Skip to content

Instantly share code, notes, and snippets.

@AldoMX

AldoMX/curl.md

Last active January 4, 2024 01:30
Show Gist options
  • Save AldoMX/0dd7fc2f91f162c836197975607b1232 to your computer and use it in GitHub Desktop.
Save AldoMX/0dd7fc2f91f162c836197975607b1232 to your computer and use it in GitHub Desktop.
Download ZIP
cURL flags I use the most
Raw
curl.md

cURL flags I use the most

Context

I always see commands like curl -LsS https://www.example.com over the internet, I never remember what does each flag do, and man curl is overwhelming.

This is the list of the flags I use the most.

Flags

Flag Description
-A, --user-agent <ua> set the user agent string ("" removes header, " " empty header)
-b, --cookie <data-or-file> reads cookie data
-c, --cookie-jar <file> saves cookie data
-D, --dump-header <file> write headers to <file>
-d, --data <data> sends a POST request, see notes after table
-f, --fail fail silently
-H, --header <header> set an HTTP header (ex. -H "Host: example.com")
-I, --head make an HTTP HEAD request to retrieve only headers
-i, --include include http headers in the output
-J, --remote-header-name when used with -O, it takes the filename from Content-Disposition
-k, --insecure allow "untrusted" certs like self-signed ones
-L, --location follow HTTP 3xx redirects
-O, --remote-name use the filename from the url
-o, --output <file> write output to <file> instead of stdout
-q, --disable ignore ~/.curlrc file
-r, --range <range> retrieves a byte range
-S, --show-error when used with -s, it shows an error message on error
-s, --silent do not print the progress, only the data
-T, --upload-file <path>/ sends a file (trailing / needed); uses HTTP PUT method
-u, --user <user:password> sets the Authentication header, see notes
-v, --verbose makes curl verbose, see notes after table
-X, --request <method> set the http method (ex. GET, POST, etc.)
-#, --progress-bar use a progress bar (i.e. ############################## 100%)
-:, --next reset previously set flags for next request (except -v or --trace)
--basic use Basic HTTP Authentication (this is the default with -u)
--create-dirs creates dirs like mkdir -p
--data-binary <data> like -d, but data is binary, does NOT set application/octet-stream
--data-raw <data> like -d, but treats @ as character
--data-urlencode <data> like -d, but encodes data
--dns-servers comma-separated DNS servers to resolve the request
--fail-early when doing multiple requests, abort them if one fails
--fail-with-body like -f, but outputs the body
--oauth2-bearer <token> sets the Authentication: Bearer token
--output-dir <dir> when used with -O or -o, sets the path to store the files
--proto-default <proto> default protocol
--remote-name-all when saving multiple files, treat all as -O

Notes about -d, --data

  • Sets application/x-www-form-urlencoded if no Content-Type header
  • Does NOT do url encoding (see --data-urlencode)
  • Reads url encoded values and treats them as /^@(?<filename>.+)|(?<value>.*)$/ (see --data-raw)

Notes about -u, --user <user:password>

  • Uses --basic by default
  • Can be combined with many options, such as --anyauth, --aws-sigv4, --basic, --digest, --location-trusted, --negotiate, --ntlm, --oauth2-bearer, etc.
  • NOTE: The options above are not exhaustive

Notes about -v, --verbose

  • Lines starting with >: Headers sent by curl
  • Lines starting with <: Headers received by curl
  • Lines starting with *: Extra info provided by curl

NOTE: Use --trace if you need even more debug output

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment