azuretls

package module
v1.13.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 17, 2026 License: MIT Imports: 41 Imported by: 0

README ΒΆ

AzureTLS Client

GoDoc codecov build Go Report Card License

A powerful HTTP client for Go that's simple to use but gives you full control when you need it.

Perfect for API clients, web scraping, testing, and any situation where you need more than the standard library offers, without the complexity.

Installation

go get github.com/Noooste/azuretls-client

Quick Start - 30 Seconds

package main

import (
    "fmt"
    "log"
    "github.com/Noooste/azuretls-client"
)

func main() {
    session := azuretls.NewSession()
    defer session.Close()

    response, err := session.Get("https://api.github.com")
    if err != nil {
        log.Fatal(err)
    }

    fmt.Printf("Status: %d\n", response.StatusCode)
    fmt.Println(response.String())
}

That's it! Just create a session and make requests. This automatically uses Chrome's TLS (JA3) and HTTP/2 fingerprint, making it look like a real browser to servers.

πŸ’‘ New to Go? AzureTLS uses a session-based API (similar to creating an http.Client). Each session automatically mimics Chrome by default, no fingerprint configuration needed. Advanced customization is completely optional.

Common Tasks

POST Request with JSON
session := azuretls.NewSession()
defer session.Close()

data := map[string]string{
    "name": "AzureTLS",
    "type": "HTTP Client",
}

response, err := session.Post("https://api.example.com/data", data)
if err != nil {
    log.Fatal(err)
}

fmt.Printf("Status: %d\n", response.StatusCode)
Using a Proxy
session := azuretls.NewSession()
defer session.Close()

// One line proxy setup: supports HTTP, HTTPS, SOCKS4, SOCKS5
err := session.SetProxy("http://username:password@proxy.example.com:8080")
if err != nil {
    log.Fatal(err)
}

response, err := session.Get("https://api.ipify.org")
Browser Emulation
session := azuretls.NewSession()
defer session.Close()

// Default: Chrome fingerprint (already active, no configuration needed!)

// Want to mimic a different browser? Just change it:
session.Browser = azuretls.Firefox  // or Safari, Edge, etc.

response, err := session.Get("https://example.com")
Custom Header Ordering
session := azuretls.NewSession()
defer session.Close()

// Precise control over header order
session.OrderedHeaders = azuretls.OrderedHeaders{
    {"User-Agent", "MyApp/1.0"},
    {"Accept", "application/json"},
    {"Authorization", "Bearer token123"},
}

response, err := session.Get("https://api.example.com")

Why AzureTLS vs Standard Library?

Feature net/http AzureTLS
API Style Package or Client-based Session-based
Browser Fingerprint ❌ Looks like Go βœ… Chrome by default
Cookie Management Manual setup βœ… Automatic jar
Ordered Headers ❌ βœ… Built-in
Proxy Support Manual dialer setup βœ… session.SetProxy()
Multiple Proxy Types Manual βœ… HTTP/SOCKS4/SOCKS5
Custom TLS (JA3/JA4) ❌ βœ… Easy
HTTP/2 Customization ❌ βœ… Easy
HTTP/3 Support ❌ βœ… Easy
Browser Presets ❌ βœ… Chrome/Firefox/Safari/Edge

🌟 Key Features

  • 🌐 Modern Protocols: HTTP/1.1, HTTP/2, and HTTP/3 support
  • πŸ”§ TLS Fingerprinting: Full control over ClientHello (JA3/JA4)
  • 🎭 Browser Emulation: Chrome, Firefox, Safari, Edge presets
  • πŸ”— Advanced Proxy Support: HTTP, HTTPS, SOCKS4, SOCKS5 with authentication.
  • ⛓️ Proxy Chaining: Multi-hop proxy connections for enhanced anonymity
  • πŸ“‹ Header Control: Precise ordering and custom headers
  • πŸͺ Cookie Management: Automatic handling with persistent jar
  • πŸ”’ SSL Pinning: Enhanced security with certificate validation
  • πŸ› Debug Tools: Request logging and dumping capabilities

Documentation

Learn More

Use Cases

Perfect for:

  • πŸ”Œ API Integration: REST clients that look like real browsers by default
  • 🌐 Web Scraping: Automatic browser fingerprinting without configuration
  • πŸ›‘οΈ Testing antibot systems: Avoid bot detection with authentic browser signatures
  • πŸ”„ Proxy Rotation: Built-in support for multiple proxy types
  • πŸ§ͺ Security Testing: Custom TLS configurations for advanced testing
  • πŸ“Š Load Testing: High-performance concurrent requests

Multi-Language Support via CFFI

AzureTLS can be used from any programming language that supports C Foreign Function Interface. Read the CFFI documentation for full details.

Community & Support

Show Your Support

If AzureTLS helps you build something awesome:

  • ⭐ Star this repository
  • πŸ› Report bugs or suggest features
  • πŸ’‘ Share your use cases in discussions
  • 🀝 Contribute code or documentation
  • 🌍 Create bindings for your favorite programming language

Acknowledgments

Built with ❀️ by the open source community. Special thanks to all contributors.


πŸ›‘οΈ Need Antibot Bypass?

