curl 的使用，参数大全

目录

• curl的用法
  • 1.1 URL通配
  • 1.2 配置文件
  • 1.3 认证和进度指示器
  • 1.4 其它常用参数
• 参数大全
  • 2.1 所有长短参数
  • 2.2 可用的--wirte-out变量

https://ec.haxx.se/ 英文在线文档
Everything-curl github地址

curl的用法

1.1 URL通配

通配类型	通配举例
数字	curl -O http://example.com/[1-100].png
	curl -O http://example.com/[001-100].png
	curl -O http://example.com[0-100:2].png
字母	curl -O http://example.com/section[a-z].html
列表	curl -O http://example.com/{one,two,three,alpah,beta}.html
组合	curl -O http://example.com/chess-[0-1]x[0-7].jpg
	curl -O http://example.com/{web,email}-log[0-6].txt

1.2 配置文件

当你的命令行比较长的时候，你可以将参数写在文件中，然后curl的时候调用。

curl -K cmdline.txt http://example.com

cmdline.txt 中可以包含你想要指定的参数：

# 还可以添加注释
--location
# 使用长短格式均可
head
# 但命令行选项和其参数需要在同一行
user-agent "Everythis-is-an-agent"
# 也可以添加=符号
user-agent = "Everythin-is-an-agent"
# 没有空格的时候，引号可以省去
user-agent = Everything-is-an-agent

curl 会检查是否存在默认配置文件（除非使用了-q)，如果存在，则使用这个配置文件。
在类Unix系统中，会查找 .curlrc 文件，在windows系统中，会查找 _curlrc 文件

1.3 认证和进度指示器

# 简单认证
curl -u alice:12345 http://example.com
# 关闭进度指示器
-s 或 --silent
# 简单进度指示器
-# 或 -progress-bar

1.4 其它常用参数

参数	长格式	作用	说明	示例
-v	--verbose	详细模式	显示更多信息
	--trace [filename]	将信息保存到文件中	--trace-ascii可显示字符	curl --trace dump http://example.com
	--trace-time	输出信息加时间戳
-w	--write-out	结束输出信息	可指定字符串，@文件读取，@-从stdin读取，还可使用%{name}访问变量	curl -w "Type: %{content_type}\nCode: %{response_code}\n" http://example.com
-s	--silent	静默模式	可加 --show-error 来显示错误信息
-o [filename]	--output [filename]	将下载内容保存到filename	如多个url文件需使用多个-O 或 --remote-name-all	curl -o -o url1 url2
-O	--remote-name	使用原资源名保存文件	注：重定向后名字不会变
-J	--remote-header-name	使用header中指定的文件名
	--compressed	使用压缩算法加快传输速度
> [filename]		shell重定向		curl http://example.com > files.html
	--max-filesize [size]	指定最大文件大小
	--raw	传输原始数据	适用于自行解码的场景
	--retry [num]	失败重试	--retry-delay指定间隔，否则指数上升，--retry-max-time指定最大重试时间
	--max-time	指定单个传输最长时间
-C	--continue-at [num]	指定从num字节偏移处下载	指定 num 为 - 则继续之前的下载，--range num1-num2 下载部分
	--connect-timeout [n秒]	最大连接时间
	--interface [接口]	指定本地接口		curl --interface eth0 http://example.com curl --interface 192.168.0.2 http://example.com
	--local-port [port]	指定本地端口		curl --local-port 4000-4200 http://example.com
	--keepalive-time [num秒]	指定keepalive时间
	--no-keeyalive	禁用keepalive
-x	--proxy	使用代理		curl -x 192.168.0.1:8080 http://example.com
	--path-as-is	不对url进行压缩	ok/../会压缩为/
-d	--data	以post方式发送数据	使用@filename从文件读取,使用--data-binary读取二进制数据	curl -d name=admin -d show=yes http://example.com
	Content-Type	指定发送的数据类型		curl -d '{json}' -H 'Content-Type: application/json' http://example.com
	-L -b	使用cookie		curl -L -b cookies.txt http://example.com

