curl 的使用，參數大全

目錄

• curl的用法
  • 1.1 URL通配
  • 1.2 配置文件
  • 1.3 認證和進度指示器
  • 1.4 其它常用參數
• 參數大全
  • 2.1 所有長短參數
  • 2.2 可用的--wirte-out變量

https://ec.haxx.se/ 英文在線文檔
Everything-curl github地址

curl的用法

1.1 URL通配

通配類型	通配舉例
數字	curl -O http://example.com/[1-100].png
	curl -O http://example.com/[001-100].png
	curl -O http://example.com[0-100:2].png
字母	curl -O http://example.com/section[a-z].html
列表	curl -O http://example.com/{one,two,three,alpah,beta}.html
組合	curl -O http://example.com/chess-[0-1]x[0-7].jpg
	curl -O http://example.com/{web,email}-log[0-6].txt

1.2 配置文件

當你的命令行比較長的時候，你可以將參數寫在文件中，然后curl的時候調用。

curl -K cmdline.txt http://example.com

cmdline.txt 中可以包含你想要指定的參數：

# 還可以添加注釋
--location
# 使用長短格式均可
head
# 但命令行選項和其參數需要在同一行
user-agent "Everythis-is-an-agent"
# 也可以添加=符號
user-agent = "Everythin-is-an-agent"
# 沒有空格的時候，引號可以省去
user-agent = Everything-is-an-agent

curl 會檢查是否存在默認配置文件（除非使用了-q)，如果存在，則使用這個配置文件。
在類Unix系統中，會查找 .curlrc 文件，在windows系統中，會查找 _curlrc 文件

1.3 認證和進度指示器

# 簡單認證
curl -u alice:12345 http://example.com
# 關閉進度指示器
-s 或 --silent
# 簡單進度指示器
-# 或 -progress-bar

1.4 其它常用參數

參數	長格式	作用	說明	示例
-v	--verbose	詳細模式	顯示更多信息
	--trace [filename]	將信息保存到文件中	--trace-ascii可顯示字符	curl --trace dump http://example.com
	--trace-time	輸出信息加時間戳
-w	--write-out	結束輸出信息	可指定字符串，@文件讀取，@-從stdin讀取，還可使用%{name}訪問變量	curl -w "Type: %{content_type}\nCode: %{response_code}\n" http://example.com
-s	--silent	靜默模式	可加 --show-error 來顯示錯誤信息
-o [filename]	--output [filename]	將下載內容保存到filename	如多個url文件需使用多個-O 或 --remote-name-all	curl -o -o url1 url2
-O	--remote-name	使用原資源名保存文件	注：重定向后名字不會變
-J	--remote-header-name	使用header中指定的文件名
	--compressed	使用壓縮算法加快傳輸速度
> [filename]		shell重定向		curl http://example.com > files.html
	--max-filesize [size]	指定最大文件大小
	--raw	傳輸原始數據	適用於自行解碼的場景
	--retry [num]	失敗重試	--retry-delay指定間隔，否則指數上升，--retry-max-time指定最大重試時間
	--max-time	指定單個傳輸最長時間
-C	--continue-at [num]	指定從num字節偏移處下載	指定 num 為 - 則繼續之前的下載，--range num1-num2 下載部分
	--connect-timeout [n秒]	最大連接時間
	--interface [接口]	指定本地接口		curl --interface eth0 http://example.com curl --interface 192.168.0.2 http://example.com
	--local-port [port]	指定本地端口		curl --local-port 4000-4200 http://example.com
	--keepalive-time [num秒]	指定keepalive時間
	--no-keeyalive	禁用keepalive
-x	--proxy	使用代理		curl -x 192.168.0.1:8080 http://example.com
	--path-as-is	不對url進行壓縮	ok/../會壓縮為/
-d	--data	以post方式發送數據	使用@filename從文件讀取,使用--data-binary讀取二進制數據	curl -d name=admin -d show=yes http://example.com
	Content-Type	指定發送的數據類型		curl -d '{json}' -H 'Content-Type: application/json' http://example.com
	-L -b	使用cookie		curl -L -b cookies.txt http://example.com

