_ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| FAQ 1. Philosophy 1.1 What is cURL? 1.2 What is libcurl? 1.3 What is curl not? 1.4 When will you make curl do XXXX ? 1.5 Who makes curl? 1.6 What do you get for making curl? 1.7 What about CURL from curl.com? 1.8 I have a problem, who do I mail? 1.9 Where do I buy commercial support for curl? 1.10 How many are using curl? 1.11 Why do you not update ca-bundle.crt 1.12 I have a problem, who can I chat with? 1.13 curl's ECCN number? 1.14 How do I submit my patch? 1.15 How do I port libcurl to my OS? 2. Install Related Problems 2.1 configure fails when using static libraries 2.2 Does curl work/build with other SSL libraries? 2.4 Does curl support SOCKS (RFC 1928) ? 3. Usage Problems 3.1 curl: (1) SSL is disabled, https: not supported 3.2 How do I tell curl to resume a transfer? 3.3 Why does my posting using -F not work? 3.4 How do I tell curl to run custom FTP commands? 3.5 How can I disable the Accept: */* header? 3.6 Does curl support ASP, XML, XHTML or HTML version Y? 3.7 Can I use curl to delete/rename a file through FTP? 3.8 How do I tell curl to follow HTTP redirects? 3.9 How do I use curl in my favorite programming language? 3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP? 3.11 How do I POST with a different Content-Type? 3.12 Why do FTP-specific features over HTTP proxy fail? 3.13 Why do my single/double quotes fail? 3.14 Does curl support JavaScript or PAC (automated proxy config)? 3.15 Can I do recursive fetches with curl? 3.16 What certificates do I need when I use SSL? 3.17 How do I list the root directory of an FTP server? 3.18 Can I use curl to send a POST/PUT and not wait for a response? 3.19 How do I get HTTP from a host using a specific IP address? 3.20 How to SFTP from my user's home directory? 3.21 Protocol xxx not supported or disabled in libcurl 3.22 curl -X gives me HTTP problems 4. Running Problems 4.2 Why do I get problems when I use & or % in the URL? 4.3 How can I use {, }, [ or ] to specify multiple URLs? 4.4 Why do I get downloaded data even though the web page does not exist? 4.5 Why do I get return code XXX from an HTTP server? 4.5.1 "400 Bad Request" 4.5.2 "401 Unauthorized" 4.5.3 "403 Forbidden" 4.5.4 "404 Not Found" 4.5.5 "405 Method Not Allowed" 4.5.6 "301 Moved Permanently" 4.6 Can you tell me what error code 142 means? 4.7 How do I keep user names and passwords secret in curl command lines? 4.8 I found a bug 4.9 curl cannot authenticate to a server that requires NTLM? 4.10 My HTTP request using HEAD, PUT or DELETE does not work 4.11 Why do my HTTP range requests return the full document? 4.12 Why do I get "certificate verify failed" ? 4.13 Why is curl -R on Windows one hour off? 4.14 Redirects work in browser but not with curl 4.15 FTPS does not work 4.16 My HTTP POST or PUT requests are slow 4.17 Non-functional connect timeouts on Windows 4.18 file:// URLs containing drive letters (Windows, NetWare) 4.19 Why does not curl return an error when the network cable is unplugged? 4.20 curl does not return error for HTTP non-200 responses 5. libcurl Issues 5.1 Is libcurl thread-safe? 5.2 How can I receive all data into a large memory chunk? 5.3 How do I fetch multiple files with libcurl? 5.4 Does libcurl do Winsock initialization on win32 systems? 5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ? 5.6 What about Keep-Alive or persistent connections? 5.7 Link errors when building libcurl on Windows 5.8 libcurl.so.X: open failed: No such file or directory 5.9 How does libcurl resolve host names? 5.10 How do I prevent libcurl from writing the response to stdout? 5.11 How do I make libcurl not receive the whole HTTP response? 5.12 Can I make libcurl fake or hide my real IP address? 5.13 How do I stop an ongoing transfer? 5.14 Using C++ non-static functions for callbacks? 5.15 How do I get an FTP directory listing? 5.16 I want a different time-out 5.17 Can I write a server with libcurl? 5.18 Does libcurl use threads? 6. License Issues 6.1 I have a GPL program, can I use the libcurl library? 6.2 I have a closed-source program, can I use the libcurl library? 6.3 I have a BSD licensed program, can I use the libcurl library? 6.4 I have a program that uses LGPL libraries, can I use libcurl? 6.5 Can I modify curl/libcurl for my program and keep the changes secret? 6.6 Can you please change the curl/libcurl license to XXXX? 6.7 What are my obligations when using libcurl in my commercial apps? 7. PHP/CURL Issues 7.1 What is PHP/CURL? 7.2 Who wrote PHP/CURL? 7.3 Can I perform multiple requests using the same handle? 7.4 Does PHP/CURL have dependencies? 8. Development 8.1 Why does curl use C89? 