参数大全

2.1 所有长短参数

Usage: curl [options...] <url>
     --abstract-unix-socket <path> Connect via abstract Unix domain socket
     --anyauth       Pick any authentication method
 -a, --append        Append to target file when uploading
     --basic         Use HTTP Basic Authentication
     --cacert <file> CA certificate to verify peer against
     --capath <dir>  CA directory to verify peer against
 -E, --cert <certificate[:password]> Client certificate file and password
     --cert-status   Verify the status of the server certificate
     --cert-type <type> Certificate file type (DER/PEM/ENG)
     --ciphers <list of ciphers> SSL ciphers to use
     --compressed    Request compressed response
     --compressed-ssh Enable SSH compression
 -K, --config <file> Read config from a file
     --connect-timeout <seconds> Maximum time allowed for connection
     --connect-to <HOST1:PORT1:HOST2:PORT2> Connect to host
 -C, --continue-at <offset> Resumed transfer offset
 -b, --cookie <data> Send cookies from string/file
 -c, --cookie-jar <filename> Write cookies to <filename> after operation
     --create-dirs   Create necessary local directory hierarchy
     --crlf          Convert LF to CRLF in upload
     --crlfile <file> Get a CRL list in PEM format from the given file
 -d, --data <data>   HTTP POST data
     --data-ascii <data> HTTP POST ASCII data
     --data-binary <data> HTTP POST binary data
     --data-raw <data> HTTP POST data, '@' allowed
     --data-urlencode <data> HTTP POST data url encoded
     --delegation <LEVEL> GSS-API delegation permission
     --digest        Use HTTP Digest Authentication
 -q, --disable       Disable .curlrc
     --disable-eprt  Inhibit using EPRT or LPRT
     --disable-epsv  Inhibit using EPSV
     --dns-interface <interface> Interface to use for DNS requests
     --dns-ipv4-addr <address> IPv4 address to use for DNS requests
     --dns-ipv6-addr <address> IPv6 address to use for DNS requests
     --dns-servers <addresses> DNS server addrs to use
 -D, --dump-header <filename> Write the received headers to <filename>
     --egd-file <file> EGD socket path for random data
     --engine <name> Crypto engine to use
     --expect100-timeout <seconds> How long to wait for 100-continue
 -f, --fail          Fail silently (no output at all) on HTTP errors
     --fail-early    Fail on first transfer error, do not continue
     --false-start   Enable TLS False Start
 -F, --form <name=content> Specify multipart MIME data
     --form-string <name=string> Specify multipart MIME data
     --ftp-account <data> Account data string
     --ftp-alternative-to-user <command> String to replace USER [name]
     --ftp-create-dirs Create the remote dirs if not present
     --ftp-method <method> Control CWD usage
     --ftp-pasv      Use PASV/EPSV instead of PORT
 -P, --ftp-port <address> Use PORT instead of PASV
     --ftp-pret      Send PRET before PASV
     --ftp-skip-pasv-ip Skip the IP address for PASV
     --ftp-ssl-ccc   Send CCC after authenticating
     --ftp-ssl-ccc-mode <active/passive> Set CCC mode
     --ftp-ssl-control Require SSL/TLS for FTP login, clear for transfer
 -G, --get           Put the post data in the URL and use GET
 -g, --globoff       Disable URL sequences and ranges using {} and []
 -I, --head          Show document info only
 -H, --header <header/@file> Pass custom header(s) to server
 -h, --help          This help text
     --hostpubmd5 <md5> Acceptable MD5 hash of the host public key
 -0, --http1.0       Use HTTP 1.0
     --http1.1       Use HTTP 1.1
     --http2         Use HTTP 2
     --http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade
     --ignore-content-length Ignore the size of the remote resource
 -i, --include       Include protocol response headers in the output
 -k, --insecure      Allow insecure server connections when using SSL
     --interface <name> Use network INTERFACE (or address)
 -4, --ipv4          Resolve names to IPv4 addresses
 -6, --ipv6          Resolve names to IPv6 addresses
