curl/docs/cmdline-opts/proxy.md

---
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
SPDX-License-Identifier: curl
Long: proxy
Short: x
Arg: [protocol://]host[:port]
Help: Use this proxy
Category: proxy
Added: 4.0
Multi: single
See-also:
  - socks5
  - proxy-basic
Example:
  - --proxy http://proxy.example $URL
---

# `--proxy`

Use the specified proxy.

The proxy string can be specified with a protocol:// prefix. No protocol
specified or http:// it is treated as an HTTP proxy. Use socks4://,
socks4a://, socks5:// or socks5h:// to request a specific SOCKS version to be
used.  (Added in 7.21.7)

Unix domain sockets are supported for socks proxy. Set localhost for the host
part. e.g. socks5h://localhost/path/to/socket.sock

HTTPS proxy support works set with the https:// protocol prefix for OpenSSL
and GnuTLS (added in 7.52.0). It also works for BearSSL, mbedTLS, rustls,
Schannel, Secure Transport and wolfSSL (added in 7.87.0).

Unrecognized and unsupported proxy protocols cause an error (added in 7.52.0).
Ancient curl versions ignored unknown schemes and used http:// instead.

If the port number is not specified in the proxy string, it is assumed to be
1080.

This option overrides existing environment variables that set the proxy to
use. If there is an environment variable setting a proxy, you can set proxy to
"" to override it.

All operations that are performed over an HTTP proxy are transparently
converted to HTTP. It means that certain protocol specific operations might
not be available. This is not the case if you can tunnel through the proxy, as
one with the --proxytunnel option.

User and password that might be provided in the proxy string are URL decoded
by curl. This allows you to pass in special characters such as @ by using %40
or pass in a colon with %3a.

The proxy host can be specified the same way as the proxy environment
variables, including the protocol prefix (http://) and the embedded user +
password.

When a proxy is used, the active FTP mode as set with --ftp-port, cannot be
used.
docs/cmdline: change to .md for cmdline docs - switch all invidual files documenting command line options into .md, as the documentation is now markdown-looking. - made the parser treat 4-space indents as quotes - switch to building the curl.1 manpage using the "mainpage.idx" file, which lists the files to include to generate it, instead of using the previous page-footer/headers. Also, those files are now also .md ones, using the same format. I gave them underscore prefixes to make them sort separately: _NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md, _VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md, _OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md, _EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md - updated test cases accordingly Closes #12751 2024-01-21 06:18:43 +08:00			`---`
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205 2023-01-02 20:51:48 +08:00			`c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.`
docs/cmdline-opts: add copyright and license identifier to each file gen.pl now insists on C: and SPDX-License-Identifier: fields to be present in all files. Closes #9002 2022-06-14 06:12:03 +08:00			`SPDX-License-Identifier: curl`
cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00			`Long: proxy`
			`Short: x`
			`Arg: [protocol://]host[:port]`
			`Help: Use this proxy`
docs: add categories to all cmdline opts Adapted gen.pl with 'listcats' This commit is a part of "--help me if you can" Closes #5680 2020-07-13 20:15:04 +08:00			`Category: proxy`
cmdline-opts: made the 'Added:' field mandatory Since "too old" versions are no longer included in the generated man page, this field is now mandatory so that it won't be forgotten and then not included in the documentation. Closes #7786 2021-09-28 17:50:07 +08:00			`Added: 4.0`
cmdline/docs: add a required 'multi' keyword for each option The keyword specifies how option works when specified multiple times: - single: the last provided value replaces the earlier ones - append: it supports being provided multiple times - boolean: on/off values - mutex: flag-like option that disable anoter flag The 'gen.pl' script then outputs the proper and unified language for each option's multi-use behavior in the generated man page. The multi: header is requires in each .d file and will cause build error if missing or set to an unknown value. Closes #9759 2022-10-18 16:39:43 +08:00			`Multi: single`
docs/cmdline: change to .md for cmdline docs - switch all invidual files documenting command line options into .md, as the documentation is now markdown-looking. - made the parser treat 4-space indents as quotes - switch to building the curl.1 manpage using the "mainpage.idx" file, which lists the files to include to generate it, instead of using the previous page-footer/headers. Also, those files are now also .md ones, using the same format. I gave them underscore prefixes to make them sort separately: _NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md, _VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md, _OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md, _EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md - updated test cases accordingly Closes #12751 2024-01-21 06:18:43 +08:00			`See-also:`
			`- socks5`
			`- proxy-basic`
			`Example:`
			`- --proxy http://proxy.example $URL`
cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00			`---`
docs/cmdline: change to .md for cmdline docs - switch all invidual files documenting command line options into .md, as the documentation is now markdown-looking. - made the parser treat 4-space indents as quotes - switch to building the curl.1 manpage using the "mainpage.idx" file, which lists the files to include to generate it, instead of using the previous page-footer/headers. Also, those files are now also .md ones, using the same format. I gave them underscore prefixes to make them sort separately: _NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md, _VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md, _OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md, _EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md - updated test cases accordingly Closes #12751 2024-01-21 06:18:43 +08:00
			# `--proxy`

cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00			`Use the specified proxy.`