8.2 Will curl be rewritten? ============================================================================== 1. Philosophy 1.1 What is cURL? cURL is the name of the project. The name is a play on 'Client for URLs', originally with URL spelled in uppercase to make it obvious it deals with URLs. The fact it can also be read as 'see URL' also helped, it works as an abbreviation for "Client URL Request Library" or why not the recursive version: "curl URL Request Library". The cURL project produces two products: libcurl A client-side URL transfer library, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password authentication, file transfer resume, http proxy tunneling and more. libcurl is highly portable, it builds and works identically on numerous platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HP-UX, IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, macOS, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF, Android, Minix, IBM TPF and more... libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported and fast. curl A command line tool for getting or sending data using URL syntax. Since curl uses libcurl, curl supports the same wide range of common Internet protocols that libcurl does. We pronounce curl with an initial k sound. It rhymes with words like girl and earl. This is a short WAV file to help you: https://media.merriam-webster.com/soundc11/c/curl0001.wav There are numerous sub-projects and related projects that also use the word curl in the project names in various combinations, but you should take notice that this FAQ is directed at the command-line tool named curl (and libcurl the library), and may therefore not be valid for other curl-related projects. (There is however a small section for the PHP/CURL in this FAQ.) 1.2 What is libcurl? libcurl is a reliable and portable library for doing Internet data transfers using one or more of its supported Internet protocols. You can use libcurl freely in your application, be it open source, commercial or closed-source. libcurl is most probably the most portable, most powerful and most often used C-based multi-platform file transfer library on this planet - be it open source or commercial. 1.3 What is curl not? curl is not a wget clone. That is a common misconception. Never, during curl's development, have we intended curl to replace wget or compete on its market. curl is targeted at single-shot file transfers. curl is not a website mirroring program. If you want to use curl to mirror something: fine, go ahead and write a script that wraps around curl or use libcurl to make it reality. curl is not an FTP site mirroring program. Sure, get and send FTP with curl but if you want systematic and sequential behavior you should write a script (or write a new program that interfaces libcurl) and do it. curl is not a PHP tool, even though it works perfectly well when used from or with PHP (when using the PHP/CURL module). curl is not a program for a single operating system. curl exists, compiles, builds and runs under a wide range of operating systems, including all modern Unixes (and a bunch of older ones too), Windows, Amiga, OS/2, macOS, QNX etc. 1.4 When will you make curl do XXXX ? We love suggestions of what to change in order to make curl and libcurl better. We do however believe in a few rules when it comes to the future of curl: curl -- the command line tool -- is to remain a non-graphical command line tool. If you want GUIs or fancy scripting capabilities, you should look for another tool that uses libcurl. We do not add things to curl that other small and available tools already do well at the side. curl's output can be piped into another program or redirected to another file for the next program to interpret. We focus on protocol related issues and improvements. If you want to do more magic with the supported protocols than curl currently does, chances are good we will agree. If you want to add more protocols, we may agree. If you want someone else to do all the work while you wait for us to implement it for you, that is not a friendly attitude. We spend a considerable time already on maintaining and developing curl. In order to get more out of us, you should consider trading in some of your time and effort in return. Simply go to the GitHub repository which resides at https://github.com/curl/curl, fork the project, and create pull requests with your proposed changes. If you write the code, chances are better that it will get into curl faster. 1.5 Who makes curl? curl and libcurl are not made by any single individual. Daniel Stenberg is project leader and main developer, but other persons' submissions are important and crucial. Anyone can contribute and post their changes and improvements and have them inserted in the main sources (of course on the condition that developers agree that the fixes are good). The full list of all contributors is found in the docs/THANKS file. curl is developed by a community, with Daniel at the wheel. 