-a, --append | Append to target file when uploading |
-E, --cert <certificate[:password]> | Client certificate file and password |
-K, --config <file> | Read config from a file |
-C, --continue-at <offset> | Resumed transfer offset |
-b, --cookie <data or filename> | Send cookies from string/file |
-c, --cookie-jar <filename> | Write cookies to <filename> after operation |
-d, --data <data> | |
-q, --disable | Disable .curlrc |
-D, --dump-header <filename> | Write the received headers to <filename> |
-f, --fail | Fail silently (no output at all) on HTTP errors |
-F, --form <content> | |
-P, --ftp-port <address> | Use PORT instead of PASV |
-G, --get | Put the post data in the URL and use GET |
-g, --globoff | Disable URL sequences and ranges using {} and [] |
-I, --head | Show document info only |
-H, --header <header/file> | Pass custom header(s) to server |
-h, --help | This help text |
-0, --http1.0 | Use HTTP 1.0 |
-i, --include | Include protocol response headers in the output |
-k, --insecure | Allow insecure server connections when using SSL |
-4, --ipv4 | Resolve names to IPv4 addresses |
-6, --ipv6 | Resolve names to IPv6 addresses |
-j, --junk-session-cookies | Ignore session cookies read from file |
-l, --list-only | List only mode |
-L, --location | Follow redirects |
-M, --manual | Display the full manual |
-m, --max-time <seconds> | Maximum time allowed for the transfer |
-n, --netrc | Must read .netrc for user name and password |
-:, --next | Make next URL use its separate set of options |
-N, --no-buffer | Disable buffering of the output stream |
-o, --output <file> | Write to file instead of stdout |
-#, --progress-bar | Display transfer progress as a bar |
-x, --proxy | [protocol://]host[:port] Use this proxy |
-U, --proxy-user <user:password> | Proxy user and password |
-p, --proxytunnel | Operate through an HTTP proxy tunnel (using CONNECT) |
-Q, --quote | Send command(s) to server before transfer |
-r, --range <range> | Retrieve only the bytes within RANGE |
-e, --referer <URL> | Referrer URL |
-J, --remote-header-name | Use the header-provided filename |
-O, --remote-name | Write output to a file named as the remote file |
-R, --remote-time | Set the remote file's time on the local output |
-X, --request <command> | Specify request command to use |
-S, --show-error | Show error even when -s is used |
-s, --silent | Silent mode |
-Y, --speed-limit <speed> | Stop transfers slower than this |
-y, --speed-time <seconds> | Trigger 'speed-limit' abort after this time |
-2, --sslv2 | Use SSLv2 |
-3, --sslv3 | Use SSLv3 |
-t, --telnet-option <val> | Set telnet option |
-z, --time-cond <time> | Transfer based on a time condition |
-1, --tlsv1 | Use TLSv1.0 or greater |
-T, --upload-file <file> | Transfer local FILE to destination |
-B, --use-ascii | Use ASCII/text transfer |
-u, --user <user:password> | Server user and password |
-A, --user-agent <name> | Send User-Agent <name> to server |
-v, --verbose | Make the operation more talkative |
-V, --version | Show version number and quit |
-w, --write-out <format> | Use output FORMAT after completion |
--abstract-unix-socket <path> | Connect via abstract Unix domain socket |
--alt-svc <file> | Name> Enable alt-svc with this cache file |
--anyauth | Pick any authentication method |
--basic | Use HTTP Basic Authentication |
--cacert <file> | CA certificate to verify peer against |
--capath <dir> | CA directory to verify peer against |
--cert-status | Verify the status of the server certificate |
--cert-type <type> | Certificate file type |
--ciphers <list> | Of ciphers> SSL ciphers to use |
--compressed | Request compressed response |
--compressed-ssh | Enable SSH compression |
--connect-timeout <seconds> | Maximum time allowed for connection |
--connect-to <HOST1:PORT1:HOST2:PORT2> | Connect to host |
--create-dirs | Create necessary local directory hierarchy |
--crlf | Convert LF to CRLF in upload |
--crlfile <file> | Get a CRL list in PEM format from the given file |
--data-ascii <data> | HTTP POST ASCII data |
--data-binary <data> | HTTP POST binary data |
