azuretls

package module

v1.12.7 Latest Latest Go to latest Published: Oct 21, 2025 License: MIT Imports: 41 Imported by: 33

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Noooste/azuretls-client

Links

Open Source Insights

README ¶

AzureTLS Client

🚀 Simple, Powerful HTTP Client for Go

AzureTLS Client is a high-performance HTTP client library for Go that combines simplicity with unlimited customization. Whether you're building a simple API client or need advanced features like TLS fingerprinting and HTTP/2 customization, AzureTLS Client has you covered.

✨ Why Choose AzureTLS Client?

🎯 Simple by Default

session := azuretls.NewSession()
response, err := session.Get("https://www.google.com/")
if err != nil {
    panic(err)
}
fmt.Println(response.String())

⚡ Powerful When Needed

Full TLS fingerprint control (JA3/JA4)
HTTP/2 and HTTP/3 support with custom settings
Advanced proxy support (HTTP/HTTPS/SOCKS4/SOCKS5)
Proxy chain support for multi-hop connections
Precise header ordering and control

🌟 Key Features

🌐 Modern Protocols - HTTP/1.1, HTTP/2, and HTTP/3 support
🔧 TLS Fingerprinting - Full control over ClientHello (JA3/JA4)
🎭 Browser Emulation - Chrome, Firefox, Safari, Edge presets
🔗 Advanced Proxy Support - HTTP, HTTPS, SOCKS4, SOCKS5 with authentication.
⛓️ Proxy Chaining - Multi-hop proxy connections for enhanced anonymity
📋 Header Control - Precise ordering and custom headers
🍪 Cookie Management - Automatic handling with persistent jar
🔒 SSL Pinning - Enhanced security with certificate validation
🐛 Debug Tools - Request logging and dumping capabilities

🎯 Perfect For

API Integration - Simple REST API clients
Web Scraping - Advanced bot detection evasion
Security Testing - Custom TLS fingerprinting
Load Testing - High-performance concurrent requests
Proxy Management - Multi-proxy rotation and testing

📋 Quick Examples

Simple GET Request

session := azuretls.NewSession()
defer session.Close()

response, err := session.Get("https://api.github.com/user")
if err != nil {
    log.Fatal(err)
}
fmt.Printf("Status: %d\n", response.StatusCode)

POST with JSON

data := map[string]string{
    "name": "AzureTLS",
    "type": "HTTP Client",
}

response, err := session.Post("https://api.example.com/data", data)

Browser Emulation

session := azuretls.NewSession()
session.Browser = azuretls.Firefox // Automatic JA3 + HTTP/2 fingerprinting

response, err := session.Get("https://website.com")

Custom Headers with Ordering

session.OrderedHeaders = azuretls.OrderedHeaders{
    {"User-Agent", "MyApp/1.0"},
    {"Accept", "application/json"},
    {"Authorization", "Bearer token"},
}

Proxy Support

session := azuretls.NewSession()
err := session.SetProxy("http://username:password@proxy.example.com:8080")
if err != nil {
    log.Fatal(err)
}

response, err := session.Get("https://api.example.com")

🌍 Multi-Language Support via CFFI

AzureTLS Client can be used from any programming language that supports C Foreign Function Interface (FFI) through our comprehensive CFFI bindings.

🔗 Available CFFI Implementation

The core CFFI (C Foreign Function Interface) library is available in the cffi/ directory, providing a C API that can be used from any language supporting C FFI.

📦 Pre-built libraries available for:

Linux (amd64, arm64, 386, arm)
Windows (amd64, 386, arm64)
macOS (amd64, arm64)

🌐 Community Language Bindings

Community-maintained repositories for additional languages:

🔗 [Your Language] - Your Repository by @yourusername

Want to see your language binding featured here? See the Contributing Language Bindings section below!

📦 Getting Started with CFFI

Download pre-built libraries from our releases
Choose your platform: Linux, Windows, macOS, FreeBSD
Pick your architecture: amd64, arm64, 386, arm
Follow language-specific examples in cffi/examples/

🛠️ Building CFFI Libraries

# Build for current platform
cd cffi && make

# Build for all platforms
cd cffi && make build-all

# Build for specific platform
cd cffi && make build-linux-amd64

📚 Comprehensive Documentation

Full CFFI documentation with API reference, examples, and troubleshooting guides is available at cffi/README.md.

🤝 Contributing Language Bindings

We welcome and appreciate contributions for additional language support!

If you create bindings for a new programming language, we'd love to:

📝 Feature your repository in this README
🏆 Credit you as a contributor
🔗 Link to your implementation for the community
🚀 Help promote your language bindings

Language bindings we'd especially appreciate:

🐍 Python - ctypes/cffi implementation
🟨 Node.js - ffi-napi integration
📘 TypeScript - Type-safe Node.js bindings
☕ Java - JNI bindings
🔷 C# - P/Invoke implementation
🦀 Rust - libc/bindgen bindings
And any others!

