Curl Does Not Work But Same Site Works with Browser

For what reason I can access the resources by curl, but not in the browser?

The difference should be whether the header Origin: http://... is sent in the request or not. curl by default doesn't send any extra headers, which you can confirm by running curl with -i option:

$ curl -i http://localhost:3000/people

If you send any arbitrary value in the Origin header along with the request like:

$ curl -i -H 'Origin: http://localhost:63343' http://localhost:3000/people

you should then see the same CORS error as in the browser.

The reason behind this is that the header Origin triggers if the request is a CORS one, i.e. comes from a different site, and depending on the configuration on the server side no Origin header may mean it comes from the same origin.

curl does not have same result as browser

it appears that floridakeyswebcams.tv requires TLS1.3 support, use the --tlsv1.3 argument,

curl --tlsv1.3 -v 'https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg'

here is what i get when using --tlsv1.2:

$ ./CURL.EXE https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg --tlsv1.2 -vv
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 74.209.245.140...
* TCP_NODELAY set
* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)
* schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorit
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Closing connection 0
* schannel: shutting down SSL/TLS connection with floridakeyswebcams.tv port 443
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorit

and here is (roughly, it was printed in the wrong order for some reason) what i get if i use --tlsv1.3:

./CURL.EXE https://floridakeyswebcams.tv/sloppycam/camarchive/0807.jpg --tlsv1.3 -v
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

* TCP_NODELAY set

* Connected to floridakeyswebcams.tv (74.209.245.140) port 443 (#0)

> GET /sloppycam/camarchive/0807.jpg HTTP/1.1

> Host: floridakeyswebcams.tv

> User-Agent: curl/7.64.1

> Accept: */*

> 

▒▒▒▒
\▒.▒:\▒.▒:▒▒

▒▒
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒

-truncated jpg binary-

question still remains about why this wasn't auto-negotiated tho, i'm not sure but i guess your TLS backend doesn't support tlv1.3, and that probably has something to do with why you just got a cryptic error..

curl/wget stopped working (I didn't change anything), but exact same URL works in browser

this is fixed. Apparently it was Bscscan problem.

curl/wget does not resolve a URL same as a browser when redirected

I found that the issue is that you need to url encode the / that is part of the project name. Encoding the ; with %3B broke things for me.

Also, because the URL contains ;, you need to quote it since this is a command separator.

In the query string, the p=kernel/msm-3.18 should be p=kernel%2fmsm-3.18

I was able to make the following two cURL commands work:

curl -v -L -o output.html \
'https://www.codeaurora.org/gitweb/quic/la/?p=kernel%2fmsm-3.18.git;a=commit;h=430f3805c82634a3cb969d83acc4fc4c0ee6af27'

Or simply,

curl -v -L -o output.html \
'https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-3.18.git;a=commit;h=430f3805c82634a3cb969d83acc4fc4c0ee6af27'

This might be because the software reads the raw parameters and does not decode %3B and expects a semi-colon in the query string.

Hope that helps!

---

Related Topics