Tuesday, July 28, 2015


Linux provides a nice little command which makes our lives a lot easier.


with JSON:

curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X GET http://hostname/resource

with XML:

curl -H "Accept: application/xml" -H "Content-Type: application/xml" -X GET http://hostname/resource


For posting data:

curl --data "param1=value1&param2=value2" http://hostname/resource

For file upload:

curl --form "fileupload=@filename.txt" http://hostname/resource

RESTful HTTP Post:

curl -X POST -d @filename http://hostname/resource

For logging into a site (auth):

curl -d "username=admin&password=admin&submit=Login" --dump-header headers http://localhost/Login

curl -L -b headers http://localhost/

GET approach with JSON result
curl -i -H "Accept: application/json" http://someHostName/someEndpoint | grep }| python -mjson.tool 

POST approach with JSON result

curl -X POST  -H "Accept: Application/json" -H "Content-Type: application/json" http://someHostName/someEndpoint -d '{"id":"IDVALUE","name":"Mike"}' | grep }| python -mjson.tool

Posting Data with Curl

curl --data 'foo=bar' \
        --trace-ascii /dev/stdout \

Posting JSON Data with Curl

curl --data '{"id":"value", ""}' http://

Inspect SSL Certificates

Using curl we can also view information about the SSL certificates from the server. This also helps to diagnose if there are issues with the certificate chain.

~ $ curl -v https://edoceo.com/

Post STDOUT to Server via curl

Here we take the output of lshw and send that up to the Linux Hardware Database.

~ $ lshw -json |  curl -d@- -qs "http://edoceo-demo.com/upload"
~ $ lshw -json |  curl --data-ascii @- -qs "http://edoceo-demo.com/upload"
~ $ lshw -json |  curl --data-binary @- -qs "http://edoceo-demo.com/upload"


Use the --trace-ascii option.

curl http://edoceo.com/ -d "hello=there" --trace-ascii /dev/stdout

Enables a full trace dump of all incoming and outgoing data, including descriptive informa‐ tion, to the given output file. Use "-" as filename to have the output sent to stdout.
This is very similar to --trace, but leaves out the hex part and only shows the ASCII part of the dump. It makes smaller output that might be easier to read for untrained humans.
This option overrides previous uses of -v, --verbose or --trace.
If this option is used several times, the last one will be used.

== Info: Adding handle: conn: 0x14a8880
== Info: Adding handle: send: 0
== Info: Adding handle: recv: 0
== Info: Curl_addHandleToPipeline: length: 1
== Info: - Conn 0 (0x14a8880) send_pipe: 1, recv_pipe: 0
== Info: About to connect() to edoceo.com port 80 (#0)
== Info:   Trying
== Info: Connected to edoceo.com ( port 80 (#0)
=> Send header, 74 bytes (0x4a)
0000: GET / HTTP/1.1
0010: User-Agent: curl/7.33.0
0029: Host: edoceo.com
003b: Accept: */*
<= Recv header, 17 bytes (0x11)
0000: HTTP/1.1 200 OK
<= Recv header, 37 bytes (0x25)
0000: Date: Thu, 09 Jan 2014 02:05:51 GMT
== Info: Server Apache is not blacklisted
<= Recv header, 16 bytes (0x10)
0000: Server: Apache
<= Recv header, 55 bytes (0x37)
0000: Set-Cookie: edoceo=edla1uattv6kbep8ofqp3q5ri6; path=/
<= Recv header, 40 bytes (0x28)
0000: Expires: Thu, 19 Nov 1981 08:52:00 GMT
<= Recv header, 79 bytes (0x4f)
0000: Cache-Control: must-revalidate, no-cache, no-store, post-check=0
0040: , pre-check=0
<= Recv header, 22 bytes (0x16)
0000: Content-Language: en
<= Recv header, 23 bytes (0x17)
0000: Vary: Accept-Encoding
<= Recv header, 28 bytes (0x1c)
0000: Transfer-Encoding: chunked
<= Recv header, 40 bytes (0x28)
0000: Content-Type: text/html; charset=utf-8
<= Recv header, 2 bytes (0x2)
<= Recv data, 1089 bytes (0x441)

No comments :

Post a Comment