Section: curl_easy_setopt options (3)
Updated: November 13, 2020
CURLOPT_HSTS - set HSTS cache file name
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HSTS, char *filename);
Warning: this feature is early code and is marked as experimental. It can only
be enabled by explicitly telling configure with --enable-hsts
. You are
advised to not ship this in production before the experimental label is
Make the filename
point to a file name to load an existing HSTS cache
from, and to store the cache in when the easy handle is closed. Setting a file
name with this option will also enable HSTS for this handle (the equivalent of
If the given file does not exist or contains no HSTS entries at startup, the
HSTS cache will simply start empty. Setting the file name to NULL or "" will
only enable HSTS without reading from or writing to any file.
If this option is set multiple times, libcurl will load cache entries from
each given file but will only store the last used name for later writing.
The HSTS cache is saved to and loaded from a text file with one entry per
physical line. Each line in the file has the following format:
[host] is the domain name for the entry and the name is dot-prefixed if it is
a includeSubDomain entry (if the entry is valid for all subdmains to the name
as well or only for the exact name).
[stamp] is the time (in UTC) when the entry expires and it uses the format
Lines starting with "#" are treated as comments and are ignored. There is
currently no length or size limit.
NULL, no file name
HTTPS and HTTP
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_HSTS, "/home/user/.hsts-cache");
Added in 7.74.0
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.