~ubuntu-branches/ubuntu/lucid/curl/lucid-security

curl is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, GOPHER, DICT, TELNET, LDAP or FILE). The command is designed to work without user interaction.

curl is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, TFTP, GOPHER, DICT, TELNET, LDAP or FILE). The command is designed to work without user interaction.

curl offers a busload of useful tricks like proxy support, user authentication, ftp upload, HTTP post, SSL (https:) connections, cookies, file transfer resume and more. As you will see below, the amount of features will make your head spin!

curl is powered by libcurl for all transfer-related features. See libcurl (3) for details. <a name="URL"></a><h2 class="nroffsh">URL</h2>

The URL syntax is protocol dependent. You'll find a detailed description in RFC 2396.

No nesting of the sequences is supported at the moment, but you can use several ones next to each other:

<a href="http://any.org/archive">http://any.org/archive</a>[1996-1999]/vol[1-4]/part{a,b,c}.html

You can specify any amount of URLs on the command line. They will be fetched in a sequential manner in the specified order.

Since curl 7.15.1 you can also specify step counter for the ranges, so that you can get every Nth number or letter:

<a href="http://www.numericals.com/file">http://www.numericals.com/file</a>[1-100:10].txt  <a href="http://www.letters.com/file">http://www.letters.com/file</a>[a-z:2].txt

If you specify URL without protocol:// prefix, curl will attempt to guess what protocol you might want. It will then default to HTTP but try other protocols based on often-used host name prefixes. For example, for host names starting with "ftp." curl will assume you want to speak FTP.

Curl will attempt to re-use connections for multiple file transfers, so that getting many files from the same server will not do multiple connects / handshakes. This improves speed. Of course this is only done on files specified on a single command line and cannot be used between separate curl invokes. <a name="OPTIONS"></a><h2 class="nroffsh">OPTIONS</h2>

<a name="-a--append"></a>-a/--append

165

168

<a name="--ftp-pasv"></a>--ftp-pasv

166

169

(FTP) Use PASV when transferring. PASV is the internal default behavior, but using this option can be used to override a previous --ftp-port option. (Added in 7.11.0)

167

170

If this option is used twice, the second will again disable silent failure.

171

<a name="--ftp-skip-pasv-ip"></a>--ftp-skip-pasv-ip

172

(FTP) Tell curl to not use the IP address the server suggests in its response to curl's PASV command when curl connects the data connection. Instead curl will re-use the same IP address it already uses for the control connection. (Added in 7.14.2)

173

This option has no effect if PORT, EPRT or EPSV is used instead of PASV.

174

If this option is used twice, the second will again disable silent failure.

168

175

<a name="--ftp-ssl"></a>--ftp-ssl

169

176

(FTP) Make the FTP connection switch to use SSL/TLS. (Added in 7.11.0)

170

177

If this option is used twice, the second will again disable this.

193

200

Usage help.

194

201

<a name="-H--header"></a>-H/--header <header>

195

202

(HTTP) Extra header to use when getting a web page. You may specify any number of extra headers. Note that if you should add a custom header that has the same name as one of the internal ones curl would use, your externally set header will be used instead of the internal one. This allows you to make even trickier stuff than curl would normally do. You should not replace internally set headers without knowing perfectly well what you're doing. Replacing an internal header with one without content on the right side of the colon will prevent that header from appearing.

203

curl will make sure that each header you add/replace get sent with the proper end of line marker, you should thus not add that as a part of the header content: do not add newlines or carriage returns they will only mess things up for you.

196

204

See also the <a class="emphasis" href="#-A--user-agent">-A/--user-agent</a> and <a class="emphasis" href="#-e--referer">-e/--referer</a> options.

197

205

This option can be used multiple times to add/replace/remove multiple headers.

206

<a name="--ignore-content-length"></a>--ignore-content-length

207

(HTTP) Ignore the Content-Length header. This is particularly useful for servers running Apache 1.x, which will report incorrect Content-Length for files larger than 2 gigabytes.

198

208

<a name="-i--include"></a>-i/--include

199

209

(HTTP) Include the HTTP-header in the output. The HTTP-header includes things like server-name, date of the document, HTTP-version and more...

200

210

If this option is used twice, the second will again disable header include.

250

260

Specify the maximum size (in bytes) of a file to download. If the file requested is larger than this value, the transfer will not start and curl will return with exit code 63.

251

261

NOTE: The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers.

252

262

253

Maximum time in seconds that you allow the whole operation to take. This is useful for preventing your batch jobs from hanging for hours due to slow networks or links going down. This doesn't work fully in win32 systems. See also the <a class="emphasis" href="#--connect-timeout">--connect-timeout</a> option.

263

Maximum time in seconds that you allow the whole operation to take. This is useful for preventing your batch jobs from hanging for hours due to slow networks or links going down. See also the <a class="emphasis" href="#--connect-timeout">--connect-timeout</a> option.

254

264

If this option is used several times, the last one will be used.

255

265

<a name="-M--manual"></a>-M/--manual

256

266

Manual. Display the huge help text.

264

274

<a name="--negotiate"></a>--negotiate

265

275

(HTTP) Enables GSS-Negotiate authentication. The GSS-Negotiate method was designed by Microsoft and is used in their web applications. It is primarily meant as a support for Kerberos5 authentication but may be also used along with another authentication methods. For more information see IETF draft draft-brezak-spnego-http-04.txt. (Added in 7.10.6)

266

276

This option requires that the library was built with GSSAPI support. This is not very common. Use <a class="emphasis" href="#-V--version">-V/--version</a> to see if your version supports GSS-Negotiate.

