Search

Items tagged with: Curl

#curl @Jim Fuller

Five days to #curl release...
#curl

In this newly disclosed #curl security report it is painfully obvious how the user's "clever" idea of using an AI to write the report made the report into a impenetrable wall of text instead of simply stating the problem in a few coherent paragraphs.

hackerone.com/reports/3324901


curl disclosed on HackerOne: libcurl: Host-Only Cookies Leak to...

libcurl canonicalizes numeric IPv4 hostnames during URL parsing and redirect handling (example: 127.000.000.001 to 127.0.0.1). When a host-only cookie (no Domain= attribute) is set, it is stored in...
HackerOne
#curl

Having ongoing discussions about URL parsing differences as a basis for a #curl security vulnerability report made me check when I wrote my "my URL isn't your URL" blog post.

*Nine years ago*. And we have not made a single move towards a solution in all this time.

daniel.haxx.se/blog/2016/05/11…


My URL isn’t your URL

When I started the precursor to the curl project, httpget, back in 1996, I wrote my first URL parser. Back then, the universal address was still called URL: Uniform Resource Locators. That spec was published by the IETF in 1994.
daniel.haxx.se
#curl

Digital Extremes violate the #cURL license?

github.com/curl/curl/discussio…

If they do, that's a shame but there's not a lot I can do. Anyone who can verify this claim? (probably by scanning the binaries for known names or similar)


Digital Extremes violate the cURL license · curl curl · Discussion #18474

Hi, I just want to let you know (and have there be a record) of the fact that Digital Extremes, a Canadian video-game-developer-turned-GaaS-developer, are using cURL (statically linked alongside Op...
GitHub
#curl

Today is exactly twelve years ago since we created the lib/http2.c source file in the #curl source tree, and doing HTTP would never be the same again.

The paradigm shift going from one transfer per connection to possibly multiple transfers per connection was massive and took many years until most of the bugs were ironed out.

#curl

#curl

it will be great to meet you there. And also for the #curl stickers, of course 🙂
#curl

#curl #eurobsdcon

#curl

#curl

Today we count *exactly* 3,500 named contributors to #curl
A graph showing number of contributors in the curl project from 1998 until today, starting at 1 up to 3,500 today
#curl

#curl

I did my first Linux install in years. I got to use #curl for the first time that I was aware of. It worked very well. Thank you for your service.
#curl

520 Wikipedia downloads per second are done with #curl
#curl

#curl

#curl

#curl

clang-tidy 21 suddenly generates a dozen new false positives on the #curl code base and I'm sad...
#curl

We have started the tedious and destined-to-always-lag-behind work of documenting #curl's view of the OpenSSL forks: github.com/curl/curl/wiki/Open…

OpenSSL forks

A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP...
GitHub
#curl

We are thirteen days away from next #curl release.

We have 17 changes and 225 bugfixes logged so far for this.

One low severity CVE will be published in sync with this release.

Thanks for flying curl.

#curl

Today we celebrate seven years of #curl shipping official Windows executables, thanks to @vsz's awesome work.

Blog post from back then:
daniel.haxx.se/blog/2018/08/27…


Blessed curl builds for Windows

The curl project is happy to introduce official and blessed curl builds for Windows for download on the curl web site. This means we have a set of recommended curl packages that we advice users on Windows to download.
daniel.haxx.se
#curl @vsz

It took me 4 seconds to figure out that the grey elements are not partvof the graph (to indicate trends or something) but the curl logo.

#curl

#curl

The graph you didn't know you wanted.
Number of lines in the #curl man page over time.
Graph showing number of lines in the curl.1 man over time. From 300 back in mid-1999 up to almost 7,000 in mid-2025
#curl

#curl

Inspired by the BBC Tech report from @tdp_org, I looked at Wikipedia.

Yesterday, Wikipedia received over 45 million requests made with curl, from 113 distinct curl releases.

Of these, 32 million use the default UA (e.g. curl CLI). The other 13 million embed libcurl with a longer UA string containing curl (e.g. GuzzleHttp/PHP, PycURL, UnityPlayer)

At 12 million, most are curl/7.88.1.

Raw data, queries, and scrub/cleaning parameters:
gitlab.wikimedia.org/-/snippet…

#browserstats #curl #wikipedia

Wikipedia web requests by user agents containing "curl/". Top 3: * curl/7.88.1 (12.5 million) * curl/7.85.0 (10 million) * curl/8.10.1 (8 millon)
Wikipedia web requests by curl user agent, over a 24 hour period. Top 3: * curl/7.88.1 (12.5 million) * curl/7.85.0 (10 million) * curl/7.54 (5 millon)
Wikipedia web requests by curl user agent from HTTP requests to wikimedia.org, wikipedia.org, and other Wikimedia Foundation projects on 2025-08-26. Ranging from curl/7.4.x (oldest) to curl/8.15.x (newest). Exact numbers in linked TSV files.
Wikipedia web requests by user agent containing "curl/". Ranging from curl/4.x (oldest) to curl/8.16.x (newest), and a bogus curl/3860.

20250826-webrequest-curl ($247) · Snippets · GitLab

GitLab Community Edition
GitLab
#wikipedia #curl #browserstats @Neil Craig

#curl

Very entertaining & educational keynote on #curl at #OSSummit

Amazing how much curl is involved in driving our modern world.

#Thanks Daniel Stenberg!

This a letter from the Department of Energy to the CURL Maintainer
This lists the giants that use curl, none of them contribute back to curl.
Tasks which fall to maintainers.
#OSSummit #curl #thanks

#curl

I have an open meeting setup this morning. Open for everyone. If you have any question, comment, thought about #curl or related subjects, or just want to hang out for a while. Join here:

meet.google.com/tun-hrxz-rud


Meet

Real-time meetings by Google. Using your browser, share your video, desktop, and presentations with teammates and customers.
meet.google.com
#curl

#curl

#dns #curl #pthreads

#curl

#OpenSSL #curl

#php #curl #php8 #php8_5 @Matthieu Napoli

"Pretend that a ping pong ball represents a single #curl installation somewhere in the world..."

(blog post from 2020)

daniel.haxx.se/blog/2020/08/20…


curl ping pong

Pretend that a ping pong ball represents a single curl installation somewhere in the world. Here's a picture of one to help you get an image in your head.
daniel.haxx.se
#curl

Already now, before August has ended, 2025 is the third most active #curl year ever by number of commits.
graph showing number of commits in the curl project, year by year
#curl

#curl

Yesterday we saw 161 different versions of #curl make just over 1 million requests to www.bbc.co.uk & www.bbc.com.

The oldest version is 7.0.0 (1 request).
The newest version is 8.15.0 (18,969 requests).

I'd spotted a load of different cURL versions in something else so was curious how many versions we see.

Screenshot of the Google BigQuery web UI which shows a table of results for a query over yesterday's access logs where user-agent like "curl/%". There's a total of 1,010,489 requests. curl/7.29.0 is the most popular version with 129,825 requests.
#curl

#curl