TLS fingerprinting alone isn't enough for modern bot protection. Hyper Solutions provides the missing piece - API endpoints that generate valid antibot tokens for:

Akamai β€’ DataDome β€’ Kasada β€’ Incapsula

No browser automation. Just simple API calls that return the exact cookies and headers these systems require.

πŸš€ Get Your API Key | πŸ“– Docs | πŸ’¬ Discord

Documentation ΒΆ

Index ΒΆ

Examples ΒΆ

Constants ΒΆ

View Source
const (
	Chrome  = "chrome"
	Firefox = "firefox"
	Opera   = "opera"
	Safari  = "safari"
	Edge    = "edge"
	Ios     = "ios"
	Android = "android" //deprecated
)
View Source
const (
	Path      = ":path"
	Method    = ":method"
	Authority = ":authority"
	Scheme    = ":scheme"
)
View Source
const (
	SchemeHttp  = "http"
	SchemeHttps = "https"
	SchemeWs    = "ws"
	SchemeWss   = "wss"
	Socks5      = "socks5"
	Socks5H     = "socks5h"

	Socks4  = "socks4"
	Socks4A = "socks4a"
)
View Source
const SensitiveHeaders = "Sensitive-Headers:"

Variables ΒΆ

View Source
var ErrTooManyRedirects = errors.New("too many redirects")
View Source
var ErrUseLastResponse = errors.New("azuretls: use last response")

Functions ΒΆ

func CookiesToString ΒΆ

func CookiesToString(cookies []*http.Cookie) string

func DecodeResponseBody ΒΆ

func DecodeResponseBody(body io.ReadCloser, encoding string) ([]byte, error)

func Fingerprint ΒΆ

func Fingerprint(c *x509.Certificate) string

Fingerprint computes the SHA256 Fingerprint of a given certificate's RawSubjectPublicKeyInfo. This is useful for obtaining a consistent identifier for a certificate's public key. The result is then base64-encoded to give a string representation which can be conveniently stored or compared.

func GetBrowserClientHelloFunc ΒΆ

func GetBrowserClientHelloFunc(browser string) func() *tls.ClientHelloSpec

GetBrowserClientHelloFunc returns a function that returns a ClientHelloSpec for a specific browser

func GetCookiesMap ΒΆ

func GetCookiesMap(cookies []*http.Cookie) map[string]string

func GetLastChromeVersion ΒΆ

func GetLastChromeVersion() *tls.ClientHelloSpec

GetLastChromeVersion apply the latest Chrome version Current Chrome version : 133

func GetLastChromeVersionForHTTP3 ΒΆ

func GetLastChromeVersionForHTTP3() *tls.ClientHelloSpec

func GetLastFirefoxVersion ΒΆ

func GetLastFirefoxVersion() *tls.ClientHelloSpec

GetLastFirefoxVersion apply the latest Firefox, version 138

func GetLastIosVersion ΒΆ

func GetLastIosVersion() *tls.ClientHelloSpec

func GetLastSafariVersion ΒΆ

func GetLastSafariVersion() *tls.ClientHelloSpec

func RedirectBehavior ΒΆ

func RedirectBehavior(reqMethod string, resp *Response, ireq *Request) (redirectMethod string, shouldRedirect, includeBody bool)

RedirectBehavior describes what should happen when the client encounters a 3xx status code from the server

func RefererForURL ΒΆ

func RefererForURL(ireq, newReq *url.URL) string

RefererForURL returns a referer without any authentication info or an empty string if lastReq scheme is https and newReq scheme is http.

func ToBytes ΒΆ

func ToBytes(b any) []byte

ToBytes converts any type to []byte, it supports string, []byte, io.Reader, strings.Builder and any other type that can be marshaled to json

Example ΒΆ
package main

import (
	"bytes"
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	fmt.Println(string(azuretls.ToBytes("test1")))

	fmt.Println(string(azuretls.ToBytes([]byte("test2"))))

	buf := bytes.NewBufferString("test3")
	fmt.Println(string(azuretls.ToBytes(buf)))

	type s struct {
		A string
		B int
	}
	fmt.Println(string(azuretls.ToBytes(s{"test4", 4})))

}
Output:
test1
test2
test3
{"A":"test4","B":4}

func ToReader ΒΆ

func ToReader(b any) (io.Reader, error)

func UrlEncode ΒΆ

func UrlEncode(obj any) string

UrlEncode encodes a map[string]string to url encoded string If you want to encode a struct, you will use the `url` tag

Example ΒΆ
package main

import (
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	type Foo struct {
		Bar       string `url:"bar"`
		Baz       string `url:"baz"`
		Omit      string `url:"-"`
		OmitEmpty string `url:"no,omitempty"`
	}

	fmt.Println(azuretls.UrlEncode(Foo{
		Bar:       "bar",
		Baz:       "baz baz baz",
		Omit:      "omit",
		OmitEmpty: "",
	}))

}
Output:
bar=bar&baz=baz+baz+baz

Types ΒΆ

type Context ΒΆ

type Context struct {
	// Session is the session associated with the request.
	Session *Session

	// Request is the request being made.
	Request *Request

	// Response is the response received.
	// It can be modified to change the response returned by the request.
	Response *Response