參數大全

2.1 所有長短參數

Usage: curl [options...] <url>
     --abstract-unix-socket <path> Connect via abstract Unix domain socket
     --anyauth       Pick any authentication method
 -a, --append        Append to target file when uploading
     --basic         Use HTTP Basic Authentication
     --cacert <file> CA certificate to verify peer against
     --capath <dir>  CA directory to verify peer against
 -E, --cert <certificate[:password]> Client certificate file and password
     --cert-status   Verify the status of the server certificate
     --cert-type <type> Certificate file type (DER/PEM/ENG)
     --ciphers <list of ciphers> SSL ciphers to use
     --compressed    Request compressed response
     --compressed-ssh Enable SSH compression
 -K, --config <file> Read config from a file
     --connect-timeout <seconds> Maximum time allowed for connection
     --connect-to <HOST1:PORT1:HOST2:PORT2> Connect to host
 -C, --continue-at <offset> Resumed transfer offset
 -b, --cookie <data> Send cookies from string/file
 -c, --cookie-jar <filename> Write cookies to <filename> after operation
     --create-dirs   Create necessary local directory hierarchy
     --crlf          Convert LF to CRLF in upload
     --crlfile <file> Get a CRL list in PEM format from the given file
 -d, --data <data>   HTTP POST data
     --data-ascii <data> HTTP POST ASCII data
     --data-binary <data> HTTP POST binary data
     --data-raw <data> HTTP POST data, '@' allowed
     --data-urlencode <data> HTTP POST data url encoded
     --delegation <LEVEL> GSS-API delegation permission
     --digest        Use HTTP Digest Authentication
 -q, --disable       Disable .curlrc
     --disable-eprt  Inhibit using EPRT or LPRT
     --disable-epsv  Inhibit using EPSV
     --dns-interface <interface> Interface to use for DNS requests
     --dns-ipv4-addr <address> IPv4 address to use for DNS requests
     --dns-ipv6-addr <address> IPv6 address to use for DNS requests
     --dns-servers <addresses> DNS server addrs to use
 -D, --dump-header <filename> Write the received headers to <filename>
     --egd-file <file> EGD socket path for random data
     --engine <name> Crypto engine to use
     --expect100-timeout <seconds> How long to wait for 100-continue
 -f, --fail          Fail silently (no output at all) on HTTP errors
     --fail-early    Fail on first transfer error, do not continue
     --false-start   Enable TLS False Start
 -F, --form <name=content> Specify multipart MIME data
     --form-string <name=string> Specify multipart MIME data
     --ftp-account <data> Account data string
     --ftp-alternative-to-user <command> String to replace USER [name]
     --ftp-create-dirs Create the remote dirs if not present
     --ftp-method <method> Control CWD usage
     --ftp-pasv      Use PASV/EPSV instead of PORT
 -P, --ftp-port <address> Use PORT instead of PASV
     --ftp-pret      Send PRET before PASV
     --ftp-skip-pasv-ip Skip the IP address for PASV
     --ftp-ssl-ccc   Send CCC after authenticating
     --ftp-ssl-ccc-mode <active/passive> Set CCC mode
     --ftp-ssl-control Require SSL/TLS for FTP login, clear for transfer
 -G, --get           Put the post data in the URL and use GET
 -g, --globoff       Disable URL sequences and ranges using {} and []
 -I, --head          Show document info only
 -H, --header <header/@file> Pass custom header(s) to server
 -h, --help          This help text
     --hostpubmd5 <md5> Acceptable MD5 hash of the host public key
 -0, --http1.0       Use HTTP 1.0
     --http1.1       Use HTTP 1.1
     --http2         Use HTTP 2
     --http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade
     --ignore-content-length Ignore the size of the remote resource
 -i, --include       Include protocol response headers in the output
 -k, --insecure      Allow insecure server connections when using SSL
     --interface <name> Use network INTERFACE (or address)
 -4, --ipv4          Resolve names to IPv4 addresses
 -6, --ipv6          Resolve names to IPv6 addresses
