curlコマンドの使い方(HTTPリクエスト)

curlコマンドの主な利用方法を整理します。「ResponseHeaderのみといった出力指定方法」「HTTPメソッド指定方法」「データ送信方法」「リクエストヘッダーの指定方法」「cookieの受信・送信」「Basic認証」など取り上げます。

出力指定

ResponseBodyのみ出力
( オプション指定なし )

$ curl http://localhost:8000
Hello, World!

ResponseHeaderのみ出力
( -I --head )

$ curl -I http://localhost:8000 
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Mon, 03 May 2021 08:11:19 GMT
Content-Length: 13

ResponseHeader
とResponseBodyを出力
( -i --include )

$ curl -i http://localhost:8000 
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Mon, 03 May 2021 08:13:43 GMT
Content-Length: 13

Hello, World!

RequestHeader
とResponseHeader
とResponseBodyを出力
( -v --verbose )

$ curl -v http://localhost:8000 
*   Trying ::1:8000...
* Connected to localhost (::1) port 8000 (#0)
> GET / HTTP/1.1
> Host: localhost:8000
> User-Agent: curl/7.71.1
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/plain; charset=UTF-8
< Date: Mon, 03 May 2021 08:11:53 GMT
< Content-Length: 13
< 
* Connection #0 to host localhost left intact
Hello, World!

パケットデータ
( --trace <file> --trace-ascii <file> )

$ curl --trace /dev/stdout http://localhost:8000
== Info:   Trying ::1:8000...
== Info: Connected to localhost (::1) port 8000 (#0)
=> Send header, 78 bytes (0x4e)
0000: 47 45 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a GET / HTTP/1.1..
0010: 48 6f 73 74 3a 20 6c 6f 63 61 6c 68 6f 73 74 3a Host: localhost:
0020: 38 30 30 30 0d 0a 55 73 65 72 2d 41 67 65 6e 74 8000..User-Agent
0030: 3a 20 63 75 72 6c 2f 37 2e 37 31 2e 31 0d 0a 41 : curl/7.71.1..A
0040: 63 63 65 70 74 3a 20 2a 2f 2a 0d 0a 0d 0a       ccept: */*....
== Info: Mark bundle as not supporting multiuse
<= Recv header, 17 bytes (0x11)
0000: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d HTTP/1.1 200 OK.
0010: 0a                                              .
<= Recv header, 41 bytes (0x29)
0000: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 Content-Type: te
0010: 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 xt/plain; charse
0020: 74 3d 55 54 46 2d 38 0d 0a                      t=UTF-8..
<= Recv header, 37 bytes (0x25)
0000: 44 61 74 65 3a 20 4d 6f 6e 2c 20 30 33 20 4d 61 Date: Mon, 03 Ma
0010: 79 20 32 30 32 31 20 30 38 3a 31 34 3a 34 36 20 y 2021 08:14:46 
0020: 47 4d 54 0d 0a                                  GMT..
<= Recv header, 20 bytes (0x14)
0000: 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 Content-Length: 
0010: 31 33 0d 0a                                     13..
<= Recv header, 2 bytes (0x2)
0000: 0d 0a                                           ..
<= Recv data, 13 bytes (0xd)
0000: 48 65 6c 6c 6f 2c 20 57 6f 72 6c 64 21          Hello, World!
== Info: Connection #0 to host localhost left intact
Hello, World!
$ curl --trace-ascii /dev/stdout http://localhost:8000 
== Info:   Trying ::1:8000...
== Info: Connected to localhost (::1) port 8000 (#0)
=> Send header, 78 bytes (0x4e)
0000: GET / HTTP/1.1
0010: Host: localhost:8000
0026: User-Agent: curl/7.71.1
003f: Accept: */*
004c: 
== Info: Mark bundle as not supporting multiuse
<= Recv header, 17 bytes (0x11)
0000: HTTP/1.1 200 OK
<= Recv header, 41 bytes (0x29)
0000: Content-Type: text/plain; charset=UTF-8
<= Recv header, 37 bytes (0x25)
0000: Date: Mon, 03 May 2021 08:14:19 GMT
<= Recv header, 20 bytes (0x14)
0000: Content-Length: 13
<= Recv header, 2 bytes (0x2)
0000: 
<= Recv data, 13 bytes (0xd)
0000: Hello, World!
== Info: Connection #0 to host localhost left intact
Hello, World!

進捗非表示 & エラー表示
( -sS )

$ curl -sS http://localhost:8000
Hello, World!

