https://ec.haxx.se/ 英文在线文档
Everything-curl github地址
curl的用法
1.1 URL通配
| 通配类型 | 通配举例 |
|---|---|
| 数字 | curl -O http://example.com/[1-100].png |
| curl -O http://example.com/[001-100].png | |
| curl -O http://example.com[0-100:2].png | |
| 字母 | curl -O http://example.com/section[a-z].html |
| 列表 | curl -O http://example.com/{one,two,three,alpah,beta}.html |
| 组合 | curl -O http://example.com/chess-[0-1]x[0-7].jpg |
| curl -O http://example.com/{web,email}-log[0-6].txt |
1.2 配置文件
当你的命令行比较长的时候,你可以将参数写在文件中,然后curl的时候调用。
curl -K cmdline.txt http://example.com
cmdline.txt 中可以包含你想要指定的参数:
# 还可以添加注释
--location
# 使用长短格式均可
head
# 但命令行选项和其参数需要在同一行
user-agent "Everythis-is-an-agent"
# 也可以添加=符号
user-agent = "Everythin-is-an-agent"
# 没有空格的时候,引号可以省去
user-agent = Everything-is-an-agent
curl 会检查是否存在默认配置文件(除非使用了-q),如果存在,则使用这个配置文件。
在类Unix系统中,会查找 .curlrc 文件,在windows系统中,会查找 _curlrc 文件
1.3 认证和进度指示器
# 简单认证
curl -u alice:12345 http://example.com
# 关闭进度指示器
-s 或 --silent
# 简单进度指示器
-# 或 -progress-bar
1.4 其它常用参数
| 参数 | 长格式 | 作用 | 说明 | 示例 |
|---|---|---|---|---|
| -v | --verbose | 详细模式 | 显示更多信息 | |
| --trace [filename] | 将信息保存到文件中 | --trace-ascii可显示字符 | curl --trace dump http://example.com | |
| --trace-time | 输出信息加时间戳 | |||
| -w | --write-out | 结束输出信息 | 可指定字符串,@文件读取,@-从stdin读取,还可使用%{name}访问变量 | curl -w "Type: %{content_type} Code: %{response_code} " http://example.com |
| -s | --silent | 静默模式 | 可加 --show-error 来显示错误信息 | |
| -o [filename] | --output [filename] | 将下载内容保存到filename | 如多个url文件需使用多个-O 或 --remote-name-all | curl -o -o url1 url2 |
| -O | --remote-name | 使用原资源名保存文件 | 注:重定向后名字不会变 | |
| -J | --remote-header-name | 使用header中指定的文件名 | ||
| --compressed | 使用压缩算法加快传输速度 | |||
| > [filename] | shell重定向 | curl http://example.com > files.html | ||
| --max-filesize [size] | 指定最大文件大小 | |||
| --raw | 传输原始数据 | 适用于自行解码的场景 | ||
| --retry [num] | 失败重试 | --retry-delay指定间隔,否则指数上升,--retry-max-time指定最大重试时间 | ||
| --max-time | 指定单个传输最长时间 | |||
| -C | --continue-at [num] | 指定从num字节偏移处下载 | 指定 num 为 - 则继续之前的下载,--range num1-num2 下载部分 | |
| --connect-timeout [n秒] | 最大连接时间 | |||
| --interface [接口] | 指定本地接口 | curl --interface eth0 http://example.com curl --interface 192.168.0.2 http://example.com |
||
| --local-port [port] | 指定本地端口 | curl --local-port 4000-4200 http://example.com | ||
| --keepalive-time [num秒] | 指定keepalive时间 | |||
| --no-keeyalive | 禁用keepalive | |||
| -x | --proxy | 使用代理 | curl -x 192.168.0.1:8080 http://example.com | |
| --path-as-is | 不对url进行压缩 | ok/../会压缩为/ | ||
| -d | --data | 以post方式发送数据 | 使用@filename从文件读取,使用--data-binary读取二进制数据 | curl -d name=admin -d show=yes http://example.com |
| Content-Type | 指定发送的数据类型 | curl -d '{json}' -H 'Content-Type: application/json' http://example.com | ||
| -L -b | 使用cookie | curl -L -b cookies.txt http://example.com |
参数大全
2.1 所有长短参数
Usage: curl [options...] <url>
--abstract-unix-socket <path> Connect via abstract Unix domain socket
--anyauth Pick any authentication method
-a, --append Append to target file when uploading
--basic Use HTTP Basic Authentication
--cacert <file> CA certificate to verify peer against
--capath <dir> CA directory to verify peer against
-E, --cert <certificate[:password]> Client certificate file and password
--cert-status Verify the status of the server certificate
--cert-type <type> Certificate file type (DER/PEM/ENG)
--ciphers <list of ciphers> SSL ciphers to use
--compressed Request compressed response
--compressed-ssh Enable SSH compression
-K, --config <file> Read config from a file
--connect-timeout <seconds> Maximum time allowed for connection
--connect-to <HOST1:PORT1:HOST2:PORT2> Connect to host
-C, --continue-at <offset> Resumed transfer offset
-b, --cookie <data> Send cookies from string/file
-c, --cookie-jar <filename> Write cookies to <filename> after operation
--create-dirs Create necessary local directory hierarchy
--crlf Convert LF to CRLF in upload
--crlfile <file> Get a CRL list in PEM format from the given file
-d, --data <data> HTTP POST data
--data-ascii <data> HTTP POST ASCII data
--data-binary <data> HTTP POST binary data
--data-raw <data> HTTP POST data, '@' allowed
--data-urlencode <data> HTTP POST data url encoded
--delegation <LEVEL> GSS-API delegation permission
--digest Use HTTP Digest Authentication
-q, --disable Disable .curlrc
--disable-eprt Inhibit using EPRT or LPRT
--disable-epsv Inhibit using EPSV
--dns-interface <interface> Interface to use for DNS requests
