| .\" ************************************************************************** |
| .\" * _ _ ____ _ |
| .\" * Project ___| | | | _ \| | |
| .\" * / __| | | | |_) | | |
| .\" * | (__| |_| | _ <| |___ |
| .\" * \___|\___/|_| \_\_____| |
| .\" * |
| .\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. |
| .\" * |
| .\" * This software is licensed as described in the file COPYING, which |
| .\" * you should have received as part of this distribution. The terms |
| .\" * are also available at https://curl.haxx.se/docs/copyright.html. |
| .\" * |
| .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
| .\" * copies of the Software, and permit persons to whom the Software is |
| .\" * furnished to do so, under the terms of the COPYING file. |
| .\" * |
| .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
| .\" * KIND, either express or implied. |
| .\" * |
| .\" ************************************************************************** |
| .\" |
| .TH CURLOPT_HTTPHEADER 3 "December 30, 2018" "libcurl 7.66.0" "curl_easy_setopt options" |
| |
| .SH NAME |
| CURLOPT_HTTPHEADER \- set custom HTTP headers |
| .SH SYNOPSIS |
| #include <curl/curl.h> |
| |
| CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPHEADER, struct curl_slist *headers); |
| .SH DESCRIPTION |
| Pass a pointer to a linked list of HTTP headers to pass to the server and/or |
| proxy in your HTTP request. The same list can be used for both host and proxy |
| requests! |
| |
| The linked list should be a fully valid list of \fBstruct curl_slist\fP |
| structs properly filled in. Use \fIcurl_slist_append(3)\fP to create the list |
| and \fIcurl_slist_free_all(3)\fP to clean up an entire list. If you add a |
| header that is otherwise generated and used by libcurl internally, your added |
| one will be used instead. If you add a header with no content as in 'Accept:' |
| (no data on the right side of the colon), the internally used header will get |
| disabled. With this option you can add new headers, replace internal headers |
| and remove internal headers. To add a header with no content (nothing to the |
| right side of the colon), use the form 'MyHeader;' (note the ending |
| semicolon). |
| |
| The headers included in the linked list \fBmust not\fP be CRLF-terminated, |
| because libcurl adds CRLF after each header item. Failure to comply with this |
| will result in strange bugs because the server will most likely ignore part of |
| the headers you specified. |
| |
| The first line in a request (containing the method, usually a GET or POST) is |
| not a header and cannot be replaced using this option. Only the lines |
| following the request-line are headers. Adding this method line in this list |
| of headers will only cause your request to send an invalid header. Use |
| \fICURLOPT_CUSTOMREQUEST(3)\fP to change the method. |
| |
| When this option is passed to \fIcurl_easy_setopt(3)\fP, libcurl will not copy |
| the entire list so you \fBmust\fP keep it around until you no longer use this |
| \fIhandle\fP for a transfer before you call \fIcurl_slist_free_all(3)\fP on |
| the list. |
| |
| Pass a NULL to this option to reset back to no custom headers. |
| |
| The most commonly replaced headers have "shortcuts" in the options |
| \fICURLOPT_COOKIE(3)\fP, \fICURLOPT_USERAGENT(3)\fP and |
| \fICURLOPT_REFERER(3)\fP. We recommend using those. |
| |
| There's an alternative option that sets or replaces headers only for requests |
| that are sent with CONNECT to a proxy: \fICURLOPT_PROXYHEADER(3)\fP. Use |
| \fICURLOPT_HEADEROPT(3)\fP to control the behavior. |
| .SH SECURITY CONCERNS |
| By default, this option makes libcurl send the given headers in all HTTP |
| requests done by this handle. You should therefore use this option with |
| caution if you for example connect to the remote site using a proxy and a |
| CONNECT request, you should to consider if that proxy is supposed to also get |
| the headers. They may be private or otherwise sensitive to leak. |
| |
| Use \fICURLOPT_HEADEROPT(3)\fP to make the headers only get sent to where you |
| intend them to get sent. |
| |
| Custom headers are sent in all requests done by the easy handles, which |
| implies that if you tell libcurl to follow redirects |
| (\fICURLOPT_FOLLOWLOCATION(3)\fP), the same set of custom headers will be sent |
| in the subsequent request. Redirects can of course go to other hosts and thus |
| those servers will get all the contents of your custom headers too. |
| |
| Starting in 7.58.0, libcurl will specifically prevent "Authorization:" headers |
| from being sent to other hosts than the first used one, unless specifically |
| permitted with the \fICURLOPT_UNRESTRICTED_AUTH(3)\fP option. |
| |
| Starting in 7.64.0, libcurl will specifically prevent "Cookie:" headers |
| from being sent to other hosts than the first used one, unless specifically |
| permitted with the \fICURLOPT_UNRESTRICTED_AUTH(3)\fP option. |
| .SH DEFAULT |
| NULL |
| .SH PROTOCOLS |
| HTTP |
| .SH EXAMPLE |
| .nf |
| CURL *curl = curl_easy_init(); |
| |
| struct curl_slist *list = NULL; |
| |
| if(curl) { |
| curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); |
| |
| list = curl_slist_append(list, "Shoesize: 10"); |
| list = curl_slist_append(list, "Accept:"); |
| |
| curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list); |
| |
| curl_easy_perform(curl); |
| |
| curl_slist_free_all(list); /* free the list again */ |
| } |
| .fi |
| |
| .SH AVAILABILITY |
| As long as HTTP is enabled |
| .SH RETURN VALUE |
| Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not. |
| .SH "SEE ALSO" |
| .BR CURLOPT_CUSTOMREQUEST "(3), " CURLOPT_HEADEROPT "(3), " |
| .BR CURLOPT_PROXYHEADER "(3), " CURLOPT_HEADER "(3)" |