 -j, --junk-session-cookies Ignore session cookies read from file
     --keepalive-time <seconds> Interval time for keepalive probes
     --key <key>     Private key file name
     --key-type <type> Private key file type (DER/PEM/ENG)
     --krb <level>   Enable Kerberos with security <level>
     --libcurl <file> Dump libcurl equivalent code of this command line
     --limit-rate <speed> Limit transfer speed to RATE
 -l, --list-only     List only mode
     --local-port <num/range> Force use of RANGE for local port numbers
 -L, --location      Follow redirects
     --location-trusted Like --location, and send auth to other hosts
     --login-options <options> Server login options
     --mail-auth <address> Originator address of the original email
     --mail-from <address> Mail from this address
     --mail-rcpt <address> Mail to this address
 -M, --manual        Display the full manual
     --max-filesize <bytes> Maximum file size to download
     --max-redirs <num> Maximum number of redirects allowed
 -m, --max-time <time> Maximum time allowed for the transfer
     --metalink      Process given URLs as metalink XML file
     --negotiate     Use HTTP Negotiate (SPNEGO) authentication
 -n, --netrc         Must read .netrc for user name and password
     --netrc-file <filename> Specify FILE for netrc
     --netrc-optional Use either .netrc or URL
 -:, --next          Make next URL use its separate set of options
     --no-alpn       Disable the ALPN TLS extension
 -N, --no-buffer     Disable buffering of the output stream
     --no-keepalive  Disable TCP keepalive on the connection
     --no-npn        Disable the NPN TLS extension
     --no-sessionid  Disable SSL session-ID reusing
     --noproxy <no-proxy-list> List of hosts which do not use proxy
     --ntlm          Use HTTP NTLM authentication
     --ntlm-wb       Use HTTP NTLM authentication with winbind
     --oauth2-bearer <token> OAuth 2 Bearer Token
 -o, --output <file> Write to file instead of stdout
     --pass <phrase> Pass phrase for the private key
     --path-as-is    Do not squash .. sequences in URL path
     --pinnedpubkey <hashes> FILE/HASHES Public key to verify peer against
     --post301       Do not switch to GET after following a 301
     --post302       Do not switch to GET after following a 302
     --post303       Do not switch to GET after following a 303
     --preproxy [protocol://]host[:port] Use this proxy first
 -#, --progress-bar  Display transfer progress as a bar
     --proto <protocols> Enable/disable PROTOCOLS
     --proto-default <protocol> Use PROTOCOL for any URL missing a scheme
     --proto-redir <protocols> Enable/disable PROTOCOLS on redirect
 -x, --proxy [protocol://]host[:port] Use this proxy
     --proxy-anyauth Pick any proxy authentication method
     --proxy-basic   Use Basic authentication on the proxy
     --proxy-cacert <file> CA certificate to verify peer against for proxy
     --proxy-capath <dir> CA directory to verify peer against for proxy
     --proxy-cert <cert[:passwd]> Set client certificate for proxy
     --proxy-cert-type <type> Client certificate type for HTTS proxy
     --proxy-ciphers <list> SSL ciphers to use for proxy
     --proxy-crlfile <file> Set a CRL list for proxy
     --proxy-digest  Use Digest authentication on the proxy
     --proxy-header <header/@file> Pass custom header(s) to proxy
     --proxy-insecure Do HTTPS proxy connections without verifying the proxy
     --proxy-key <key> Private key for HTTPS proxy
     --proxy-key-type <type> Private key file type for proxy
     --proxy-negotiate Use HTTP Negotiate (SPNEGO) authentication on the proxy
     --proxy-ntlm    Use NTLM authentication on the proxy
     --proxy-pass <phrase> Pass phrase for the private key for HTTPS proxy
     --proxy-service-name <name> SPNEGO proxy service name
     --proxy-ssl-allow-beast Allow security flaw for interop for HTTPS proxy
     --proxy-tlsauthtype <type> TLS authentication type for HTTPS proxy
