logo
GeekFormat

cURL to Code Generator

cURL Command Input

Paste a cURL command to automatically parse the URL, request method, headers, body, and common options. Generate runnable code in 11 languages with one click: JavaScript fetch, Axios, Node fetch, Python requests/httpx, Go net/http, PHP cURL, Java OkHttp, C# HttpClient, PowerShell Invoke-RestMethod, and wget.

Parsed Request

https://api.example.com/items1 header(s)Body: 15 charscurlToCode.flag.followRedirects

Generated Code

curlToCode.target.fetch

Paste a cURL command and instantly get runnable HTTP request code in 11 languages.

Related

Use Cases

  • Right-click a request in Chrome DevTools Network panel → Copy as cURL, paste here to convert directly to your project's language - 10x faster than writing requests manually
  • When third-party API docs show cURL examples, quickly convert to Python requests/Java OkHttp/C# HttpClient code for embedding in your project
  • When debugging production endpoints, copy cURL from proxy tools (Charles/mitmproxy/Wireshark) and convert to unit test code for immediate verification
  • When writing API docs, quickly switch between language examples to provide readers across different tech stacks with ready-to-run sample code
  • When troubleshooting production request issues, reproduce the problem with cURL then convert to code form to share with colleagues or file issues - makes reproduction trivial
  • When switching languages (e.g., moving from Python to Go projects), quickly convert existing cURL requests to the new language's HTTP client code, saving documentation lookup time
  • In Shell scripts, convert cURL commands to PowerShell Invoke-RestMethod for Windows ops colleagues, or vice versa
  • Learn HTTP protocol: compare how different languages implement the same request to understand API differences across HTTP client libraries
  • Quickly convert curl -X POST -d 'json' to code with correct Content-Type and JSON serialization, avoiding manual string concatenation errors
  • When APIs need to be called in CI/CD scripts, convert locally-debugged cURL commands to the corresponding scripting language for pipeline integration

Features

  • 11 target languages/libraries: covers frontend (JS fetch/Axios), Node.js (node-fetch), Python (requests/httpx), Go (net/http), PHP (cURL), Java (OkHttp), C# (HttpClient), PowerShell (Invoke-RestMethod), and CLI (wget) - all major tech stacks supported
  • Smart cURL parsing: auto-detects URLs, HTTP methods, headers, and bodies; supports single/double quotes, backslash escaping, and multi-line commands (backslash continuation)
  • Full support for common cURL flags: -X/--request method, -H/--header headers, -d/--data/-F form/JSON bodies, -u/--user Basic auth, -A/--user-agent UA, -b/--cookie cookies, -e/--referer Referer, -L/--location follow redirects, --compressed auto decompression, -k/--insecure skip certificate verification, -I/--head HEAD requests
  • Smart JSON body detection: when Content-Type is application/json, auto-generates proper serialization using JSON.parse/JSON.stringify/requests(json=)/json= - uses native objects instead of raw strings for idiomatic code
  • Auto Basic auth conversion: detects -u user:pass and generates Authorization: Basic <base64> header or uses native auth mechanisms (Python auth=, OkHttp credentials, C# credentials, etc.)
  • Security flag badges: auto-detects flags like --compressed/-L/-k/-u and displays them as prominent badges in parsing results
  • Manual method switching: after auto-detecting the cURL method, allows manual switching via dropdown (GET/POST/PUT and 5 more methods) to see code changes instantly
  • Safe string escaping: generates language-native string literals (Python triple quotes/backslash escaping, Go backtick raw strings, C# @"", PHP single quotes, Java double quote escaping) to avoid syntax errors
  • Parse error feedback: invalid cURL commands (missing URL, doesn't start with curl, POST without body, etc.) show specific issues via orange warning badges
  • 3 one-click examples: GET with Token auth, POST with JSON, and Basic auth with redirect following - quickly demonstrate tool capabilities
  • One-click clear input: Clear button resets quickly, no residue when pasting new commands
  • 100% local processing: cURL commands and request data are parsed and converted entirely in your browser - nothing uploaded to servers, sensitive Tokens/passwords never leave your machine
  • One-click code copy: Copy button sends generated code to clipboard for immediate pasting into projects
  • HTTPS insecure mode adaptation: -k/--insecure generates corresponding TLS skip certificate configurations for Node/Go/Python/PHP/C#/PowerShell (wget uses --no-check-certificate, C# uses ServicePointManager hints, Node sets NODE_TLS_REJECT_UNAUTHORIZED)

