CURLOPT_HTTPHEADER - set of HTTP headers
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPHEADER,
struct curl_slist *headers);
Pass a pointer to a linked list of HTTP headers to pass to the server and/or
proxy in your HTTP request. The same list can be used for both host and proxy
requests!
When used within an IMAP or SMTP request to upload a MIME mail, the given header
list establishes the document-level MIME headers to prepend to the uploaded
document described by
CURLOPT_MIMEPOST(3). This does not affect raw
mail uploads.
The linked list should be a fully valid list of
struct curl_slist structs
properly filled in. Use
curl_slist_append(3) to create the list and
curl_slist_free_all(3) to clean up an entire list. If you add a header
that is otherwise generated and used by libcurl internally, your added one
will be used instead. If you add a header with no content as in 'Accept:' (no
data on the right side of the colon), the internally used header will get
disabled. With this option you can add new headers, replace internal headers
and remove internal headers. To add a header with no content (nothing to the
right side of the colon), use the form 'name;' (note the ending semicolon).
The headers included in the linked list
must not be CRLF-terminated,
because libcurl adds CRLF after each header item. Failure to comply with this
will result in strange bugs because the server will most likely ignore part of
the headers you specified.
The first line in an HTTP request (containing the method, usually a GET or POST)
is not a header and cannot be replaced using this option. Only the lines
following the request-line are headers. Adding this method line in this list
of headers will only cause your request to send an invalid header. Use
CURLOPT_CUSTOMREQUEST(3) to change the method.
When this option is passed to
curl_easy_setopt(3), libcurl will not copy
the entire list so you
must keep it around until you no longer use this
handle for a transfer before you call
curl_slist_free_all(3) on
the list.
Pass a NULL to this option to reset back to no custom headers.
The most commonly replaced HTTP headers have "shortcuts" in the
options
CURLOPT_COOKIE(3),
CURLOPT_USERAGENT(3) and
CURLOPT_REFERER(3). We recommend using those.
There's an alternative option that sets or replaces headers only for requests
that are sent with CONNECT to a proxy:
CURLOPT_PROXYHEADER(3). Use
CURLOPT_HEADEROPT(3) to control the behavior.
Setting some specific headers will cause libcurl to act differently.
- Host:
- The specified host name will be used for cookie matching if
the cookie engine is also enabled for this transfer. If the request is
done over HTTP/2 or HTTP/3, the custom host name will instead be used in
the ":authority" header field and Host: will not be sent at all
over the wire.
- Transfer-Encoding: chunked
- Tells libcurl the upload is to be done using this chunked
encoding instead of providing the Content-Length: field in the
request.
When used to build a MIME e-mail for IMAP or SMTP, the following document-level
headers can be set to override libcurl-generated values:
- Mime-Version:
- Tells the parser at the receiving site how to interpret the
MIME framing. It defaults to "1.0" and should normally not be
altered.
- Content-Type:
- Indicates the document's global structure type. By default,
libcurl sets it to "multipart/mixed", describing a document made
of independent parts. When a MIME mail is only composed of alternative
representations of the same data (i.e.: HTML and plain text), this header
must be set to "multipart/alternative". In all cases the value
must be of the form "multipart/*" to respect the document
structure and may not include the "boundary=" parameter.
Other specific headers that do not have a libcurl default value but are strongly
desired by mail delivery and user agents should also be included. These are
"From:", "To:", "Date:" and "Subject:"
among others and their presence and value is generally checked by anti-spam
utilities.
By default, this option makes libcurl send the given headers in all HTTP
requests done by this handle. You should therefore use this option with
caution if you for example connect to the remote site using a proxy and a
CONNECT request, you should to consider if that proxy is supposed to also get
the headers. They may be private or otherwise sensitive to leak.
Use
CURLOPT_HEADEROPT(3) to make the headers only get sent to where you
intend them to get sent.
Custom headers are sent in all requests done by the easy handles, which implies
that if you tell libcurl to follow redirects (
CURLOPT_FOLLOWLOCATION(3)), the same set of custom headers will be sent
in the subsequent request. Redirects can of course go to other hosts and thus
those servers will get all the contents of your custom headers too.
Starting in 7.58.0, libcurl will specifically prevent "Authorization:"
headers from being sent to other hosts than the first used one, unless
specifically permitted with the
CURLOPT_UNRESTRICTED_AUTH(3) option.
Starting in 7.64.0, libcurl will specifically prevent "Cookie:"
headers from being sent to other hosts than the first used one, unless
specifically permitted with the
CURLOPT_UNRESTRICTED_AUTH(3) option.
NULL
HTTP, IMAP and SMTP
CURL *curl = curl_easy_init();
struct curl_slist *list = NULL;
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
list = curl_slist_append(list, "Shoesize: 10");
list = curl_slist_append(list, "Accept:");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list);
curl_easy_perform(curl);
curl_slist_free_all(list); /* free the list */
}
As long as HTTP is enabled. Use in MIME mail added in 7.56.0.
Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.
CURLOPT_CUSTOMREQUEST(3),
CURLOPT_HEADEROPT(3),
CURLOPT_PROXYHEADER(3),
CURLOPT_HEADER(3),
CURLOPT_MIMEPOST(3),
curl_mime_init(3)