How to contribute language bindings:

🏗️ Create your own repository with language bindings using our CFFI
🔧 Implement the core functionality using our C API from cffi/
📖 Add comprehensive examples and documentation
🧪 Include tests demonstrating the functionality
📬 Submit a pull request to this repository to add your repo link to this README

Repository Requirements:

Use the AzureTLS CFFI libraries from our releases
Include clear installation instructions
Provide working examples
Add proper documentation
Follow your language's best practices

🤝 Community & Support

Issues: GitHub Issues
Discussions: GitHub Discussions
Examples: examples/
CFFI Documentation: cffi/README.md

🙏 Acknowledgments

AzureTLS Client is built with ❤️ by the open source community. Special thanks to all contributors who help make this project better.

⭐ Show Your Support

If AzureTLS Client helps you build something awesome, consider:

⭐ Star this repository
🐛 Report bugs or suggest features
💡 Share your use cases in discussions
🤝 Contribute code or documentation
🌍 Create bindings for your favorite programming language

🛡️ Need Antibot Bypass?

TLS fingerprinting alone isn't enough for modern bot protection. Hyper Solutions provides the missing piece - API endpoints that generate valid antibot tokens for:

Akamai • DataDome • Kasada • Incapsula

No browser automation. Just simple API calls that return the exact cookies and headers these systems require.

🚀 Get Your API Key | 📖 Docs | 💬 Discord

Documentation ¶

Index ¶

Examples ¶

Constants ¶

View Source

const (
	Chrome  = "chrome"
	Firefox = "firefox"
	Opera   = "opera"
	Safari  = "safari"
	Edge    = "edge"
	Ios     = "ios"
	Android = "android" //deprecated
)

View Source

const (
	Path      = ":path"
	Method    = ":method"
	Authority = ":authority"
	Scheme    = ":scheme"
)

View Source

const (
	SchemeHttp  = "http"
	SchemeHttps = "https"
	SchemeWs    = "ws"
	SchemeWss   = "wss"
	Socks5      = "socks5"
	Socks5H     = "socks5h"

	Socks4  = "socks4"
	Socks4A = "socks4a"
)

View Source

const SensitiveHeaders = "Sensitive-Headers:"

Variables ¶

View Source

var ErrTooManyRedirects = errors.New("too many redirects")

View Source

var ErrUseLastResponse = errors.New("azuretls: use last response")

Functions ¶

func CookiesToString ¶ added in v1.2.5

func CookiesToString(cookies []*http.Cookie) string

func DecodeResponseBody ¶ added in v1.9.0

func DecodeResponseBody(body io.ReadCloser, encoding string) ([]byte, error)

func Fingerprint ¶ added in v1.2.0

func Fingerprint(c *x509.Certificate) string

Fingerprint computes the SHA256 Fingerprint of a given certificate's RawSubjectPublicKeyInfo. This is useful for obtaining a consistent identifier for a certificate's public key. The result is then base64-encoded to give a string representation which can be conveniently stored or compared.

func GetBrowserClientHelloFunc ¶ added in v1.5.4

func GetBrowserClientHelloFunc(browser string) func() *tls.ClientHelloSpec

GetBrowserClientHelloFunc returns a function that returns a ClientHelloSpec for a specific browser

func GetCookiesMap ¶ added in v1.2.5

func GetCookiesMap(cookies []*http.Cookie) map[string]string

func GetLastChromeVersion ¶

func GetLastChromeVersion() *tls.ClientHelloSpec

GetLastChromeVersion apply the latest Chrome version Current Chrome version : 133

func GetLastChromeVersionForHTTP3 ¶ added in v1.9.1

func GetLastChromeVersionForHTTP3() *tls.ClientHelloSpec

func GetLastFirefoxVersion ¶ added in v1.5.4

func GetLastFirefoxVersion() *tls.ClientHelloSpec

GetLastFirefoxVersion apply the latest Firefox, version 138

func GetLastIosVersion ¶

func GetLastIosVersion() *tls.ClientHelloSpec

func GetLastSafariVersion ¶ added in v1.6.5

func GetLastSafariVersion() *tls.ClientHelloSpec

func RedirectBehavior ¶ added in v1.2.5

func RedirectBehavior(reqMethod string, resp *Response, ireq *Request) (redirectMethod string, shouldRedirect, includeBody bool)

RedirectBehavior describes what should happen when the client encounters a 3xx status code from the server

func RefererForURL ¶ added in v1.2.5

func RefererForURL(ireq, newReq *url.URL) string

RefererForURL returns a referer without any authentication info or an empty string if lastReq scheme is https and newReq scheme is http.

func ToBytes ¶ added in v1.2.5

func ToBytes(b any) []byte

ToBytes converts any type to []byte, it supports string, []byte, io.Reader, strings.Builder and any other type that can be marshaled to json

Example ¶

fmt.Println(string(azuretls.ToBytes("test1")))

fmt.Println(string(azuretls.ToBytes([]byte("test2"))))

buf := bytes.NewBufferString("test3")
fmt.Println(string(azuretls.ToBytes(buf)))

type s struct {
	A string
	B int
}
fmt.Println(string(azuretls.ToBytes(s{"test4", 4})))

Output:

test1
test2
test3
{"A":"test4","B":4}

func ToReader ¶ added in v1.6.0

func ToReader(b any) (io.Reader, error)

func UrlEncode ¶ added in v1.2.3

func UrlEncode(obj any) string

UrlEncode encodes a map[string]string to url encoded string If you want to encode a struct, you will use the `url` tag

Example ¶

type Foo struct {
	Bar       string `url:"bar"`
	Baz       string `url:"baz"`
	Omit      string `url:"-"`
	OmitEmpty string `url:"no,omitempty"`
}

fmt.Println(azuretls.UrlEncode(Foo{
	Bar:       "bar",
	Baz:       "baz baz baz",
	Omit:      "omit",
	OmitEmpty: "",
}))

Output:

bar=bar&baz=baz+baz+baz

Types ¶

type Context ¶ added in v1.4.1

type Context struct {
	// Session is the session associated with the request.
	Session *Session

	// Request is the request being made.
	Request *Request

	// Response is the response received.
	// It can be modified to change the response returned by the request.
	Response *Response

	// Err is the error, if any, that occurred during the request.
	// It can be modified to change the error returned by the request.
	Err error

	// RequestStartTime is the time when the request was started.
	RequestStartTime time.Time
	// contains filtered or unexported fields
}

Context represents the context of a request. It holds the session, request, response, error, and other details associated with the request.

func (*Context) Context ¶ added in v1.4.2

func (c *Context) Context() context.Context

type ContextKeyHeader ¶

type ContextKeyHeader struct{}

ContextKeyHeader for passing headers through context

type HTTP3Config ¶ added in v1.8.0

type HTTP3Config struct {
	// Enable HTTP/3 support
	Enabled bool

	// Force HTTP/3 for all requests (no fallback)
	ForceHTTP3 bool
	// contains filtered or unexported fields
}

HTTP3Config holds HTTP/3 specific configuration

type HTTP3Transport ¶ added in v1.8.0

type HTTP3Transport struct {
	*http3.Transport
	// contains filtered or unexported fields
}

HTTP3Transport wraps the http3.RoundTripper with proxy support

func (*HTTP3Transport) Close ¶ added in v1.10.3

func (t *HTTP3Transport) Close() error

func (*HTTP3Transport) RoundTrip ¶ added in v1.8.0

func (t *HTTP3Transport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements the http.RoundTripper interface with proxy support

type HeaderOrder ¶

type HeaderOrder []string

HeaderOrder is a slice of header names.

type OrderedHeaders ¶

type OrderedHeaders [][]string

OrderedHeaders is a slice of headers.

func (*OrderedHeaders) Add ¶

func (oh *OrderedHeaders) Add(field string, value ...string)

Add adds the value to the field. It appends to any existing values associated with the field.

func (*OrderedHeaders) Clone ¶

func (oh *OrderedHeaders) Clone() OrderedHeaders

Clone returns a copy of the header.

func (*OrderedHeaders) Del ¶

func (oh *OrderedHeaders) Del(field string) OrderedHeaders

Del removes the first instance of the field from the header. If the field is not present, it does nothing.

func (*OrderedHeaders) Get ¶

func (oh *OrderedHeaders) Get(field string) string

Get returns the first value associated with the given field. If the field is not present, it returns an empty string.

func (*OrderedHeaders) Remove ¶

func (oh *OrderedHeaders) Remove(field string) OrderedHeaders

Remove removes the first instance of the field from the header. If the field is not present, it does nothing. Deprecated: Use Del instead.

func (*OrderedHeaders) Set ¶

func (oh *OrderedHeaders) Set(field string, value ...string)

Set sets the field to the given value. It replaces any existing values associated with the field.

func (*OrderedHeaders) ToHeader ¶ added in v1.5.0

func (oh *OrderedHeaders) ToHeader() http.Header

type PHeader ¶

type PHeader []string

PHeader is a slice of pseudo headers.

func GetDefaultPseudoHeaders ¶ added in v1.2.9

func GetDefaultPseudoHeaders() PHeader

GetDefaultPseudoHeaders returns the default pseudo headers.

type PinHost ¶ added in v1.7.3

type PinHost struct {
	// contains filtered or unexported fields
}

func (*PinHost) AddPin ¶ added in v1.7.3

func (p *PinHost) AddPin(pin string)

AddPin safely adds a new pin (Fingerprint) to the PinManager. If a service's certificate changes (e.g., due to renewal), new pins should be added to continue trusting the service.

func (*PinHost) AddPins ¶ added in v1.7.3

func (p *PinHost) AddPins(pin []string)

func (*PinHost) GetPins ¶ added in v1.7.3

func (p *PinHost) GetPins() []string

func (*PinHost) New ¶ added in v1.7.3

func (p *PinHost) New(addr string) (err error)

New establishes a connection to the provided address, retrieves its SSL/TLS certificates, and pins their public keys in the PinManager. This can be used initially to populate the PinManager with pins from a trusted service.

func (*PinHost) Verify ¶ added in v1.7.3

func (p *PinHost) Verify(c *x509.Certificate) bool

Verify checks whether a given certificate's public key is currently pinned in the PinManager. This method should be used during the SSL/TLS handshake to ensure the remote service's certificate matches a previously pinned public key.

type PinManager ¶ added in v1.1.0

type PinManager struct {
	// contains filtered or unexported fields
}

PinManager is a concurrency-safe struct designed to manage and verify public key pinning for SSL/TLS certificates. Public key pinning is a security feature which can be used to specify a set of valid public keys for a particular web service, thus preventing man-in-the-middle attacks due to rogue certificates.