 -j, --junk-session-cookies Ignore session cookies read from file
     --keepalive-time <seconds> Interval time for keepalive probes
     --key <key>     Private key file name
     --key-type <type> Private key file type (DER/PEM/ENG)
     --krb <level>   Enable Kerberos with security <level>
     --libcurl <file> Dump libcurl equivalent code of this command line
     --limit-rate <speed> Limit transfer speed to RATE
 -l, --list-only     List only mode
     --local-port <num/range> Force use of RANGE for local port numbers
 -L, --location      Follow redirects
     --location-trusted Like --location, and send auth to other hosts
     --login-options <options> Server login options
     --mail-auth <address> Originator address of the original email
     --mail-from <address> Mail from this address
     --mail-rcpt <address> Mail to this address
 -M, --manual        Display the full manual
     --max-filesize <bytes> Maximum file size to download
     --max-redirs <num> Maximum number of redirects allowed
 -m, --max-time <time> Maximum time allowed for the transfer
     --metalink      Process given URLs as metalink XML file
     --negotiate     Use HTTP Negotiate (SPNEGO) authentication
 -n, --netrc         Must read .netrc for user name and password
     --netrc-file <filename> Specify FILE for netrc
     --netrc-optional Use either .netrc or URL
 -:, --next          Make next URL use its separate set of options
     --no-alpn       Disable the ALPN TLS extension
 -N, --no-buffer     Disable buffering of the output stream
     --no-keepalive  Disable TCP keepalive on the connection
     --no-npn        Disable the NPN TLS extension
     --no-sessionid  Disable SSL session-ID reusing
     --noproxy <no-proxy-list> List of hosts which do not use proxy
     --ntlm          Use HTTP NTLM authentication
     --ntlm-wb       Use HTTP NTLM authentication with winbind
     --oauth2-bearer <token> OAuth 2 Bearer Token
 -o, --output <file> Write to file instead of stdout
     --pass <phrase> Pass phrase for the private key
     --path-as-is    Do not squash .. sequences in URL path
     --pinnedpubkey <hashes> FILE/HASHES Public key to verify peer against
     --post301       Do not switch to GET after following a 301
     --post302       Do not switch to GET after following a 302
     --post303       Do not switch to GET after following a 303
     --preproxy [protocol://]host[:port] Use this proxy first
 -#, --progress-bar  Display transfer progress as a bar
     --proto <protocols> Enable/disable PROTOCOLS
     --proto-default <protocol> Use PROTOCOL for any URL missing a scheme
     --proto-redir <protocols> Enable/disable PROTOCOLS on redirect
 -x, --proxy [protocol://]host[:port] Use this proxy
     --proxy-anyauth Pick any proxy authentication method
     --proxy-basic   Use Basic authentication on the proxy
     --proxy-cacert <file> CA certificate to verify peer against for proxy
     --proxy-capath <dir> CA directory to verify peer against for proxy
     --proxy-cert <cert[:passwd]> Set client certificate for proxy
     --proxy-cert-type <type> Client certificate type for HTTS proxy
     --proxy-ciphers <list> SSL ciphers to use for proxy
     --proxy-crlfile <file> Set a CRL list for proxy
     --proxy-digest  Use Digest authentication on the proxy
     --proxy-header <header/@file> Pass custom header(s) to proxy
     --proxy-insecure Do HTTPS proxy connections without verifying the proxy
     --proxy-key <key> Private key for HTTPS proxy
     --proxy-key-type <type> Private key file type for proxy
     --proxy-negotiate Use HTTP Negotiate (SPNEGO) authentication on the proxy
     --proxy-ntlm    Use NTLM authentication on the proxy
     --proxy-pass <phrase> Pass phrase for the private key for HTTPS proxy
     --proxy-service-name <name> SPNEGO proxy service name
     --proxy-ssl-allow-beast Allow security flaw for interop for HTTPS proxy
     --proxy-tlsauthtype <type> TLS authentication type for HTTPS proxy
