Curl Tricks
Master HTTP requests from the command line
🌐 What is Curl?
Curl is a command-line tool for transferring data using URLs. It supports HTTP, HTTPS, FTP, and many other protocols, making it perfect for testing APIs, downloading files, and debugging web services.
# Basic GET request
curl https://api.example.com
# Check curl version
curl --version
Output:
{"status": "success", "data": "Hello World"}
curl 8.1.2 (x86_64-pc-linux-gnu)
Essential Curl Operations
GET
Retrieve data from server
curl https://api.comPOST
Send data to server
curl -X POST urlHeaders
Add custom headers
curl -H "Key: Value"Download
Save response to file
curl -O url🔹 Basic GET Requests
Perform fundamental data retrieval operations using curl to execute GET requests against web servers and APIs. The basic syntax curl https://api.example.com/data fetches content directly to your terminal. For saving responses to files, add the -o flag: curl -o output.json https://api.example.com/data. To follow redirects automatically, include -L, and for quick status checks use -I to view only headers. These GET request techniques form the foundation for web scraping, API testing, and remote data retrieval in development workflows.
# Simple GET request
curl https://api.github.com
# Follow redirects
curl -L https://short.url
# Save to file
curl -o output.html https://example.com
# Show response headers
curl -i https://api.example.com
# Show only headers
curl -I https://example.com
# Silent mode (no progress bar)
curl -s https://api.example.comOutput:
HTTP/1.1 200 OK
Content-Type: application/json
{"message": "Success"}
🔹 POST Requests with Data
Sending data to a server via a POST request is essential for interacting with web APIs and submitting forms. Use the combination -X POST to specify the method and -d 'your data' to include the request body. For example, curl -X POST -d 'key1=value1&key2=value2' https://api.example.com/submit sends form-encoded data. To send JSON, add a content-type header: curl -X POST -H "Content-Type: application/json" -d '{"name":"John"}' https://api.example.com/users. This capability makes curl a full-featured client for testing RESTful endpoints and automating data submissions.
# POST with form data
curl -X POST -d "name=John&age=30" https://api.example.com
# POST with JSON data
curl -X POST -H "Content-Type: application/json" \
-d '{"name":"John","age":30}' \
https://api.example.com/users
# POST from file
curl -X POST -d @data.json https://api.example.com
# POST with multiple fields
curl -X POST \
-F "[email protected]" \
-F "title=My Photo" \
https://api.example.com/uploadOutput:
{"id": 123, "status": "created", "name": "John"}
🔹 Authentication Methods
Implement secure API access through multiple authentication mechanisms supported by curl for protected resources and services. For basic authentication, use -u username:password, while OAuth2 tokens require the -H "Authorization: Bearer token" header approach. API keys typically use -H "X-API-Key: your_key", and custom schemes can be implemented with appropriate header configurations. These authentication methods ensure secure access to protected endpoints while maintaining compatibility with modern API security standards and authorization workflows.
# Basic authentication
curl -u username:password https://api.example.com
# Bearer token
curl -H "Authorization: Bearer TOKEN123" \
https://api.example.com
# API key in header
curl -H "X-API-Key: your-api-key" \
https://api.example.com
# API key in URL
curl "https://api.example.com?api_key=your-key"
# Custom auth header
curl -H "X-Auth-Token: abc123" \
https://api.example.comOutput:
{"authenticated": true, "user": "john_doe"}
🔹 Custom Headers
Custom HTTP headers are vital for API authentication, content negotiation, and sending metadata. Use the -H flag to add any header to your curl request. You can specify multiple headers by using -H repeatedly in a single command. Common use cases include setting the Authorization header with a Bearer token (-H "Authorization: Bearer YOUR_TOKEN"), defining the accepted content type (-H "Accept: application/json"), or specifying custom API keys. This flexibility allows curl to mimic browser requests and interact with virtually any modern web service that requires specific headers.
# Single header
curl -H "Content-Type: application/json" \
https://api.example.com
# Multiple headers
curl -H "Accept: application/json" \
-H "User-Agent: MyApp/1.0" \
-H "X-Custom-Header: value" \
https://api.example.com
# Set cookie
curl -H "Cookie: session=abc123" \
https://api.example.com
# Set referer
curl -H "Referer: https://example.com" \
https://api.example.comOutput:
{"headers_received": true, "content_type": "application/json"}
🔹 Downloading Files
Efficiently retrieve files from remote servers using curl's versatile download options for individual and batch operations. Use curl -O https://example.com/file.zip to save with the original filename, or curl -o customname.zip https://example.com/file.zip to specify a custom name. For resuming interrupted downloads, employ -C -, and monitor progress with --progress-bar. Multiple simultaneous downloads can be achieved through scripting or parallel execution. These download techniques ensure reliable file retrieval for software distribution, media acquisition, and backup operations.
# Download and save with original name
curl -O https://example.com/file.zip
# Download with custom name
curl -o myfile.zip https://example.com/file.zip
# Resume download
curl -C - -O https://example.com/largefile.zip
# Download multiple files
curl -O https://example.com/file1.zip \
-O https://example.com/file2.zip
# Show progress bar
curl -# -O https://example.com/file.zip
# Download silently
curl -s -O https://example.com/file.zipOutput:
######################################################################## 100.0% file.zip saved successfully
🔹 Testing and Debugging
Diagnose and troubleshoot HTTP requests using curl's comprehensive debugging and analysis features for connection verification. Enable verbose output with -v to view full request/response details, or use --trace for even deeper inspection. Measure timing with -w format options, test SSL configurations with appropriate flags, and simulate different network conditions. These debugging capabilities help identify connection issues, optimize request performance, and ensure reliable communication with web services and APIs during development and production monitoring.
# Verbose output
curl -v https://api.example.com
# Show timing information
curl -w "\nTime: %{time_total}s\n" \
https://api.example.com
# Test response time
curl -o /dev/null -s -w "Time: %{time_total}s\n" \
https://api.example.com
# Show only HTTP status code
curl -o /dev/null -s -w "%{http_code}\n" \
https://api.example.com
# Trace request
curl --trace-ascii trace.txt \
https://api.example.comOutput:
* Connected to api.example.com (93.184.216.34) > GET / HTTP/1.1 < HTTP/1.1 200 OK Time: 0.234s
🔹 Advanced Tricks
Master sophisticated curl techniques for complex scenarios including custom methods, traffic control, and specialized routing. Implement custom HTTP methods with -X PURGE, limit transfer rates using --limit-rate 1M, configure timeouts with --max-time 30, and route through proxies with --proxy http://proxy:port. Handle cookies effectively with -c and -b flags, manage redirect behavior, and implement retry logic for unreliable connections. These advanced features enable enterprise-grade HTTP operations and complex workflow automation.
# Custom request method
curl -X PUT https://api.example.com/resource
# Limit download speed
curl --limit-rate 100K -O https://example.com/file.zip
# Set timeout
curl --max-time 10 https://api.example.com
# Use proxy
curl -x proxy.example.com:8080 https://api.example.com
# Save and send cookies
curl -c cookies.txt -b cookies.txt https://example.com
# Follow redirects with limit
curl -L --max-redirs 5 https://short.urlOutput:
Download speed limited to 100KB/s Timeout set to 10 seconds Using proxy: proxy.example.com:8080