var DefaultPinManager *PinManager

func NewPinManager ¶ added in v1.1.0

func NewPinManager() *PinManager

NewPinManager initializes a new instance of PinManager with an empty set of pins. This is the entry point to begin using the pinning functionality.

func (*PinManager) AddHost ¶ added in v1.7.3

func (p *PinManager) AddHost(host string) error

func (*PinManager) AddPins ¶ added in v1.6.0

func (p *PinManager) AddPins(host string, pins []string)

func (*PinManager) Clear ¶ added in v1.7.3

func (p *PinManager) Clear(host string)

func (*PinManager) GetHost ¶ added in v1.7.3

func (p *PinManager) GetHost(host string) *PinHost

GetHost retrieves the PinHost associated with a specific host. This is useful for checking if a host has any pinned certificates and for verifying certificates against the pins.

type ProxyDialer ¶ added in v1.10.4

type ProxyDialer interface {
	Dial(userAgent, network, address string) (net.Conn, error)
	DialContext(ctx context.Context, userAgent, network, address string) (net.Conn, error)
}

ProxyDialer interface for both single and chain proxy dialers

type Request ¶

type Request struct {
	HttpRequest *http.Request
	Response    *Response

	// HTTP method, e.g., GET, POST.
	Method string

	Url string

	Body any

	PHeader        PHeader
	OrderedHeaders OrderedHeaders

	// Headers for the request. Deprecated: Use OrderedHeaders instead.
	Header http.Header
	// Order of headers for the request.
	HeaderOrder HeaderOrder

	// If true, redirects won't be followed.
	DisableRedirects bool
	// Maximum number of redirects to follow.
	MaxRedirects uint
	// If true, cookies won't be included in the request.
	NoCookie bool
	// Maximum time to wait for request to complete.
	TimeOut time.Duration
	// Indicates if the current request is a result of a redirection.
	IsRedirected bool
	// If true, server's certificate is not verified.
	InsecureSkipVerify bool

	// If true, the body of the response is not read.
	// The response body can be read from Response.RawBody and
	// you will have to close using Response.CloseBody manually.
	IgnoreBody bool
	Proto      string

	ForceHTTP1 bool
	ForceHTTP3 bool

	// Length of content in the request.
	ContentLength int64
	// contains filtered or unexported fields
}

Request represents the details and configuration for an individual HTTP(S) request. It encompasses URL, headers, method, body, proxy settings, timeouts, and other configurations necessary for customizing the request and its execution.

func (*Request) CloseBody ¶

func (r *Request) CloseBody()

func (*Request) Context ¶ added in v1.4.2

func (r *Request) Context() context.Context

Context returns the context for the request.

func (*Request) SetContext ¶

func (r *Request) SetContext(ctx context.Context)

SetContext sets the context for the request.

func (*Request) ToDumpString ¶ added in v1.12.7

func (r *Request) ToDumpString() string

type Response ¶

type Response struct {
	// HTTP status code, e.g., 200, 404.
	StatusCode int

	// HTTP status message, e.g., "OK", "Not Found".
	Status string

	// Byte representation of the response body.
	Body []byte
	// Raw body stream.
	RawBody io.ReadCloser
	// Response headers.
	Header http.Header
	// Parsed cookies from the response.
	Cookies map[string]string
	// URL from which the response was received.
	Url string
	// Indicates if the body of the response was ignored.
	IgnoreBody bool

	// The underlying HTTP response.
	HttpResponse *http.Response
	// Reference to the associated request.
	Request *Request
	// Length of content in the response.
	ContentLength int64

	Session *Session
	// contains filtered or unexported fields
}

Response encapsulates the received data and metadata from an HTTP(S) request. This includes status code, body, headers, cookies, associated request details, TLS connection state, etc.

func (*Response) CloseBody ¶

func (r *Response) CloseBody() error

func (*Response) JSON ¶ added in v1.2.1

func (r *Response) JSON(v any) error

func (*Response) MustJSON ¶ added in v1.2.1

func (r *Response) MustJSON(v any)

func (*Response) ReadBody ¶

func (r *Response) ReadBody(in io.ReadCloser, encoding string) (out []byte, err error)

func (*Response) String ¶

func (r *Response) String() string

func (*Response) ToDumpString ¶ added in v1.12.7

func (r *Response) ToDumpString() string

type SOCKS5UDPConn ¶ added in v1.8.0

type SOCKS5UDPConn struct {
	// contains filtered or unexported fields
}

SOCKS5UDPConn wraps a UDP connection through SOCKS5 proxy

func (*SOCKS5UDPConn) Close ¶ added in v1.8.0

func (c *SOCKS5UDPConn) Close() error

Close closes the SOCKS5 UDP connection

func (*SOCKS5UDPConn) LocalAddr ¶ added in v1.8.0

func (c *SOCKS5UDPConn) LocalAddr() net.Addr

LocalAddr returns the local address

func (*SOCKS5UDPConn) Read ¶ added in v1.8.0

func (c *SOCKS5UDPConn) Read(b []byte) (int, error)

Read receives data from the SOCKS5 UDP relay

func (*SOCKS5UDPConn) ReadFrom ¶ added in v1.8.0

func (c *SOCKS5UDPConn) ReadFrom(b []byte) (int, string, error)