	// Err is the error, if any, that occurred during the request.
	// It can be modified to change the error returned by the request.
	Err error

	// RequestStartTime is the time when the request was started.
	RequestStartTime time.Time
	// contains filtered or unexported fields
}

Context represents the context of a request. It holds the session, request, response, error, and other details associated with the request.

func (*Context) Context ΒΆ

func (c *Context) Context() context.Context

type ContextKeyHeader ΒΆ

type ContextKeyHeader struct{}

ContextKeyHeader for passing headers through context

type HTTP3Config ΒΆ

type HTTP3Config struct {
	// Enable HTTP/3 support
	Enabled bool

	// Force HTTP/3 for all requests (no fallback)
	ForceHTTP3 bool
	// contains filtered or unexported fields
}

HTTP3Config holds HTTP/3 specific configuration

type HTTP3Transport ΒΆ

type HTTP3Transport struct {
	*http3.Transport
	// contains filtered or unexported fields
}

HTTP3Transport wraps the http3.RoundTripper with proxy support

func (*HTTP3Transport) Close ΒΆ

func (t *HTTP3Transport) Close() error

func (*HTTP3Transport) RoundTrip ΒΆ

func (t *HTTP3Transport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements the http.RoundTripper interface with proxy support

type HeaderOrder ΒΆ

type HeaderOrder []string

HeaderOrder is a slice of header names.

type OrderedHeaders ΒΆ

type OrderedHeaders [][]string

OrderedHeaders is a slice of headers.

func (*OrderedHeaders) Add ΒΆ

func (oh *OrderedHeaders) Add(field string, value ...string)

Add adds the value to the field. It appends to any existing values associated with the field.

func (*OrderedHeaders) Clone ΒΆ

func (oh *OrderedHeaders) Clone() OrderedHeaders

Clone returns a copy of the header.

func (*OrderedHeaders) Del ΒΆ

func (oh *OrderedHeaders) Del(field string) OrderedHeaders

Del removes the first instance of the field from the header. If the field is not present, it does nothing.

func (*OrderedHeaders) Get ΒΆ

func (oh *OrderedHeaders) Get(field string) string

Get returns the first value associated with the given field. If the field is not present, it returns an empty string.

func (*OrderedHeaders) Remove ΒΆ

func (oh *OrderedHeaders) Remove(field string) OrderedHeaders

Remove removes the first instance of the field from the header. If the field is not present, it does nothing. Deprecated: Use Del instead.

func (*OrderedHeaders) Set ΒΆ

func (oh *OrderedHeaders) Set(field string, value ...string)

Set sets the field to the given value. It replaces any existing values associated with the field.

func (*OrderedHeaders) ToHeader ΒΆ

func (oh *OrderedHeaders) ToHeader() http.Header

type PHeader ΒΆ

type PHeader []string

PHeader is a slice of pseudo headers.

func GetDefaultPseudoHeaders ΒΆ

func GetDefaultPseudoHeaders() PHeader

GetDefaultPseudoHeaders returns the default pseudo headers.

type PinHost ΒΆ

type PinHost struct {
	// contains filtered or unexported fields
}

func (*PinHost) AddPin ΒΆ

func (p *PinHost) AddPin(pin string)

AddPin safely adds a new pin (Fingerprint) to the PinManager. If a service's certificate changes (e.g., due to renewal), new pins should be added to continue trusting the service.

func (*PinHost) AddPins ΒΆ

func (p *PinHost) AddPins(pin []string)

func (*PinHost) GetPins ΒΆ

func (p *PinHost) GetPins() []string

func (*PinHost) New ΒΆ

func (p *PinHost) New(addr string, s *Session) (err error)

New establishes a connection to the provided address, retrieves its SSL/TLS certificates, and pins their public keys in the PinManager. This can be used initially to populate the PinManager with pins from a trusted service.

If a Session is provided, it will use the same TLS configuration (including ClientHello spec) as the actual connection to ensure the same certificate chain is obtained.

func (*PinHost) Verify ΒΆ

func (p *PinHost) Verify(c *x509.Certificate) bool

Verify checks whether a given certificate's public key is currently pinned in the PinManager. This method should be used during the SSL/TLS handshake to ensure the remote service's certificate matches a previously pinned public key.

type PinManager ΒΆ

type PinManager struct {
	// contains filtered or unexported fields
}

PinManager is a concurrency-safe struct designed to manage and verify public key pinning for SSL/TLS certificates. Public key pinning is a security feature which can be used to specify a set of valid public keys for a particular web service, thus preventing man-in-the-middle attacks due to rogue certificates.

var DefaultPinManager *PinManager

func NewPinManager ΒΆ

func NewPinManager() *PinManager

NewPinManager initializes a new instance of PinManager with an empty set of pins. This is the entry point to begin using the pinning functionality.

func (*PinManager) AddHost ΒΆ

func (p *PinManager) AddHost(host string, s *Session) error

func (*PinManager) AddPins ΒΆ

func (p *PinManager) AddPins(host string, pins []string)

func (*PinManager) Clear ΒΆ

func (p *PinManager) Clear(host string)

func (*PinManager) GetHost ΒΆ

func (p *PinManager) GetHost(host string) *PinHost

GetHost retrieves the PinHost associated with a specific host. This is useful for checking if a host has any pinned certificates and for verifying certificates against the pins.