     --proxy-tlspassword <string> TLS password for HTTPS proxy
     --proxy-tlsuser <name> TLS username for HTTPS proxy
     --proxy-tlsv1   Use TLSv1 for HTTPS proxy
 -U, --proxy-user <user:password> Proxy user and password
     --proxy1.0 <host[:port]> Use HTTP/1.0 proxy on given port
 -p, --proxytunnel   Operate through a HTTP proxy tunnel (using CONNECT)
     --pubkey <key>  SSH Public key file name
 -Q, --quote         Send command(s) to server before transfer
     --random-file <file> File for reading random data from
 -r, --range <range> Retrieve only the bytes within RANGE
     --raw           Do HTTP "raw"; no transfer decoding
 -e, --referer <URL> Referrer URL
 -J, --remote-header-name Use the header-provided filename
 -O, --remote-name   Write output to a file named as the remote file
     --remote-name-all Use the remote file name for all URLs
 -R, --remote-time   Set the remote file's time on the local output
 -X, --request <command> Specify request command to use
     --request-target Specify the target for this request
     --resolve <host:port:address> Resolve the host+port to this address
     --retry <num>   Retry request if transient problems occur
     --retry-connrefused Retry on connection refused (use with --retry)
     --retry-delay <seconds> Wait time between retries
     --retry-max-time <seconds> Retry only within this period
     --sasl-ir       Enable initial response in SASL authentication
     --service-name <name> SPNEGO service name
 -S, --show-error    Show error even when -s is used
 -s, --silent        Silent mode
     --socks4 <host[:port]> SOCKS4 proxy on given host + port
     --socks4a <host[:port]> SOCKS4a proxy on given host + port
     --socks5 <host[:port]> SOCKS5 proxy on given host + port
     --socks5-basic  Enable username/password auth for SOCKS5 proxies
     --socks5-gssapi Enable GSS-API auth for SOCKS5 proxies
     --socks5-gssapi-nec Compatibility with NEC SOCKS5 server
     --socks5-gssapi-service <name> SOCKS5 proxy service name for GSS-API
     --socks5-hostname <host[:port]> SOCKS5 proxy, pass host name to proxy
 -Y, --speed-limit <speed> Stop transfers slower than this
 -y, --speed-time <seconds> Trigger 'speed-limit' abort after this time
     --ssl           Try SSL/TLS
     --ssl-allow-beast Allow security flaw to improve interop
     --ssl-no-revoke Disable cert revocation checks (WinSSL)
     --ssl-reqd      Require SSL/TLS
 -2, --sslv2         Use SSLv2
 -3, --sslv3         Use SSLv3
     --stderr        Where to redirect stderr
     --suppress-connect-headers Suppress proxy CONNECT response headers
     --tcp-fastopen  Use TCP Fast Open
     --tcp-nodelay   Use the TCP_NODELAY option
 -t, --telnet-option <opt=val> Set telnet option
     --tftp-blksize <value> Set TFTP BLKSIZE option
     --tftp-no-options Do not send any TFTP options
 -z, --time-cond <time> Transfer based on a time condition
     --tls-max <VERSION> Use TLSv1.0 or greater
     --tlsauthtype <type> TLS authentication type
     --tlspassword   TLS password
     --tlsuser <name> TLS user name
 -1, --tlsv1         Use TLSv1.0 or greater
     --tlsv1.0       Use TLSv1.0
     --tlsv1.1       Use TLSv1.1
     --tlsv1.2       Use TLSv1.2
     --tlsv1.3       Use TLSv1.3
     --tr-encoding   Request compressed transfer encoding
     --trace <file>  Write a debug trace to FILE
     --trace-ascii <file> Like --trace, but without hex output
     --trace-time    Add time stamps to trace/verbose output
     --unix-socket <path> Connect through this Unix domain socket
 -T, --upload-file <file> Transfer local FILE to destination
     --url <url>     URL to work with
 -B, --use-ascii     Use ASCII/text transfer
 -u, --user <user:password> Server user and password
 -A, --user-agent <name> Send User-Agent <name> to server
 -v, --verbose       Make the operation more talkative
 -V, --version       Show version number and quit
 -w, --write-out <format> Use output FORMAT after completion
     --xattr         Store metadata in extended file attributes