ReadFrom receives data and source address from the SOCKS5 UDP relay

func (*SOCKS5UDPConn) RemoteAddr ¶ added in v1.8.0

func (c *SOCKS5UDPConn) RemoteAddr() net.Addr

RemoteAddr returns the remote address

func (*SOCKS5UDPConn) SetDeadline ¶ added in v1.8.0

func (c *SOCKS5UDPConn) SetDeadline(t time.Time) error

SetDeadline sets read and write deadlines

func (*SOCKS5UDPConn) SetReadDeadline ¶ added in v1.8.0

func (c *SOCKS5UDPConn) SetReadDeadline(t time.Time) error

SetReadDeadline sets read deadline

func (*SOCKS5UDPConn) SetWriteDeadline ¶ added in v1.8.0

func (c *SOCKS5UDPConn) SetWriteDeadline(t time.Time) error

SetWriteDeadline sets write deadline

func (*SOCKS5UDPConn) Write ¶ added in v1.8.0

func (c *SOCKS5UDPConn) Write(b []byte) (int, error)

Write sends data through the SOCKS5 UDP relay

func (*SOCKS5UDPConn) WriteTo ¶ added in v1.8.0

func (c *SOCKS5UDPConn) WriteTo(b []byte, addr string) (int, error)

WriteTo sends data to a specific address through the SOCKS5 UDP relay

type SOCKS5UDPDialer ¶ added in v1.8.0

type SOCKS5UDPDialer struct {
	// SOCKS5 proxy address
	ProxyAddr string

	// Authentication
	Username string
	Password string

	// Dialer for control connection
	Dialer net.Dialer
	// contains filtered or unexported fields
}

SOCKS5UDPDialer handles SOCKS5 UDP ASSOCIATE for QUIC

func NewSOCKS5UDPDialer ¶ added in v1.8.0

func NewSOCKS5UDPDialer(proxyAddr, username, password string) *SOCKS5UDPDialer

NewSOCKS5UDPDialer creates a new SOCKS5 UDP dialer

func (*SOCKS5UDPDialer) DialUDP ¶ added in v1.8.0

func (d *SOCKS5UDPDialer) DialUDP(ctx context.Context, network string, remoteAddr string) (*SOCKS5UDPConn, error)

DialUDP establishes a UDP connection through SOCKS5 proxy

type Session ¶

type Session struct {
	PHeader        PHeader
	OrderedHeaders OrderedHeaders

	// Default headers for all requests. Deprecated: Use OrderedHeaders instead.
	Header http.Header
	// Order of headers for all requests.
	HeaderOrder HeaderOrder

	// Stores cookies across session requests.
	CookieJar http.CookieJar

	// Name or identifier of the browser used in the session.
	Browser string

	Transport      *http.Transport
	HTTP2Transport *http2.Transport
	HTTP3Config    *HTTP3Config

	// Function to provide custom TLS handshake details.
	GetClientHelloSpec func() *tls.ClientHelloSpec

	// Function to provide custom TLS handshake details for HTTP/3 connections.
	GetClientHelloSpecHTTP3 func() *tls.ClientHelloSpec

	// Proxy address.
	Proxy string
	// If true, use HTTP2 for proxy connections.
	H2Proxy bool
	// Updated to use ProxyDialer interface for both single and chain proxies
	ProxyDialer *proxyDialer

	// If true, print detailed logs or debugging information. Deprecated: Use Dump instead.
	Verbose bool
	// Path for logging verbose information. Deprecated: Use Log instead.
	VerbosePath string
	// List of hosts to ignore when logging verbose info. Deprecated: Use Log instead.
	VerboseIgnoreHost []string
	// Custom function to handle verbose logging. Deprecated: Use Log instead.
	VerboseFunc func(request *Request, response *Response, err error)

	// Maximum number of redirects to follow.
	MaxRedirects uint

	// Maximum time to wait for request to complete.
	TimeOut time.Duration

	// Deprecated, use PreHookWithContext instead.
	PreHook func(request *Request) error
	// Function called before sending a request.
	PreHookWithContext func(ctx *Context) error

	// Deprecated, use CallbackWithContext instead.
	Callback func(request *Request, response *Response, err error)

	// Function called after receiving a response.
	CallbackWithContext func(ctx *Context)

	// Function to modify the dialer used for establishing connections.
	ModifyDialer func(dialer *net.Dialer) error

	// Custom dial function for establishing connections.
	Dial func(ctx context.Context, network, addr string) (net.Conn, error)

	// Function to modify the TLS configuration before establishing a connection.
	ModifyConfig func(config *tls.Config) error

	// CheckRedirect specifies the policy for handling redirects.
	// If CheckRedirect is not nil, the client calls it before
	// following an HTTP redirect. The arguments req and via are
	// the upcoming request and the requests made already, oldest
	// first. If CheckRedirect returns an error, the Session's Get
	// method returns both the previous Response (with its Body
	// closed) and CheckRedirect's error (wrapped in an url.Error)
	// instead of issuing the Request req.
	// As a special case, if CheckRedirect returns ErrUseLastResponse,
	// then the most recent response is returned, along with a nil error.
	//
	// If CheckRedirect is nil, the Session uses its default policy,
	// which is to stop after 10 consecutive requests.
	CheckRedirect func(req *Request, reqs []*Request) error