--dns-ipv4-addr <address> IPv4 address to use for DNS requests
--dns-ipv6-addr <address> IPv6 address to use for DNS requests
--dns-servers <addresses> DNS server addrs to use
-D, --dump-header <filename> Write the received headers to <filename>
--egd-file <file> EGD socket path for random data
--engine <name> Crypto engine to use
--expect100-timeout <seconds> How long to wait for 100-continue
-f, --fail Fail silently (no output at all) on HTTP errors
--fail-early Fail on first transfer error, do not continue
--false-start Enable TLS False Start
-F, --form <name=content> Specify multipart MIME data
--form-string <name=string> Specify multipart MIME data
--ftp-account <data> Account data string
--ftp-alternative-to-user <command> String to replace USER [name]
--ftp-create-dirs Create the remote dirs if not present
--ftp-method <method> Control CWD usage
--ftp-pasv Use PASV/EPSV instead of PORT
-P, --ftp-port <address> Use PORT instead of PASV
--ftp-pret Send PRET before PASV
--ftp-skip-pasv-ip Skip the IP address for PASV
--ftp-ssl-ccc Send CCC after authenticating
--ftp-ssl-ccc-mode <active/passive> Set CCC mode
--ftp-ssl-control Require SSL/TLS for FTP login, clear for transfer
-G, --get Put the post data in the URL and use GET
-g, --globoff Disable URL sequences and ranges using {} and []
-I, --head Show document info only
-H, --header <header/@file> Pass custom header(s) to server
-h, --help This help text
--hostpubmd5 <md5> Acceptable MD5 hash of the host public key
-0, --http1.0 Use HTTP 1.0
--http1.1 Use HTTP 1.1
--http2 Use HTTP 2
--http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade
--ignore-content-length Ignore the size of the remote resource
-i, --include Include protocol response headers in the output
-k, --insecure Allow insecure server connections when using SSL
--interface <name> Use network INTERFACE (or address)
-4, --ipv4 Resolve names to IPv4 addresses
-6, --ipv6 Resolve names to IPv6 addresses
-j, --junk-session-cookies Ignore session cookies read from file
--keepalive-time <seconds> Interval time for keepalive probes
--key <key> Private key file name
--key-type <type> Private key file type (DER/PEM/ENG)
--krb <level> Enable Kerberos with security <level>
--libcurl <file> Dump libcurl equivalent code of this command line
--limit-rate <speed> Limit transfer speed to RATE
-l, --list-only List only mode
--local-port <num/range> Force use of RANGE for local port numbers
-L, --location Follow redirects
--location-trusted Like --location, and send auth to other hosts
--login-options <options> Server login options
--mail-auth <address> Originator address of the original email
--mail-from <address> Mail from this address
--mail-rcpt <address> Mail to this address
-M, --manual Display the full manual
--max-filesize <bytes> Maximum file size to download
--max-redirs <num> Maximum number of redirects allowed
-m, --max-time <time> Maximum time allowed for the transfer
--metalink Process given URLs as metalink XML file
--negotiate Use HTTP Negotiate (SPNEGO) authentication
-n, --netrc Must read .netrc for user name and password
--netrc-file <filename> Specify FILE for netrc
--netrc-optional Use either .netrc or URL
-:, --next Make next URL use its separate set of options
--no-alpn Disable the ALPN TLS extension
-N, --no-buffer Disable buffering of the output stream
--no-keepalive Disable TCP keepalive on the connection
--no-npn Disable the NPN TLS extension
--no-sessionid Disable SSL session-ID reusing
--noproxy <no-proxy-list> List of hosts which do not use proxy
--ntlm Use HTTP NTLM authentication
--ntlm-wb Use HTTP NTLM authentication with winbind
--oauth2-bearer <token> OAuth 2 Bearer Token
-o, --output <file> Write to file instead of stdout
--pass <phrase> Pass phrase for the private key
--path-as-is Do not squash .. sequences in URL path
--pinnedpubkey <hashes> FILE/HASHES Public key to verify peer against
--post301 Do not switch to GET after following a 301
--post302 Do not switch to GET after following a 302
--post303 Do not switch to GET after following a 303
--preproxy [protocol://]host[:port] Use this proxy first
-#, --progress-bar Display transfer progress as a bar
--proto <protocols> Enable/disable PROTOCOLS
--proto-default <protocol> Use PROTOCOL for any URL missing a scheme
--proto-redir <protocols> Enable/disable PROTOCOLS on redirect
-x, --proxy [protocol://]host[:port] Use this proxy