1.6 What do you get for making curl? Project cURL is entirely free and open. We do this voluntarily, mostly in our spare time. Companies may pay individual developers to work on curl. This is not controlled by nor supervised in any way by the curl project. We get help from companies. Haxx provides website, bandwidth, mailing lists etc, GitHub hosts the primary git repository and other services like the bug tracker at https://github.com/curl/curl. Also again, some companies have sponsored certain parts of the development in the past and I hope some will continue to do so in the future. If you want to support our project, consider a donation or a banner-program or even better: by helping us with coding, documenting or testing etc. See also: https://curl.se/sponsors.html 1.7 What about CURL from curl.com? During the summer of 2001, curl.com was busy advertising their client-side programming language for the web, named CURL. We are in no way associated with curl.com or their CURL programming language. Our project name curl has been in effective use since 1998. We were not the first computer related project to use the name "curl" and do not claim any rights to the name. We recognize that we will be living in parallel with curl.com and wish them every success. 1.8 I have a problem, who do I mail? Please do not mail any single individual unless you really need to. Keep curl-related questions on a suitable mailing list. All available mailing lists are listed in the MANUAL document and online at https://curl.se/mail/ Keeping curl-related questions and discussions on mailing lists allows others to join in and help, to share their ideas, to contribute their suggestions and to spread their wisdom. Keeping discussions on public mailing lists also allows for others to learn from this (both current and future users thanks to the web based archives of the mailing lists), thus saving us from having to repeat ourselves even more. Thanks for respecting this. If you have found or simply suspect a security problem in curl or libcurl, submit all the details at https://hackerone.one/curl. On there we keep the issue private while we investigate, confirm it, work and validate a fix and agree on a time schedule for publication etc. That way we produce a fix in a timely manner before the flaw is announced to the world, reducing the impact the problem risks having on existing users. Security issues can also be taking to the curl security team by emailing security at curl.se (closed list of receivers, mails are not disclosed). 1.9 Where do I buy commercial support for curl? curl is fully open source. It means you can hire any skilled engineer to fix your curl-related problems. We list available alternatives on the curl website: https://curl.se/support.html 1.10 How many are using curl? It is impossible to tell. We do not know how many users that knowingly have installed and use curl. We do not know how many users that use curl without knowing that they are in fact using it. We do not know how many users that downloaded or installed curl and then never use it. In 2020, we estimate that curl runs in roughly ten billion installations world wide. 1.11 Why do you not update ca-bundle.crt In the cURL project we have decided not to attempt to keep this file updated (or even present) since deciding what to add to a ca cert bundle is an undertaking we have not been ready to accept, and the one we can get from Mozilla is perfectly fine so there is no need to duplicate that work. Today, with many services performed over HTTPS, every operating system should come with a default ca cert bundle that can be deemed somewhat trustworthy and that collection (if reasonably updated) should be deemed to be a lot better than a private curl version. If you want the most recent collection of ca certs that Mozilla Firefox uses, we recommend that you extract the collection yourself from Mozilla Firefox (by running 'make ca-bundle), or by using our online service setup for this purpose: https://curl.se/docs/caextract.html 1.12 I have a problem who, can I chat with? There is a bunch of friendly people hanging out in the #curl channel on the IRC network libera.chat. If you are polite and nice, chances are good that you can get -- or provide -- help instantly. 