docs: Add more HTTPS proxy documentation - Document HTTPS proxy type. - Document --write-out %{proxy_ssl_verify_result}. - Document SOCKS proxy + HTTP/HTTPS proxy combination. HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS. Ref: https://github.com/curl/curl/commit/cb4e2be 2017-02-06 16:13:42 +08:00			`The proxy string can be specified with a protocol:// prefix. No protocol`
cmdline-docs: use present tense, not future + some smaller cleanups Closes #11821 2023-09-08 20:32:29 +08:00			`specified or http:// it is treated as an HTTP proxy. Use socks4://,`
			`socks4a://, socks5:// or socks5h:// to request a specific SOCKS version to be`
			`used. (Added in 7.21.7)`
docs: Add more HTTPS proxy documentation - Document HTTPS proxy type. - Document --write-out %{proxy_ssl_verify_result}. - Document SOCKS proxy + HTTP/HTTPS proxy combination. HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS. Ref: https://github.com/curl/curl/commit/cb4e2be 2017-02-06 16:13:42 +08:00
socks: support unix sockets for socks proxy Usage: curl -x "socks5h://localhost/run/tor/socks" "https://example.com" Updated runtests.pl to run a socksd server listening on unix socket Added tests test1467 test1468 Added documentation for proxy command line option and socks proxy options Closes #8668 2022-05-19 21:33:22 +08:00			`Unix domain sockets are supported for socks proxy. Set localhost for the host`
			`part. e.g. socks5h://localhost/path/to/socket.sock`

cmdline-docs: make sure to phrase it as "added in ...." References to things that were added or changed in a specific version should be specified as "(added in [version]) for two reasons: 1 - consistency 2 - to allow gen.pl to strip them out if deemed referring to too old versions Closes #11821 2023-09-08 20:03:59 +08:00			`HTTPS proxy support works set with the https:// protocol prefix for OpenSSL`
			`and GnuTLS (added in 7.52.0). It also works for BearSSL, mbedTLS, rustls,`
			`Schannel, Secure Transport and wolfSSL (added in 7.87.0).`
docs: Add more HTTPS proxy documentation - Document HTTPS proxy type. - Document --write-out %{proxy_ssl_verify_result}. - Document SOCKS proxy + HTTP/HTTPS proxy combination. HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS. Ref: https://github.com/curl/curl/commit/cb4e2be 2017-02-06 16:13:42 +08:00
cmdline-docs: make sure to phrase it as "added in ...." References to things that were added or changed in a specific version should be specified as "(added in [version]) for two reasons: 1 - consistency 2 - to allow gen.pl to strip them out if deemed referring to too old versions Closes #11821 2023-09-08 20:03:59 +08:00			`Unrecognized and unsupported proxy protocols cause an error (added in 7.52.0).`
			`Ancient curl versions ignored unknown schemes and used http:// instead.`
cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00
			`If the port number is not specified in the proxy string, it is assumed to be`
			`1080.`

			`This option overrides existing environment variables that set the proxy to`
docs: rewrite to present tense ... instead of using future tense. + numerous cleanups and improvements + stick to "reuse" not "re-use" + fewer contractions Closes #11713 2023-08-22 23:40:39 +08:00			`use. If there is an environment variable setting a proxy, you can set proxy to`
docs/cmdline-opts: remove \& escapes from all .d files gen.pl escapes them itself now 2022-08-23 19:42:49 +08:00			`"" to override it.`
cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00
cmdline-docs: use present tense, not future + some smaller cleanups Closes #11821 2023-09-08 20:32:29 +08:00			`All operations that are performed over an HTTP proxy are transparently`
cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00			`converted to HTTP. It means that certain protocol specific operations might`
			`not be available. This is not the case if you can tunnel through the proxy, as`
			`one with the --proxytunnel option.`

			`User and password that might be provided in the proxy string are URL decoded`
			`by curl. This allows you to pass in special characters such as @ by using %40`
			`or pass in a colon with %3a.`

docs: address proselint nits - avoid exclamation marks - use consistent number of spaces after periods: one - avoid clichés - avoid using 'very' Closes #8060 2021-11-26 15:46:59 +08:00			`The proxy host can be specified the same way as the proxy environment`
cmdline-docs: more options converted and fixed Now all options are in the new system. 2016-11-28 08:01:13 +08:00			`variables, including the protocol prefix (http://) and the embedded user +`
			`password.`
KNOWN_BUGS: remove items not considered bugs any more - CURL_GLOBAL_SSL This option was changed in libcurl 7.57.0 and clearly it has not caused too many issues and a lot of time has passed. - Store TLS context per transfer instead of per connection This is a possible future optimization. One that is much less important and interesting since the added support for CA caching. - Microsoft telnet server This bug was filed in May 2007 against curl 7.16.1 and we have not received further reports. - active FTP over a SOCKS Actually, proxies in general is not working with active FTP mode. This is now added in proxy documentation. - DICT responses show the underlying protocol curl still does this, but since this is now an established behavior since forever we cannot change it easily and adding an option for it seems crazy as this protocol is not so little its not worth it. Let's just live with it. - Secure Transport disabling hostname validation also disables SNI This is an already documented restriction in Secure Transport. - CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM The curl_formadd() function is marked and documented as deprecated. No point in collecting bugs for it. It should not be used further. - STARTTRANSFER time is wrong for HTTP POSTs After close source code inspection I cannot see how this is true or that there is any special treatment for different HTTP methods. We also have not received many further reports on this, making me strongly suspect that this is no (longer an) issue. - multipart formposts file name encoding The once proposed RFC 5987-encoding is since RFC 7578 documented as MUST NOT be used. The since then implemented MIME API allows the user to set the name on their own and can thus provide it encoded as it wants. - DoH is not used for all name resolves when enabled It is questionable if users actually want to use DoH for interface and FTP port name resolving. This restriction is now documented and we advice users against using name resolving at all for these functions. Closes #10043 2022-12-06 20:00:35 +08:00
			`When a proxy is used, the active FTP mode as set with --ftp-port, cannot be`
			`used.`