	// Deprecated: This field is ignored as pin verification is always true.
	// To disable pin verification, use InsecureSkipVerify.
	VerifyPins bool

	// PinManager is used to manage and verify TLS pins.
	// By default, DefaultPinManager is used: it is a singleton and is shared across all sessions.
	// You can create a new PinManager using NewPinManager() and set it here to have a specific pin manager for this Session.
	PinManager *PinManager

	// If true, server's certificate is not verified (insecure: this may facilitate attack from middleman).
	InsecureSkipVerify bool

	// If true, automatic decompression of response bodies is disabled.
	// When disabled, compressed responses (gzip, deflate, brotli, zstd) are returned as-is.
	DisableAutoDecompression bool

	// Headers for User-Agent and Sec-Ch-Ua, respectively.
	UserAgent string

	// HeaderPriority specifies the priority of the request's headers.
	// As this information is not included in the Akamai fingerprint, you may have to specify it manually.
	// Note that you can also specify the browser in the session so that this is done automatically.
	HeaderPriority *http2.PriorityParam

	// ProxyHeader defines the headers used for the CONNECT method to the proxy,
	// you may define the order with the http.HeaderOrderKey
	ProxyHeader http.Header
	// contains filtered or unexported fields
}

Session represents the core structure for managing and conducting HTTP(S) sessions. It holds configuration settings, headers, cookie storage, connection pool, and other attributes necessary to perform and customize requests.

func NewSession ¶

func NewSession() *Session

NewSession creates a new session It is a shortcut for NewSessionWithContext(context.Background())

Example ¶

session := azuretls.NewSession()

resp, err := session.Get("https://www.google.com")

if err != nil {
	panic(err)
}

fmt.Println(resp.StatusCode)

Output:

200

func NewSessionWithContext ¶

func NewSessionWithContext(ctx context.Context) *Session

NewSessionWithContext creates a new session with context It is recommended to use this function to create a new session instead of creating a new Session struct

func (*Session) AddPins ¶ added in v1.1.0

func (s *Session) AddPins(u *url.URL, pins []string) error

AddPins associates a set of certificate pins with a given URL within a session. This allows for URL-specific pinning, useful in scenarios where different services (URLs) are trusted with different certificates.

func (*Session) ApplyHTTP2 ¶

func (s *Session) ApplyHTTP2(fp string) error

ApplyHTTP2 applies HTTP2 settings to the session from a fingerprint. The fingerprint is in the format:

<SETTINGS>|<WINDOW_UPDATE>|<PRIORITY>|<PSEUDO_HEADER>

egs :

1:65536,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p

Any 0 value will be ignored.

Example ¶

session := azuretls.NewSession()

preset := "1:65536;2:0;3:1000;4:6291456;6:262144|15663105|0|m,s,a,p"

if err := session.ApplyHTTP2(preset); err != nil {
	panic(err)
}

resp, err := session.Get("https://tls.peet.ws/api/all")

if err != nil {
	panic(err)
}

fmt.Println(strings.Contains(resp.String(), preset))

Output:

true

func (*Session) ApplyHTTP3 ¶ added in v1.9.0

func (s *Session) ApplyHTTP3(fp string) error

ApplyHTTP3 applies HTTP3 settings to the session from a fingerprint. The fingerprint is in the format:

<SETTINGS>|<PSEUDO_HEADER>

egs :

1:65536;6:262144;7:100;51:1;GREASE|m,a,s,p

Any 0 value will be ignored.

Example ¶

session := azuretls.NewSession()

http3 := "1:16383;7:100;GREASE|m,s,a,p"

if err := session.ApplyHTTP3(http3); err != nil {
	panic(err)
}

resp, err := session.Do(&azuretls.Request{
	Method:     http.MethodGet,
	Url:        "https://tls.peet.ws/api/all",
	ForceHTTP3: true,
})

if err != nil {
	panic(err)
}

fmt.Println(strings.Contains(resp.String(), http3))

Output:

true

func (*Session) ApplyJa3 ¶

func (s *Session) ApplyJa3(ja3, navigator string) error

ApplyJa3 applies JA3 settings to the session from a fingerprint. JA3 is a method for creating fingerprints from SSL/TLS client hellos, which can be used for client identification or detection. The fingerprint is constructed from an MD5 hash of string representations of various handshake parameters, specifically:

<SSL Version>|<Accepted Ciphers>|<List of Extensions>|<Elliptic Curves>|<Elliptic Curve Formats>

e.g.,

769,4865-4866-4867-49196-49195-52393-49200-49199-49172...|0-5-10-11-...|23-24-25|0

This string is then MD5-hashed to produce a 32-character representation, which is the JA3 fingerprint.

Any absent field in the client hello will raise an error.

Example ¶

session := azuretls.NewSession()

ja3 := "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0"

if err := session.ApplyJa3(ja3, azuretls.Chrome); err != nil {
	panic(err)
}

resp, err := session.Get("https://tls.peet.ws/api/all")

if err != nil {
	panic(err)
}

fmt.Println(strings.Contains(resp.String(), ja3))

Output:

true

func (*Session) ApplyJa3WithSpecifications ¶

func (s *Session) ApplyJa3WithSpecifications(ja3 string, specifications *TlsSpecifications, navigator string) error

ApplyJa3WithSpecifications applies JA3 settings to the session from a fingerprint. JA3 is a method for creating fingerprints from SSL/TLS client hellos, which can be used for client identification or detection. The fingerprint is constructed from an MD5 hash of string representations of various handshake parameters, specifically:

<SSL Version>|<Accepted Ciphers>|<List of Extensions>|<Elliptic Curves>|<Elliptic Curve Formats>

e.g.,

769,4865-4866-4867-49196-49195-52393-49200-49199-49172...|0-5-10-11-...|23-24-25|0

This string is then MD5-hashed to produce a 32-character representation, which is the JA3 fingerprint.

Any absent field in the client hello will raise an error.

func (*Session) ClearPins ¶ added in v1.1.0

func (s *Session) ClearPins(u *url.URL) error

ClearPins removes all pinned certificates associated with a specific URL in the session. This can be used to reset trust settings or in scenarios where a service's certificate is no longer deemed trustworthy.

func (*Session) ClearProxy ¶ added in v1.2.3

func (s *Session) ClearProxy()

ClearProxy removes the proxy from the session (updated to handle unified dialer)

func (*Session) ClearProxyChain ¶ added in v1.10.4

func (s *Session) ClearProxyChain()

ClearProxyChain removes the proxy chain from the session (alias for ClearProxy)

func (*Session) Close ¶

func (s *Session) Close()

Close closes the session and all its connections. It is recommended to call this function when the session is no longer needed.

After calling this function, the session is no longer usable.

func (*Session) Connect ¶ added in v1.2.3

func (s *Session) Connect(u string) error

Connect initiates a connection to the specified URL

func (*Session) Context ¶ added in v1.4.2

func (s *Session) Context() context.Context

func (*Session) Delete ¶ added in v1.1.0

func (s *Session) Delete(url string, args ...any) (*Response, error)

Delete provides shortcut for sending DELETE request

func (*Session) DisableDump ¶ added in v1.2.9

func (s *Session) DisableDump()

DisableDump will disable requests and responses dumping

func (*Session) DisableHTTP3 ¶ added in v1.8.0

func (s *Session) DisableHTTP3()

DisableHTTP3 disables HTTP/3 support

func (*Session) DisableLog ¶ added in v1.2.9

func (s *Session) DisableLog()

DisableLog will disable request and response logging

func (*Session) Do ¶

func (s *Session) Do(request *Request, args ...any) (*Response, error)

Do sends a request and returns a response

func (*Session) Dump ¶ added in v1.2.9

func (s *Session) Dump(dir string, uris ...string) error

Dump will activate requests and responses dumping to the specified directory

dir is the directory to save the logs

ignore (optional) is a list of uri to ignore, if ignore is empty, all uri will be logged

Example ¶

session := azuretls.NewSession()

_ = session.Dump("./logs", "*.httpbin.org")

_, _ = session.Get("https://www.google.com", azuretls.OrderedHeaders{
	{"User-Agent", "Mozilla/5.0"},
	{"Accept", "text/html"},
})

_, _ = session.Get("https://httpbin.org/get")

time.Sleep(1 * time.Second)

f, _ := os.ReadDir("./logs")

fmt.Println(len(f))

Output:

1

func (*Session) DumpAndLog ¶ added in v1.2.9

func (s *Session) DumpAndLog(dir string, uris ...string) error

DumpAndLog will activate requests and responses dumping to the specified directory and log the requests and responses

func (*Session) DumpIgnore ¶ added in v1.2.9

func (s *Session) DumpIgnore(uri string) bool

DumpIgnore will check if the given uri is ignored from dumping

Example ¶

session := azuretls.NewSession()

if err := session.Dump("./logs", "*.google.com"); err != nil {
	panic(err)
}

fmt.Println(session.DumpIgnore("https://www.google.com"))
fmt.Println(session.DumpIgnore("https://google.com/search"))
fmt.Println(session.DumpIgnore("https://www.google.com/search"))

if err := session.Dump("./logs", "/get"); err != nil {
	panic(err)
}

fmt.Println(session.DumpIgnore("https://www.google.com"))
fmt.Println(session.DumpIgnore("https://google.com/search"))
fmt.Println(session.DumpIgnore("https://www.google.com/get/the/thing"))

Output:

true
true
true
false
false
true

func (*Session) DumpRequestResponsePair ¶ added in v1.12.7

func (s *Session) DumpRequestResponsePair(request *Request, response *Response, err error, targetFile string) error

func (*Session) EnableDump ¶ added in v1.2.9

func (s *Session) EnableDump()

EnableDump will enable requests and responses dumping

func (*Session) EnableHTTP3 ¶ added in v1.8.0

func (s *Session) EnableHTTP3() error

EnableHTTP3 enables HTTP/3 support for the session

func (*Session) EnableLog ¶ added in v1.2.9

func (s *Session) EnableLog()

EnableLog will enable request and response logging

func (*Session) EnableVerbose deprecated

func (s *Session) EnableVerbose(path string, ignoreHost []string) error

EnableVerbose enables verbose logging

Deprecated: use Dump instead

func (*Session) Get ¶

func (s *Session) Get(url string, args ...any) (*Response, error)

