How to automatically follow HTTP redirects with cURL

Automatic handling of HTTP redirects removes manual steps when using cURL against websites, APIs, and load-balanced endpoints. Redirect responses such as 301 Moved Permanently or 302 Found appear frequently when content moves, canonical URLs are enforced, or reverse proxies and content delivery networks sit in front of origin servers. Allowing the client to follow these redirects automatically keeps scripts and diagnostic commands concise and resilient.

When a server returns a 3xx status, it usually includes a Location header with a new URL. By default, cURL shows this response but stops after the first request, leaving any follow-up navigation to the calling environment. Enabling the --location option instructs cURL to re-issue the request to each target URL in the chain until a non-redirect status is reached, closely matching typical browser behavior.

Automatic redirect following introduces subtle behavior changes and risks. Long chains can conceal configuration loops, and cross-domain redirects may be undesirable when authentication headers or cookies are involved. Global defaults in ~/.curlrc affect both interactive use and automation, so redirect handling works best with sensible limits via --max-redirs and explicit testing at the terminal before being enabled broadly.

1. Open a terminal or command prompt where cURL is available.
2. Request a URL that responds with an HTTP 3xx status while including response headers for inspection.

   $ curl --silent --include "http://example.com/old-path"
   HTTP/1.1 301 Moved Permanently
   Content-Length: 0
   Date: Sun, 21 Dec 2025 10:18:00 GMT
   Location: /new-path
   Server: SimpleHTTP/0.6 Python/3.12.12
   Via: 1.0 Caddy

   The presence of a 3xx status code and Location header confirms that the server expects the client to follow a redirect.

3. Repeat the request with automatic redirect following enabled using --location.

   $ curl --silent --location --include "http://example.com/old-path"
   HTTP/1.1 301 Moved Permanently
   Content-Length: 0
   Date: Sun, 21 Dec 2025 10:18:08 GMT
   Location: /new-path
   Server: SimpleHTTP/0.6 Python/3.12.12
   Via: 1.0 Caddy
   
   HTTP/1.1 200 OK
   Content-Length: 34
   Content-Type: text/html; charset=utf-8
   Date: Sun, 21 Dec 2025 10:18:08 GMT
   Server: SimpleHTTP/0.6 Python/3.12.12
   Via: 1.0 Caddy
   
   <html><body>New path</body></html>

   --location causes cURL to follow each Location header until a non-3xx response is received.

4. Apply a safety limit to the number of redirects allowed in a chain using --max-redirs.

   $ curl --silent --show-error --location --max-redirs 3 "http://example.com/multiple-redirects"
   curl: (47) Maximum (3) redirects followed

   Restrictive redirect limits prevent infinite loops but can also interrupt normal application flows that legitimately use several chained redirects.

5. Persist automatic redirect following for the current user by adding the location directive to the per-user configuration file ~/.curlrc.

   $ echo "location" >> ~/.curlrc

   Global settings in ~/.curlrc apply to every cURL invocation for that user, including scripts that previously expected redirects to be handled manually.

6. Persist a default redirect limit in ~/.curlrc to prevent unbounded redirect loops.

   $ echo "max-redirs = 10" >> ~/.curlrc

   Values that are too low can break valid login or canonicalization flows, while values that are too high may hide configuration problems; adjust the limit to match typical usage.

7. Verify redirect handling by issuing a verbose request to a known redirecting URL.

   $ curl --location --verbose --output /dev/null "http://example.com/old-path"
   * Host example.com:80 was resolved.
   * IPv4: 172.17.0.5
   *   Trying 172.17.0.5:80...
   * Connected to example.com (172.17.0.5) port 80
   > GET /old-path HTTP/1.1
   > Host: example.com
   ##### snipped #####
   < HTTP/1.1 301 Moved Permanently
   < Location: /new-path
   ##### snipped #####
   * Issue another request to this URL: 'http://example.com/new-path'
   ##### snipped #####
   < HTTP/1.1 200 OK
   < Content-Type: text/html; charset=utf-8
   ##### snipped #####

   Successful configuration is indicated by a final non-3xx status such as 200 OK and expected content returned after any intermediate redirect responses.