How to Use

  1. Get a cURL command: In browser DevTools Network panel, right-click a request → Copy → Copy as cURL (bash); or export cURL from Postman/Charles/mitmproxy; or write a cURL command manually
  2. Paste into input box: Paste the cURL command into the top input area - supports single-line/multi-line (backslash continuation) commands, newlines are stripped automatically
  3. Click example buttons for reference: If unfamiliar with the format, click 'Example 1/2/3' to load preset cURL commands and see how it works
  4. View parse results: The results area shows URL, header count, body character count, plus badges for compression/redirects/cert skip/Basic auth; issues show orange warnings
  5. Adjust method if needed: If auto-detection is wrong (e.g., curl missing -X POST but should be POST), manually switch HTTP method in the dropdown
  6. Select target language: Click the corresponding language button in the target code area (fetch/Axios/Python requests/Go/PHP/Java/C#/PowerShell/wget, etc.)
  7. Copy code: Click the 'Copy Code' button, paste into your project/terminal and run

FAQ

What's the point of a cURL to Code tool? Why not just use curl commands directly?

Calling curl commands directly in code (via shell_exec, subprocess.run) requires spawning subprocesses, which is insecure, makes error handling difficult, complicates response header access, and prevents type conversion. Production code should use language-native HTTP clients (Python requests, Java OkHttp, JS fetch, etc.). The value of curl-to-code is automatically translating curl commands copied from DevTools/proxy tools into your target language's HTTP client code, saving you from the mechanical work of looking up API docs, manually escaping quotes, handling JSON/auth, etc. - copy, paste, and run.

What target languages/libraries are supported?

Currently supports 11 targets: JavaScript fetch (browser native), Axios (Node/browser universal HTTP library), Node.js node-fetch, Python requests (Python's most popular HTTP library), Python httpx (next-gen HTTP/2 and async HTTP library), Go net/http (Go standard library), PHP cURL extension, Java OkHttp (Android/backend universal high-performance library), C# HttpClient (.NET standard HTTP client), PowerShell Invoke-RestMethod (common for Windows automation scripts), wget (CLI download tool). If your needed language isn't listed (e.g., Ruby, Rust reqwest, Dart http, Swift URLSession, etc.), leave feedback on the page and we'll add based on demand.

How do I copy a curl command from Chrome DevTools?

Steps: 1. Open Chrome/Edge, press F12 to open DevTools; 2. Switch to Network panel; 3. Refresh page or trigger target request; 4. Find target request in request list (filter by XHR/JS); 5. Right-click the request → Copy → select 'Copy as cURL (bash)' (recommended bash version for best compatibility); 6. Paste into this tool's input box. Be careful not to select Copy as fetch (that's JS code, not curl). Firefox/Safari work similarly and have Copy as cURL options.

curl command quote handling is tricky, what formats are supported?

The tool recognizes bash-style single quotes, double quotes, backslash escaping; Windows cmd double quotes + ^ escaping; and PowerShell backtick escaping. We recommend using bash format (single quotes). Multi-line commands (backslash \ continuation) are also supported for pasting - newlines and continuation characters are stripped automatically. If your curl command is especially complex (contains shell variables, command substitution $(...), pipes |, etc.), we recommend first running echo in terminal to print the expanded actual curl then copying, or manually simplifying first (replace variables with actual values).

Why does sending JSON with curl -d cause garbled/400 responses from the server?

This is one of the most common curl mistakes. The curl -d/--data option defaults Content-Type to application/x-www-form-urlencoded (form format), not application/json. If you directly run curl -d '{"name":"demo"}' url, the server parses it as a form (failing to parse or getting empty data). You must explicitly add -H "Content-Type: application/json" to send JSON correctly. This tool shows an orange warning when a body is detected without a Content-Type header.

Can generated code be directly copied and run? What dependencies need installing?