出力フォーマット指定
( -w <format> --write-out <format> )

http_codeのみ確認したいときなどに活用できます。%{variable_name} の形式で指定します。

レスポンスボディは非表示にしたいので -o /dev/null を指定しています。

$ curl -w 'http_code: %{http_code}\n' http://localhost:8000/ -sS -o /dev/null
http_code: 200
$ curl -w 'size_download: %{size_download}\n' http://localhost:8000/ -sS -o /dev/null
size_download: 13
$ curl -w 'content_type: %{content_type}\n' http://localhost:8000/ -sS -o /dev/null
content_type: text/plain; charset=UTF-8

ファイルに出力

ローカルにダウンロード
( -O --remote-name )

まず、-Oオプション をつけずに実行してみます。

$ curl http://localhost:8000/test.html
<!doctype html>
<html>
<head>
    <meta charset="utf-8">
</head>
<body>
    <p>わくわくBank</p>
</body>
</html>

-Oオプション をつけてローカルにダウンロードしてみます。

$ curl -O http://localhost:8000/test.html
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   115  100   115    0     0  57500      0 --:--:-- --:--:-- --:--:-- 57500
$ 
$ 
$ cat test.html 
<!doctype html>
<html>
<head>
    <meta charset="utf-8">
</head>
<body>
    <p>わくわくBank</p>
</body>
</html>

出力ファイル名を指定
( -o <file> --output <file>)

指定ファイルに出力できます。

$ curl -o abc.html http://localhost:8000/test.html
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   115  100   115    0     0  38333      0 --:--:-- --:--:-- --:--:-- 57500
$ 
$ 
$ cat abc.html 
<!doctype html>
<html>
<head>
    <meta charset="utf-8">
</head>
<body>
    <p>わくわくBank</p>
</body>
</html>

HTTPメソッドを指定
( -X <command> --request <command> )

# GET
curl http://localhost:8000/
curl -X GET http://localhost:8000/

# POST
curl -X POST http://localhost:8000/

# PUT
curl -X PUT http://localhost:8000/

# DELETE
curl -X DELETE http://localhost:8000/

データ送信

application/x-www-form-urlencoded
( -d <data> --data <data> )

$ curl -v -X POST http://localhost:8000/ \
> -d 'aaa=111' \
> -d 'bbb=222' \
> -d 'ccc=333'
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying ::1:8000...
* Connected to localhost (::1) port 8000 (#0)
> POST / HTTP/1.1
> Host: localhost:8000
> User-Agent: curl/7.71.1
> Accept: */*
> Content-Length: 23
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 23 out of 23 bytes
* Mark bundle as not supporting multiuse

(省略)

以下のように指定することもできます。

$ curl -v -X POST http://localhost:8000/ \
-d 'aaa=111&bbb=222&ccc=333'

URLエンコード
+ application/x-www-form-urlencoded
( --data-urlencode <data> )

まずは、-dオプション でURLエンコードされていないケースを確認します。

$ curl -X POST http://localhost:8000/ \
> --trace-ascii /dev/stdout \
> --data 'aaa=1 1' \
> --data 'bbb=2%2' \
> --data 'ccc=3&3'
(省略)
0000: aaa=1 1&bbb=2%2&ccc=3&3
(省略)

次に、--data-urlencodeオプション でURLエンコードされているケースを確認します。

$ curl -X POST http://localhost:8000/ \
> --trace-ascii /dev/stdout \
> --data-urlencode 'aaa=1 1' \
> --data-urlencode 'bbb=2%2' \
> --data-urlencode 'ccc=3&3'
(省略)
0000: aaa=1%201&bbb=2%252&ccc=3%263
(省略)

multipart/form-data
( -F <name=content>
--form <name=content> )

