CURLOPT_HTTPHEADER(3)

1CURLOPT_HTTPHEADER(3)      curl_easy_setopt options      CURLOPT_HTTPHEADER(3)
2
3
4

NAME

6       CURLOPT_HTTPHEADER - set of HTTP headers
7

SYNOPSIS

9       #include <curl/curl.h>
10
11       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPHEADER,
12                                 struct curl_slist *headers);
13

DESCRIPTION

15       Pass  a  pointer to a linked list of HTTP headers to pass to the server
16       and/or proxy in your HTTP request. The same list can be used  for  both
17       host and proxy requests!
18
19       The  linked  list  should  be  a  fully valid list of struct curl_slist
20       structs properly filled in. Use curl_slist_append(3) to create the list
21       and  curl_slist_free_all(3)  to  clean  up an entire list. If you add a
22       header that is otherwise generated and used by libcurl internally, your
23       added  one will be used instead. If you add a header with no content as
24       in 'Accept:' (no data on the right side of the colon),  the  internally
25       used  header  will get disabled. With this option you can add new head‐
26       ers, replace internal headers and remove internal  headers.  To  add  a
27       header  with  no  content (nothing to the right side of the colon), use
28       the form 'MyHeader;' (note the ending semicolon).
29
30       The headers included in the linked list must  not  be  CRLF-terminated,
31       because  libcurl  adds  CRLF  after each header item. Failure to comply
32       with this will result in strange bugs  because  the  server  will  most
33       likely ignore part of the headers you specified.
34
35       The  first  line  in a request (containing the method, usually a GET or
36       POST) is not a header and cannot be replaced using  this  option.  Only
37       the  lines  following  the request-line are headers. Adding this method
38       line in this list of headers will only cause your request  to  send  an
39       invalid header. Use CURLOPT_CUSTOMREQUEST(3) to change the method.
40
41       When  this  option  is  passed to curl_easy_setopt(3), libcurl will not
42       copy the entire list so you must keep it around until you no longer use
43       this  handle  for  a transfer before you call curl_slist_free_all(3) on
44       the list.
45
46       Pass a NULL to this option to reset back to no custom headers.
47
48       The most commonly replaced headers have "shortcuts" in the options CUR‐
49       LOPT_COOKIE(3),  CURLOPT_USERAGENT(3) and CURLOPT_REFERER(3). We recom‐
50       mend using those.
51
52       There's an alternative option that sets or replaces  headers  only  for
53       requests that are sent with CONNECT to a proxy: CURLOPT_PROXYHEADER(3).
54       Use CURLOPT_HEADEROPT(3) to control the behavior.
55

SPECIFIC HEADERS

57       Setting some specific headers will cause libcurl to act differently.
58
59       Host:  The specified host name will be used for cookie matching if  the
60              cookie  engine is also enabled for this transfer. If the request
61              is done over HTTP/2 or HTTP/3, the custom host name will instead
62              be  used  in the ":authority" header field and Host: will not be
63              sent at all over the wire.
64
65       Transfer-Encoding: chunked
66              Tells libcurl the upload is to be done using this chunked encod‐
67              ing  instead  of  providing the Content-Length: field in the re‐
68              quest.
69

SECURITY CONCERNS

71       By default, this option makes libcurl send the  given  headers  in  all
72       HTTP requests done by this handle. You should therefore use this option
73       with caution if you for example connect to  the  remote  site  using  a
74       proxy  and  a  CONNECT request, you should to consider if that proxy is
75       supposed to also get the headers. They may be private or otherwise sen‐
76       sitive to leak.
77
78       Use CURLOPT_HEADEROPT(3) to make the headers only get sent to where you
79       intend them to get sent.
80
81       Custom headers are sent in all requests done by the easy handles, which
82       implies that if you tell libcurl to follow redirects (CURLOPT_FOLLOWLO‐
83       CATION(3)), the same set of custom headers will be sent in  the  subse‐
84       quent request. Redirects can of course go to other hosts and thus those
85       servers will get all the contents of your custom headers too.
86
87       Starting in 7.58.0, libcurl will specifically prevent  "Authorization:"
88       headers  from being sent to other hosts than the first used one, unless
89       specifically permitted with the CURLOPT_UNRESTRICTED_AUTH(3) option.
90
91       Starting in 7.64.0, libcurl will specifically prevent "Cookie:" headers
92       from being sent to other hosts than the first used one, unless specifi‐
93       cally permitted with the CURLOPT_UNRESTRICTED_AUTH(3) option.
94

DEFAULT

96       NULL
97

PROTOCOLS

99       HTTP
100

EXAMPLE

102       CURL *curl = curl_easy_init();
103
104       struct curl_slist *list = NULL;
105
106       if(curl) {
107         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
108
109         list = curl_slist_append(list, "Shoesize: 10");
110         list = curl_slist_append(list, "Accept:");
111
112         curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list);
113
114         curl_easy_perform(curl);
115
116         curl_slist_free_all(list); /* free the list */
117       }
118
119

AVAILABILITY

121       As long as HTTP is enabled
122

RETURN VALUE

124       Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.
125