type ProxyDialer ΒΆ

type ProxyDialer interface {
	Dial(userAgent, network, address string) (net.Conn, error)
	DialContext(ctx context.Context, userAgent, network, address string) (net.Conn, error)
}

ProxyDialer interface for both single and chain proxy dialers

type Request ΒΆ

type Request struct {
	HttpRequest *http.Request
	Response    *Response

	// HTTP method, e.g., GET, POST.
	Method string

	Url string

	Body any

	PHeader        PHeader
	OrderedHeaders OrderedHeaders

	// Headers for the request. Deprecated: Use OrderedHeaders instead.
	Header http.Header
	// Order of headers for the request.
	HeaderOrder HeaderOrder

	// If true, redirects won't be followed.
	DisableRedirects bool
	// Maximum number of redirects to follow.
	MaxRedirects uint
	// If true, cookies won't be included in the request.
	NoCookie bool
	// Maximum time to wait for request to complete.
	TimeOut time.Duration
	// Indicates if the current request is a result of a redirection.
	IsRedirected bool
	// If true, server's certificate is not verified.
	InsecureSkipVerify bool

	// If true, the body of the response is not read.
	// The response body can be read from Response.RawBody and
	// you will have to close using Response.CloseBody manually.
	IgnoreBody bool
	Proto      string

	ForceHTTP1 bool
	ForceHTTP3 bool

	// Length of content in the request.
	ContentLength int64
	// contains filtered or unexported fields
}

Request represents the details and configuration for an individual HTTP(S) request. It encompasses URL, headers, method, body, proxy settings, timeouts, and other configurations necessary for customizing the request and its execution.

func (*Request) CloseBody ΒΆ

func (r *Request) CloseBody()

func (*Request) Context ΒΆ

func (r *Request) Context() context.Context

Context returns the context for the request.

func (*Request) SetContext ΒΆ

func (r *Request) SetContext(ctx context.Context)

SetContext sets the context for the request.

func (*Request) ToDumpString ΒΆ

func (r *Request) ToDumpString() string

type Response ΒΆ

type Response struct {
	// HTTP status code, e.g., 200, 404.
	StatusCode int

	// HTTP status message, e.g., "OK", "Not Found".
	Status string

	// Byte representation of the response body.
	Body []byte
	// Raw body stream.
	RawBody io.ReadCloser
	// Response headers.
	Header http.Header
	// Parsed cookies from the response.
	Cookies map[string]string
	// URL from which the response was received.
	Url string
	// Indicates if the body of the response was ignored.
	IgnoreBody bool

	// The underlying HTTP response.
	HttpResponse *http.Response
	// Reference to the associated request.
	Request *Request
	// Length of content in the response.
	ContentLength int64

	Session *Session
	// contains filtered or unexported fields
}

Response encapsulates the received data and metadata from an HTTP(S) request. This includes status code, body, headers, cookies, associated request details, TLS connection state, etc.

func (*Response) CloseBody ΒΆ

func (r *Response) CloseBody() error

func (*Response) JSON ΒΆ

func (r *Response) JSON(v any) error

func (*Response) MustJSON ΒΆ

func (r *Response) MustJSON(v any)

func (*Response) ReadBody ΒΆ

func (r *Response) ReadBody(in io.ReadCloser, encoding string) (out []byte, err error)

func (*Response) String ΒΆ

func (r *Response) String() string

func (*Response) ToDumpString ΒΆ

func (r *Response) ToDumpString() string

type SOCKS5UDPConn ΒΆ

type SOCKS5UDPConn struct {
	// contains filtered or unexported fields
}

SOCKS5UDPConn wraps a UDP connection through SOCKS5 proxy

func (*SOCKS5UDPConn) Close ΒΆ

func (c *SOCKS5UDPConn) Close() error

Close closes the SOCKS5 UDP connection

func (*SOCKS5UDPConn) LocalAddr ΒΆ

func (c *SOCKS5UDPConn) LocalAddr() net.Addr

LocalAddr returns the local address

func (*SOCKS5UDPConn) Read ΒΆ

func (c *SOCKS5UDPConn) Read(b []byte) (int, error)

Read receives data from the SOCKS5 UDP relay

func (*SOCKS5UDPConn) ReadFrom ΒΆ

func (c *SOCKS5UDPConn) ReadFrom(b []byte) (int, string, error)

ReadFrom receives data and source address from the SOCKS5 UDP relay

func (*SOCKS5UDPConn) RemoteAddr ΒΆ

func (c *SOCKS5UDPConn) RemoteAddr() net.Addr

RemoteAddr returns the remote address

func (*SOCKS5UDPConn) SetDeadline ΒΆ

func (c *SOCKS5UDPConn) SetDeadline(t time.Time) error

SetDeadline sets read and write deadlines

func (*SOCKS5UDPConn) SetReadDeadline ΒΆ

func (c *SOCKS5UDPConn) SetReadDeadline(t time.Time) error

SetReadDeadline sets read deadline

func (*SOCKS5UDPConn) SetWriteDeadline ΒΆ

func (c *SOCKS5UDPConn) SetWriteDeadline(t time.Time) error

SetWriteDeadline sets write deadline

func (*SOCKS5UDPConn) Write ΒΆ

func (c *SOCKS5UDPConn) Write(b []byte) (int, error)

