如何使用 cURL 设置授权标头 [英] How to set the authorization header using cURL
问题描述
如何使用 cURL 传递授权标头?(在 /usr/bin/curl 中可执行).
http://curl.se/docs/httpscripting.html
参见第 6 部分 HTTP 身份验证
<块引用>HTTP 身份验证
<块引用>
HTTP 身份验证能够告诉服务器您的用户名和密码,以便它可以验证您是否被允许执行您的请求正在做.HTTP 中使用的基本身份验证(curl 使用的类型)default) 是基于 plain text 的,这意味着它发送用户名和密码只是略微混淆,但仍然可以被任何嗅探的人完全阅读您和远程服务器之间的网络.
<块引用>
告诉 curl 使用用户和密码进行身份验证:
<块引用>
curl --user name:password http://www.example.com<块引用>
该站点可能需要不同的身份验证方法(检查标题由服务器返回),然后 --ntlm、--digest、--negotiate 甚至--anyauth 可能是适合您的选项.
<块引用>
有时您的 HTTP 访问只能通过使用 HTTP代理人.这似乎在不同的公司中尤为常见.HTTP 代理可能需要自己的用户名和密码才能让客户通过互联网.要使用 curl 指定那些,请运行以下命令:
<块引用>
curl --proxy-user proxyuser:proxypassword curl.haxx.se<块引用>
如果您的代理需要使用 NTLM 方法进行身份验证,使用--proxy-ntlm,如果它需要摘要使用--proxy-digest.
<块引用>
如果您使用这些用户+密码选项中的任何一个,但省略密码部分,curl 会以交互方式提示输入密码.
<块引用>
请注意,当一个程序运行时,它的参数可能会被看到列出系统正在运行的进程时.因此,其他用户可能如果您将它们作为普通命令行传递,则能够查看您的密码选项.有一些方法可以规避这一点.
<块引用>
值得注意的是,虽然这就是 HTTP 身份验证的工作方式,但非常许多网站在提供登录信息等时不会使用这个概念.见有关更多详细信息,请参阅下面的 Web 登录章节.
How do I pass authorization header using cURL? ( executable in /usr/bin/curl).
http://curl.se/docs/httpscripting.html
See part 6. HTTP Authentication
HTTP Authentication
HTTP Authentication is the ability to tell the server your username and password so that it can verify that you're allowed to do the request you're doing. The Basic authentication used in HTTP (which is the type curl uses by default) is plain text based, which means it sends username and password only slightly obfuscated, but still fully readable by anyone that sniffs on the network between you and the remote server.
To tell curl to use a user and password for authentication:
curl --user name:password http://www.example.com
The site might require a different authentication method (check the headers returned by the server), and then --ntlm, --digest, --negotiate or even --anyauth might be options that suit you.
Sometimes your HTTP access is only available through the use of a HTTP proxy. This seems to be especially common at various companies. A HTTP proxy may require its own user and password to allow the client to get through to the Internet. To specify those with curl, run something like:
curl --proxy-user proxyuser:proxypassword curl.haxx.se
If your proxy requires the authentication to be done using the NTLM method, use --proxy-ntlm, if it requires Digest use --proxy-digest.
If you use any one these user+password options but leave out the password part, curl will prompt for the password interactively.
Do note that when a program is run, its parameters might be possible to see when listing the running processes of the system. Thus, other users may be able to watch your passwords if you pass them as plain command line options. There are ways to circumvent this.
It is worth noting that while this is how HTTP Authentication works, very many web sites will not use this concept when they provide logins etc. See the Web Login chapter further below for more details on that.
这篇关于如何使用 cURL 设置授权标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
