curl & wget Cheat Sheet

curl flags for API testing, file downloads, authentication, headers, and debugging. Side-by-side comparison with wget for downloading tasks.

Last Updated: May 1, 2025

curl — Essential Flags

curl https://api.example.com

Basic GET request

curl -X POST url -d '{"key":"val"}'

POST with JSON body

curl -H 'Content-Type: application/json' url

Set request header

curl -H 'Authorization: Bearer token' url

Bearer token authentication

curl -u user:pass url

HTTP Basic Authentication

curl -v url

Verbose — show request and response headers

curl -I url

Fetch response HEADERS only (HEAD request)

curl -L url

Follow redirects (Location header)

curl -o file.txt url

Download to specific filename

curl -O url

Download with remote filename

curl — Advanced Usage

curl -s -o /dev/null -w '%{http_code}' url

Output status code only

curl -x proxy:8080 url

Route through HTTP proxy

curl --data-urlencode 'q=hello world' url

URL-encode POST data

curl -F 'file=@photo.png' url

Multipart file upload

curl -k url

Skip SSL certificate verification (insecure!)

curl --connect-timeout 5 url

Timeout after 5 seconds connecting

curl -c cookies.txt url

Save cookies to file

curl -b cookies.txt url

Send saved cookies with request

curl -w '@curl-format.txt' url

Custom output formatting with write-out template

wget — Download Commands

wget url

Basic file download

wget -O file.zip url

Save to specific filename

wget -c url

Resume interrupted download

wget -r -l 2 url

Recursive download (depth=2) — mirroring

wget -m url

Mirror entire site (recursive + timestamping + infinite depth)

wget --limit-rate=500k url

Throttle download speed

wget --user=user --password=pass url

HTTP Basic Authentication

wget -i urls.txt

Download all URLs listed in a file

curl vs wget

Feature	curl	wget
Primary purpose	Data transfer (APIs)	File downloading
Recursive download	No (use wget)	Yes (-r flag)
Built-in retry	--retry flag	Automatic retry
Protocols	HTTP, FTP, SMTP, IMAP, SCP, etc.	HTTP, HTTPS, FTP
Pipe output	Yes (stdout by default)	-O - to pipe to stdout
Cookie handling	-c / -b flags	--save-cookies / --load-cookies

Pro Tip: Always use `curl -v` during development to see request/response headers. Use `curl -o /dev/null -s -w '%{http_code}'` for status-only checks in scripts.