1.13 curl's ECCN number? The US government restricts exports of software that contains or uses cryptography. When doing so, the Export Control Classification Number (ECCN) is used to identify the level of export control etc. Apache Software Foundation gives a good explanation of ECCNs at https://www.apache.org/dev/crypto.html We believe curl's number might be ECCN 5D002, another possibility is 5D992. It seems necessary to write them (the authority that administers ECCN numbers), asking to confirm. Comprehensible explanations of the meaning of such numbers and how to obtain them (resp.) are here https://www.bis.doc.gov/licensing/exportingbasics.htm https://www.bis.doc.gov/licensing/do_i_needaneccn.html An incomprehensible description of the two numbers above is here https://www.bis.doc.gov/index.php/documents/new-encryption/1653-ccl5-pt2-3 1.14 How do I submit my patch? We strongly encourage you to submit changes and improvements directly as "pull requests" on GitHub: https://github.com/curl/curl/pulls If you for any reason cannot or will not deal with GitHub, send your patch to the curl-library mailing list. We are many subscribers there and there are lots of people who can review patches, comment on them and "receive" them properly. Lots of more details are found in the CONTRIBUTE.md and INTERNALS.md documents. 1.15 How do I port libcurl to my OS? Here's a rough step-by-step: 1. copy a suitable lib/config-*.h file as a start to lib/config-[youros].h 2. edit lib/config-[youros].h to match your OS and setup 3. edit lib/curl_setup.h to include config-[youros].h when your OS is detected by the preprocessor, in the style others already exist 4. compile lib/*.c and make them into a library 2. Install Related Problems 2.1 configure fails when using static libraries You may find that configure fails to properly detect the entire dependency chain of libraries when you provide static versions of the libraries that configure checks for. The reason why static libraries is much harder to deal with is that for them we do not get any help but the script itself must know or check what more libraries that are needed (with shared libraries, that dependency "chain" is handled automatically). This is a error-prone process and one that also tends to vary over time depending on the release versions of the involved components and may also differ between operating systems. For that reason, configure does few attempts to actually figure this out and you are instead encouraged to set LIBS and LDFLAGS accordingly when you invoke configure, and point out the needed libraries and set the necessary flags yourself. 2.2 Does curl work with other SSL libraries? curl has been written to use a generic SSL function layer internally, and that SSL functionality can then be provided by one out of many different SSL backends. curl can be built to use one of the following SSL alternatives: OpenSSL, libressl, BoringSSL, AWS-LC, GnuTLS, wolfSSL, mbedTLS, Secure Transport (native iOS/OS X), Schannel (native Windows), GSKit (native IBM i), BearSSL, or Rustls. They all have their pros and cons, and we try to maintain a comparison of them here: https://curl.se/docs/ssl-compared.html 2.4 Does curl support SOCKS (RFC 1928) ? Yes, SOCKS 4 and 5 are supported. 3. Usage problems 3.1 curl: (1) SSL is disabled, https: not supported If you get this output when trying to get anything from an https:// server, it means that the instance of curl/libcurl that you are using was built without support for this protocol. This could have happened if the configure script that was run at build time could not find all libs and include files curl requires for SSL to work. If the configure script fails to find them, curl is simply built without SSL support. To get the https:// support into a curl that was previously built but that reports that https:// is not supported, you should dig through the document and logs and check out why the configure script does not find the SSL libs and/or include files. Also, check out the other paragraph in this FAQ labeled "configure does not find OpenSSL even when it is installed". 3.2 How do I tell curl to resume a transfer? curl supports resumed transfers both ways on both FTP and HTTP. Try the -C option. 3.3 Why does my posting using -F not work? You cannot arbitrarily use -F or -d, the choice between -F or -d depends on the HTTP operation you need curl to do and what the web server that will receive your post expects. If the form you are trying to submit uses the type 'multipart/form-data', then and only then you must use the -F type. In all the most common cases, you should use -d which then causes a posting with the type 'application/x-www-form-urlencoded'. This is described in some detail in the MANUAL and TheArtOfHttpScripting documents, and if you do not understand it the first time, read it again before you post questions about this to the mailing list. Also, try reading through the mailing list archives for old postings and questions regarding this. 3.4 How do I tell curl to run custom FTP commands? You can tell curl to perform optional commands both before and/or after a file transfer. Study the -Q/--quote option. Since curl is used for file transfers, you do not normally use curl to perform FTP commands without transferring anything. Therefore you must always specify a URL to transfer to/from even when doing custom FTP commands, or use -I which implies the "no body" option sent to libcurl. 