Editing
Using curl to test POST data
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
[[Category:Web Development]] == Basic request passing variables as POST == Use `--data` or `-d` option to pass variables to the page. <syntaxhighlight lang="bash"> $ curl -d "user=mylogin&pass=mypass&foo=bar&biz=bash" http://www.mydomain.com/mypage/ </syntaxhighlight> == Request using basic authentication == Use `--user` or `-u` option. <syntaxhighlight lang="bash"> $ curl -u mylogin:mypass -d "user=mylogin&pass=mypass&foo=bar&biz=bash" http://www.mydomain.com/mypage/ </syntaxhighlight> == Request using Windows integrated authentication == Add `--ntlm` option. <syntaxhighlight lang="bash"> $ curl -u mylogin:mypass --ntlm -d "user=mylogin&pass=mypass&foo=bar&biz=bash" http://www.mydomain.com/mypage/ </syntaxhighlight> == Special characters in username or password == Escape special characters with back slash. <syntaxhighlight lang="bash"> $ curl -u mylogin:myp\&ss --ntlm -d "user=mylogin&pass=mypass&foo=bar&biz=bash" http://www.mydomain.com/mypage/ </syntaxhighlight> == Storing arguments in a text file == Content of file, saved as `curlargs.txt`: <syntaxhighlight lang="bash"> -d foo=bar&biz=bash http://localhost/mytestpage.html </syntaxhighlight> Run curl using contents of <code>curlargs.txt</code> (in a bash shell): <syntaxhighlight lang="bash"> $ cat curlargs.txt | xargs -n3 curl </syntaxhighlight> == Sending request headers == <syntaxhighlight lang="powershell"> > curl -H "X-MyHeader: 123" www.google.com </syntaxhighlight> The argument is either `-H` or `--header` followed by header name, colon, and header value. For example, to send an Accept request-header for JSON data: `-H "Accept: application/json"`. To view the request that is sent add the `-v` option to `curl`. == Handling quotes in POST data == '''Problem:''' The value of the `-d` or `--data` argument (typically a JSON string) contains either a single or double quote: <syntaxhighlight lang="bash"> # Error is thrown when it hits the first quote in the ''title'' string. curl -d '{ "id": "6650", "title": "A record title containing 'quotes'."}' http://mydomain.com/path/to/page/ </syntaxhighlight> '''Solution:''' Use the `@` character to read the data from a separate file. Curl arguments stored in `curargs.txt`: <pre> -d @jsondata.txt http://mydomain.com/path/to/page/ </pre> Contents of `jsondata.txt`: <pre> { "id": "6650", "title": "A record title containing 'quotes'."} </pre> Then pass the contents of the two files to curl with <syntaxhighlight lang="bash"> $ cat curlargs.txt | xargs -n3 curl </syntaxhighlight> == Sending POST requests to Django projects == Because of [https://docs.djangoproject.com/en/dev/ref/contrib/csrf/ Cross Site Request Forgery protection] in Django, POST requests have to include a CSRF token generated by the Django app. It's not really practical or safe to generate the token so it can be used with `curl`. Instead right above the Django view that is being called, place an CSRF exemption: <syntaxhighlight lang="python"> from django.views.decorators.csrf import csrf_exempt @csrf_exempt def my_view(request): return HttpResponse('Hello world') </syntaxhighlight> It's possible to pass the token with `curl`: <syntaxhighlight lang="bash"> curl -X POST -d "email=test@test.com&a=1&csrfmiddlewaretoken=<inserttoken>" --cookie "csrftoken=[as above]" http://127.0.0.1:8083/registrations/register/ </syntaxhighlight> It's also possible to use `--header "X-CSRFToken: <token>"` instead of including it in the form data. == Following redirects == <syntaxhighlight lang="bash"> $ curl -L -X POST -d "foo=bar&biz=bash" http://dev-server.com </syntaxhighlight> * `-L` '''location''' Tells `curl` to reattempt the get if the server reports that the page is at a different location (`301` and `302` responses) * `-X POST` Explicitly use the POST method (as opposed to the `-d` option which implicitly uses POST.<ref>[http://man.cx/curl curl man page]</ref> (man.cx manual pages) This happens with Symfony, which sends a `301` response with its controllers.<ref>[http://stackoverflow.com/a/22654902 php curl post request to symfony2 app shows an empty ParameterBag] (Stackoverflow)</ref>,<ref>[http://www.recursion.org/2011/11/18/following-redirects-with-curl Following Redirects with Curl] (recursion.org blog)</ref> <p class="alert-warning">N.B. This did not work on the first attempt with Symfony. Not sure if it's not a solution, or if I was doing something wrong.</p> == Notes == <references />
Summary:
Please note that all contributions to Littledamien Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Littledamien Wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Special pages
Page information