ファイルアップロードします。

-Fオプション を利用すると Content-Typemultipart/form-data になります。

$ cat sample.txt 
ABCDEFG
$ 
$ 
$ curl -v -X POST http://localhost:8000/ \
> --trace-ascii /dev/stdout \
> -F 'file=@sample.txt' \
> -F 'aaa=111' \
> -F 'bbb=222'
Warning: --trace-ascii overrides an earlier trace/verbose option
Note: Unnecessary use of -X or --request, POST is already inferred.
== Info:   Trying ::1:8000...
== Info: Connected to localhost (::1) port 8000 (#0)
=> Send header, 186 bytes (0xba)
0000: POST / HTTP/1.1
0011: Host: localhost:8000
0027: User-Agent: curl/7.71.1
0040: Accept: */*
004d: Content-Length: 386
0062: Content-Type: multipart/form-data; boundary=--------------------
00a2: ----d720071bb9a8dd01
00b8: 
=> Send data, 386 bytes (0x182)
0000: --------------------------d720071bb9a8dd01
002c: Content-Disposition: form-data; name="file"; filename="sample.tx
006c: t"
0070: Content-Type: text/plain
008a: 
008c: ABCDEFG.
0096: --------------------------d720071bb9a8dd01
00c2: Content-Disposition: form-data; name="aaa"
00ee: 
00f0: 111
00f5: --------------------------d720071bb9a8dd01
0121: Content-Disposition: form-data; name="bbb"
014d: 
014f: 222
0154: --------------------------d720071bb9a8dd01--
(省略)

リクエストヘッダー指定
( -H <header/@file> --header <header/@file> )

-Hオプション でリクエストヘッダーを指定できます。

$ curl -v http://localhost:8000 \
> -H 'Content-Type: application/json' \
> -H 'Referer: http://example.com' \
> -H 'X-Sample: wakuwaku'
*   Trying ::1:8000...
* Connected to localhost (::1) port 8000 (#0)
> GET / HTTP/1.1
> Host: localhost:8000
> User-Agent: curl/7.71.1
> Accept: */*
> Content-Type: application/json
> Referer: http://example.com
> X-Sample: wakuwaku
(省略)

Cookie

受信
( -c <filename> )

サーバー側でCookieを設定するように調整しました。

my_cookie.txt というファイルにCookieを書き込むように -cオプション を設定してリクエストします。

$ curl -v http://localhost:8000/cookie \
> -c my_cookie.txt
*   Trying ::1:8000...
* Connected to localhost (::1) port 8000 (#0)
> GET /cookie HTTP/1.1
> Host: localhost:8000
> User-Agent: curl/7.71.1
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/plain; charset=UTF-8
* Added cookie username=""wakuwaku bank"" for domain localhost, path /, expire 1620124726
< Set-Cookie: username="wakuwaku bank"; Expires=Tue, 04 May 2021 10:38:46 GMT
< Date: Mon, 03 May 2021 10:38:46 GMT
< Content-Length: 13
< 
* Connection #0 to host localhost left intact
Hello, World!

my_cookie.txt ファイルが生成されました。中身を確認します。

$ cat my_cookie.txt 
# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.

localhost       FALSE   /       FALSE   1620124726      username        "wakuwaku bank"

送信
( -b <data|filename> )

先ほどcookieを書き込んだ my_cookie.txt ファイルを -bオプション に指定します。

$ curl -v http://localhost:8000/cookie -b my_cookie.txt
*   Trying ::1:8000...
* Connected to localhost (::1) port 8000 (#0)
> GET /cookie HTTP/1.1
> Host: localhost:8000
> User-Agent: curl/7.71.1
> Accept: */*
> Cookie: username="wakuwaku bank"
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/plain; charset=UTF-8
* Replaced cookie username=""wakuwaku bank"" for domain localhost, path /, expire 1620124902
< Set-Cookie: username="wakuwaku bank"; Expires=Tue, 04 May 2021 10:41:42 GMT
< Date: Mon, 03 May 2021 10:41:42 GMT
< Content-Length: 13
< 
* Connection #0 to host localhost left intact
Hello, World!

リクエストに Cookie: username="wakuwaku bank" が設定されていることがわかります。

Basic認証
( --basic -u <user:password> )

サーバー側でBasic認証を設定してみました。以下のように401になります。

$ curl -i http://localhost:8000
HTTP/1.1 401 Unauthorized
Content-Type: application/json; charset=UTF-8
Www-Authenticate: basic realm=Restricted
Date: Mon, 03 May 2021 10:30:11 GMT
Content-Length: 27

{"message":"Unauthorized"}

--basic -u <user:password> でBasic認証を通すことができます。

$ curl -i http://localhost:8000 \
> --basic -u yamada:sample_password
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Mon, 03 May 2021 10:32:45 GMT
Content-Length: 13

Hello, World!

