cURL / Mailing Lists / curl-users / Single Mail


Re: Curl / SSL issue

From: Daniel Stenberg <>
Date: Wed, 28 Nov 2001 10:27:34 +0100 (MET)

On Tue, 27 Nov 2001, Kelv wrote:

[reply cc'ed to the curl mailing list, please post follow-ups to the list]

> I was wondering if it would be possible for the input normally given to
> Curl with the -d flag to be optionally a filename to a text file with the
> data.
> Currently if another user were to see Curl running having done a ps they
> might see sensitive information (e.g. credit cards / passwords) in the
> data field.

The -d section in the man page says:

  If you start the data with the letter @, the rest should be a file name to
  read the data from, or - if you want curl to read the data from stdin. The
  contents of the file must already be url-encoded. Multiple files can also
  be specified. Posting data from a file named 'foobar' would thus be done
  with "--data @foobar".

You can also use -K to specify a config file in which you can use the -d
option, which also would hide the data from ps outputs etc.

    Daniel Stenberg -- curl groks URLs --
Received on 2001-11-28