--proxy-anyauth Pick any proxy authentication method
--proxy-basic Use Basic authentication on the proxy
--proxy-cacert <file> CA certificate to verify peer against for proxy
--proxy-capath <dir> CA directory to verify peer against for proxy
--proxy-cert <cert[:passwd]> Set client certificate for proxy
--proxy-cert-type <type> Client certificate type for HTTS proxy
--proxy-ciphers <list> SSL ciphers to use for proxy
--proxy-crlfile <file> Set a CRL list for proxy
--proxy-digest Use Digest authentication on the proxy
--proxy-header <header/@file> Pass custom header(s) to proxy
--proxy-insecure Do HTTPS proxy connections without verifying the proxy
--proxy-key <key> Private key for HTTPS proxy
--proxy-key-type <type> Private key file type for proxy
--proxy-negotiate Use HTTP Negotiate (SPNEGO) authentication on the proxy
--proxy-ntlm Use NTLM authentication on the proxy
--proxy-pass <phrase> Pass phrase for the private key for HTTPS proxy
--proxy-service-name <name> SPNEGO proxy service name
--proxy-ssl-allow-beast Allow security flaw for interop for HTTPS proxy
--proxy-tlsauthtype <type> TLS authentication type for HTTPS proxy
--proxy-tlspassword <string> TLS password for HTTPS proxy
--proxy-tlsuser <name> TLS username for HTTPS proxy
--proxy-tlsv1 Use TLSv1 for HTTPS proxy
-U, --proxy-user <user:password> Proxy user and password
--proxy1.0 <host[:port]> Use HTTP/1.0 proxy on given port
-p, --proxytunnel Operate through a HTTP proxy tunnel (using CONNECT)
--pubkey <key> SSH Public key file name
-Q, --quote Send command(s) to server before transfer
--random-file <file> File for reading random data from
-r, --range <range> Retrieve only the bytes within RANGE
--raw Do HTTP "raw"; no transfer decoding
-e, --referer <URL> Referrer URL
-J, --remote-header-name Use the header-provided filename
-O, --remote-name Write output to a file named as the remote file
--remote-name-all Use the remote file name for all URLs
-R, --remote-time Set the remote file's time on the local output
-X, --request <command> Specify request command to use
--request-target Specify the target for this request
--resolve <host:port:address> Resolve the host+port to this address
--retry <num> Retry request if transient problems occur
--retry-connrefused Retry on connection refused (use with --retry)
--retry-delay <seconds> Wait time between retries
--retry-max-time <seconds> Retry only within this period
--sasl-ir Enable initial response in SASL authentication
--service-name <name> SPNEGO service name
-S, --show-error Show error even when -s is used
-s, --silent Silent mode
--socks4 <host[:port]> SOCKS4 proxy on given host + port
--socks4a <host[:port]> SOCKS4a proxy on given host + port
--socks5 <host[:port]> SOCKS5 proxy on given host + port
--socks5-basic Enable username/password auth for SOCKS5 proxies
--socks5-gssapi Enable GSS-API auth for SOCKS5 proxies
--socks5-gssapi-nec Compatibility with NEC SOCKS5 server
--socks5-gssapi-service <name> SOCKS5 proxy service name for GSS-API
--socks5-hostname <host[:port]> SOCKS5 proxy, pass host name to proxy
-Y, --speed-limit <speed> Stop transfers slower than this
-y, --speed-time <seconds> Trigger 'speed-limit' abort after this time
--ssl Try SSL/TLS
--ssl-allow-beast Allow security flaw to improve interop
--ssl-no-revoke Disable cert revocation checks (WinSSL)
--ssl-reqd Require SSL/TLS
-2, --sslv2 Use SSLv2
-3, --sslv3 Use SSLv3
--stderr Where to redirect stderr
--suppress-connect-headers Suppress proxy CONNECT response headers
--tcp-fastopen Use TCP Fast Open
--tcp-nodelay Use the TCP_NODELAY option
-t, --telnet-option <opt=val> Set telnet option
--tftp-blksize <value> Set TFTP BLKSIZE option
--tftp-no-options Do not send any TFTP options
-z, --time-cond <time> Transfer based on a time condition
--tls-max <VERSION> Use TLSv1.0 or greater
--tlsauthtype <type> TLS authentication type
--tlspassword TLS password
--tlsuser <name> TLS user name
-1, --tlsv1 Use TLSv1.0 or greater
--tlsv1.0 Use TLSv1.0
--tlsv1.1 Use TLSv1.1
--tlsv1.2 Use TLSv1.2
--tlsv1.3 Use TLSv1.3
--tr-encoding Request compressed transfer encoding
--trace <file> Write a debug trace to FILE
--trace-ascii <file> Like --trace, but without hex output
--trace-time Add time stamps to trace/verbose output
--unix-socket <path> Connect through this Unix domain socket
-T, --upload-file <file> Transfer local FILE to destination
--url <url> URL to work with
-B, --use-ascii Use ASCII/text transfer
-u, --user <user:password> Server user and password
-A, --user-agent <name> Send User-Agent <name> to server
-v, --verbose Make the operation more talkative
-V, --version Show version number and quit
-w, --write-out <format> Use output FORMAT after completion
--xattr Store metadata in extended file attributes
2.2 可用的--wirte-out变量
| 变量 | 说明 |
|---|---|
| - %{content_type} | the Content-Type of the requested document, if there was any. |
| - %{filename_effective} | the ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the --remote-name or --output option. It's most useful in combination with the --remote-header-name option. |
| - %{ftp_entry_path} | the initial path curl ended up in when logging on to the remote FTP server. |
| - %{http_code} | the old variable name for what is now known as response_code. |
| - %{http_connect} | the numerical code that was found in the last response (from a proxy) to a curl CONNECT request. |
| - %{http_version} | The http version that was used. |
| - %{json} | all write-out variables as a single JSON object. |
| - %{local_ip} | the IP address of the local end of the most recently done connection—can be either IPv4 or IPv6 |
| - %{local_port} | the local port number of the most recently made connection |
| - %{method} | HTTP method the most recent request used |
| - %{num_connects} | the number of new connects made in the recent transfer. |
| - %{num_headers} | number of response headers in the last responsea |
| - %{num_redirects} | number of redirects that were followed in the request. |
| - %{proxy_ssl_verify_result} | the result of the SSL peer certificate verification that was requested when communicating with a proxy. 0 means the verification was successful. |
| - %{redirect_url} | the actual URL a redirect would take you to when an HTTP request was made without -L to follow redirects. |
| - %{remote_ip} | the remote IP address of the most recently made connection—can be either IPv4 or IPv6. |
| - %{remote_port} | the remote port number of the most recently made connection. |
| - %{response_code} | the numerical response code that was found in the last transfer. |
| - %{scheme} | scheme used in the previous URL |
| - %{size_download} | the total number of bytes that were downloaded. |
| - %{size_header} | the total number of bytes of the downloaded headers. |
| - %{size_request} | the total number of bytes that were sent in the HTTP request. |
| - %{size_upload} | the total number of bytes that were uploaded. |
| - %{speed_download} | the average download speed that curl measured for the complete download in bytes per second. |
| - %{speed_upload} | the average upload speed that curl measured for the complete upload in bytes per second. |
| - %{ssl_verify_result} | the result of the SSL peer certificate verification that was requested. 0 means the verification was successful. |
| - %{stderr} | - makes the rest of the output get written to stderr. |
| - %{stdout} | - makes the rest of the output get written to stdout. |
| - %{time_appconnect} | the time, in seconds, it took from the start until the SSL/SSH/etc connect/handshake to the remote host was completed. |
| - %{time_connect} | the time, in seconds, it took from the start until the TCP connect to the remote host (or proxy) was completed. |
| - %{time_namelookup} | the time, in seconds, it took from the start until the name resolving was completed. |
| - %{time_pretransfer} | the time, in seconds, it took from the start until the file transfer was just about to begin. This includes all pre-transfer commands and negotiations that are specific to the particular protocol(s) involved. |
| - %{time_redirect} | the time, in seconds, it took for all redirection steps including name lookup, connect, pre-transfer and transfer before the final transaction was started. time_redirect the complete execution time for multiple redirections. |
| - %{time_starttransfer} | the time, in seconds, it took from the start until the first byte was just about to be transferred. This includes time_pretransfer and also the time the server needed to calculate the result. |
| - %{time_total} | the total time, in seconds, that the full operation lasted. The time will be displayed with millisecond resolution. |
| - %{url_effective} | the URL that was fetched last. This is particularly meaningful if you have told curl to follow Location: headers (with -L). |