« TIPS - Curl » : différence entre les versions
De PedroWiki
Aller à la navigationAller à la recherche
imported>Jules Page créée avec « = Introduction = This article lists a few ways to call curl, depending on your need. = Curl calls = == Fake the DNS resolution == Use case: * your website is behind a... » |
imported>Jules |
||
| (3 versions intermédiaires par le même utilisateur non affichées) | |||
| Ligne 4 : | Ligne 4 : | ||
= Curl calls = | = Curl calls = | ||
== Curl with verbose result == | |||
Curl option: -v (or --verbose). | |||
== Fake the DNS resolution == | == Fake the DNS resolution == | ||
| Ligne 11 : | Ligne 15 : | ||
* your website is behind a reverse proxy, but you want to access the underlying web service with appropriate host header in your request. | * your website is behind a reverse proxy, but you want to access the underlying web service with appropriate host header in your request. | ||
curl -- | curl --resolve <my.domain>:443:<IP> https://<my.domain>[/<my_uri>] | ||
== Add a request header == | |||
Curl option: -H (or --header). | |||
Sample call: | |||
curl -IL -H '<header name>:<header value>' https://<URL to curl> | |||
== Only request response headers == | |||
Curl option: -I | |||
See previous sample. | |||
== Request CORS headers == | |||
curl -I -X OPTIONS -H "Origin: http://EXAMPLE.COM" -H 'Access-Control-Request-Method: GET' http://EXAMPLE.COM/SOMETHING 2>&1 | grep 'Access-Control-Allow-Origin' | |||
== Don't check SSL certificate == | |||
This option may be useful in some situations: | |||
* SSL deep inspection on the path, recyphering being done with a self-signed certificate or a cert emitted by a CA not present in your local CA store. | |||
* Test a WAF or reverse proxy configuration not totally ready regarding SSL configuration. | |||
Curl option: -k (or --insecure). | |||
Sample: | |||
curl -k https://<IP> -I -v --header 'Host:<the real hostname your request for>' | |||
[[Category:Howto]] | |||
[[Category:Linux]] | |||
[[Category:Web]] | |||
[[Category:Troubleshooting]] | |||
Dernière version du 25 septembre 2023 à 14:51
Introduction
This article lists a few ways to call curl, depending on your need.
Curl calls
Curl with verbose result
Curl option: -v (or --verbose).
Fake the DNS resolution
Use case:
- your website is behind a WAF and the FQDN resolves to it instead of the web server directly (the origin).
- your website is behind a reverse proxy, but you want to access the underlying web service with appropriate host header in your request.
curl --resolve <my.domain>:443:<IP> https://<my.domain>[/<my_uri>]
Add a request header
Curl option: -H (or --header).
Sample call:
curl -IL -H '<header name>:<header value>' https://<URL to curl>
Only request response headers
Curl option: -I
See previous sample.
Request CORS headers
curl -I -X OPTIONS -H "Origin: http://EXAMPLE.COM" -H 'Access-Control-Request-Method: GET' http://EXAMPLE.COM/SOMETHING 2>&1 | grep 'Access-Control-Allow-Origin'
Don't check SSL certificate
This option may be useful in some situations:
- SSL deep inspection on the path, recyphering being done with a self-signed certificate or a cert emitted by a CA not present in your local CA store.
- Test a WAF or reverse proxy configuration not totally ready regarding SSL configuration.
Curl option: -k (or --insecure).
Sample:
curl -k https://<IP> -I -v --header 'Host:<the real hostname your request for>'
