We are thirteen days away from next #curl release.
We have 17 changes and 225 bugfixes logged so far for this.
One low severity CVE will be published in sync with this release.
Thanks for flying curl.
We are thirteen days away from next #curl release.
We have 17 changes and 225 bugfixes logged so far for this.
One low severity CVE will be published in sync with this release.
Thanks for flying curl.
Today we celebrate seven years of #curl shipping official Windows executables, thanks to @vsz's awesome work.
Blog post from back then:
daniel.haxx.se/blog/2018/08/27…
The curl project is happy to introduce official and blessed curl builds for Windows for download on the curl web site. This means we have a set of recommended curl packages that we advice users on Windows to download.daniel.haxx.se
It took me 4 seconds to figure out that the grey elements are not partvof the graph (to indicate trends or something) but the curl logo.
#curl
"Yesterday, Wikipedia received over 45 million requests made with #curl, from 113 distinct curl releases."
Inspired by the BBC Tech report from @tdp_org, I looked at Wikipedia.
Yesterday, Wikipedia received over 45 million requests made with curl, from 113 distinct curl releases.
Of these, 32 million use the default UA (e.g. curl CLI). The other 13 million embed libcurl with a longer UA string containing curl (e.g. GuzzleHttp/PHP, PycURL, UnityPlayer)
At 12 million, most are curl/7.88.1.
Raw data, queries, and scrub/cleaning parameters:
gitlab.wikimedia.org/-/snippet…
Github interprets ../docs/CONTRIBUTE.md correctly when clicked from https://github.com/curl/curl/blob/master/.github/CONTRIBUTING.md, but does not if clicked on the repo landing page on https://git...GitHub
I have an open meeting setup this morning. Open for everyone. If you have any question, comment, thought about #curl or related subjects, or just want to hang out for a while. Join here:
Real-time meetings by Google. Using your browser, share your video, desktop, and presentations with teammates and customers.meet.google.com
Help me create quiz questions about #curl over here:
Questions about curl for a quiz. Contribute to curl/quiz development by creating an account on GitHub.GitHub
Fun with `pthread_cancel()` in curl. How I got that working and what challenges I encountered.
#curl #dns #pthreads
eissing.org/icing/posts/pthrea…
You probably know about threads and most likely header of pthreads, but have you ever used pthread_cancel()? Well, I had not before last week and it was a little bit of a journey.icing's blog
This adds (1) HTTP/3 proxy CONNECT support and (2) MASQUE CONNECT-UDP support for OpenSSL QUIC stack. Usage: curl -k -4 --http1.1 --proxy-insecure --proxytunnel --proxy-http3 --proxy https://GitHub
With PHP 8.5 we get Connection, DNS and SSL Sessions sharing across requests with cURL.
I made a video showing how this works and discuss the performance potential youtube.com/watch?v=wr_Jnrc2ha… - a short @mnapoli cameo included
Try our PHP Profiler: https://tideways.com/profiler/features?utm_source=yt&utm_campaign=yt-curl-shareSubscribe to my newsletter for PHP performance content: ...YouTube
"Pretend that a ping pong ball represents a single #curl installation somewhere in the world..."
(blog post from 2020)
daniel.haxx.se/blog/2020/08/20…
Pretend that a ping pong ball represents a single curl installation somewhere in the world. Here's a picture of one to help you get an image in your head.daniel.haxx.se
### Summary A malicious WebSocket server can send a fragmented message (FIN=0) followed by a flood of continuation frames, causing the client (curl) to continuously allocate memory while waiting...HackerOne
Yesterday we saw 161 different versions of #curl make just over 1 million requests to www.bbc.co.uk & www.bbc.com.
The oldest version is 7.0.0 (1 request).
The newest version is 8.15.0 (18,969 requests).
I'd spotted a load of different cURL versions in something else so was curious how many versions we see.
sftp_download_stat, sftp_upload_init, sftp_quote_stat, sftp_readdir will translate LIBSSH2_ERROR_EAGAIN to CURLE_OK and set *block to TRUE, but outer loop do not check *block, result in busy loopGitHub
Meanwhile, if you abuse the API and don't comply, asan might complain but that's not a #curl security problem.
## Summary A **Use-After-Free (UAF)** vulnerability was discovered in `curl` at **`curl_trc.c:195`**. When processing specially crafted input, the code accesses memory after it has already been...HackerOne
The first release candidate for the pending #curl 8.16.0 release is up and if you have a chance, do try it out and report any and all issues you experience:
If the cookie returned by the server is expired, curl_easy_getinfo(curl, CURLINFO_COOKIELIST, &cookies) will still retrieve one expired cookie(Only the last one). Below is the test code: server...GitHub
My Midnight Battle with a curl Command A story of PowerShell, a annoying bug, and what stood between me and a dream internship in Japan. Obviously every problem has its own background story, It was …Shreeharsh Shinde (Medium)
car brands running #curl
(basically yesterday's tooting in blog form)
daniel.haxx.se/blog/2025/08/15…
Seven years ago I wrote about how a hundred million cars were running curl and as I brought up this blog post in a discussion recently, I came to reflect over how the world might have changed since. Is curl perhaps used in more cars now? Yes it is.daniel.haxx.se
#curl is used in cars made by...
Audi
Baojun
Bentley
BMW
Buick
Cadillac
Chevrolet
Ford
GMC
Holden
Honda
Hyundai
Kia
Lamborghini
Mazda
Mercedes
Nissan
Opel
Porsche
Renault
Seat
Skoda
Subaru
Suzuki
Tesla
Toyota
Vauxhall
Volkswagen
On this day 26 years ago, we introduced the #curl option -#/--progress-bar when we released curl 5.10
You can now try out the #curl git mirror on @Codeberg: codeberg.org/curl/curl-mirror
Consider it a test pilot for now. We won't do PRs and issues there so there's an obvious risk this will just be too messy...
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…Codeberg.org