Advanced HTTP client with low-level TLS and browser fingerprint spoofing based on Go tls-client FFI
Project description
🌌 Horaa TLS
State-of-the-art in-process browser fingerprint emulation and HTTP client for Python.
horaa-tls is a high-performance HTTP client designed to spoof browser TLS and HTTP/2 characteristics. By interfacing directly with a precompiled Go-based BoringSSL networking backend via a ctypes FFI wrapper, it maintains a footprint indistinguishable from a real web browser to evade fingerprint-based anti-bot detection.
⚙️ Installation
Install horaa-tls directly from PyPI:
pip install horaa-tls
🛡️ Capabilities & Limitations
- What it DOES bypass: Bypasses passive fingerprinting blocks (such as JA3/JA4 TLS signatures, HTTP/2 frames configuration, and User-Agent/Client Hint alignment) enforced by Cloudflare, Akamai, Imperva, and DataDome.
- What it DOES NOT bypass: As a socket-level HTTP client, it does not run a browser engine or execute JavaScript. It cannot automatically solve interactive browser challenges (like Cloudflare Turnstile checkboxes or JS challenge walls). To access pages protected by active challenges, you must solve them using browser automation (or a solver) and pass the resulting session cookies/tokens to the client.
💡 Why Horaa TLS?
- Zero External Dependencies: Automatically detects your OS and architecture, downloads the matching precompiled Go libraries, and initializes everything dynamically without requiring third-party pip dependencies.
- Cryptographic Emulation: Leverages preset browser profiles (Chrome 133, Firefox 133, etc.) to negotiate matching TLS extensions, cipher suites, key share curves, and HTTP/2 settings.
- Aligned User-Agents & Client Hints: Keeps HTTP/2 Client Hints (
Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Platform) perfectly aligned with the selected browser TLS version to prevent anti-bot detection signals. - Decoupled Middleware Hooks: Register asynchronous or synchronous middleware layers (such as rotators and retries) directly in the request-response cycle.
🚀 Quick Start (The One-Minute Tour)
Initialize a session mimicking a Chrome 133 browser:
from horaa_tls import Session, ClientProfile
# Create a stateful, browser-emulating session
session = Session(profile=ClientProfile.CHROME_133)
try:
# Perform a request (headers, JA3/JA4, and Client Hints are automatically injected)
response = session.get("https://httpbingo.org/get")
print(f"Status Code: {response.status_code}")
print(response.json())
finally:
# Always close the session to release low-level FFI memory allocations
session.close()
🛠️ Core Concepts & Advanced Guide
🧬 Aligned Browser Profiles
horaa-tls currently offers pre-configured emulation profiles:
- Chrome Series:
chrome_103,chrome_110,chrome_120,chrome_133 - Firefox Series:
firefox_117,firefox_123,firefox_133 - Safari Series:
safari_16_0,safari_ios_17_0 - Opera Series:
opera_90
🏗️ Stateful Middleware Pipeline
You can easily intercept, modify, or retry requests using the built-in middleware engine. Registering rotators or exponential backoffs is straightforward:
from horaa_tls import Session, ClientProfile
from horaa_tls.middleware.proxy import ProxyRotatorMiddleware
from horaa_tls.middleware.retry import RetryMiddleware
session = Session(profile=ClientProfile.CHROME_133)
# 1. State-aware proxy rotator with failover recovery
proxies = ["http://proxy1.example.com:8080", "http://proxy2.example.com:8080"]
session.middleware_pipeline.register(
ProxyRotatorMiddleware(proxies=proxies, mode="failover", max_failovers=3)
)
# 2. Exponential backoff retry handler for transport/network drops
session.middleware_pipeline.register(
RetryMiddleware(max_retries=3, backoff_factor=2.0, status_forcelist=[500, 502, 503, 504])
)
# Request executes automatically through the middleware pipeline
res = session.get("https://httpbingo.org/get")
session.close()
📦 Session Snapshots (Persistence)
Export and restore session states (cookies, custom headers, active proxies, and middleware indicators) to distribute scraper instances across servers or queues:
# Save current state
session_state_json = session.to_json()
# Recreate an identical session in a different worker/process
restored_session = Session.from_json(session_state_json)
🍪 Direct FFI Cookie Management
Interact directly with the Go-layer cookie jar for fine-grained token/session management:
# Read active cookies stored in the Go memory layer
cookies = session.get_cookies_from_backend("https://example.com")
# Inject cookies directly into the Go-layer FFI engine
session.add_cookies_to_backend("https://example.com", [
{"name": "session_token", "value": "token_value", "domain": ".example.com", "path": "/"}
])
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file horaa_tls-0.1.3.tar.gz.
File metadata
- Download URL: horaa_tls-0.1.3.tar.gz
- Upload date:
- Size: 20.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
977752c0bfb8f3ab14dee28e4dd6685f34d916de263fde7595edb1f28edbf400
|
|
| MD5 |
0f67ba1e56f203beec83fc32532895ed
|
|
| BLAKE2b-256 |
ee0bda1c1811455836a7b6494ad40172a1921b2bee1c1189875158de81593bfd
|
File details
Details for the file horaa_tls-0.1.3-py3-none-any.whl.
File metadata
- Download URL: horaa_tls-0.1.3-py3-none-any.whl
- Upload date:
- Size: 22.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ce0bbc9ccf7333450693138ff92e7cc1f53a6881b1323cc923d33c70690e800b
|
|
| MD5 |
04733db94a1570c752342e935d732bee
|
|
| BLAKE2b-256 |
ff60b95827cfa22a3f08ea2dca347c28cc7e9dc919e0fe1f5dfe6f8d65cab66c
|