277

When using this option, you must also provide a fake -u/--user option to activate the authentication code properly. Sending a '-u :' is enough as the user name and password from the -u option aren't actually used.

267

278

If this option is used several times, the following occurrences make no difference.

268

279

<a name="-N--no-buffer"></a>-N/--no-buffer

269

280

Disables the buffering of the output stream. In normal work situations, curl will use a standard buffered output stream that will have the effect that it will output the data in chunks, not necessarily exactly when the data arrives. Using this option will disable that buffering.

328

339

0-499 specifies the first 500 bytes

329

340

500-999 specifies the second 500 bytes

330

341

-500 specifies the last 500 bytes

331

9500 specifies the bytes from offset 9500 and forward

342

9500- specifies the bytes from offset 9500 and forward

332

343

0-0,-1 specifies the first and last byte only(*)(H)

333

344

500-700,600-799 specifies 300 bytes from offset 500(H)

334

345

100-199,500-599 specifies two separate 100 bytes ranges(*)(H)

391

402

If this option is used several times, each occurrence will toggle it on/off. (Added in 7.14.0 )

392

403

393

404

Specify user and password to use for server authentication. Overrides <a class="emphasis" href="#-n--netrc">-n/--netrc</a> and <a class="emphasis" href="#--netrc-optional">--netrc-optional</a>.

405

If you use an SSPI-enabled curl binary and do NTLM autentication, you can force curl to pick up the user name and password from your environment by simply specifying a single colon with this option: "-u :".

394

406

If this option is used several times, the last one will be used.

395

407

<a name="-U--proxy-user"></a>-U/--proxy-user <user:password>

396

408

Specify user and password to use for proxy authentication.

409

397

410

If this option is used several times, the last one will be used.

398

411

399

412

Specify a URL to fetch. This option is mostly handy when you want to specify URL(s) in a config file.

435

448

SSPI is supported. If you use NTLM and set a blank user name, curl will authenticate with your current user and password.

436

449

437

450

<a name="-w--write-out"></a>-w/--write-out <format>

438

Defines what to display after a completed and successful operation. The format is a string that may contain plain text mixed with any number of variables. The string can be specified as "string", to get read from a particular file you specify it "@filename" and to tell curl to read the format from stdin you write "@-".

451

Defines what to display on stdout after a completed and successful operation. The format is a string that may contain plain text mixed with any number of variables. The string can be specified as "string", to get read from a particular file you specify it "@filename" and to tell curl to read the format from stdin you write "@-".

439

452

The variables present in the output format will be substituted by the value or text that curl thinks fit, as described below. All variables are specified like %{variable_name} and to output a normal % you just write them like %%. You can output a newline by using n, a carriage return with r and a tab space with t.

440

453

NOTE: The %-letter is a special letter in the win32-environment, where all occurrences of % must be doubled when using this option.

441

454

Available variables are at this point:

464

477

Use specified HTTP proxy. If the port number is not specified, it is assumed at port 1080.

465

478

This option overrides existing environment variables that sets proxy to use. If there's an environment variable setting a proxy, you can set proxy to "" to override it.

466

479

Note that all operations that are performed over a HTTP proxy will transparently be converted to HTTP. It means that certain protocol specific operations might not be available. This is not the case if you can tunnel through the proxy, as done with the <a class="emphasis" href="#-p--proxytunnel">-p/--proxytunnel</a> option.

480

Starting with 7.14.1, the proxy host can be specified the exact same way as the proxy environment variables, include protocol prefix (http://) and embedded user + password.

467

481

If this option is used several times, the last one will be used.

468

482

<a name="-X--request"></a>-X/--request <command>

469

(HTTP) Specifies a custom request to use when communicating with the HTTP server. The specified request will be used instead of the standard GET. Read the HTTP 1.1 specification for details and explanations.

483

(HTTP) Specifies a custom request method to use when communicating with the HTTP server. The specified request will be used instead of the method otherwise used (which defaults to GET). Read the HTTP 1.1 specification for details and explanations.

470

484

(FTP) Specifies a custom FTP command to use instead of LIST when doing file lists with ftp.

471

485

If this option is used several times, the last one will be used.

472

486

<a name="-y--speed-time"></a>-y/--speed-time <time>

481

495

Start the date expression with a dash (-) to make it request for a document that is older than the given date/time, default is a document that is newer than the specified date/time.

482

496

If this option is used several times, the last one will be used.

483

497

<a name="--max-redirs"></a>--max-redirs <num>

484

Set maximum number of redirection-followings allowed. If <a class="emphasis" href="#-L--location">-L/--location</a> is used, this option can be used to prevent curl from following redirections "in absurdum".

498

485

499

If this option is used several times, the last one will be used.

486

500

<a name="-0--http10"></a>-0/--http1.0

487

501

(HTTP) Forces curl to issue its requests using HTTP 1.0 instead of using its internally preferred: HTTP 1.1.

539

553

<a name="8"></a>8

540

554

FTP weird server reply. The server sent data curl couldn't parse.

541

555

<a name="9"></a>9

542

FTP access denied. The server denied login.

556

FTP access denied. The server denied login or denied access to the particular resource or directory you wanted to reach. Most often you tried to change to a directory that doesn't exist on the server.

543

557

<a name="10"></a>10

544

558

FTP user/password incorrect. Either one or both were not accepted by the server.

545

559

<a name="11"></a>11

Older »