Get provides shortcut for sending GET request

Example ¶

session := azuretls.NewSession()

resp, err := session.Get("https://www.google.com")

if err != nil {
	panic(err)
}

fmt.Println(resp.StatusCode)

Output:

200

func (*Session) GetBrowserHTTP3ClientHelloFunc ¶ added in v1.12.6

func (s *Session) GetBrowserHTTP3ClientHelloFunc(browser string) func() *tls.ClientHelloSpec

func (*Session) GetProxyChain ¶ added in v1.10.4

func (s *Session) GetProxyChain() []*url.URL

GetProxyChain returns the current proxy chain URLs

func (*Session) Head ¶ added in v1.1.0

func (s *Session) Head(url string, args ...any) (*Response, error)

Head provides shortcut for sending HEAD request

func (*Session) Ip ¶

func (s *Session) Ip() (ip string, err error)

Ip returns the public IP address of the session

func (*Session) IsChainProxy ¶ added in v1.10.4

func (s *Session) IsChainProxy() bool

IsChainProxy returns true if the session is using a proxy chain

func (*Session) Log ¶ added in v1.2.9

func (s *Session) Log(uris ...string)

Log will print the request and response to the console

uris (optional) is a list of uris to ignore, if ignore is empty, all uris will be logged

Example ¶

session := azuretls.NewSession()

session.Log("/any/path/to/ignore", "can.ignore.this", "*.all.subdomains")

_, _ = session.Get("https://www.google.com")
_, _ = session.Get("https://www.google.com/any/path/to/ignore")

func (*Session) LogIgnore ¶ added in v1.4.14

func (s *Session) LogIgnore(uri string) bool

LogIgnore will check if the given uri is ignored from dumping

func (*Session) NewHTTP3Transport ¶ added in v1.8.0

func (s *Session) NewHTTP3Transport() (*HTTP3Transport, error)

NewHTTP3Transport creates a new HTTP/3 transport

func (*Session) NewWebsocket ¶ added in v1.2.1

func (s *Session) NewWebsocket(url string, readBufferSize, writeBufferSize int, args ...any) (*Websocket, error)

NewWebsocket returns a new websocket connection.

func (*Session) NewWebsocketWithContext ¶ added in v1.2.1

func (s *Session) NewWebsocketWithContext(ctx context.Context, url string, readBufferSize, writeBufferSize int, args ...any) (*Websocket, error)

NewWebsocketWithContext returns a new websocket connection with a context.

func (*Session) Options ¶ added in v1.1.0

func (s *Session) Options(url string, args ...any) (*Response, error)

Options provides shortcut for sending OPTIONS request

func (*Session) Patch ¶ added in v1.1.0

func (s *Session) Patch(url string, data any, args ...any) (*Response, error)

Patch provides shortcut for sending PATCH request

func (*Session) Post ¶

func (s *Session) Post(url string, data any, args ...any) (*Response, error)

Post provides shortcut for sending POST request

Example ¶

session := azuretls.NewSession()

resp, err := session.Post("https://httpbin.org/post", `post me`)

if err != nil {
	panic(err)
}

fmt.Println(resp.StatusCode)
fmt.Println(bytes.Contains(resp.Body, []byte("post me")))

Output:

200
true

func (*Session) Put ¶

func (s *Session) Put(url string, data any, args ...any) (*Response, error)

Put provides shortcut for sending PUT request

func (*Session) SetContext ¶ added in v1.1.0

func (s *Session) SetContext(ctx context.Context)

SetContext sets the given context for the session

func (*Session) SetProxy ¶

func (s *Session) SetProxy(proxy string) error

SetProxy sets a single proxy for the session (original functionality)

Example ¶

session := azuretls.NewSession()

err := session.SetProxy("http://username:password@proxy:8080")

if err != nil {
	panic(err)
}

fmt.Println(session.Proxy)

Output:

http://username:password@proxy:8080

func (*Session) SetProxyChain ¶ added in v1.10.4

func (s *Session) SetProxyChain(proxies []string) error

SetProxyChain sets up a chain of proxies for the session

func (*Session) SetTimeout ¶

func (s *Session) SetTimeout(timeout time.Duration)

SetTimeout sets timeout for the session

type TlsSpecifications ¶

type TlsSpecifications struct {
	AlpnProtocols                           []string
	SignatureAlgorithms                     []tls.SignatureScheme
	SupportedVersions                       []uint16
	CertCompressionAlgos                    []tls.CertCompressionAlgo
	DelegatedCredentialsAlgorithmSignatures []tls.SignatureScheme
	PSKKeyExchangeModes                     []uint8
	SignatureAlgorithmsCert                 []tls.SignatureScheme
	ApplicationSettingsProtocols            []string
	RenegotiationSupport                    tls.RenegotiationSupport
	RecordSizeLimit                         uint16
}

TlsSpecifications struct contains various fields representing TLS handshake settings.

func DefaultTlsSpecifications ¶

func DefaultTlsSpecifications(navigator string) *TlsSpecifications

type Websocket ¶ added in v1.2.1

type Websocket struct {
	Url     string
	Headers http.Header

	Request  *Request
	Response *http.Response

	*websocket.Conn
	// contains filtered or unexported fields
}

Directories ¶

Path	Synopsis
cffi
examples
headers command
http2 command
http3 command
ja3 command
proxy command
test
utils