2.2 可用的--wirte-out变量

变量	说明

• %{content_type} | the Content-Type of the requested document, if there was any.
• %{filename_effective} | the ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the --remote-name or --output option. It's most useful in combination with the --remote-header-name option.
• %{ftp_entry_path} | the initial path curl ended up in when logging on to the remote FTP server.
• %{http_code} | the old variable name for what is now known as response_code.
• %{http_connect} | the numerical code that was found in the last response (from a proxy) to a curl CONNECT request.
• %{http_version} | The http version that was used.
• %{json} | all write-out variables as a single JSON object.
• %{local_ip} | the IP address of the local end of the most recently done connection—can be either IPv4 or IPv6
• %{local_port} | the local port number of the most recently made connection
• %{method} | HTTP method the most recent request used
• %{num_connects} | the number of new connects made in the recent transfer.
• %{num_headers} | number of response headers in the last responsea
• %{num_redirects} | number of redirects that were followed in the request.
• %{proxy_ssl_verify_result} | the result of the SSL peer certificate verification that was requested when communicating with a proxy. 0 means the verification was successful.
• %{redirect_url} | the actual URL a redirect would take you to when an HTTP request was made without -L to follow redirects.
• %{remote_ip} | the remote IP address of the most recently made connection—can be either IPv4 or IPv6.
• %{remote_port} | the remote port number of the most recently made connection.
• %{response_code} | the numerical response code that was found in the last transfer.
• %{scheme} | scheme used in the previous URL
• %{size_download} | the total number of bytes that were downloaded.
• %{size_header} | the total number of bytes of the downloaded headers.
• %{size_request} | the total number of bytes that were sent in the HTTP request.
• %{size_upload} | the total number of bytes that were uploaded.
• %{speed_download} | the average download speed that curl measured for the complete download in bytes per second.
• %{speed_upload} | the average upload speed that curl measured for the complete upload in bytes per second.
• %{ssl_verify_result} | the result of the SSL peer certificate verification that was requested. 0 means the verification was successful.
• %{stderr} | - makes the rest of the output get written to stderr.
• %{stdout} | - makes the rest of the output get written to stdout.
• %{time_appconnect} | the time, in seconds, it took from the start until the SSL/SSH/etc connect/handshake to the remote host was completed.
• %{time_connect} | the time, in seconds, it took from the start until the TCP connect to the remote host (or proxy) was completed.
• %{time_namelookup} | the time, in seconds, it took from the start until the name resolving was completed.
• %{time_pretransfer} | the time, in seconds, it took from the start until the file transfer was just about to begin. This includes all pre-transfer commands and negotiations that are specific to the particular protocol(s) involved.
• %{time_redirect} | the time, in seconds, it took for all redirection steps including name lookup, connect, pre-transfer and transfer before the final transaction was started. time_redirect the complete execution time for multiple redirections.
• %{time_starttransfer} | the time, in seconds, it took from the start until the first byte was just about to be transferred. This includes time_pretransfer and also the time the server needed to calculate the result.
• %{time_total} | the total time, in seconds, that the full operation lasted. The time will be displayed with millisecond resolution.
• %{url_effective} | the URL that was fetched last. This is particularly meaningful if you have told curl to follow Location: headers (with -L).