curl is a command-line tool for transferring data with URLs. It supports HTTP, HTTPS, FTP, and many other protocols. Essential for API testing, web scraping, and general HTTP operations.
Basic Usage
- curl <url> - GET request, output to stdout
- curl -o file.html <url> - Save to file
- curl -O <url> - Save with remote filename
HTTP Methods
- curl -X GET <url> - GET request (default)
- curl -X POST <url> - POST request
- curl -X PUT <url> - PUT request
- curl -X DELETE <url> - DELETE request
- curl -X PATCH <url> - PATCH request
- curl -I <url> - HEAD request (headers only)
Headers
- -H "Header: Value" - Add custom header
- -H "Content-Type: application/json" - Set content type
- -H "Authorization: Bearer token" - Auth header
- -A "User-Agent" - Set User-Agent
- -e "Referer" - Set Referer header
Data/Body
- -d "data" - Send POST data
- -d @file.json - POST data from file
- --data-urlencode "param=value" - URL encode data
- -F "file=@path/file.txt" - Form upload
- -F "field=value" - Form field
Output Options
- -o filename - Output to file
- -O - Save with remote filename
- -s - Silent mode (no progress)
- -S - Show errors in silent mode
- -v - Verbose output
- -i - Include response headers
- -w "%{http_code}" - Write out format
Authentication
- -u user:password - Basic auth
- --digest - Digest auth
- --ntlm - NTLM auth
- --negotiate - Negotiate auth
- -E cert.pem - Client certificate
Cookies
- -b "name=value" - Send cookie
- -b cookies.txt - Read cookies from file
- -c cookies.txt - Save cookies to file
- -c - - Print cookies to stdout
SSL/TLS
- -k - Ignore SSL errors
- --cacert file - CA certificate
- --cert file - Client certificate
- --key file - Private key
- --tlsv1.2 - Force TLS 1.2
- --tlsv1.3 - Force TLS 1.3
Proxy
- -x proxy:port - HTTP proxy
- -x socks5://proxy:port - SOCKS5 proxy
- --proxy-user user:pass - Proxy auth
- --noproxy "localhost" - Bypass proxy
Redirects & Timeouts
- -L - Follow redirects
- --max-redirs N - Max redirects
- --connect-timeout N - Connection timeout
- -m N - Max time for operation
- --retry N - Retry count
Common Examples
Simple GET
curl https://api.example.com/dataBasic GET request.
POST JSON
curl -X POST -H "Content-Type: application/json" -d '{"key":"value"}' https://api.example.com/dataPOST JSON data.
Download File
curl -O https://example.com/file.zipDownload and save with original name.
With Auth
curl -u admin:password https://api.example.com/adminBasic authentication.
Headers Only
curl -I https://example.comGet response headers only.
Verbose Debug
curl -v https://example.comSee full request/response details.
Follow Redirects
curl -L https://example.com/redirectFollow HTTP redirects.
Upload File
curl -F "file=@/path/to/file.txt" https://example.com/uploadUpload file via form.
Status Code Only
curl -s -o /dev/null -w "%{http_code}" https://example.comGet only HTTP status code.
Through Proxy
curl -x http://proxy:8080 https://example.comRoute through HTTP proxy.
Save Cookies
curl -c cookies.txt -b cookies.txt https://example.com/loginManage session cookies.
API Token
curl -H "Authorization: Bearer eyJhbGc..." https://api.example.com/userRequest with bearer token.
Write-Out Variables
Use with -w option:
- %{http_code} - HTTP status code
- %{time_total} - Total time
- %{time_connect} - Time to connect
- %{size_download} - Downloaded bytes
- %{speed_download} - Download speed
- %{url_effective} - Final URL
- %{redirect_url} - Redirect URL
Tips
- Use -s for scripts (silent mode)
- Use -v to debug connection issues
- Use -L to handle redirects automatically
- Use -k only for testing (insecure)
- Combine -sS for silent but show errors
- Use @filename to read data from files
- Essential for API testing and debugging
- Supports many protocols beyond HTTP