example:
3967               curl --ssl pop3://example.com/
3968
3969              See also -k, --insecure and --ciphers.
3970
3971       -2, --sslv2
3972              (SSL) This option previously asked curl to use SSLv2, but start‐
3973              ing in curl 7.77.0 this instruction is ignored. SSLv2 is  widely
3974              considered insecure (see RFC 6176).
3975
3976              Example:
3977               curl --sslv2 https://example.com
3978
3979              See  also  --http1.1  and --http2. -2, --sslv2 requires that the
3980              underlying libcurl was built to support TLS. This  option  over‐
3981              rides -3, --sslv3 and -1, --tlsv1 and --tlsv1.1 and --tlsv1.2.
3982
3983       -3, --sslv3
3984              (SSL) This option previously asked curl to use SSLv3, but start‐
3985              ing in curl 7.77.0 this instruction is ignored. SSLv3 is  widely
3986              considered insecure (see RFC 7568).
3987
3988              Example:
3989               curl --sslv3 https://example.com
3990
3991              See  also  --http1.1  and --http2. -3, --sslv3 requires that the
3992              underlying libcurl was built to support TLS. This  option  over‐
3993              rides -2, --sslv2 and -1, --tlsv1 and --tlsv1.1 and --tlsv1.2.
3994
3995       --stderr <file>
3996              Redirect  all writes to stderr to the specified file instead. If
3997              the file name is a plain '-', it is instead written to stdout.
3998
3999              This option is global and does not need to be specified for each
4000              use of -:, --next.
4001
4002              If this option is used several times, the last one will be used.
4003
4004              Example:
4005               curl --stderr output.txt https://example.com
4006
4007              See also -v, --verbose and -s, --silent.
4008
4009       --styled-output
4010              Enables  the automatic use of bold font styles when writing HTTP
4011              headers to the terminal. Use --no-styled-output to  switch  them
4012              off.
4013
4014              This option is global and does not need to be specified for each
4015              use of -:, --next.
4016
4017              Example:
4018               curl --styled-output -I https://example.com
4019
4020              See also -I, --head and -v, --verbose. Added in 7.61.0.
4021
4022       --suppress-connect-headers
4023              When --proxytunnel is used and a CONNECT request is made do  not
4024              output  proxy  CONNECT response headers. This option is meant to
4025              be used with --dump-header or --include which are used  to  show
4026              protocol  headers  in  the output. It has no effect on debug op‐
4027              tions such as --verbose or --trace, or any statistics.
4028
4029              Example:
4030               curl --suppress-connect-headers --include -x proxy https://example.com
4031
4032              See also -D, --dump-header, -i, --include and -p, --proxytunnel.
4033              Added in 7.54.0.
4034
4035       --tcp-fastopen
4036              Enable use of TCP Fast Open (RFC7413).
4037
4038              Example:
4039               curl --tcp-fastopen https://example.com
4040
4041              See also --false-start. Added in 7.49.0.
4042
4043       --tcp-nodelay
4044              Turn  on the TCP_NODELAY option. See the curl_easy_setopt(3) man
4045              page for details about this option.
4046
4047              Since 7.50.2, curl sets this option by default and you  need  to
4048              explicitly switch it off if you do not want it on.
4049
4050              Example:
4051               curl --tcp-nodelay https://example.com
4052
4053              See also -N, --no-buffer.
4054
4055       -t, --telnet-option <opt=val>
4056              Pass options to the telnet protocol. Supported options are:
4057
4058              TTYPE=<term> Sets the terminal type.
4059
4060              XDISPLOC=<X display> Sets the X display location.
4061
4062              NEW_ENV=<var,val> Sets an environment variable.
4063
4064              Example:
4065               curl -t TTYPE=vt100 telnet://example.com/
4066
4067              See also -K, --config.
4068
4069       --tftp-blksize <value>
4070              (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block
4071              size that curl will try to use when transferring data to or from
4072              a TFTP server. By default 512 bytes will be used.
4073
4074              If this option is used several times, the last one will be used.
4075
4076              Example:
4077               curl --tftp-blksize 1024 tftp://example.com/file
4078
4079              See also --tftp-no-options.
4080
4081       --tftp-no-options
4082              (TFTP) Tells curl not to send TFTP options requests.
4083
4084              This  option  improves  interop with some legacy servers that do
4085              not acknowledge or properly implement TFTP  options.  When  this
4086              option is used --tftp-blksize is ignored.
4087
4088              Example:
4089               curl --tftp-no-options tftp://192.168.0.1/
4090
4091              See also --tftp-blksize. Added in 7.48.0.
4092
4093       -z, --time-cond <time>
4094              (HTTP  FTP) Request a file that has been modified later than the
4095              given time and date, or one that has been modified  before  that
4096              time.  The <date expression> can be all sorts of date strings or
4097              if it does not match any internal ones, it is taken as  a  file‐
4098              name  and tries to get the modification date (mtime) from <file>
4099              instead. See the curl_getdate(3) man pages for  date  expression
4100              details.
4101
4102              Start the date expression with a dash (-) to make it request for
4103              a document that is older than the given date/time, default is  a
4104              document that is newer than the specified date/time.
4105
4106              If this option is used several times, the last one will be used.
4107
4108              Examples:
4109               curl -z "Wed 01 Sep 2021 12:18:00" https://example.com
4110               curl -z "-Wed 01 Sep 2021 12:18:00" https://example.com