--data-raw <data> | HTTP POST data, '@' allowed |
--data-urlencode <data> | HTTP POST data url encoded |
--delegation <LEVEL> | GSS-API delegation permission |
--digest | Use HTTP Digest Authentication |
--disable-eprt | Inhibit using EPRT or LPRT |
--disable-epsv | Inhibit using EPSV |
--disallow-username-in-url | Disallow username in url |
--dns-interface <interface> | Interface to use for DNS requests |
--dns-ipv4-addr <address> | IPv4 address to use for DNS requests |
--dns-ipv6-addr <address> | IPv6 address to use for DNS requests |
--dns-servers <addresses> | DNS server addrs to use |
--doh-url <URL> | Resolve host names over DOH |
--egd-file <file> | EGD socket path for random data |
--engine <name> | Crypto engine to use |
--expect100-timeout <seconds> | How long to wait for 100-continue |
--fail-early | Fail on first transfer error, do not continue |
--false-start | Enable TLS False Start |
--form-string <string> | Specify multipart MIME data |
--ftp-account <data> | Account data string |
--ftp-alternative-to-user <command> | String to replace USER [name] |
--ftp-create-dirs | Create the remote dirs if not present |
--ftp-method <method> | Control CWD usage |
--ftp-pasv | Use PASV/EPSV instead of PORT |
--ftp-pret | Send PRET before PASV |
--ftp-skip-pasv-ip | Skip the IP address for PASV |
--ftp-ssl-ccc | Send CCC after authenticating |
--ftp-ssl-ccc-mode <mode> | Set CCC mode |
--ftp-ssl-control | Require SSL/TLS for FTP login, clear for transfer |
--happy-eyeballs-timeout-ms <milliseconds> | How long to wait in milliseconds for IPv6 before trying IPv4 |
--haproxy-protocol | Send HAProxy PROXY protocol v1 header |
--hostpubmd5 <md5> | Acceptable MD5 hash of the host public key |
--http0.9 | Allow HTTP 0.9 responses |
--http1.1 | Use HTTP 1.1 |
--http2 | Use HTTP 2 |
--http2-prior-knowledge | Use HTTP 2 without HTTP/1.1 Upgrade |
--ignore-content-length | Ignore the size of the remote resource |
--interface <name> | Use network INTERFACE (or address) |
--keepalive-time <seconds> | Interval time for keepalive probes |
--key <key> | Private key file name |
--key-type <type> | Private key file type |
--krb <level> | Enable Kerberos with security <level> |
--libcurl <file> | Dump libcurl equivalent code of this command line |
--limit-rate <speed> | Limit transfer speed to RATE |
--local-port <num/range> | Force use of RANGE for local port numbers |
--location-trusted | Like --location, and send auth to other hosts |
--login-options <options> | Server login options |
--mail-auth <address> | Originator address of the original email |
--mail-from <address> | Mail from this address |
--mail-rcpt <address> | Mail to this address |
--max-filesize <bytes> | Maximum file size to download |
--max-redirs <num> | Maximum number of redirects allowed |
--metalink | Process given URLs as metalink XML file |
--negotiate | Use HTTP Negotiate (SPNEGO) authentication |
--netrc-file <filename> | Specify FILE for netrc |
--netrc-optional | Use either .netrc or URL |
--no-alpn | Disable the ALPN TLS extension |
--no-keepalive | Disable TCP keepalive on the connection |
--no-npn | Disable the NPN TLS extension |
--no-sessionid | Disable SSL session-ID reusing |
--noproxy <no-proxy-list> | List of hosts which do not use proxy |
--ntlm | Use HTTP NTLM authentication |
--ntlm-wb | Use HTTP NTLM authentication with winbind |
--oauth2-bearer <token> | OAuth 2 Bearer Token |
--pass <phrase> | Pass phrase for the private key |
--path-as-is | Do not squash .. sequences in URL path |
--pinnedpubkey <hashes> | FILE/HASHES Public key to verify peer against |
--post301 | Do not switch to GET after following a 301 |
--post302 | Do not switch to GET after following a 302 |
--post303 | Do not switch to GET after following a 303 |
--preproxy | [protocol://]host[:port] Use this proxy first |
--proto <protocols> | Enable/disable PROTOCOLS |
--proto-default <protocol> | Use PROTOCOL for any URL missing a scheme |
--proto-redir <protocols> | Enable/disable PROTOCOLS on redirect |
--proxy-anyauth | Pick any proxy authentication method |
