"Note that verbose output of curl activities and network traffic might
contain sensitive data, including user names, credentials or secret data
content. Be aware and be careful when sharing trace logs with others."
Closes#11596
- If the user set a legacy algorithm list (CURLOPT_SSL_CIPHER_LIST) then
use the SCHANNEL_CRED legacy structure to pass the list to Schannel.
- If the user set both a legacy algorithm list and a TLS 1.3 cipher list
then abort.
Although MS doesn't document it, Schannel will not negotiate TLS 1.3
when SCHANNEL_CRED is used. That means setting a legacy algorithm list
limits the user to earlier versions of TLS.
Prior to this change, since 8beff435 (precedes 7.85.0), libcurl would
ignore legacy algorithms in Windows 10 1809 and later.
Reported-by: zhihaoy@users.noreply.github.com
Fixes https://github.com/curl/curl/pull/10741
Closes https://github.com/curl/curl/pull/10746
It can be used multiple times. Use %output{>>name} to append.
Add docs. Test 990 and 991 verify.
Idea: #11400
Suggested-by: ed0d2b2ce19451f2
Closes#11416
Add support for command line variables. Set variables with --variable
name=content or --variable name@file (where "file" can be stdin if set
to a single dash (-)).
Variable content is expanded in option parameters using "{{name}}"
(without the quotes) if the option name is prefixed with
"--expand-". This gets the contents of the variable "name" inserted, or
a blank if the name does not exist as a variable. Insert "{{" verbatim
in the string by prefixing it with a backslash, like "\\{{".
Import an environment variable with --variable %name. It makes curl exit
with an error if the environment variable is not set. It can also rather
get a default value if the variable does not exist, using =content or
@file like shown above.
Example: get the USER environment variable into the URL:
--variable %USER
--expand-url = "https://example.com/api/{{USER}}/method"
When expanding variables, curl supports a set of functions that can make
the variable contents more convenient to use. It can trim leading and
trailing white space with "trim", output the contents as a JSON quoted
string with "json", URL encode it with "url" and base 64 encode it with
"b64". To apply functions to a variable expansion, add them colon
separated to the right side of the variable. They are then performed in
a left to right order.
Example: get the contents of a file called $HOME/.secret into a variable
called "fix". Make sure that the content is trimmed and percent-encoded
sent as POST data:
--variable %HOME=/home/default
--expand-variable fix@{{HOME}}/.secret
--expand-data "{{fix:trim:url}}"
https://example.com/
Documented. Many new test cases.
Co-brainstormed-by: Emanuele Torre
Assisted-by: Jat Satiro
Closes#11346
follow-up from 099f41e097
I just thought of checking all the other files with .RE, and I found 6
other files that were missing .IP at the end.
Closes#11375
quote.d was missing a .IP at the end which caused the paragraphs
generated for See-also, Multi, and Example to not be indented correctly.
I also remove a redundant "This option can be used multiple times.", and
replaced .IP "item" with .TP .B "item" to make more clear which lines
are part of the list of commands and which aren't.
Closes#11371
- Implement AUTH=+LOGIN for CURLOPT_LOGIN_OPTIONS to prefer plaintext
LOGIN over SASL auth.
Prior to this change there was no method to be able to fall back to
LOGIN if an IMAP server advertises SASL capabilities. However, this may
be desirable for e.g. a misconfigured server.
Per: https://www.ietf.org/rfc/rfc5092.html#section-3.2
";AUTH=<enc-auth-type>" looks to be the correct way to specify what
authenication method to use, regardless of SASL or not.
Closes https://github.com/curl/curl/pull/10041
- added and documented --trace-ids to prepend (after the timestamp)
the transfer and connection identifiers to each verbose log line
- format is [n-m] with `n` being the transfer id and `m` being the
connection id. In case there is not valid connection id, print 'x'.
- Log calls with a handle that has no transfer id yet, are written
without any ids.
Closes#11185
These are two boolean options to ask curl to use the native OS's CA
store when verifying TLS servers. For peers and for proxies
respectively.
They currently only have an effect for curl on Windows when built to use
OpenSSL for TLS.
Closes#11049
Output specific components from the used URL. The following variables
are added for this purpose:
url.scheme, url.user, url.password, url.options, url.host, url.port,
url.path, url.query, url.fragment, url.zoneid
Add the following for outputting parts of the "effective URL":
urle.scheme, urle.user, urle.password, urle.options, urle.host, urle.port,
urle.path, urle.query, urle.fragment, urle.zoneid
Added test 423 and 424 to verify.
Closes#10853
The real xdg config path is $XDG_CONFIG_HOME/curlrc, without the dot.
The dotless name seems preferable, so let's match the documentation to
the behavior.
Closes#10849
Here somehow you need to put more than one URL in these examples, else
they will make no sense, as --rate only affects the second and beyond
URLs. The first URL will always finish the same time no matter what
--rate is given.
Closes#10638
Instead of using "multi: boolean", as these are slightly special as in
they do are not enable/disable ones.
Fixes#10490
Reported-by: u20221022 on github
Closes#10497
... since they are expanded and the short-form gets mentioned
automatically so if the short form is mentioned as well, it gets
repeated.
Fixes#10461Closes#10462
Reported-by: Dan Fandrich
The documentation of `%{header_json}` missed to mention since which
version this variable for `--write-out` is present.
Based on commit https://github.com/curl/curl/commit/4133a69f2daa476bb
we can determine from the tags were this commit is present that the
first version to include it was `7.83.0`.
This could be also checked with:
`git tag --contains 4133a69f2daa476bb6d902687f1dd6660ea9c3c5`
Closes#10395
- Clarify that in Windows batch files the % must be escaped as %%, and
at the command prompt it cannot be escaped which could lead to
incorrect expansion.
Prior to this change the doc implied % must be escaped as %% in win32
always.
---
Examples showing how a write-out argument is received by curl:
If curl --write-out "%{http_code}" is executed in a batch file:
{http_code}
If curl --write-out "%%{http_code}" is executed in a batch file:
%{http_code}
If curl --write-out "%{http_code}" is executed from the command prompt:
%{http_code}
If curl --write-out "%%{http_code}" is executed from the command prompt:
%%{http_code}
At the command prompt something like "%{speed_download}%{http_code}"
would first be parsed by the command interpreter as %{speed_download}%
and would be expanded as environment variable {speed_download} if it
existed, though that's highly unlikely since Windows environment names
don't use braces.
---
Reported-by: Muhammad Hussein Ammari
Ref: https://github.com/bagder/everything-curl/pull/279
Fixes https://github.com/curl/curl/issues/10323
Closes https://github.com/curl/curl/pull/10337