3.5 How can I disable the Accept: */* header? You can change all internally generated headers by adding a replacement with the -H/--header option. By adding a header with empty contents you safely disable that one. Use -H "Accept:" to disable that specific header. 3.6 Does curl support ASP, XML, XHTML or HTML version Y? To curl, all contents are alike. It does not matter how the page was generated. It may be ASP, PHP, Perl, shell-script, SSI or plain HTML files. There is no difference to curl and it does not even know what kind of language that generated the page. See also item 3.14 regarding JavaScript. 3.7 Can I use curl to delete/rename a file through FTP? Yes. You specify custom FTP commands with -Q/--quote. One example would be to delete a file after you have downloaded it: curl -O ftp://download.com/coolfile -Q '-DELE coolfile' or rename a file after upload: curl -T infile ftp://upload.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname" 3.8 How do I tell curl to follow HTTP redirects? curl does not follow so-called redirects by default. The Location: header that informs the client about this is only interpreted if you are using the -L/--location option. As in: curl -L http://redirector.com Not all redirects are HTTP ones, see 4.14 3.9 How do I use curl in my favorite programming language? Many programming languages have interfaces/bindings that allow you to use curl without having to use the command line tool. If you are fluent in such a language, you may prefer to use one of these interfaces instead. Find out more about which languages that support curl directly, and how to install and use them, in the libcurl section of the curl website: https://curl.se/libcurl/ All the various bindings to libcurl are made by other projects and people, outside of the cURL project. The cURL project itself only produces libcurl with its plain C API. If you do not find anywhere else to ask you can ask about bindings on the curl-library list too, but be prepared that people on that list may not know anything about bindings. In December 2021, there were interfaces available for the following languages: Ada95, Basic, C, C++, Ch, Cocoa, D, Delphi, Dylan, Eiffel, Euphoria, Falcon, Ferite, Gambas, glib/GTK+, Go, Guile, Harbour, Haskell, Java, Julia, Lisp, Lua, Mono, .NET, node.js, Object-Pascal, OCaml, Pascal, Perl, PHP, PostgreSQL, Python, R, Rexx, Ring, RPG, Ruby, Rust, Scheme, Scilab, S-Lang, Smalltalk, SP-Forth, SPL, Tcl, Visual Basic, Visual FoxPro, Q, wxwidgets, XBLite and Xoho. By the time you read this, additional ones may have appeared. 3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP? curl adheres to the HTTP spec, which basically means you can play with *any* protocol that is built on top of HTTP. Protocols such as SOAP, WEBDAV and XML-RPC are all such ones. You can use -X to set custom requests and -H to set custom headers (or replace internally generated ones). Using libcurl is of course just as good and you would just use the proper library options to do the same. 3.11 How do I POST with a different Content-Type? You can always replace the internally generated headers with -H/--header. To make a simple HTTP POST with text/xml as content-type, do something like: curl -d "datatopost" -H "Content-Type: text/xml" [URL] 3.12 Why do FTP-specific features over HTTP proxy fail? Because when you use an HTTP proxy, the protocol spoken on the network will be HTTP, even if you specify an FTP URL. This effectively means that you normally cannot use FTP-specific features such as FTP upload and FTP quote etc. There is one exception to this rule, and that is if you can "tunnel through" the given HTTP proxy. Proxy tunneling is enabled with a special option (-p) and is generally not available as proxy admins usually disable tunneling to ports other than 443 (which is used for HTTPS access through proxies). 3.13 Why do my single/double quotes fail? To specify a command line option that includes spaces, you might need to put the entire option within quotes. Like in: curl -d " with spaces " url.com or perhaps curl -d ' with spaces ' url.com Exactly what kind of quotes and how to do this is entirely up to the shell or command line interpreter that you are using. For most unix shells, you can more or less pick either single (') or double (") quotes. For Windows/DOS command prompts you must use double (") quotes, and if the option string contains inner double quotes you can escape them with a backslash. For Windows powershell the arguments are not always passed on as expected because curl is not a powershell script. You may or may not be able to use single quotes. To escape inner double quotes seems to require a backslash-backtick escape sequence and the outer quotes as double quotes. Please study the documentation for your particular environment. Examples in the curl docs will use a mix of both of these as shown above. You must adjust them to work in your environment. Remember that curl works and runs on more operating systems than most single individuals have ever tried. 