Most languages' code uses standard libraries and runs directly (fetch/Go net/http/PHP cURL/C# HttpClient/PowerShell/wget are all built-in) with no extra installation needed. Third-party libraries: Axios (npm install axios), node-fetch (npm install node-fetch - Node 18+ has built-in fetch, no install needed), Python requests (pip install requests), Python httpx (pip install httpx), Java OkHttp (add okhttp3 dependency via Maven/Gradle). Code prints response status code and text by default - you can modify processing logic as needed.

Is multipart/form-data file upload (-F parameter) supported?

Basic support: -F parameters are recognized as request body, but generated code currently treats @file as literal strings rather than actual file uploads. File uploads require reading local file content and approaches vary significantly across languages (JS uses FormData/FormData.append, Python uses files= parameter, Go uses multipart.Writer). We recommend adjusting generated code by consulting your library's file upload documentation. Multipart support will be enhanced in future versions.

Are my curl commands and sensitive data uploaded?

Absolutely not. All parsing and code generation happens 100% locally in your browser (pure frontend JavaScript). curl commands, Tokens/Cookies/passwords in headers, and data in request bodies are never sent to any server. You can use this tool offline without worrying about sensitive information leaks.

How is -k/--insecure certificate verification skip handled across language code?

When -k is detected, this tool generates corresponding skip-cert config for each target language: Python requests/httpx uses verify=False; Node.js sets process.env.NODE_TLS_REJECT_UNAUTHORIZED='0'; Go creates custom tls.Config{InsecureSkipVerify: true}; PHP sets CURLOPT_SSL_VERIFYPEER=false and CURLOPT_SSL_VERIFYHOST=0; Java OkHttp requires custom TrustManager (comment in code, as code is lengthy); C# can customize ServerCertificateCustomValidationCallback; PowerShell uses -SkipCertificateCheck (PS6+); wget uses --no-check-certificate; browser fetch cannot skip certificates (browser security restriction, comment added in code). Note: These configurations are for local development/testing only - never disable certificate verification in production.

Why doesn't generated Go code follow redirects? I added -L, it should follow?

Go's net/http default behavior is to NOT follow redirects (consistent with curl's default - curl must explicitly add -L to follow). When this tool detects -L parameter, it generates an empty client (http.Client{} with nil default CheckRedirect, which follows 10 redirects); without -L it generates a client with CheckRedirect returning http.ErrUseLastResponse (doesn't follow redirects, matching curl without -L). If you want Go to always follow redirects, just use http.DefaultClient or custom Client{Timeout: ...} directly in code.

How to handle requests that require login/cookies?

Two approaches: ① Copy curl directly from a logged-in browser's DevTools (recommended): Right-click request → Copy as cURL - this auto-includes cookies/headers, paste and convert for immediate execution; ② Manually specify Cookie values via -b/--cookie in curl (-b 'sessionid=abc; token=xyz'), Basic auth via -u/--user, Bearer Token via -H "Authorization: Bearer xxx" - these headers are converted as-is. Note: Cookies copied from browsers are time-limited and may expire after a few hours, requiring re-copying.

Why does JSON body use json= parameter instead of data= in Python requests?

Python requests library's data parameter encodes dicts as application/x-www-form-urlencoded and sends strings as-is, while the json parameter auto-serializes dicts/lists to JSON strings and auto-sets Content-Type: application/json header (if you don't set it manually). When this tool detects Content-Type includes application/json and body is valid JSON, it auto-parses JSON to Python dict and uses json= parameter - cleaner code, no manual json.dumps, no forgotten Content-Type header. Non-JSON bodies (forms/XML/plain text) use data= parameter to send raw strings.

curl commands are long with many headers - what to do about generated code including all headers?

curl commands copied from DevTools include many browser auto-added headers (Host, Connection, Accept, Accept-Encoding, Accept-Language, Sec-Fetch-*, sec-ch-ua, Upgrade-Insecure-Requests, etc.). Most of these headers don't need explicit setting in code (HTTP clients auto-add sensible defaults like Accept-Encoding, Connection, Host, Content-Length, etc.). We recommend manually removing unnecessary headers after copying generated code, keeping at least: Content-Type, Authorization, Cookie (if needed), custom business headers. Extra headers not only make code ugly but may cause behavioral anomalies (e.g., explicitly setting Accept-Encoding but client not auto-decompressing).

Is HTTPS proxy (-x/--proxy) parameter supported?

HTTP proxy (-x/--proxy) parameters are not automatically converted yet. Proxy configuration varies significantly across languages (JS fetch needs Agent for native proxy support, Python uses proxies= parameter, Go via Transport.Proxy, PHP uses CURLOPT_PROXY, C# uses WebProxy, Java uses OkHttpClient.Builder().proxy()). Proxy headers (proxy authentication) also need separate handling. Current version ignores proxy-related parameters - you can manually add proxy config to generated code; proxy support will be enhanced in future versions.

How does this compare to online tools like curlconverter.com?

Compared to well-known tools like curlconverter.com, GeekFormat's curl-to-code advantages: ① 100% local processing (curlconverter processing logic is server-side or client-side) - no data upload, more secure; ② Chinese interface and explanations, friendly for Chinese developers; ③ Generated code better fits actual production use (e.g., Python requests uses json= parameter for JSON bodies instead of data=, Go default behavior aligns with curl, C# correctly handles Content-Type without hardcoding application/json); ④ Comprehensive documentation, FAQ, reference tables, and troubleshooting - not just code generation but helping you understand why; ⑤ Free, ad-free, no registration/login required, works without any network requests.

术语表

cURL / curl
Open-source command-line tool and libcurl library for sending HTTP/HTTPS/FTP and other protocol requests via URLs on the command line - the most common tool for developers debugging APIs.
HTTP Method
HTTP request action, common ones: GET (read), POST (create), PUT (full update), PATCH (partial update), DELETE (remove), HEAD (get headers), OPTIONS (query server capabilities).
Request Header
Metadata key-value pairs in HTTP requests, such as Content-Type, Authorization, User-Agent, Cookie, Accept, etc.; specified via -H/--header in curl.
Request Body
The data portion of an HTTP request, commonly used with POST/PUT/PATCH; specified via -d/--data/--data-binary/-F in curl; common formats: JSON, form-urlencoded, multipart/form-data.
Content-Type
Request/response header indicating body media type. application/json for JSON, application/x-www-form-urlencoded for URL-encoded forms, multipart/form-data for file upload forms.
Basic Auth
HTTP basic authentication, passing username/password via Authorization: Basic base64(user:pass) header; specified with -u user:pass in curl.
Bearer Token
Token-based authentication method, passed via Authorization: Bearer <token> header; commonly used with JWT/OAuth2.
User-Agent
Request header identifying client type (browser/crawler/script); curl sends "curl/version" by default, many websites block non-browser UAs, commonly set with -A.
Cookie
Key-value pairs sent by servers via Set-Cookie and returned by browsers in subsequent Cookie headers for session persistence. curl -b sends cookies, -c saves cookies.
Referer
Request header indicating the source page URL of the current request; checked by some anti-hotlink/CSRF protections; set with -e in curl.
Redirect (3xx)
When server returns 301/302/303/307/308 status codes telling browsers to redirect to a new URL. curl doesn't follow by default, add -L/--location to follow.
--compressed
curl option that automatically adds Accept-Encoding: deflate, gzip header and decompresses responses. Without this, responses may be garbled compressed data.
-k/--insecure
curl option that skips HTTPS certificate verification; only for self-signed cert test environments, forbidden in production.
fetch API
Browser native JavaScript HTTP request API returning Promise, supported by all modern browsers.
Axios
Popular Promise-based HTTP client library for browsers and Node.js; automatic JSON serialization, interceptors, timeout cancellation.
OkHttp
Java/Android HTTP client library from Square; high-performance, HTTP/2 support, connection pooling, transparent GZIP.
HttpClient (.NET)
Recommended C#/.NET HTTP client in the System.Net.Http namespace; standard API for .NET Core/.NET 5+.
Invoke-RestMethod
PowerShell 3.0+ built-in HTTP request cmdlet that auto-parses JSON/XML responses to PowerShell objects.

cURL Common Options vs 11 Target Languages Reference

Common Content-Type Values and cURL Usage

Chrome DevTools Copy as cURL - Three Format Comparison

Troubleshooting