--proxy-basic | Use Basic authentication on the proxy |
--proxy-cacert <file> | CA certificate to verify peer against for proxy |
--proxy-capath <dir> | CA directory to verify peer against for proxy |
--proxy-cert <cert[:passwd]> | Set client certificate for proxy |
--proxy-cert-type <type> | Client certificate type for HTTPS proxy |
--proxy-ciphers <list> | SSL ciphers to use for proxy |
--proxy-crlfile <file> | Set a CRL list for proxy |
--proxy-digest | Use Digest authentication on the proxy |
--proxy-header <header/file> | Pass custom header(s) to proxy |
--proxy-insecure | Do HTTPS proxy connections without verifying the proxy |
--proxy-key <key> | Private key for HTTPS proxy |
--proxy-key-type <type> | Private key file type for proxy |
--proxy-negotiate | Use HTTP Negotiate (SPNEGO) authentication on the proxy |
--proxy-ntlm | Use NTLM authentication on the proxy |
--proxy-pass <phrase> | Pass phrase for the private key for HTTPS proxy |
--proxy-pinnedpubkey <hashes> | FILE/HASHES public key to verify proxy with |
--proxy-service-name <name> | SPNEGO proxy service name |
--proxy-ssl-allow-beast | Allow security flaw for interop for HTTPS proxy |
--proxy-tls13-ciphers <ciphersuite> | List> TLS 1.3 proxy cipher suites |
--proxy-tlsauthtype <type> | TLS authentication type for HTTPS proxy |
--proxy-tlspassword <string> | TLS password for HTTPS proxy |
--proxy-tlsuser <name> | TLS username for HTTPS proxy |
--proxy-tlsv1 | Use TLSv1 for HTTPS proxy |
--proxy1.0 <host[:port]> | Use HTTP/1.0 proxy on given port |
--pubkey <key> | SSH Public key file name |
--random-file <file> | File for reading random data from |
--raw | Do HTTP "raw"; no transfer decoding |
--remote-name-all | Use the remote file name for all URLs |
--request-target | Specify the target for this request |
--resolve <host:port:address[,address]...> | Resolve the host+port to this address |
--retry <num> | Retry request if transient problems occur |
--retry-connrefused | Retry on connection refused (use with --retry) |
--retry-delay <seconds> | Wait time between retries |
--retry-max-time <seconds> | Retry only within this period |
--sasl-ir | Enable initial response in SASL authentication |
--service-name <name> | SPNEGO service name |
--socks4 <host[:port]> | SOCKS4 proxy on given host + port |
--socks4a <host[:port]> | SOCKS4a proxy on given host + port |
--socks5 <host[:port]> | SOCKS5 proxy on given host + port |
--socks5-basic | Enable username/password auth for SOCKS5 proxies |
--socks5-gssapi | Enable GSS-API auth for SOCKS5 proxies |
--socks5-gssapi-nec | Compatibility with NEC SOCKS5 server |
--socks5-gssapi-service <name> | SOCKS5 proxy service name for GSS-API |
--socks5-hostname <host[:port]> | SOCKS5 proxy, pass host name to proxy |
--ssl | Try SSL/TLS |
--ssl-allow-beast | Allow security flaw to improve interop |
--ssl-no-revoke | Disable cert revocation checks (Schannel) |
--ssl-reqd | Require SSL/TLS |
--stderr | Where to redirect stderr |
--styled-output | Enable styled output for HTTP headers |
--suppress-connect-headers | Suppress proxy CONNECT response headers |
--tcp-fastopen | Use TCP Fast Open |
--tcp-nodelay | Use the TCP_NODELAY option |
--tftp-blksize <value> | Set TFTP BLKSIZE option |
--tftp-no-options | Do not send any TFTP options |
--tls-max <VERSION> | Set maximum allowed TLS version |
--tls13-ciphers <list> | Of TLS 1.3 ciphersuites> TLS 1.3 cipher suites to use |
--tlsauthtype <type> | TLS authentication type |
--tlspassword | TLS password |
--tlsuser <name> | TLS user name |
--tlsv1.0 | Use TLSv1.0 or greater |
--tlsv1.1 | Use TLSv1.1 or greater |
--tlsv1.2 | Use TLSv1.2 or greater |
--tlsv1.3 | Use TLSv1.3 or greater |
--tr-encoding | Request compressed transfer encoding |
--trace <file> | Write a debug trace to FILE |
--trace-ascii <file> | Like --trace, but without hex output |
--trace-time | Add time stamps to trace/verbose output |
--unix-socket <path> | Connect through this Unix domain socket |
--url <url> | URL to work with |
--xattr | Store metadata in extended file attributes |