3.14 Does curl support JavaScript or PAC (automated proxy config)? Many web pages do magic stuff using embedded JavaScript. curl and libcurl have no built-in support for that, so it will be treated just like any other contents. .pac files are a Netscape invention and are sometimes used by organizations to allow them to differentiate which proxies to use. The .pac contents is just a JavaScript program that gets invoked by the browser and that returns the name of the proxy to connect to. Since curl does not support JavaScript, it cannot support .pac proxy configuration either. Some workarounds usually suggested to overcome this JavaScript dependency: Depending on the JavaScript complexity, write up a script that translates it to another language and execute that. Read the JavaScript code and rewrite the same logic in another language. Implement a JavaScript interpreter, people have successfully used the Mozilla JavaScript engine in the past. Ask your admins to stop this, for a static proxy setup or similar. 3.15 Can I do recursive fetches with curl? No. curl itself has no code that performs recursive operations, such as those performed by wget and similar tools. There exists wrapper scripts with that functionality (for example the curlmirror perl script), and you can write programs based on libcurl to do it, but the command line tool curl itself cannot. 3.16 What certificates do I need when I use SSL? There are three different kinds of "certificates" to keep track of when we talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl. CLIENT CERTIFICATE The server you communicate with may require that you can provide this in order to prove that you actually are who you claim to be. If the server does not require this, you do not need a client certificate. A client certificate is always used together with a private key, and the private key has a pass phrase that protects it. SERVER CERTIFICATE The server you communicate with has a server certificate. You can and should verify this certificate to make sure that you are truly talking to the real server and not a server impersonating it. CERTIFICATE AUTHORITY CERTIFICATE ("CA cert") You often have several CA certs in a CA cert bundle that can be used to verify a server certificate that was signed by one of the authorities in the bundle. curl does not come with a CA cert bundle but most curl installs provide one. You can also override the default. The server certificate verification process is made by using a Certificate Authority certificate ("CA cert") that was used to sign the server certificate. Server certificate verification is enabled by default in curl and libcurl and is often the reason for problems as explained in FAQ entry 4.12 and the SSLCERTS document (https://curl.se/docs/sslcerts.html). Server certificates that are "self-signed" or otherwise signed by a CA that you do not have a CA cert for, cannot be verified. If the verification during a connect fails, you are refused access. You then need to explicitly disable the verification to connect to the server. 3.17 How do I list the root directory of an FTP server? There are two ways. The way defined in the RFC is to use an encoded slash in the first path part. List the "/tmp" directory like this: curl ftp://ftp.sunet.se/%2ftmp/ or the not-quite-kosher-but-more-readable way, by simply starting the path section of the URL with a slash: curl ftp://ftp.sunet.se//tmp/ 3.18 Can I use curl to send a POST/PUT and not wait for a response? No. You can easily write your own program using libcurl to do such stunts. 3.19 How do I get HTTP from a host using a specific IP address? For example, you may be trying out a website installation that is not yet in the DNS. Or you have a site using multiple IP addresses for a given host name and you want to address a specific one out of the set. Set a custom Host: header that identifies the server name you want to reach but use the target IP address in the URL: curl --header "Host: www.example.com" http://127.0.0.1/ You can also opt to add faked host name entries to curl with the --resolve option. That has the added benefit that things like redirects will also work properly. The above operation would instead be done as: curl --resolve www.example.com:80:127.0.0.1 http://www.example.com/ 3.20 How to SFTP from my user's home directory? Contrary to how FTP works, SFTP and SCP URLs specify the exact directory to work with. It means that if you do not specify that you want the user's home directory, you get the actual