その他のオプション
( -h )

curl -h でオプション一覧を確認できます。多いですね。。

(base) $ curl -h
Usage: curl [options...] <url>
     --abstract-unix-socket <path> Connect via abstract Unix domain socket
     --alt-svc <file name> Enable alt-svc with this cache file
     --anyauth       Pick any authentication method
 -a, --append        Append to target file when uploading
     --basic         Use HTTP Basic Authentication
     --cacert <file> CA certificate to verify peer against
     --capath <dir>  CA directory to verify peer against
 -E, --cert <certificate[:password]> Client certificate file and password
     --cert-status   Verify the status of the server certificate
     --cert-type <type> Certificate type (DER/PEM/ENG)
     --ciphers <list of ciphers> SSL ciphers to use
     --compressed    Request compressed response
     --compressed-ssh Enable SSH compression
 -K, --config <file> Read config from a file
     --connect-timeout <seconds> Maximum time allowed for connection
     --connect-to <HOST1:PORT1:HOST2:PORT2> Connect to host
 -C, --continue-at <offset> Resumed transfer offset
 -b, --cookie <data|filename> Send cookies from string/file
 -c, --cookie-jar <filename> Write cookies to <filename> after operation
     --create-dirs   Create necessary local directory hierarchy
     --crlf          Convert LF to CRLF in upload
     --crlfile <file> Get a CRL list in PEM format from the given file
 -d, --data <data>   HTTP POST data
     --data-ascii <data> HTTP POST ASCII data
     --data-binary <data> HTTP POST binary data
     --data-raw <data> HTTP POST data, '@' allowed
     --data-urlencode <data> HTTP POST data url encoded
     --delegation <LEVEL> GSS-API delegation permission
     --digest        Use HTTP Digest Authentication
 -q, --disable       Disable .curlrc
     --disable-eprt  Inhibit using EPRT or LPRT
     --disable-epsv  Inhibit using EPSV
     --disallow-username-in-url Disallow username in url
     --dns-interface <interface> Interface to use for DNS requests
     --dns-ipv4-addr <address> IPv4 address to use for DNS requests
     --dns-ipv6-addr <address> IPv6 address to use for DNS requests
     --dns-servers <addresses> DNS server addrs to use
     --doh-url <URL> Resolve host names over DOH
 -D, --dump-header <filename> Write the received headers to <filename>
     --egd-file <file> EGD socket path for random data
     --engine <name> Crypto engine to use
     --etag-compare <file> Pass an ETag from a file as a custom header
     --etag-save <file> Parse ETag from a request and save it to a file
     --expect100-timeout <seconds> How long to wait for 100-continue
 -f, --fail          Fail silently (no output at all) on HTTP errors
     --fail-early    Fail on first transfer error, do not continue
     --false-start   Enable TLS False Start
 -F, --form <name=content> Specify multipart MIME data
     --form-string <name=string> Specify multipart MIME data
     --ftp-account <data> Account data string
     --ftp-alternative-to-user <command> String to replace USER [name]
     --ftp-create-dirs Create the remote dirs if not present
     --ftp-method <method> Control CWD usage
     --ftp-pasv      Use PASV/EPSV instead of PORT
 -P, --ftp-port <address> Use PORT instead of PASV
     --ftp-pret      Send PRET before PASV
     --ftp-skip-pasv-ip Skip the IP address for PASV
     --ftp-ssl-ccc   Send CCC after authenticating
     --ftp-ssl-ccc-mode <active/passive> Set CCC mode
     --ftp-ssl-control Require SSL/TLS for FTP login, clear for transfer
 -G, --get           Put the post data in the URL and use GET
 -g, --globoff       Disable URL sequences and ranges using {} and []
     --happy-eyeballs-timeout-ms <milliseconds> Time for IPv6 before trying IPv4
     --haproxy-protocol Send HAProxy PROXY protocol v1 header
 -I, --head          Show document info only
 -H, --header <header/@file> Pass custom header(s) to server
 -h, --help          This help text
     --hostpubmd5 <md5> Acceptable MD5 hash of the host public key
     --http0.9       Allow HTTP 0.9 responses
 -0, --http1.0       Use HTTP 1.0
     --http1.1       Use HTTP 1.1
     --http2         Use HTTP 2
     --http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade
     --http3         Use HTTP v3
     --ignore-content-length Ignore the size of the remote resource
 -i, --include       Include protocol response headers in the output
 -k, --insecure      Allow insecure server connections when using SSL
     --interface <name> Use network INTERFACE (or address)
 -4, --ipv4          Resolve names to IPv4 addresses
 -6, --ipv6          Resolve names to IPv6 addresses
 -j, --junk-session-cookies Ignore session cookies read from file
     --keepalive-time <seconds> Interval time for keepalive probes
     --key <key>     Private key file name
     --key-type <type> Private key file type (DER/PEM/ENG)
     --krb <level>   Enable Kerberos with security <level>
     --libcurl <file> Dump libcurl equivalent code of this command line
     --limit-rate <speed> Limit transfer speed to RATE
 -l, --list-only     List only mode
     --local-port <num/range> Force use of RANGE for local port numbers
 -L, --location      Follow redirects
     --location-trusted Like --location, and send auth to other hosts
     --login-options <options> Server login options
     --mail-auth <address> Originator address of the original email
     --mail-from <address> Mail from this address
     --mail-rcpt <address> Mail to this address
     --mail-rcpt-allowfails Allow RCPT TO command to fail for some recipients
 -M, --manual        Display the full manual
     --max-filesize <bytes> Maximum file size to download
     --max-redirs <num> Maximum number of redirects allowed
 -m, --max-time <seconds> Maximum time allowed for the transfer
     --metalink      Process given URLs as metalink XML file
     --negotiate     Use HTTP Negotiate (SPNEGO) authentication
 -n, --netrc         Must read .netrc for user name and password
     --netrc-file <filename> Specify FILE for netrc
     --netrc-optional Use either .netrc or URL
 -:, --next          Make next URL use its separate set of options
     --no-alpn       Disable the ALPN TLS extension
 -N, --no-buffer     Disable buffering of the output stream
     --no-keepalive  Disable TCP keepalive on the connection
     --no-npn        Disable the NPN TLS extension
     --no-progress-meter Do not show the progress meter
     --no-sessionid  Disable SSL session-ID reusing
     --noproxy <no-proxy-list> List of hosts which do not use proxy
     --ntlm          Use HTTP NTLM authentication
     --ntlm-wb       Use HTTP NTLM authentication with winbind
     --oauth2-bearer <token> OAuth 2 Bearer Token
 -o, --output <file> Write to file instead of stdout
 -Z, --parallel      Perform transfers in parallel
     --parallel-immediate Do not wait for multiplexing (with --parallel)
     --parallel-max  Maximum concurrency for parallel transfers
     --pass <phrase> Pass phrase for the private key
     --path-as-is    Do not squash .. sequences in URL path
     --pinnedpubkey <hashes> FILE/HASHES Public key to verify peer against
     --post301       Do not switch to GET after following a 301
     --post302       Do not switch to GET after following a 302
     --post303       Do not switch to GET after following a 303
     --preproxy [protocol://]host[:port] Use this proxy first
 -#, --progress-bar  Display transfer progress as a bar
     --proto <protocols> Enable/disable PROTOCOLS
     --proto-default <protocol> Use PROTOCOL for any URL missing a scheme
     --proto-redir <protocols> Enable/disable PROTOCOLS on redirect
 -x, --proxy [protocol://]host[:port] Use this proxy
     --proxy-anyauth Pick any proxy authentication method
     --proxy-basic   Use Basic authentication on the proxy
     --proxy-cacert <file> CA certificate to verify peer against for proxy
     --proxy-capath <dir> CA directory to verify peer against for proxy
     --proxy-cert <cert[:passwd]> Set client certificate for proxy
     --proxy-cert-type <type> Client certificate type for HTTPS proxy
     --proxy-ciphers <list> SSL ciphers to use for proxy
     --proxy-crlfile <file> Set a CRL list for proxy
     --proxy-digest  Use Digest authentication on the proxy
     --proxy-header <header/@file> Pass custom header(s) to proxy
     --proxy-insecure Do HTTPS proxy connections without verifying the proxy
     --proxy-key <key> Private key for HTTPS proxy
     --proxy-key-type <type> Private key file type for proxy
     --proxy-negotiate Use HTTP Negotiate (SPNEGO) authentication on the proxy
     --proxy-ntlm    Use NTLM authentication on the proxy
     --proxy-pass <phrase> Pass phrase for the private key for HTTPS proxy
     --proxy-pinnedpubkey <hashes> FILE/HASHES public key to verify proxy with
     --proxy-service-name <name> SPNEGO proxy service name
     --proxy-ssl-allow-beast Allow security flaw for interop for HTTPS proxy
     --proxy-tls13-ciphers <ciphersuite list> TLS 1.3 proxy cipher suites
     --proxy-tlsauthtype <type> TLS authentication type for HTTPS proxy
     --proxy-tlspassword <string> TLS password for HTTPS proxy
     --proxy-tlsuser <name> TLS username for HTTPS proxy
     --proxy-tlsv1   Use TLSv1 for HTTPS proxy
 -U, --proxy-user <user:password> Proxy user and password
     --proxy1.0 <host[:port]> Use HTTP/1.0 proxy on given port
 -p, --proxytunnel   Operate through an HTTP proxy tunnel (using CONNECT)
     --pubkey <key>  SSH Public key file name
 -Q, --quote         Send command(s) to server before transfer
     --random-file <file> File for reading random data from
 -r, --range <range> Retrieve only the bytes within RANGE
     --raw           Do HTTP "raw"; no transfer decoding
 -e, --referer <URL> Referrer URL
 -J, --remote-header-name Use the header-provided filename
 -O, --remote-name   Write output to a file named as the remote file
     --remote-name-all Use the remote file name for all URLs
 -R, --remote-time   Set the remote file's time on the local output
 -X, --request <command> Specify request command to use
     --request-target Specify the target for this request
     --resolve <host:port:addr[,addr]...> Resolve the host+port to this address
     --retry <num>   Retry request if transient problems occur
     --retry-all-errors Retry all errors (use with --retry)
     --retry-connrefused Retry on connection refused (use with --retry)
     --retry-delay <seconds> Wait time between retries
     --retry-max-time <seconds> Retry only within this period
     --sasl-authzid <identity> Identity for SASL PLAIN authentication
     --sasl-ir       Enable initial response in SASL authentication
     --service-name <name> SPNEGO service name
 -S, --show-error    Show error even when -s is used
 -s, --silent        Silent mode
     --socks4 <host[:port]> SOCKS4 proxy on given host + port
     --socks4a <host[:port]> SOCKS4a proxy on given host + port
     --socks5 <host[:port]> SOCKS5 proxy on given host + port
     --socks5-basic  Enable username/password auth for SOCKS5 proxies
     --socks5-gssapi Enable GSS-API auth for SOCKS5 proxies
     --socks5-gssapi-nec Compatibility with NEC SOCKS5 server
     --socks5-gssapi-service <name> SOCKS5 proxy service name for GSS-API
     --socks5-hostname <host[:port]> SOCKS5 proxy, pass host name to proxy
 -Y, --speed-limit <speed> Stop transfers slower than this
 -y, --speed-time <seconds> Trigger 'speed-limit' abort after this time
     --ssl           Try SSL/TLS
     --ssl-allow-beast Allow security flaw to improve interop
     --ssl-no-revoke Disable cert revocation checks (Schannel)
     --ssl-reqd      Require SSL/TLS
     --ssl-revoke-best-effort Ignore missing/offline cert CRL dist points
 -2, --sslv2         Use SSLv2
 -3, --sslv3         Use SSLv3
     --stderr        Where to redirect stderr
     --styled-output Enable styled output for HTTP headers
     --suppress-connect-headers Suppress proxy CONNECT response headers
     --tcp-fastopen  Use TCP Fast Open
     --tcp-nodelay   Use the TCP_NODELAY option
 -t, --telnet-option <opt=val> Set telnet option
     --tftp-blksize <value> Set TFTP BLKSIZE option
     --tftp-no-options Do not send any TFTP options
 -z, --time-cond <time> Transfer based on a time condition
     --tls-max <VERSION> Set maximum allowed TLS version
     --tls13-ciphers <ciphersuite list> TLS 1.3 cipher suites to use
     --tlsauthtype <type> TLS authentication type
     --tlspassword   TLS password
     --tlsuser <name> TLS user name
 -1, --tlsv1         Use TLSv1.0 or greater
     --tlsv1.0       Use TLSv1.0 or greater
     --tlsv1.1       Use TLSv1.1 or greater
     --tlsv1.2       Use TLSv1.2 or greater
     --tlsv1.3       Use TLSv1.3 or greater
     --tr-encoding   Request compressed transfer encoding
     --trace <file>  Write a debug trace to FILE
     --trace-ascii <file> Like --trace, but without hex output
     --trace-time    Add time stamps to trace/verbose output
     --unix-socket <path> Connect through this Unix domain socket
 -T, --upload-file <file> Transfer local FILE to destination
     --url <url>     URL to work with
 -B, --use-ascii     Use ASCII/text transfer
 -u, --user <user:password> Server user and password
 -A, --user-agent <name> Send User-Agent <name> to server
 -v, --verbose       Make the operation more talkative
 -V, --version       Show version number and quit
 -w, --write-out <format> Use output FORMAT after completion
     --xattr         Store metadata in extended file attributes

参考

わくわくBank.
技術系の記事を中心に、役に立つと思ったこと、整理したい情報などを掲載しています。