4111               curl -z file https://example.com
4112
4113              See also --etag-compare and -R, --remote-time.
4114
4115       --tls-max <VERSION>
4116              (SSL) VERSION defines maximum supported TLS version. The minimum
4117              acceptable version  is  set  by  tlsv1.0,  tlsv1.1,  tlsv1.2  or
4118              tlsv1.3.
4119
4120              If  the  connection  is done without TLS, this option has no ef‐
4121              fect. This includes QUIC-using (HTTP/3) transfers.
4122
4123
4124              default
4125                     Use up to recommended TLS version.
4126
4127              1.0    Use up to TLSv1.0.
4128
4129              1.1    Use up to TLSv1.1.
4130
4131              1.2    Use up to TLSv1.2.
4132
4133              1.3    Use up to TLSv1.3.
4134
4135       Examples:
4136        curl --tls-max 1.2 https://example.com
4137        curl --tls-max 1.3 --tlsv1.2 https://example.com
4138
4139       See also --tlsv1.0, --tlsv1.1, --tlsv1.2 and --tlsv1.3.  --tls-max  re‐
4140       quires  that  the underlying libcurl was built to support TLS. Added in
4141       7.54.0.
4142
4143       --tls13-ciphers <ciphersuite list>
4144              (TLS) Specifies which cipher suites to use in the connection  if
4145              it  negotiates  TLS 1.3. The list of ciphers suites must specify
4146              valid ciphers. Read up on TLS 1.3 cipher suite details  on  this
4147              URL:
4148
4149               https://curl.se/docs/ssl-ciphers.html
4150
4151              This  option  is  currently  used only when curl is built to use
4152              OpenSSL 1.1.1 or later. If you are using a different SSL backend
4153              you can try setting TLS 1.3 cipher suites by using the --ciphers
4154              option.
4155
4156              If this option is used several times, the last one will be used.
4157
4158              Example:
4159               curl --tls13-ciphers TLS_AES_128_GCM_SHA256 https://example.com
4160
4161              See also --ciphers and --curves. Added in 7.61.0.
4162
4163       --tlsauthtype <type>
4164              Set TLS authentication type. Currently, the only  supported  op‐
4165              tion  is  "SRP",  for  TLS-SRP  (RFC  5054).  If  --tlsuser  and
4166              --tlspassword are specified but --tlsauthtype is not, then  this
4167              option defaults to "SRP". This option works only if the underly‐
4168              ing libcurl  is  built  with  TLS-SRP  support,  which  requires
4169              OpenSSL or GnuTLS with TLS-SRP support.
4170
4171              Example:
4172               curl --tlsauthtype SRP https://example.com
4173
4174              See also --tlsuser.
4175
4176       --tlspassword <string>
4177              Set  password  for use with the TLS authentication method speci‐
4178              fied with --tlsauthtype. Requires that --tlsuser also be set.
4179
4180              This option does not work with TLS 1.3.
4181
4182              Example:
4183               curl --tlspassword pwd --tlsuser user https://example.com
4184
4185              See also --tlsuser.
4186
4187       --tlsuser <name>
4188              Set username for use with the TLS authentication  method  speci‐
4189              fied  with  --tlsauthtype.  Requires  that --tlspassword also is
4190              set.
4191
4192              This option does not work with TLS 1.3.
4193
4194              Example:
4195               curl --tlspassword pwd --tlsuser user https://example.com
4196
4197              See also --tlspassword.
4198
4199       --tlsv1.0
4200              (TLS) Forces curl to use TLS version 1.0 or later when  connect‐
4201              ing to a remote TLS server.
4202
4203              In  old  versions  of  curl  this option was documented to allow
4204              _only_ TLS 1.0.  That behavior was inconsistent depending on the
4205              TLS library. Use --tls-max if you want to set a maximum TLS ver‐
4206              sion.
4207
4208              Example:
4209               curl --tlsv1.0 https://example.com
4210
4211              See also --tlsv1.3. Added in 7.34.0.
4212
4213       --tlsv1.1
4214              (TLS) Forces curl to use TLS version 1.1 or later when  connect‐
4215              ing to a remote TLS server.
4216
4217              In  old  versions  of  curl  this option was documented to allow
4218              _only_ TLS 1.1.  That behavior was inconsistent depending on the
4219              TLS library. Use --tls-max if you want to set a maximum TLS ver‐
4220              sion.
4221
4222              Example:
4223               curl --tlsv1.1 https://example.com
4224
4225              See also --tlsv1.3. Added in 7.34.0.
4226
4227       --tlsv1.2
4228              (TLS) Forces curl to use TLS version 1.2 or later when  connect‐
4229              ing to a remote TLS server.
4230
4231              In  old  versions  of  curl  this option was documented to allow
4232              _only_ TLS 1.2.  That behavior was inconsistent depending on the
4233              TLS library. Use --tls-max if you want to set a maximum TLS ver‐
4234              sion.
4235
4236              Example:
4237               curl --tlsv1.2 https://example.com
4238
4239              See also --tlsv1.3. Added in 7.34.0.
4240
4241       --tlsv1.3
4242              (TLS) Forces curl to use TLS version 1.3 or later when  connect‐
4243              ing to a remote TLS server.
4244
4245              If  the  connection  is done without TLS, this option has no ef‐
4246              fect. This includes QUIC-using (HTTP/3) transfers.
4247
4248              Note that TLS 1.3 is not supported by all TLS backends.
4249
4250              Example:
4251               curl --tlsv1.3 https://example.com
4252
4253              See also --tlsv1.2. Added in 7.52.0.
4254
4255       -1, --tlsv1
4256              (SSL) Tells curl to use at least TLS version 1.x when  negotiat‐
4257              ing  with  a  remote  TLS  server. That means TLS version 1.0 or
4258              higher
4259
4260              Example:
4261               curl --tlsv1 https://example.com
4262
4263              See also --http1.1 and --http2. -1, --tlsv1  requires  that  the
4264              underlying  libcurl  was built to support TLS. This option over‐
4265              rides --tlsv1.1 and --tlsv1.2 and --tlsv1.3.