Write sends data through the SOCKS5 UDP relay

func (*SOCKS5UDPConn) WriteTo ΒΆ

func (c *SOCKS5UDPConn) WriteTo(b []byte, addr string) (int, error)

WriteTo sends data to a specific address through the SOCKS5 UDP relay

type SOCKS5UDPDialer ΒΆ

type SOCKS5UDPDialer struct {
	// SOCKS5 proxy address
	ProxyAddr string

	// Authentication
	Username string
	Password string

	// Dialer for control connection
	Dialer net.Dialer
	// contains filtered or unexported fields
}

SOCKS5UDPDialer handles SOCKS5 UDP ASSOCIATE for QUIC

func NewSOCKS5UDPDialer ΒΆ

func NewSOCKS5UDPDialer(proxyAddr, username, password string) *SOCKS5UDPDialer

NewSOCKS5UDPDialer creates a new SOCKS5 UDP dialer

func (*SOCKS5UDPDialer) DialUDP ΒΆ

func (d *SOCKS5UDPDialer) DialUDP(ctx context.Context, network string, remoteAddr string) (*SOCKS5UDPConn, error)

DialUDP establishes a UDP connection through SOCKS5 proxy

type Session ΒΆ

type Session struct {
	PHeader        PHeader
	OrderedHeaders OrderedHeaders

	// Default headers for all requests. Deprecated: Use OrderedHeaders instead.
	Header http.Header
	// Order of headers for all requests.
	HeaderOrder HeaderOrder

	// Stores cookies across session requests.
	CookieJar http.CookieJar

	// Name or identifier of the browser used in the session.
	Browser string

	Transport      *http.Transport
	HTTP2Transport *http2.Transport
	HTTP3Config    *HTTP3Config

	// Function to provide custom TLS handshake details.
	GetClientHelloSpec func() *tls.ClientHelloSpec

	// Function to provide custom TLS handshake details for HTTP/3 connections.
	GetClientHelloSpecHTTP3 func() *tls.ClientHelloSpec

	// Proxy address.
	Proxy string
	// If true, use HTTP2 for proxy connections.
	H2Proxy bool
	// Updated to use ProxyDialer interface for both single and chain proxies
	ProxyDialer *proxyDialer

	// If true, print detailed logs or debugging information. Deprecated: Use Dump instead.
	Verbose bool
	// Path for logging verbose information. Deprecated: Use Log instead.
	VerbosePath string
	// List of hosts to ignore when logging verbose info. Deprecated: Use Log instead.
	VerboseIgnoreHost []string
	// Custom function to handle verbose logging. Deprecated: Use Log instead.
	VerboseFunc func(request *Request, response *Response, err error)

	// Maximum number of redirects to follow.
	MaxRedirects uint

	// Maximum time to wait for request to complete.
	TimeOut time.Duration

	// Deprecated, use PreHookWithContext instead.
	PreHook func(request *Request) error
	// Function called before sending a request.
	PreHooksWithContext []func(ctx *Context) error

	// Deprecated, use CallbackWithContext instead.
	Callback func(request *Request, response *Response, err error)

	// Function called after receiving a response.
	CallbacksWithContext []func(ctx *Context)

	// Function to modify the dialer used for establishing connections.
	ModifyDialer func(dialer *net.Dialer) error

	// Custom dial function for establishing connections.
	Dial func(ctx context.Context, network, addr string) (net.Conn, error)

	// Function to modify the TLS configuration before establishing a connection.
	ModifyConfig func(config *tls.Config) error

	// CheckRedirect specifies the policy for handling redirects.
	// If CheckRedirect is not nil, the client calls it before
	// following an HTTP redirect. The arguments req and via are
	// the upcoming request and the requests made already, oldest
	// first. If CheckRedirect returns an error, the Session's Get
	// method returns both the previous Response (with its Body
	// closed) and CheckRedirect's error (wrapped in an url.Error)
	// instead of issuing the Request req.
	// As a special case, if CheckRedirect returns ErrUseLastResponse,
	// then the most recent response is returned, along with a nil error.
	//
	// If CheckRedirect is nil, the Session uses its default policy,
	// which is to stop after 10 consecutive requests.
	CheckRedirect func(req *Request, reqs []*Request) error

	// Deprecated: This field is ignored as pin verification is always true.
	// To disable pin verification, use InsecureSkipVerify.
	VerifyPins bool

	// PinManager is used to manage and verify TLS pins.
	// By default, DefaultPinManager is used: it is a singleton and is shared across all sessions.
	// You can create a new PinManager using NewPinManager() and set it here to have a specific pin manager for this Session.
	PinManager *PinManager

	// If true, server's certificate is not verified (insecure: this may facilitate attack from middleman).
	InsecureSkipVerify bool

	// If true, automatic decompression of response bodies is disabled.
	// When disabled, compressed responses (gzip, deflate, brotli, zstd) are returned as-is.
	DisableAutoDecompression bool

	// Headers for User-Agent and Sec-Ch-Ua, respectively.
	UserAgent string

	// HeaderPriority specifies the priority of the request's headers.
	// As this information is not included in the Akamai fingerprint, you may have to specify it manually.
	// Note that you can also specify the browser in the session so that this is done automatically.
	HeaderPriority *http2.PriorityParam

	// ProxyHeader defines the headers used for the CONNECT method to the proxy,
	// you may define the order with the http.HeaderOrderKey
	ProxyHeader http.Header
	// contains filtered or unexported fields
}

Session represents the core structure for managing and conducting HTTP(S) sessions. It holds configuration settings, headers, cookie storage, connection pool, and other attributes necessary to perform and customize requests.

func NewSession ΒΆ

func NewSession() *Session

NewSession creates a new session It is a shortcut for NewSessionWithContext(context.Background())

Example ΒΆ
package main

import (
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	resp, err := session.Get("https://www.google.com")

	if err != nil {
		panic(err)
	}

	fmt.Println(resp.StatusCode)

}
Output:
200

func NewSessionWithContext ΒΆ

func NewSessionWithContext(ctx context.Context) *Session

NewSessionWithContext creates a new session with context It is recommended to use this function to create a new session instead of creating a new Session struct

func (*Session) AddPins ΒΆ

func (s *Session) AddPins(u *url.URL, pins []string) error

AddPins associates a set of certificate pins with a given URL within a session. This allows for URL-specific pinning, useful in scenarios where different services (URLs) are trusted with different certificates.

func (*Session) ApplyHTTP2 ΒΆ

func (s *Session) ApplyHTTP2(fp string) error

ApplyHTTP2 applies HTTP2 settings to the session from a fingerprint. The fingerprint is in the format:

<SETTINGS>|<WINDOW_UPDATE>|<PRIORITY>|<PSEUDO_HEADER>

egs :

1:65536,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p

Any 0 value will be ignored.

Example ΒΆ
package main

import (
	"fmt"
	"strings"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	preset := "1:65536;2:0;3:1000;4:6291456;6:262144|15663105|0|m,s,a,p"

	if err := session.ApplyHTTP2(preset); err != nil {
		panic(err)
	}

	resp, err := session.Get("https://tls.peet.ws/api/all")

	if err != nil {
		panic(err)
	}

	fmt.Println(strings.Contains(resp.String(), preset))

}
Output:
true

func (*Session) ApplyHTTP3 ΒΆ

func (s *Session) ApplyHTTP3(fp string) error

ApplyHTTP3 applies HTTP3 settings to the session from a fingerprint. The fingerprint is in the format:

<SETTINGS>|<PSEUDO_HEADER>

egs :

1:65536;6:262144;7:100;51:1;GREASE|m,a,s,p

Any 0 value will be ignored.

Example ΒΆ
package main

import (
	"fmt"
	"strings"

	http "github.com/Noooste/fhttp"
	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	http3 := "1:16383;7:100;GREASE|m,s,a,p"

	if err := session.ApplyHTTP3(http3); err != nil {
		panic(err)
	}

	resp, err := session.Do(&azuretls.Request{
		Method:     http.MethodGet,
		Url:        "https://tls.peet.ws/api/all",
		ForceHTTP3: true,
	})

	if err != nil {
		panic(err)
	}

	fmt.Println(strings.Contains(resp.String(), http3))

}
Output:
true

func (*Session) ApplyJa3 ΒΆ

func (s *Session) ApplyJa3(ja3, navigator string) error

ApplyJa3 applies JA3 settings to the session from a fingerprint. JA3 is a method for creating fingerprints from SSL/TLS client hellos, which can be used for client identification or detection. The fingerprint is constructed from an MD5 hash of string representations of various handshake parameters, specifically:

<SSL Version>|<Accepted Ciphers>|<List of Extensions>|<Elliptic Curves>|<Elliptic Curve Formats>

e.g.,

769,4865-4866-4867-49196-49195-52393-49200-49199-49172...|0-5-10-11-...|23-24-25|0

This string is then MD5-hashed to produce a 32-character representation, which is the JA3 fingerprint.

Any absent field in the client hello will raise an error.

Example ΒΆ
package main

import (
	"fmt"
	"strings"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	ja3 := "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0"

	if err := session.ApplyJa3(ja3, azuretls.Chrome); err != nil {
		panic(err)
	}

	resp, err := session.Get("https://tls.peet.ws/api/all")

	if err != nil {
		panic(err)
	}

	fmt.Println(strings.Contains(resp.String(), ja3))

}
Output:
true

func (*Session) ApplyJa3WithSpecifications ΒΆ

func (s *Session) ApplyJa3WithSpecifications(ja3 string, specifications *TlsSpecifications, navigator string) error

ApplyJa3WithSpecifications applies JA3 settings to the session from a fingerprint. JA3 is a method for creating fingerprints from SSL/TLS client hellos, which can be used for client identification or detection. The fingerprint is constructed from an MD5 hash of string representations of various handshake parameters, specifically:

<SSL Version>|<Accepted Ciphers>|<List of Extensions>|<Elliptic Curves>|<Elliptic Curve Formats>

e.g.,

769,4865-4866-4867-49196-49195-52393-49200-49199-49172...|0-5-10-11-...|23-24-25|0

This string is then MD5-hashed to produce a 32-character representation, which is the JA3 fingerprint.

Any absent field in the client hello will raise an error.

func (*Session) ClearPins ΒΆ

func (s *Session) ClearPins(u *url.URL) error

ClearPins removes all pinned certificates associated with a specific URL in the session. This can be used to reset trust settings or in scenarios where a service's certificate is no longer deemed trustworthy.

func (*Session) ClearProxy ΒΆ

func (s *Session) ClearProxy()

ClearProxy removes the proxy from the session (updated to handle unified dialer)

func (*Session) ClearProxyChain ΒΆ

func (s *Session) ClearProxyChain()

ClearProxyChain removes the proxy chain from the session (alias for ClearProxy)

func (*Session) Close ΒΆ

func (s *Session) Close()

Close closes the session and all its connections. It is recommended to call this function when the session is no longer needed.

After calling this function, the session is no longer usable.

func (*Session) Connect ΒΆ

func (s *Session) Connect(u string) error

Connect initiates a connection to the specified URL

func (*Session) Context ΒΆ

func (s *Session) Context() context.Context

func (*Session) Delete ΒΆ

func (s *Session) Delete(url string, args ...any) (*Response, error)

Delete provides shortcut for sending DELETE request

func (*Session) DisableDump ΒΆ

func (s *Session) DisableDump()

DisableDump will disable requests and responses dumping

func (*Session) DisableHTTP3 ΒΆ

func (s *Session) DisableHTTP3()

DisableHTTP3 disables HTTP/3 support

func (*Session) DisableLog ΒΆ

func (s *Session) DisableLog()

DisableLog will disable request and response logging

func (*Session) Do ΒΆ

func (s *Session) Do(request *Request, args ...any) (*Response, error)

Do sends a request and returns a response

func (*Session) Dump ΒΆ

func (s *Session) Dump(dir string, uris ...string) error

Dump will activate requests and responses dumping to the specified directory

dir is the directory to save the logs

ignore (optional) is a list of uri to ignore, if ignore is empty, all uri will be logged

Example ΒΆ
package main

import (
	"fmt"
	"os"
	"time"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	_ = session.Dump("./logs", "*.httpbin.org")

	_, _ = session.Get("https://www.google.com", azuretls.OrderedHeaders{
		{"User-Agent", "Mozilla/5.0"},
		{"Accept", "text/html"},
	})

	_, _ = session.Get("https://httpbin.org/get")

	time.Sleep(1 * time.Second)

	f, _ := os.ReadDir("./logs")

	fmt.Println(len(f))

}
Output:
1

func (*Session) DumpAndLog ΒΆ

func (s *Session) DumpAndLog(dir string, uris ...string) error

DumpAndLog will activate requests and responses dumping to the specified directory and log the requests and responses

func (*Session) DumpIgnore ΒΆ

func (s *Session) DumpIgnore(uri string) bool

DumpIgnore will check if the given uri is ignored from dumping

Example ΒΆ
package main

import (
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	if err := session.Dump("./logs", "*.google.com"); err != nil {
		panic(err)
	}

	fmt.Println(session.DumpIgnore("https://www.google.com"))
	fmt.Println(session.DumpIgnore("https://google.com/search"))
	fmt.Println(session.DumpIgnore("https://www.google.com/search"))

	if err := session.Dump("./logs", "/get"); err != nil {
		panic(err)
	}

	fmt.Println(session.DumpIgnore("https://www.google.com"))
	fmt.Println(session.DumpIgnore("https://google.com/search"))
	fmt.Println(session.DumpIgnore("https://www.google.com/get/the/thing"))

}
Output:
true
true
true
false
false
true

func (*Session) DumpRequestResponsePair ΒΆ

func (s *Session) DumpRequestResponsePair(request *Request, response *Response, err error, targetFile string) error

func (*Session) EnableDump ΒΆ

func (s *Session) EnableDump()

EnableDump will enable requests and responses dumping

func (*Session) EnableHTTP3 ΒΆ

func (s *Session) EnableHTTP3() error

EnableHTTP3 enables HTTP/3 support for the session

func (*Session) EnableLog ΒΆ

func (s *Session) EnableLog()

EnableLog will enable request and response logging

func (*Session) EnableVerbose deprecated

func (s *Session) EnableVerbose(path string, ignoreHost []string) error

EnableVerbose enables verbose logging

Deprecated: use Dump instead

func (*Session) Get ΒΆ

func (s *Session) Get(url string, args ...any) (*Response, error)

Get provides shortcut for sending GET request

Example ΒΆ
package main

import (
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	resp, err := session.Get("https://www.google.com")

	if err != nil {
		panic(err)
	}

	fmt.Println(resp.StatusCode)

