CURLOPT_HSTS_CTRL - Man Page

control HSTS behavior

Synopsis

#include <curl/curl.h>

#define CURLHSTS_ENABLE       (1<<0)
#define CURLHSTS_READONLYFILE (1<<1)

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HSTS_CTRL, long bitmask);

Description

HSTS (HTTP Strict Transport Security) means that an HTTPS server can instruct the client to not contact it again over clear-text HTTP for a certain period into the future. libcurl will then automatically redirect HTTP attempts to such hosts to instead use HTTPS. This is done by libcurl retaining this knowledge in an in-memory cache.

Populate the long bitmask with the correct set of features to instruct libcurl how to handle HSTS for the transfers using this handle.

Bits

CURLHSTS_ENABLE

Enable the in-memory HSTS cache for this handle.

CURLHSTS_READONLYFILE

Make the HSTS file (if specified) read-only - makes libcurl not save the cache to the file when closing the handle.

Default

0. HSTS is disabled by default.

Protocols

HTTPS and HTTP

Example

CURL *curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE);
  curl_easy_perform(curl);
}

Availability

Added in 7.74.0

Return Value

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

See Also

CURLOPT_HSTS(3), CURLOPT_CONNECT_TO(3), CURLOPT_RESOLVE(3), CURLOPT_ALTSVC(3),

Referenced By

curl_easy_setopt(3), CURLOPT_HSTS(3), CURLOPT_HSTSREADDATA(3), CURLOPT_HSTSREADFUNCTION(3), CURLOPT_HSTSWRITEDATA(3), CURLOPT_HSTSWRITEFUNCTION(3), CURLOPT_WRITEFUNCTION(3).

May 17, 2022 libcurl 7.84.0 curl_easy_setopt options