4266
4267       --tr-encoding
4268              (HTTP) Request a compressed Transfer-Encoding response using one
4269              of  the  algorithms curl supports, and uncompress the data while
4270              receiving it.
4271
4272              Example:
4273               curl --tr-encoding https://example.com
4274
4275              See also --compressed.
4276
4277       --trace-ascii <file>
4278              Enables a full trace dump of all incoming and outgoing data, in‐
4279              cluding  descriptive  information, to the given output file. Use
4280              "-" as filename to have the output sent to stdout.
4281
4282              This is similar to --trace, but leaves out the hex part and only
4283              shows  the  ASCII part of the dump. It makes smaller output that
4284              might be easier to read for untrained humans.
4285
4286              This option is global and does not need to be specified for each
4287              use of -:, --next.
4288
4289              If this option is used several times, the last one will be used.
4290
4291              Example:
4292               curl --trace-ascii log.txt https://example.com
4293
4294              See  also  -v,  --verbose  and  --trace.  This  option overrides
4295              --trace and -v, --verbose.
4296
4297       --trace-time
4298              Prepends a time stamp to each trace or verbose  line  that  curl
4299              displays.
4300
4301              This option is global and does not need to be specified for each
4302              use of -:, --next.
4303
4304              Example:
4305               curl --trace-time --trace-ascii output https://example.com
4306
4307              See also --trace and -v, --verbose.
4308
4309       --trace <file>
4310              Enables a full trace dump of all incoming and outgoing data, in‐
4311              cluding  descriptive  information, to the given output file. Use
4312              "-" as filename to have the output sent to stdout.  Use  "%"  as
4313              filename to have the output sent to stderr.
4314
4315              This option is global and does not need to be specified for each
4316              use of -:, --next.
4317
4318              If this option is used several times, the last one will be used.
4319
4320              Example:
4321               curl --trace log.txt https://example.com
4322
4323              See also --trace-ascii and --trace-time. This  option  overrides
4324              -v, --verbose and --trace-ascii.
4325
4326       --unix-socket <path>
4327              (HTTP) Connect through this Unix domain socket, instead of using
4328              the network.
4329
4330              Example:
4331               curl --unix-socket socket-path https://example.com
4332
4333              See also --abstract-unix-socket. Added in 7.40.0.
4334
4335       -T, --upload-file <file>
4336              This transfers the specified local file to the  remote  URL.  If
4337              there is no file part in the specified URL, curl will append the
4338              local file name. NOTE that you must use a trailing / on the last
4339              directory  to really prove to Curl that there is no file name or
4340              curl will think that your last directory name is the remote file
4341              name to use. That will most likely cause the upload operation to
4342              fail. If this is used on an HTTP(S) server, the PUT command will
4343              be used.
4344
4345              Use  the file name "-" (a single dash) to use stdin instead of a
4346              given file.  Alternately, the file name "."  (a  single  period)
4347              may  be  specified  instead  of "-" to use stdin in non-blocking
4348              mode to allow reading server output while  stdin  is  being  up‐
4349              loaded.
4350
4351              You  can  specify  one --upload-file for each URL on the command
4352              line. Each -T, --upload-file + URL pair specifies what to upload
4353              and to where. curl also supports "globbing" of the --upload-file
4354              argument, meaning that you can upload multiple files to a single
4355              URL by using the same URL globbing style supported in the URL.
4356
4357              When  uploading  to an SMTP server: the uploaded data is assumed
4358              to be RFC 5322 formatted. It has to feature the necessary set of
4359              headers  and  mail  body formatted correctly by the user as curl
4360              will not transcode nor encode it further in any way.
4361
4362              Examples:
4363               curl -T file https://example.com
4364               curl -T "img[1-1000].png" ftp://ftp.example.com/
4365               curl --upload-file "{file1,file2}" https://example.com
4366
4367              See also -G, --get and -I, --head.
4368
4369       --url <url>
4370              Specify a URL to fetch. This option is  mostly  handy  when  you
4371              want to specify URL(s) in a config file.
4372
4373              If  the given URL is missing a scheme name (such as "http://" or
4374              "ftp://" etc) then curl will make a guess based on the host.  If
4375              the  outermost  sub-domain  name  matches DICT, FTP, IMAP, LDAP,
4376              POP3 or SMTP then that protocol will  be  used,  otherwise  HTTP
4377              will be used. Since 7.45.0 guessing can be disabled by setting a
4378              default protocol, see --proto-default for details.
4379
4380              This option may be used any number of times.  To  control  where
4381              this  URL  is written, use the --output or the --remote-name op‐
4382              tions.
4383
4384              WARNING: On Windows, particular file://  accesses  can  be  con‐
4385              verted to network accesses by the operating system. Beware!
4386
4387              Example:
4388               curl --url https://example.com
4389
4390              See also -:, --next and -K, --config.
4391
4392       -B, --use-ascii
4393              (FTP  LDAP) Enable ASCII transfer. For FTP, this can also be en‐
4394              forced by using a URL that  ends  with  ";type=A".  This  option
4395              causes data sent to stdout to be in text mode for win32 systems.
