Menu
How can I force cURL to send an invalid HTTP header, as follows:
curl -k 'https://192.168.1.1/' -H 'Host: 192.168.1.1' -H 'blah' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.8'
When I try the above, cURL helpfully leaves out the invalid header.
616
To send an HTTP header with a Curl request, you can use the -H command-line option and pass the header name and value in "Key: Value" format. If you do not provide a value for the header, this will remove the standard header that Curl would otherwise send. The number of HTTP headers is unlimited.
Curl by default adds headers such as Content-type and User-agent .
Setting the Content-Type with Curl Request. To send the Content-Type header using Curl, you need to use the -H command-line option. For example, you can use the -H "Content-Type: application/json" command-line parameter for JSON data. Data is passed to Curl using the -d command-line option.
Basic curl of t.co (HTTP) Include the HTTP-header in the output. The HTTP-header includes things like server-name, date of the document, HTTP-version and more.
You can, but it's slightly more convoluted than that. curl will check that you use a colon and avoid passed in headers that don't have colons. But you can trick curl's colon check by passing in a header with embedded CRLF that then creates two header lines, and one of them can then be without colon.
For example like this:
curl -H "`printf "Foo: bar\r\nblah"`" -v localhost
(-v of course lets you see the actual request curl uses)
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
