curl — The Command Line Tool for Transferring Data with URLs

Introduction

curl is the internet transfer tool that runs everywhere. Created by Daniel Stenberg in 1998, it has grown to support 28 protocols and is installed on virtually every operating system. curl is the default tool developers reach for when testing APIs, downloading files, debugging network issues, or automating HTTP requests.

With over 41,000 GitHub stars, curl is installed on over 20 billion devices worldwide. Its library, libcurl, is embedded in countless applications — from PHP and Python to cars, TVs, game consoles, and space probes (NASA uses curl in Mars rovers).

What curl Does

curl transfers data to or from a server using URL syntax. While primarily known for HTTP, it supports FTP, SFTP, SCP, SMTP, IMAP, POP3, LDAP, MQTT, WebSocket, and more. It handles TLS/SSL, authentication, proxies, cookies, compression, and HTTP/2 and HTTP/3.

Architecture Overview

[curl command-line tool]
        |
   [libcurl (C library)]
   Portable, thread-safe,
   feature-rich transfer lib
        |
+-------+-------+-------+
|       |       |       |
[HTTP/S] [FTP/S] [Other]
HTTP/1.1 FTP     SCP, SFTP
HTTP/2   FTPS    SMTP, IMAP
HTTP/3           MQTT, LDAP
(QUIC)           WebSocket
        |
   [TLS Backends]
   OpenSSL, BoringSSL,
   GnuTLS, NSS, Schannel,
   Secure Transport
        |
   [DNS Resolvers]
   c-ares, system resolver,
   DNS-over-HTTPS

Self-Hosting & Configuration

# API testing recipes

# GET with custom headers
curl -H "Authorization: Bearer TOKEN" \
     -H "Accept: application/json" \
     https://api.example.com/v1/users

# POST form data
curl -X POST https://api.example.com/upload \
  -F "file=@photo.jpg" \
  -F "description=My photo"

# PUT with JSON
curl -X PUT https://api.example.com/users/1 \
  -H "Content-Type: application/json" \
  -d '{"name": "Updated Name"}'

# Verbose output for debugging
curl -v https://api.example.com/health

# Save response headers and body separately
curl -D headers.txt -o body.json https://api.example.com/data

# Timing information
curl -w "DNS: %{time_namelookup}s\nConnect: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n" -o /dev/null -s https://example.com

# Resume interrupted download
curl -C - -o large-file.tar.gz https://example.com/large-file.tar.gz

# .curlrc — default configuration
# --connect-timeout 10
# --max-time 30
# --retry 3
# --silent
# --show-error

Key Features

• 28 Protocols — HTTP, HTTPS, FTP, SFTP, SCP, SMTP, MQTT, WebSocket, and more
• HTTP/2 and HTTP/3 — modern protocol support with QUIC
• TLS/SSL — multiple TLS backend support with certificate verification
• Authentication — Basic, Digest, NTLM, Kerberos, Bearer tokens, OAuth
• Proxy Support — HTTP, SOCKS4, SOCKS5, and HTTPS proxies
• Resume Transfers — continue interrupted downloads
• libcurl — C library used by thousands of applications
• Scripting Friendly — exit codes, output formatting, and JSON support

Comparison with Similar Tools

FAQ

Q: curl vs wget — when should I use which? A: curl for API testing, sending various HTTP methods, and complex transfers. wget for simple file downloads, especially recursive website mirroring. curl supports more protocols and is more versatile; wget is simpler for downloading.

Q: How do I pretty-print JSON responses? A: Pipe to jq: "curl -s https://api.example.com/data | jq .". Or use curl with --json flag (curl 7.82+): "curl --json '{"key":"val"}' https://api.example.com".

Q: How do I handle cookies? A: Save cookies: "curl -c cookies.txt URL". Send cookies: "curl -b cookies.txt URL". Or use both: "curl -b cookies.txt -c cookies.txt URL" for a session.

Q: Is curl secure? A: curl verifies TLS certificates by default and has a strong security track record. Daniel Stenberg actively maintains security with a bug bounty program and regular audits. Always use HTTPS for sensitive data.

Sources

• GitHub: https://github.com/curl/curl
• Documentation: https://curl.se/docs
• Website: https://curl.se
• Created by Daniel Stenberg
• License: MIT-like (curl license)