4396
4397              Example:
4398               curl -B ftp://example.com/README
4399
4400              See also --crlf and --data-ascii.
4401
4402       -A, --user-agent <name>
4403              (HTTP) Specify the User-Agent string to send to the HTTP server.
4404              To encode blanks in the string, surround the string with  single
4405              quote  marks.  This  header can also be set with the --header or
4406              the --proxy-header options.
4407
4408              If you give an empty argument to -A, --user-agent (""), it  will
4409              remove  the  header completely from the request. If you prefer a
4410              blank header, you can set it to a single space (" ").
4411
4412              If this option is used several times, the last one will be used.
4413
4414              Example:
4415               curl -A "Agent 007" https://example.com
4416
4417              See also -H, --header and --proxy-header.
4418
4419       -u, --user <user:password>
4420              Specify the user name and password to use for server authentica‐
4421              tion. Overrides --netrc and --netrc-optional.
4422
4423              If  you  simply  specify  the  user name, curl will prompt for a
4424              password.
4425
4426              The user name and passwords are split up  on  the  first  colon,
4427              which  makes  it impossible to use a colon in the user name with
4428              this option. The password can, still.
4429
4430              On systems where it works, curl will hide the given option argu‐
4431              ment  from  process listings. This is not enough to protect cre‐
4432              dentials from possibly getting seen by other users on  the  same
4433              system  as  they  will  still  be  visible  for  a moment before
4434              cleared. Such sensitive data should be retrieved from a file in‐
4435              stead or similar and never used in clear text in a command line.
4436
4437              When  using  Kerberos  V5 with a Windows based server you should
4438              include the Windows domain name in the user name, in  order  for
4439              the  server  to successfully obtain a Kerberos Ticket. If you do
4440              not, then the initial authentication handshake may fail.
4441
4442              When using NTLM, the user name can be specified  simply  as  the
4443              user  name,  without the domain, if there is a single domain and
4444              forest in your setup for example.
4445
4446              To specify the domain name use either Down-Level Logon  Name  or
4447              UPN (User Principal Name) formats. For example, EXAMPLE\user and
4448              user@example.com respectively.
4449
4450              If you use a Windows SSPI-enabled curl binary and  perform  Ker‐
4451              beros  V5, Negotiate, NTLM or Digest authentication then you can
4452              tell curl to select the user name and password from  your  envi‐
4453              ronment by specifying a single colon with this option: "-u :".
4454
4455              If this option is used several times, the last one will be used.
4456
4457              Example:
4458               curl -u user:secret https://example.com
4459
4460              See also -n, --netrc and -K, --config.
4461
4462       -v, --verbose
4463              Makes  curl  verbose  during the operation. Useful for debugging
4464              and seeing what's going on "under the  hood".  A  line  starting
4465              with  '>'  means  "header  data" sent by curl, '<' means "header
4466              data" received by curl that is hidden in  normal  cases,  and  a
4467              line starting with '*' means additional info provided by curl.
4468
4469              If  you only want HTTP headers in the output, --include might be
4470              the option you are looking for.
4471
4472              If you think this option still does not give you enough details,
4473              consider using --trace or --trace-ascii instead.
4474
4475              This option is global and does not need to be specified for each
4476              use of -:, --next.
4477
4478              Use --silent to make curl really quiet.
4479
4480              Example:
4481               curl --verbose https://example.com
4482
4483              See also  -i,  --include.  This  option  overrides  --trace  and
4484              --trace-ascii.
4485
4486       -V, --version
4487              Displays information about curl and the libcurl version it uses.
4488
4489              The  first  line  includes the full version of curl, libcurl and
4490              other 3rd party libraries linked with the executable.
4491
4492              The second line (starts with "Protocols:") shows  all  protocols
4493              that libcurl reports to support.
4494
4495              The third line (starts with "Features:") shows specific features
4496              libcurl reports to offer. Available features include:
4497
4498              alt-svc
4499                     Support for the Alt-Svc: header is provided.
4500
4501              AsynchDNS
4502                     This curl uses asynchronous name  resolves.  Asynchronous
4503                     name  resolves can be done using either the c-ares or the
4504                     threaded resolver backends.
4505
4506              brotli Support for automatic brotli compression over HTTP(S).
4507
4508              CharConv
4509                     curl was built with support for character set conversions
4510                     (like EBCDIC)
4511
4512              Debug  This  curl  uses a libcurl built with Debug. This enables
4513                     more error-tracking and memory debugging etc.  For  curl-
4514                     developers only!
4515
4516              gsasl  The  built-in  SASL authentication includes extensions to
4517                     support SCRAM because libcurl was built with libgsasl.
4518
4519              GSS-API
4520                     GSS-API is supported.
4521
4522              HSTS   HSTS support is present.
4523
4524              HTTP2  HTTP/2 support has been built-in.
4525
4526              HTTP3  HTTP/3 support has been built-in.
4527
4528              HTTPS-proxy
4529                     This curl is built to support HTTPS proxy.
4530
4531              IDN    This curl supports IDN - international domain names.
4532
4533              IPv6   You can use IPv6 with this.
4534
4535              Kerberos
4536                     Kerberos V5 authentication is supported.
4537
4538              Largefile
4539                     This curl supports transfers of large files, files larger
4540                     than 2GB.
4541
4542              libz   Automatic decompression (via gzip, deflate) of compressed
4543                     files over HTTP is supported.
4544
4545              MultiSSL
4546                     This curl supports multiple TLS backends.
4547
4548              NTLM   NTLM authentication is supported.
4549
4550              NTLM_WB
4551                     NTLM delegation to winbind helper is supported.
4552
4553              PSL    PSL is short for Public Suffix List and means  that  this
4554                     curl  has  been  built  with knowledge about "public suf‐
4555                     fixes".
4556
4557              SPNEGO SPNEGO authentication is supported.
4558
4559              SSL    SSL versions of various protocols are supported, such  as
4560                     HTTPS, FTPS, POP3S and so on.
4561
4562              SSPI   SSPI is supported.
4563
4564              TLS-SRP
4565                     SRP  (Secure Remote Password) authentication is supported
4566                     for TLS.
4567
4568              TrackMemory
4569                     Debug memory tracking is supported.
4570
4571              Unicode
4572                     Unicode support on Windows.
4573
4574              UnixSockets
4575                     Unix sockets support is provided.
4576
4577              zstd   Automatic decompression (via zstd)  of  compressed  files
4578                     over HTTP is supported.
4579
4580       Example:
4581        curl --version
4582
4583       See also -h, --help and -M, --manual.
4584
4585       -w, --write-out <format>
4586              Make curl display information on stdout after a completed trans‐
4587              fer. The format is a string that may contain  plain  text  mixed
4588              with  any  number of variables. The format can be specified as a
4589              literal "string", or you can have curl read the  format  from  a
4590              file  with  "@filename" and to tell curl to read the format from
4591              stdin you write "@-".
4592
4593              The variables present in the output format will  be  substituted
4594              by  the  value or text that curl thinks fit, as described below.
4595              All variables are specified as %{variable_name} and to output  a
4596              normal  % you just write them as %%. You can output a newline by
4597              using \n, a carriage return with \r and a tab space with \t.
4598
4599              The output will be written to standard output, but this  can  be
4600              switched to standard error by using %{stderr}.
4601
4602              NOTE: The %-symbol is a special symbol in the win32-environment,
4603              where all occurrences of % must be doubled when using  this  op‐
4604              tion.
4605
4606              The variables available are:
4607
4608              content_type   The  Content-Type  of  the requested document, if
4609                             there was any.
4610
4611              errormsg       The error message. (Added in 7.75.0)
4612
4613              exitcode       The numerical exitcode of the transfer. (Added in
4614                             7.75.0)
4615
4616              filename_effective
4617                             The  ultimate  filename  that curl writes out to.
4618                             This is only meaningful if curl is told to  write
4619                             to  a file with the --remote-name or --output op‐
4620                             tion. It's most useful in  combination  with  the
4621                             --remote-header-name option.
4622
4623              ftp_entry_path The initial path curl ended up in when logging on
4624                             to the remote FTP server.
4625
4626              http_code      The numerical response code that was found in the
4627                             last retrieved HTTP(S) or FTP(s) transfer.
4628
4629              http_connect   The numerical code that was found in the last re‐
4630                             sponse (from a proxy) to a curl CONNECT request.
4631
4632              http_version   The  http  version  that  was  effectively  used.
4633                             (Added in 7.50.0)
4634
4635              json           A JSON object with all available keys.
4636
4637              local_ip       The  IP  address of the local end of the most re‐
4638                             cently done connection - can be  either  IPv4  or
4639                             IPv6.
4640
4641              local_port     The  local  port number of the most recently done
4642                             connection.
4643
4644              method         The http method used in the most recent HTTP  re‐
4645                             quest. (Added in 7.72.0)
4646
4647              num_connects   Number  of new connects made in the recent trans‐
4648                             fer.
4649
4650              num_headers    The number of response headers in the most recent
4651                             request  (restarted  at each redirect). Note that
4652                             the status  line  IS  NOT  a  header.  (Added  in
4653                             7.73.0)
4654
4655              num_redirects  Number of redirects that were followed in the re‐
4656                             quest.
4657
4658              onerror        The rest of the  output  is  only  shown  if  the
4659                             transfer  returned  a  non-zero  error  (Added in
4660                             7.75.0)
4661
4662              proxy_ssl_verify_result
4663                             The result of the HTTPS proxy's SSL peer certifi‐
4664                             cate verification that was requested. 0 means the
4665                             verification was successful. (Added in 7.52.0)
4666
4667              redirect_url   When an HTTP request was made without  --location
4668                             to  follow  redirects  (or  when  --max-redirs is
4669                             met), this variable will show the  actual  URL  a
4670                             redirect would have gone to.
4671
4672              referer        The  Referer: header, if there was any. (Added in
4673                             7.76.0)
4674
4675              remote_ip      The remote IP address of the most  recently  done
4676                             connection - can be either IPv4 or IPv6.
4677
4678              remote_port    The  remote port number of the most recently done
4679                             connection.
4680
4681              response_code  The numerical response code that was found in the
4682                             last transfer (formerly known as "http_code").
4683
4684              scheme         The  URL  scheme (sometimes called protocol) that
4685                             was effectively used. (Added in 7.52.0)
4686
4687              size_download  The total amount of bytes that  were  downloaded.
4688                             This is the size of the body/data that was trans‐
4689                             ferred, excluding headers.
4690
4691              size_header    The total amount of bytes of the downloaded head‐
4692                             ers.
4693
4694              size_request   The  total  amount of bytes that were sent in the
4695                             HTTP request.
4696
4697              size_upload    The total amount of  bytes  that  were  uploaded.
4698                             This is the size of the body/data that was trans‐
4699                             ferred, excluding headers.
4700
4701              speed_download The average download speed that curl measured for
4702                             the complete download. Bytes per second.
4703
4704              speed_upload   The  average  upload speed that curl measured for
4705                             the complete upload. Bytes per second.
4706
4707              ssl_verify_result
4708                             The result of the SSL peer certificate  verifica‐
4709                             tion that was requested. 0 means the verification
4710                             was successful.
4711
4712              stderr         From this point on, the --write-out  output  will
4713                             be written to standard error. (Added in 7.63.0)
4714
4715              stdout         From  this  point on, the --write-out output will
4716                             be written to standard output.  This is  the  de‐
4717                             fault,  but  can  be  used  to  switch back after
4718                             switching to stderr.  (Added in 7.63.0)
4719
4720              time_appconnect
4721                             The time, in seconds, it took from the start  un‐
4722                             til  the SSL/SSH/etc connect/handshake to the re‐
4723                             mote host was completed.
4724
4725              time_connect   The time, in seconds, it took from the start  un‐
4726                             til the TCP connect to the remote host (or proxy)
4727                             was completed.
4728
4729              time_namelookup
4730                             The time, in seconds, it took from the start  un‐
4731                             til the name resolving was completed.
4732
4733              time_pretransfer
4734                             The  time, in seconds, it took from the start un‐
4735                             til the file transfer was just  about  to  begin.
4736                             This includes all pre-transfer commands and nego‐
4737                             tiations that are specific to the particular pro‐
4738                             tocol(s) involved.
4739
4740              time_redirect  The time, in seconds, it took for all redirection
4741                             steps including name lookup, connect, pretransfer
4742                             and  transfer  before  the  final transaction was
4743                             started. time_redirect shows the complete  execu‐
4744                             tion time for multiple redirections.
4745
4746              time_starttransfer
4747                             The  time, in seconds, it took from the start un‐
4748                             til the first byte was just about  to  be  trans‐
4749                             ferred.  This  includes time_pretransfer and also
4750                             the time the server needed to calculate  the  re‐
4751                             sult.
4752
4753              time_total     The  total time, in seconds, that the full opera‐
4754                             tion lasted.
4755
4756              url            The URL that was fetched. (Added in 7.75.0)
4757
4758              urlnum         The URL index number of this transfer, 0-indexed.
4759                             De-globbed  URLs  share  the same index number as
4760                             the origin globbed URL. (Added in 7.75.0)
4761
4762              url_effective  The URL that was fetched last. This is most mean‐
4763                             ingful  if you have told curl to follow location:
4764                             headers.
4765
4766              If this option is used several times, the last one will be used.
4767
4768              Example:
4769               curl -w '%{http_code}\n' https://example.com
4770
4771              See also -v, --verbose and -I, --head.
4772
4773       --xattr
4774              When saving output to a file, this option tells  curl  to  store
4775              certain  file  metadata  in extended file attributes. Currently,
4776              the URL is stored in the xdg.origin.url attribute and, for HTTP,
4777              the  content  type  is stored in the mime_type attribute. If the
4778              file system does not support extended attributes, a  warning  is
4779              issued.
4780
4781              Example:
4782               curl --xattr -o storage https://example.com
4783
4784              See also -R, --remote-time, -w, --write-out and -v, --verbose.
4785

FILES

4787       ~/.curlrc
4788              Default config file, see --config for details.
4789

ENVIRONMENT

4791       The environment variables can be specified in lower case or upper case.
4792       The lower case version has precedence. http_proxy is an exception as it
4793       is only available in lower case.
4794
4795       Using  an  environment variable to set the proxy has the same effect as
4796       using the --proxy option.
4797
4798
4799       http_proxy [protocol://]<host>[:port]
4800              Sets the proxy server to use for HTTP.
4801
4802       HTTPS_PROXY [protocol://]<host>[:port]
4803              Sets the proxy server to use for HTTPS.
4804
4805       [url-protocol]_PROXY [protocol://]<host>[:port]
4806              Sets the proxy server to use for [url-protocol], where the  pro‐
4807              tocol  is  a  protocol  that curl supports and as specified in a
4808              URL. FTP, FTPS, POP3, IMAP, SMTP, LDAP, etc.
4809
4810       ALL_PROXY [protocol://]<host>[:port]
4811              Sets the proxy server to use if no  protocol-specific  proxy  is
4812              set.
4813
4814       NO_PROXY <comma-separated list of hosts/domains>
4815              list  of host names that should not go through any proxy. If set
4816              to an asterisk '*' only, it matches all hosts. Each name in this
4817              list is matched as either a domain name which contains the host‐
4818              name, or the hostname itself.
4819
4820              This environment variable disables use of the  proxy  even  when
4821              specified with the --proxy option. That is NO_PROXY=direct.exam‐
4822              ple.com  curl  -x  http://proxy.example.com  http://direct.exam
4823              ple.com  accesses  the  target  URL  directly,  and NO_PROXY=di‐
4824              rect.example.com curl -x  http://proxy.example.com  http://some
4825              where.example.com accesses the target URL through the proxy.
4826
4827              The  list  of  host  names  can also be include numerical IP ad‐
4828              dresses, and IPv6 versions should then be given without  enclos‐
4829              ing brackets.
4830
4831              IPv6  numerical  addresses are compared as strings, so they will
4832              only match if the representations are the  same:  "::1"  is  the
4833              same as "::0:1" but they do not match.
4834
4835       APPDATA <dir>
4836              On  Windows,  this variable is used when trying to find the home
4837              directory. If the primary home variable are all unset.
4838
4839       COLUMNS <terminal width>
4840              If set, the specified number of characters will be used  as  the
4841              terminal  width  when  the alternative progress-bar is shown. If
4842              not set, curl will try to figure it out using other ways.
4843
4844       CURL_CA_BUNDLE <file>
4845              If set, will be used as the --cacert value.
4846
4847       CURL_HOME <dir>
4848              If set, is the first variable curl checks when  trying  to  find
4849              its  home  directory. If not set, it continues to check XDG_CON‐
4850              FIG_HOME.
4851
4852       CURL_SSL_BACKEND <TLS backend>
4853              If curl was built with support for "MultiSSL", meaning  that  it
4854              has  built-in  support for more than one TLS backend, this envi‐
4855              ronment variable can be set to the case insensitive name of  the
4856              particular  backend  to use when curl is invoked. Setting a name
4857              that is not a built-in alternative will make curl stay with  the
4858              default.
4859
4860              SSL  backend  names  (case-insensitive): bearssl, gnutls, gskit,
4861              mbedtls, nss, openssl, rustls, schannel, secure-transport, wolf‐
4862              ssl
4863
4864       HOME <dir>
4865              If  set,  this  is  used to find the home directory when that is
4866              needed. Like when looking for the default .curlrc. CURL_HOME and
4867              XDG_CONFIG_HOME have preference.
4868
4869       QLOGDIR <directory name>
4870              If  curl was built with HTTP/3 support, setting this environment
4871              variable to a local directory will make curl  produce  qlogs  in
4872              that  directory,  using  file  names named after the destination
4873              connection id (in hex). Do note  that  these  files  can  become
4874              rather large. Works with both QUIC backends.
4875
4876       SHELL  Used  on  VMS  when  trying to detect if using a DCL or a "unix"
4877              shell.
4878
4879       SSL_CERT_DIR <dir>
4880              If set, will be used as the --capath value.
4881
4882       SSL_CERT_FILE <path>
4883              If set, will be used as the --cacert value.
4884
4885       SSLKEYLOGFILE <file name>
4886              If you set this environment variable to a file name,  curl  will
4887              store TLS secrets from its connections in that file when invoked
4888              to enable you to analyze the TLS traffic in real time using net‐
4889              work analyzing tools such as Wireshark. This works with the fol‐
4890              lowing TLS backends: OpenSSL, libressl, BoringSSL,  GnuTLS,  NSS
4891              and wolfSSL.
4892
4893       USERPROFILE <dir>
4894              On  Windows,  this variable is used when trying to find the home
4895              directory. If the other, primary, variable  are  all  unset.  If
4896              set, curl will use the path "$USERPROFILE\Application Data".
4897
4898       XDG_CONFIG_HOME <dir>
4899              If  CURL_HOME  is not set, this variable is checked when looking
4900              for a default .curlrc file.
4901

PROXY PROTOCOL PREFIXES

4903       The proxy string may be specified with a protocol:// prefix to  specify
4904       alternative proxy protocols.
4905
4906       If  no  protocol is specified in the proxy string or if the string does
4907       not match a supported one, the proxy will be treated as an HTTP proxy.
4908
4909       The supported proxy protocol prefixes are as follows:
4910
4911       http://
4912              Makes it use it as an HTTP proxy. The default if no scheme  pre‐
4913              fix is used.
4914
4915       https://
4916              Makes it treated as an HTTPS proxy.
4917
4918       socks4://
4919              Makes it the equivalent of --socks4
4920
4921       socks4a://
4922              Makes it the equivalent of --socks4a
4923
4924       socks5://
4925              Makes it the equivalent of --socks5
4926
4927       socks5h://
4928              Makes it the equivalent of --socks5-hostname
4929

EXIT CODES

4931       There  are a bunch of different error codes and their corresponding er‐
4932       ror messages that may appear under error conditions.  At  the  time  of
4933       this writing, the exit codes are:
4934
4935       1      Unsupported protocol. This build of curl has no support for this
4936              protocol.
4937
4938       2      Failed to initialize.
4939
4940       3      URL malformed. The syntax was not correct.
4941
4942       4      A feature or option that was needed to perform the  desired  re‐
4943              quest  was not enabled or was explicitly disabled at build-time.
4944              To make curl able to do this, you probably need another build of
4945              libcurl.
4946
4947       5      Could  not  resolve proxy. The given proxy host could not be re‐
4948              solved.
4949
4950       6      Could not resolve host. The given remote host could not  be  re‐
4951              solved.
4952
4953       7      Failed to connect to host.
4954
4955       8      Weird server reply. The server sent data curl could not parse.
4956
4957       9      FTP  access  denied. The server denied login or denied access to
4958              the particular resource or directory you wanted to  reach.  Most
4959              often  you tried to change to a directory that does not exist on
4960              the server.
4961
4962       10     FTP accept failed. While waiting for the server to connect  back
4963              when  an active FTP session is used, an error code was sent over
4964              the control connection or similar.
4965
4966       11     FTP weird PASS reply. Curl could not parse the reply sent to the
4967              PASS request.
4968
4969       12     During  an  active  FTP  session while waiting for the server to
4970              connect back to curl, the timeout expired.
4971
4972       13     FTP weird PASV reply, Curl could not parse the reply sent to the
4973              PASV request.
4974
4975       14     FTP  weird  227  format.  Curl  could not parse the 227-line the
4976              server sent.
4977
4978       15     FTP cannot use host. Could not resolve the host IP we got in the
4979              227-line.
4980
4981       16     HTTP/2 error. A problem was detected in the HTTP2 framing layer.
4982              This is somewhat generic and can be one out of several problems,
4983              see the error message for details.
4984
4985       17     FTP  could  not  set binary. Could not change transfer method to
4986              binary.
4987
4988       18     Partial file. Only a part of the file was transferred.
4989
4990       19     FTP could not download/access the given file, the RETR (or simi‐
4991              lar) command failed.
4992
4993       21     FTP quote error. A quote command returned error from the server.
4994
4995       22     HTTP  page not retrieved. The requested url was not found or re‐
4996              turned another error with the  HTTP  error  code  being  400  or
4997              above. This return code only appears if --fail is used.
4998
4999       23     Write  error. Curl could not write data to a local filesystem or
5000              similar.
5001
5002       25     FTP could not STOR file. The server denied the  STOR  operation,
5003              used for FTP uploading.
5004
5005       26     Read error. Various reading problems.
5006
5007       27     Out of memory. A memory allocation request failed.
5008
5009       28     Operation timeout. The specified time-out period was reached ac‐
5010              cording to the conditions.
5011
5012       30     FTP PORT failed. The PORT command failed. Not  all  FTP  servers
5013              support  the  PORT  command, try doing a transfer using PASV in‐
5014              stead!
5015
5016       31     FTP could not use REST. The REST command failed. This command is
5017              used for resumed FTP transfers.
5018
5019       33     HTTP range error. The range "command" did not work.
5020
5021       34     HTTP post error. Internal post-request generation error.
5022
5023       35     SSL connect error. The SSL handshaking failed.
5024
5025       36     Bad download resume. Could not continue an earlier aborted down‐
5026              load.
5027
5028       37     FILE could not read file. Failed to open the file. Permissions?
5029
5030       38     LDAP cannot bind. LDAP bind operation failed.
5031
5032       39     LDAP search failed.
5033
5034       41     Function not found. A required LDAP function was not found.
5035
5036       42     Aborted by callback. An application told curl to abort the oper‐
5037              ation.
5038
5039       43     Internal error. A function was called with a bad parameter.
5040
5041       45     Interface  error.  A  specified  outgoing interface could not be
5042              used.
5043
5044       47     Too many redirects. When following redirects, curl hit the maxi‐
5045              mum amount.
5046
5047       48     Unknown  option  specified  to  libcurl. This indicates that you
5048              passed a weird option to curl that was passed on to libcurl  and
5049              rejected. Read up in the manual!
5050
5051       49     Malformed telnet option.
5052
5053       51     The peer's SSL certificate or SSH MD5 fingerprint was not OK.
5054
5055       52     The  server  did not reply anything, which here is considered an
5056              error.
5057
5058       53     SSL crypto engine not found.
5059
5060       54     Cannot set SSL crypto engine as default.
5061
5062       55     Failed sending network data.
5063
5064       56     Failure in receiving network data.
5065
5066       58     Problem with the local certificate.
5067
5068       59     Could not use specified SSL cipher.
5069
5070       60     Peer certificate cannot be authenticated with known CA  certifi‐
5071              cates.
5072
5073       61     Unrecognized transfer encoding.
5074
5075       62     Invalid LDAP URL.
5076
5077       63     Maximum file size exceeded.
5078
5079       64     Requested FTP SSL level failed.
5080
5081       65     Sending the data requires a rewind that failed.
5082
5083       66     Failed to initialise SSL Engine.
5084
5085       67     The  user  name,  password, or similar was not accepted and curl
5086              failed to log in.
5087
5088       68     File not found on TFTP server.
5089
5090       69     Permission problem on TFTP server.
5091
5092       70     Out of disk space on TFTP server.
5093
5094       71     Illegal TFTP operation.
5095
5096       72     Unknown TFTP transfer ID.
5097
5098       73     File already exists (TFTP).
5099
5100       74     No such user (TFTP).
5101
5102       75     Character conversion failed.
5103
5104       76     Character conversion functions required.
5105
5106       77     Problem reading the SSL CA cert (path? access rights?).
5107
5108       78     The resource referenced in the URL does not exist.
5109
5110       79     An unspecified error occurred during the SSH session.
5111
5112       80     Failed to shut down the SSL connection.
5113
5114       82     Could not load CRL file, missing or wrong format.
5115
5116       83     Issuer check failed.
5117
5118       84     The FTP PRET command failed.
5119
5120       85     Mismatch of RTSP CSeq numbers.
5121
5122       86     Mismatch of RTSP Session Identifiers.
5123
5124       87     Unable to parse FTP file list.
5125
5126       88     FTP chunk callback reported error.
5127
5128       89     No connection available, the session will be queued.
5129
5130       90     SSL public key does not matched pinned public key.
5131
5132       91     Invalid SSL certificate status.
5133
5134       92     Stream error in HTTP/2 framing layer.
5135
5136       93     An API function was called from inside a callback.
5137
5138       94     An authentication function returned an error.
5139
5140       95     A problem was detected in the HTTP/3  layer.  This  is  somewhat
5141              generic  and  can  be one out of several problems, see the error
5142              message for details.
5143
5144       96     QUIC connection error. This error may be caused by  an  SSL  li‐
5145              brary error. QUIC is the protocol used for HTTP/3 transfers.
5146
5147       XX     More error codes will appear here in future releases. The exist‐
5148              ing ones are meant to never change.
5149

BUGS

5151       If you experience any problems  with  curl,  submit  an  issue  in  the
5152       project's bug tracker on GitHub: https://github.com/curl/curl/issues
5153

AUTHORS / CONTRIBUTORS

5155       Daniel  Stenberg is the main author, but the whole list of contributors
5156       is found in the separate THANKS file.
5157

WWW

5159       https://curl.se
5160

SEE ALSO

5162       ftp(1), wget(1)
5163
5164
5165
5166curl 7.82.0                      March 05 2022                         curl(1)
Impressum