     --proxy-tlspassword <string> TLS password for HTTPS proxy
     --proxy-tlsuser <name> TLS username for HTTPS proxy
     --proxy-tlsv1   Use TLSv1 for HTTPS proxy
 -U, --proxy-user <user:password> Proxy user and password
     --proxy1.0 <host[:port]> Use HTTP/1.0 proxy on given port
 -p, --proxytunnel   Operate through a HTTP proxy tunnel (using CONNECT)
     --pubkey <key>  SSH Public key file name
 -Q, --quote         Send command(s) to server before transfer
     --random-file <file> File for reading random data from
 -r, --range <range> Retrieve only the bytes within RANGE
     --raw           Do HTTP "raw"; no transfer decoding
 -e, --referer <URL> Referrer URL
 -J, --remote-header-name Use the header-provided filename
 -O, --remote-name   Write output to a file named as the remote file
     --remote-name-all Use the remote file name for all URLs
 -R, --remote-time   Set the remote file's time on the local output
 -X, --request <command> Specify request command to use
     --request-target Specify the target for this request
     --resolve <host:port:address> Resolve the host+port to this address
     --retry <num>   Retry request if transient problems occur
     --retry-connrefused Retry on connection refused (use with --retry)
     --retry-delay <seconds> Wait time between retries
     --retry-max-time <seconds> Retry only within this period
     --sasl-ir       Enable initial response in SASL authentication
     --service-name <name> SPNEGO service name
 -S, --show-error    Show error even when -s is used
 -s, --silent        Silent mode
     --socks4 <host[:port]> SOCKS4 proxy on given host + port
     --socks4a <host[:port]> SOCKS4a proxy on given host + port
     --socks5 <host[:port]> SOCKS5 proxy on given host + port
     --socks5-basic  Enable username/password auth for SOCKS5 proxies
     --socks5-gssapi Enable GSS-API auth for SOCKS5 proxies
     --socks5-gssapi-nec Compatibility with NEC SOCKS5 server
     --socks5-gssapi-service <name> SOCKS5 proxy service name for GSS-API
     --socks5-hostname <host[:port]> SOCKS5 proxy, pass host name to proxy
 -Y, --speed-limit <speed> Stop transfers slower than this
 -y, --speed-time <seconds> Trigger 'speed-limit' abort after this time
     --ssl           Try SSL/TLS
     --ssl-allow-beast Allow security flaw to improve interop
     --ssl-no-revoke Disable cert revocation checks (WinSSL)
     --ssl-reqd      Require SSL/TLS
 -2, --sslv2         Use SSLv2
 -3, --sslv3         Use SSLv3
     --stderr        Where to redirect stderr
     --suppress-connect-headers Suppress proxy CONNECT response headers
     --tcp-fastopen  Use TCP Fast Open
     --tcp-nodelay   Use the TCP_NODELAY option
 -t, --telnet-option <opt=val> Set telnet option
     --tftp-blksize <value> Set TFTP BLKSIZE option
     --tftp-no-options Do not send any TFTP options
 -z, --time-cond <time> Transfer based on a time condition
     --tls-max <VERSION> Use TLSv1.0 or greater
     --tlsauthtype <type> TLS authentication type
     --tlspassword   TLS password
     --tlsuser <name> TLS user name
 -1, --tlsv1         Use TLSv1.0 or greater
     --tlsv1.0       Use TLSv1.0
     --tlsv1.1       Use TLSv1.1
     --tlsv1.2       Use TLSv1.2
     --tlsv1.3       Use TLSv1.3
     --tr-encoding   Request compressed transfer encoding
     --trace <file>  Write a debug trace to FILE
     --trace-ascii <file> Like --trace, but without hex output
     --trace-time    Add time stamps to trace/verbose output
     --unix-socket <path> Connect through this Unix domain socket
 -T, --upload-file <file> Transfer local FILE to destination
     --url <url>     URL to work with
 -B, --use-ascii     Use ASCII/text transfer
 -u, --user <user:password> Server user and password
 -A, --user-agent <name> Send User-Agent <name> to server
 -v, --verbose       Make the operation more talkative
 -V, --version       Show version number and quit
 -w, --write-out <format> Use output FORMAT after completion
     --xattr         Store metadata in extended file attributes