}
Output:
200

func (*Session) GetBrowserHTTP3ClientHelloFunc ΒΆ

func (s *Session) GetBrowserHTTP3ClientHelloFunc(browser string) func() *tls.ClientHelloSpec

func (*Session) GetProxyChain ΒΆ

func (s *Session) GetProxyChain() []*url.URL

GetProxyChain returns the current proxy chain URLs

func (*Session) Head ΒΆ

func (s *Session) Head(url string, args ...any) (*Response, error)

Head provides shortcut for sending HEAD request

func (*Session) Ip ΒΆ

func (s *Session) Ip() (ip string, err error)

Ip returns the public IP address of the session

func (*Session) IsChainProxy ΒΆ

func (s *Session) IsChainProxy() bool

IsChainProxy returns true if the session is using a proxy chain

func (*Session) Log ΒΆ

func (s *Session) Log(uris ...string)

Log will print the request and response to the console

uris (optional) is a list of uris to ignore, if ignore is empty, all uris will be logged

Example ΒΆ
package main

import (
	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	session.Log("/any/path/to/ignore", "can.ignore.this", "*.all.subdomains")

	_, _ = session.Get("https://www.google.com")
	_, _ = session.Get("https://www.google.com/any/path/to/ignore")
}

func (*Session) LogIgnore ΒΆ

func (s *Session) LogIgnore(uri string) bool

LogIgnore will check if the given uri is ignored from dumping

func (*Session) NewHTTP3Transport ΒΆ

func (s *Session) NewHTTP3Transport() (*HTTP3Transport, error)

NewHTTP3Transport creates a new HTTP/3 transport

func (*Session) NewWebsocket ΒΆ

func (s *Session) NewWebsocket(url string, readBufferSize, writeBufferSize int, args ...any) (*Websocket, error)

NewWebsocket returns a new websocket connection.

func (*Session) NewWebsocketWithContext ΒΆ

func (s *Session) NewWebsocketWithContext(ctx context.Context, url string, readBufferSize, writeBufferSize int, args ...any) (*Websocket, error)

NewWebsocketWithContext returns a new websocket connection with a context.

func (*Session) Options ΒΆ

func (s *Session) Options(url string, args ...any) (*Response, error)

Options provides shortcut for sending OPTIONS request

func (*Session) Patch ΒΆ

func (s *Session) Patch(url string, data any, args ...any) (*Response, error)

Patch provides shortcut for sending PATCH request

func (*Session) Post ΒΆ

func (s *Session) Post(url string, data any, args ...any) (*Response, error)

Post provides shortcut for sending POST request

Example ΒΆ
package main

import (
	"bytes"
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	resp, err := session.Post("https://httpbin.org/post", `post me`)

	if err != nil {
		panic(err)
	}

	fmt.Println(resp.StatusCode)
	fmt.Println(bytes.Contains(resp.Body, []byte("post me")))

}
Output:
200
true

func (*Session) Put ΒΆ

func (s *Session) Put(url string, data any, args ...any) (*Response, error)

Put provides shortcut for sending PUT request

func (*Session) SetContext ΒΆ

func (s *Session) SetContext(ctx context.Context)

SetContext sets the given context for the session

func (*Session) SetProxy ΒΆ

func (s *Session) SetProxy(proxy string) error

SetProxy sets a single proxy for the session (original functionality)

Example ΒΆ
package main

import (
	"fmt"

	"github.com/einav-nebius/azuretls-client"
)

func main() {
	session := azuretls.NewSession()

	err := session.SetProxy("http://username:password@proxy:8080")

	if err != nil {
		panic(err)
	}

	fmt.Println(session.Proxy)

}
Output:
http://username:password@proxy:8080

func (*Session) SetProxyChain ΒΆ

func (s *Session) SetProxyChain(proxies []string) error

SetProxyChain sets up a chain of proxies for the session

func (*Session) SetTimeout ΒΆ

func (s *Session) SetTimeout(timeout time.Duration)

SetTimeout sets timeout for the session

func (*Session) UseCallbackWithContext ΒΆ

func (s *Session) UseCallbackWithContext(callback func(ctx *Context))

func (*Session) UsePrehookWithContext ΒΆ

func (s *Session) UsePrehookWithContext(preHook func(ctx *Context) error)

type TlsSpecifications ΒΆ

type TlsSpecifications struct {
	AlpnProtocols                           []string
	SignatureAlgorithms                     []tls.SignatureScheme
	SupportedVersions                       []uint16
	CertCompressionAlgos                    []tls.CertCompressionAlgo
	DelegatedCredentialsAlgorithmSignatures []tls.SignatureScheme
	PSKKeyExchangeModes                     []uint8
	SignatureAlgorithmsCert                 []tls.SignatureScheme
	ApplicationSettingsProtocols            []string
	RenegotiationSupport                    tls.RenegotiationSupport
	RecordSizeLimit                         uint16
}

TlsSpecifications struct contains various fields representing TLS handshake settings.

func DefaultTlsSpecifications ΒΆ

func DefaultTlsSpecifications(navigator string) *TlsSpecifications

type Websocket ΒΆ

type Websocket struct {
	Url     string
	Headers http.Header

	Request  *Request
	Response *http.Response

	*websocket.Conn
	// contains filtered or unexported fields
}

Directories ΒΆ

Path Synopsis
examples
headers command
http2 command
http3 command
ja3 command
proxy command
test

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL