What is curl?
curl stands for 'Client URL', a CLI utility used to transfer/receive data using URL syntax. It is widely used in areas such as web development, API testing, CI/CD automation, and operational troubleshooting.
Key Features
- Various Protocols: HTTP/HTTPS, FTP/FTPS, SFTP, LDAP, SMTP/SMTPS, etc. (depending on build options).
- HTTP Control: Fine-grained control over methods, headers, cookies, compression, HTTP/2, redirects, timeouts, retries, etc.
- Upload/Download: File download (-o/-O), resume (-C -), form upload (-F), single file upload (-T).
- Security: TLS certificate verification (enabled by default), specifying trusted roots (--cacert), client certificates (--cert/--key).
- Automation Friendly: Silent output (-s), exit on failure (-f), formatted output (-w), suitable for scripting.
Key Options (Shell)
The most basic requirement is the target URL for the request. Multiple URLs can be listed separated by spaces or read from a file (@file).
1. Basic Requests and Downloads
2. HTTP Methods and Data Transfer
3. Headers, Authentication, Cookies
4. Output Control/Reliability
5. Security/TLS & Proxy/Diagnostics
6. Protocols/Versions
7. Help/Version
Generated command:
Try combining the commands.
Description:
`curl` Executes the command.
Combine the above options to virtually execute commands with AI.
Usage Scenario Examples (Shell)
Collected frequently used request patterns in practice.
Output webpage content
curl https://example.comBasic GET request.
File download (follow redirects)
curl -O -L https://wordpress.org/latest.zip-O original filename, -L follow redirects.
JSON GET + pretty print
curl -s https://api.github.com/users/google | jqParse/improve readability with jq.
JSON POST
curl -X POST -H "Content-Type: application/json" -d '{"username":"test"}' https://api.example.com/usersSpecify header and body.
Form file upload (multipart)
curl -F "upload_file=@./my-image.png" https://example.com/uploadField name=upload_file, specify file path with @.
Bearer token authentication
curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" https://api.example.com/meUse Authorization header.
Check response headers only
curl -I https://google.comUseful for diagnosing service status/cache.
Exit with non-zero on failure + silent
curl -sSf https://example.com/health-sS -f combination: script-friendly.
Timeout + retry
curl --connect-timeout 5 --max-time 20 --retry 3 --retry-all-errors https://example.com/apiHandle unstable network conditions.
Test with specific IP (--resolve)
curl --resolve 'api.example.com:443:203.0.113.10' https://api.example.com/statusDNS bypass test (SNI maintained).
Installation
Mostly pre-installed; otherwise, install via package manager.
Debian/Ubuntu
sudo apt update && sudo apt install -y curlRHEL/CentOS/Fedora
sudo dnf install -y curlArch Linux
sudo pacman -S --needed curlTips & Cautions
Useful Tips
- curl vs wget: wget is strong for large-scale/recursive downloads, while curl excels in API interaction/fine-grained control.
- Quotes: When using JSON/special characters with -d/-H, it's recommended to enclose them in single quotes.
- Compressed response: Using --compressed automatically decompresses if the server supports it, reducing transfer size.
- Proxy: Set HTTP proxy with -x, SOCKS5 with --socks5.
- Security Warning (-k): -k/--insecure should only be used for development/testing. For production, it's recommended to set up trusted roots (--cacert).