2.2 可用的--wirte-out變量

變量	說明
- %{content_type}	the Content-Type of the requested document, if there was any.
- %{filename_effective}	the ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the --remote-name or --output option. It's most useful in combination with the --remote-header-name option.
- %{ftp_entry_path}	the initial path curl ended up in when logging on to the remote FTP server.
- %{http_code}	the old variable name for what is now known as response_code.
- %{http_connect}	the numerical code that was found in the last response (from a proxy) to a curl CONNECT request.
- %{http_version}	The http version that was used.
- %{json}	all write-out variables as a single JSON object.
- %{local_ip}	the IP address of the local end of the most recently done connection—can be either IPv4 or IPv6
- %{local_port}	the local port number of the most recently made connection
- %{method}	HTTP method the most recent request used
- %{num_connects}	the number of new connects made in the recent transfer.
- %{num_headers}	number of response headers in the last responsea
- %{num_redirects}	number of redirects that were followed in the request.
- %{proxy_ssl_verify_result}	the result of the SSL peer certificate verification that was requested when communicating with a proxy. 0 means the verification was successful.
- %{redirect_url}	the actual URL a redirect would take you to when an HTTP request was made without -L to follow redirects.
- %{remote_ip}	the remote IP address of the most recently made connection—can be either IPv4 or IPv6.
- %{remote_port}	the remote port number of the most recently made connection.
- %{response_code}	the numerical response code that was found in the last transfer.
- %{scheme}	scheme used in the previous URL
- %{size_download}	the total number of bytes that were downloaded.
- %{size_header}	the total number of bytes of the downloaded headers.
- %{size_request}	the total number of bytes that were sent in the HTTP request.
- %{size_upload}	the total number of bytes that were uploaded.
- %{speed_download}	the average download speed that curl measured for the complete download in bytes per second.
- %{speed_upload}	the average upload speed that curl measured for the complete upload in bytes per second.
- %{ssl_verify_result}	the result of the SSL peer certificate verification that was requested. 0 means the verification was successful.
- %{stderr}	- makes the rest of the output get written to stderr.
- %{stdout}	- makes the rest of the output get written to stdout.
- %{time_appconnect}	the time, in seconds, it took from the start until the SSL/SSH/etc connect/handshake to the remote host was completed.
- %{time_connect}	the time, in seconds, it took from the start until the TCP connect to the remote host (or proxy) was completed.
- %{time_namelookup}	the time, in seconds, it took from the start until the name resolving was completed.
- %{time_pretransfer}	the time, in seconds, it took from the start until the file transfer was just about to begin. This includes all pre-transfer commands and negotiations that are specific to the particular protocol(s) involved.
- %{time_redirect}	the time, in seconds, it took for all redirection steps including name lookup, connect, pre-transfer and transfer before the final transaction was started. time_redirect the complete execution time for multiple redirections.
- %{time_starttransfer}	the time, in seconds, it took from the start until the first byte was just about to be transferred. This includes time_pretransfer and also the time the server needed to calculate the result.
- %{time_total}	the total time, in seconds, that the full operation lasted. The time will be displayed with millisecond resolution.
- %{url_effective}	the URL that was fetched last. This is particularly meaningful if you have told curl to follow Location: headers (with -L).