Curl - 将捆绑包标记为不支持多用途 < HTTP/1.1 403

我正在尝试登录 API。我按照教程进行操作，然后，我必须运行此命令：

export ID1=`curl -k --tlsv1.2 -b cookie.txt -c cookie.txt -v 'https://api-gateway.inpi.fr/auth/login' -H 'Accept: application/json, text/plain, */*' -H "X-XSRF-TOKEN: $TOKEN" -H 'Content-Type: application/json' -H 'Connection: keep-alive' -H "Cookie: XSRF-TOKEN= $TOKEN" --data '{"username":"[email address]","password":"[account password]","rememberMe":true}'`

但它返回了：

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 81.252.220.43:443...
* Connected to api-gateway.inpi.fr (81.252.220.43) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [108 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [5187 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [589 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=FR; ST=�le-de-France; L=Courbevoie; O=Institut National de la Propri�t� Industrielle; CN=*.inpi.fr
*  start date: Mar 12 13:13:03 2021 GMT
*  expire date: Mar 12 13:23:00 2022 GMT
*  issuer: C=BM; O=QuoVadis Limited; CN=QuoVadis Global SSL ICA G3
*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
} [5 bytes data]
> POST /auth/login HTTP/1.1
> Host: api-gateway.inpi.fr
> User-Agent: curl/7.81.0
> Cookie: XSRF-TOKEN=[my XSRF-TOKEN]
> Accept: application/json, text/plain, */*
> Content-Type: application/json
> Connection: keep-alive
> Cookie: XSRF-TOKEN= 
> Content-Length: 85
> 
} [85 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 
< Date: Fri, 18 Feb 2022 09:26:51 GMT
< Server: Apache
< x-csrf-token: Fetch
< Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
< Cache-Control: no-store
< Pragma: no-cache
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Content-Security-Policy: default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self'; font-src 'self' data: https://fonts.gstatic.com
< Referrer-Policy: same-origin
< Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
< Content-Type: application/json
< Strict-Transport-Security: max-age=63072000; includeSubDomains
< Keep-Alive: timeout=5, max=100
< Connection: Keep-Alive
< Transfer-Encoding: chunked
< 
{ [148 bytes data]
100   227    0   142  100    85    838    501 --:--:-- --:--:-- --:--:--  1343
* Connection #0 to host api-gateway.inpi.fr left intact

我认为最有趣的部分是：

} [85 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 
< Date: Fri, 18 Feb 2022 09:26:51 GMT
< Server: Apache

当我跑步

curl --version

curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/1.1.1m zlib/1.2.11 brotli/1.0.9 zstd/1.5.1 libidn2/2.3.2 libssh2/1.10.0 nghttp2/1.46.0 librtmp/2.3 OpenLDAP/2.6.0
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB SPNEGO SSL TLS-SRP UnixSockets zstd

我尝试了在这个论坛上找到的解决方案：curl 无法授权下载 所以，添加

--http0.9