root directory. To specify a file in your user's home directory, you need to use the correct URL syntax which for SFTP might look similar to: curl -O -u user:password sftp://example.com/~/file.txt and for SCP it is just a different protocol prefix: curl -O -u user:password scp://example.com/~/file.txt 3.21 Protocol xxx not supported or disabled in libcurl When passing on a URL to curl to use, it may respond that the particular protocol is not supported or disabled. The particular way this error message is phrased is because curl does not make a distinction internally of whether a particular protocol is not supported (i.e. never got any code added that knows how to speak that protocol) or if it was explicitly disabled. curl can be built to only support a given set of protocols, and the rest would then be disabled or not supported. Note that this error will also occur if you pass a wrongly spelled protocol part as in "htpt://example.com" or as in the less evident case if you prefix the protocol part with a space as in " http://example.com/". 3.22 curl -X gives me HTTP problems In normal circumstances, -X should hardly ever be used. By default you use curl without explicitly saying which request method to use when the URL identifies an HTTP transfer. If you just pass in a URL like "curl http://example.com" it will use GET. If you use -d or -F curl will use POST, -I will cause a HEAD and -T will make it a PUT. If for whatever reason you are not happy with these default choices that curl does for you, you can override those request methods by specifying -X [WHATEVER]. This way you can for example send a DELETE by doing "curl -X DELETE [URL]". It is thus pointless to do "curl -XGET [URL]" as GET would be used anyway. In the same vein it is pointless to do "curl -X POST -d data [URL]"... But you can make a fun and somewhat rare request that sends a request-body in a GET request with something like "curl -X GET -d data [URL]" Note that -X does not actually change curl's behavior as it only modifies the actual string sent in the request, but that may of course trigger a different set of events. Accordingly, by using -XPOST on a command line that for example would follow a 303 redirect, you will effectively prevent curl from behaving correctly. Be aware. 4. Running Problems 4.2 Why do I get problems when I use & or % in the URL? In general Unix shells, the & symbol is treated specially and when used, it runs the specified command in the background. To safely send the & as a part of a URL, you should quote the entire URL by using single (') or double (") quotes around it. Similar problems can also occur on some shells with other characters, including ?*!$~(){}<>\|;`. When in doubt, quote the URL. An example that would invoke a remote CGI that uses &-symbols could be: curl 'http://www.altavista.com/cgi-bin/query?text=yes&q=curl' In Windows, the standard DOS shell treats the percent sign specially and you need to use TWO percent signs for each single one you want to use in the URL. If you want a literal percent sign to be part of the data you pass in a POST using -d/--data you must encode it as '%25' (which then also needs the percent sign doubled on Windows machines). 4.3 How can I use {, }, [ or ] to specify multiple URLs? Because those letters have a special meaning to the shell, to be used in a URL specified to curl you must quote them. An example that downloads two URLs (sequentially) would be: curl '{curl,www}.haxx.se' To be able to use those characters as actual parts of the URL (without using them for the curl URL "globbing" system), use the -g/--globoff option: curl -g 'www.site.com/weirdname[].html' 4.4 Why do I get downloaded data even though the web page does not exist? curl asks remote servers for the page you specify. If the page does not exist at the server, the HTTP protocol defines how the server should respond and that means that headers and a "page" will be returned. That is simply how HTTP works. By using the --fail option you can tell curl explicitly to not get any data if the HTTP return code does not say success. 4.5 Why do I get return code XXX from an HTTP server? RFC 2616 clearly explains the return codes. This is a short transcript. Go read the RFC for exact details: 4.5.1 "400 Bad Request" The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. 4.5.2 "401 Unauthorized" The request requires user authentication. 4.5.3 "403 Forbidden" The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. 4.5.4 "404 Not Found" The server has not found anything matching the Request-URI. No indication is given as to whether the condition is temporary or permanent. 4.5.5 "405 Method Not Allowed" The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. 4.5.6 "301 Moved Permanently" If you get this return code and an HTML output similar to this: