curl/curl
1
1
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-09-10 14:12:41 +03:00
Code Issues Packages Projects Releases Wiki Activity
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and
34,107 Commits 10 Branches 230 Tags 226 MiB
C 74.8%
Perl 8.2%
M4 4.8%
Python 4.8%
CMake 2.8%
Other 4.6%
0f54bfd803
Go to file
Daniel Stenberg 0f54bfd803
libcurl/opts: do not save files in dirs where attackers have access 
libcurl cannot fully protect against attacks where an attacker has write
access to the same directory where it is directed to save files. This is
particularly sensitive if you save files using elevated privileges.

Previously only mentioned in VULN-DISCLOSURE-POLICY.md.

Highlighted-by: Donguk Kim

Closes #16051
2025-01-20 10:34:37 +01:00
.circleci GHA/linux: enable wolfSSH in a wolfSSL job 2025-01-17 00:20:54 +01:00
.github GHA: tidy up quotes, checkout order, silence Android/CMake warnings 2025-01-19 15:03:16 +01:00
CMake cmake: drop fseeko() pre-fill and check for Windows 2025-01-19 15:03:16 +01:00
docs libcurl/opts: do not save files in dirs where attackers have access 2025-01-20 10:34:37 +01:00
include system.h: fix indentation 2025-01-12 06:03:05 +01:00
lib cmake: drop fseeko() pre-fill and check for Windows 2025-01-19 15:03:16 +01:00
LICENSES copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
m4 curl-functions.m4: fix indentation in CURL_SIZEOF() 2025-01-13 02:44:41 +01:00
packages docs: use lowercase curl and libcurl 2025-01-02 17:15:54 +01:00
plan9 copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
projects checksrc.bat: remove explicit SNPRINTF bypass 2025-01-19 03:24:31 -05:00
scripts checksrc: check for return with parens around a value/name 2025-01-13 09:10:50 +01:00
src tidy-up: extend CURL_O_BINARY to lib and tests 2025-01-16 12:36:07 +01:00
tests pytest: remove 'repeat' parameter 2025-01-17 14:03:30 +01:00
winbuild cmake: deprecate winbuild, add migration guide from legacy build methods 2025-01-10 18:20:52 +01:00
.dir-locals.el copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.git-blame-ignore-revs copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.gitattributes winbuild: MS-DOS batch tidy-ups 2024-07-02 19:26:15 +02:00
.gitignore gitignore: ignore output files created by mk-ca-bundle.pl 2024-12-22 03:11:51 -05:00
.mailmap ECH: update APIs to those agreed with OpenSSL maintainers 2025-01-10 08:36:25 +01:00
acinclude.m4 configure: do not inline 'dnl' comments [ci skip] 2025-01-17 02:38:10 +01:00
appveyor.sh CI: add/extend curl binary info, VS2010 32-bit, misc improvements 2025-01-14 17:46:49 +01:00
appveyor.yml CI: add/extend curl binary info, VS2010 32-bit, misc improvements 2025-01-14 17:46:49 +01:00
buildconf copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
buildconf.bat buildconf.bat: remove outdated groff/nroff use 2024-03-07 22:38:16 +01:00
CHANGES.md CHANGES: rename to CHANGES.md, no longer generated 2024-08-01 13:37:12 +02:00
CMakeLists.txt cmake: drop fseeko() pre-fill and check for Windows 2025-01-19 15:03:16 +01:00
configure.ac build: stop detecting sched_yield() on Windows 2025-01-17 23:31:58 +01:00
COPYING COPYING: bump copyright year range to 1996 - 2025 2025-01-01 21:12:12 +01:00
curl-config.in curl-config: tidy up, optimize 2024-12-24 01:21:38 +01:00
Dockerfile Dockerfile: Update debian:bookworm-slim Docker digest to b73bf02 2024-12-03 09:25:09 +01:00
GIT-INFO.md docs: use lowercase curl and libcurl 2025-01-02 17:15:54 +01:00
libcurl.pc.in configure: do not echo most inherited LDFLAGS to config files 2024-11-14 09:55:45 +01:00
Makefile.am tidy-up: delete stray references from autotools, docs 2025-01-09 02:12:53 +01:00
Makefile.dist Makefile.mk: drop in favour of autotools and cmake (MS-DOS, AmigaOS3) 2024-12-16 23:20:55 +01:00
README docs: minor grammar fixes 2022-09-29 10:44:12 +02:00
README.md docs: use lowercase curl and libcurl 2025-01-02 17:15:54 +01:00
RELEASE-NOTES RELEASE-NOTES: synced 2025-01-19 11:55:02 +01:00
renovate.json GHA: drop "3" from openssl names and keys 2024-10-23 19:36:03 +02:00
REUSE.toml projects/Windows: remove wolfSSL from legacy projects 2024-12-22 03:10:35 -05:00
SECURITY.md docs: Clarify OpenSSF Best Practices vs Scorecard 2024-08-22 11:50:20 +02:00

README.md

curl logo

curl is a command-line tool for transferring data specified with URL syntax. Learn how to use curl by reading the manpage or everything curl.

Find out how to install curl by reading the INSTALL document.

libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl manpage to learn how.

Open Source

curl is Open Source and is distributed under an MIT-like license.

Contact

Contact us on a suitable mailing list or use GitHub issues/ pull requests/ discussions.

All contributors to the project are listed in the THANKS document.

Commercial support

For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.

Website

Visit the curl website for the latest news and downloads.

Source code

Download the latest source from the Git server:

git clone https://github.com/curl/curl.git

Security problems

Report suspected security problems via our HackerOne page and not in public.

Notice

curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan. This notice is included here to comply with the distribution terms.

Backers

Thank you to all our backers 🙏 Become a backer.

Sponsors

Support this project by becoming a sponsor.