Skip to main content

Advanced HTTP client with low-level TLS and browser fingerprint spoofing based on Go tls-client FFI

Project description

🌌 Horaa TLS

State-of-the-art in-process browser fingerprint emulation and HTTP client for Python.

horaa-tls is a high-performance HTTP client designed to spoof browser TLS and HTTP/2 characteristics. By interfacing directly with a precompiled Go-based BoringSSL networking backend via a ctypes FFI wrapper, it maintains a footprint indistinguishable from a real web browser to evade fingerprint-based anti-bot detection.


⚙️ Installation

Install horaa-tls directly from PyPI:

pip install horaa-tls

🛡️ Capabilities & Limitations

  • What it DOES bypass: Bypasses passive fingerprinting blocks (such as JA3/JA4 TLS signatures, HTTP/2 frames configuration, and User-Agent/Client Hint alignment) enforced by Cloudflare, Akamai, Imperva, and DataDome.
  • What it DOES NOT bypass: As a socket-level HTTP client, it does not run a browser engine or execute JavaScript. It cannot automatically solve interactive browser challenges (like Cloudflare Turnstile checkboxes or JS challenge walls). To access pages protected by active challenges, you must solve them using browser automation (or a solver) and pass the resulting session cookies/tokens to the client.

💡 Why Horaa TLS?

  • Zero External Dependencies: Automatically detects your OS and architecture, downloads the matching precompiled Go libraries, and initializes everything dynamically without requiring third-party pip dependencies.
  • Cryptographic Emulation: Leverages preset browser profiles (Chrome 133, Firefox 133, etc.) to negotiate matching TLS extensions, cipher suites, key share curves, and HTTP/2 settings.
  • Aligned User-Agents & Client Hints: Keeps HTTP/2 Client Hints (Sec-Ch-Ua, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Platform) perfectly aligned with the selected browser TLS version to prevent anti-bot detection signals.
  • Decoupled Middleware Hooks: Register asynchronous or synchronous middleware layers (such as rotators and retries) directly in the request-response cycle.

🚀 Quick Start (The One-Minute Tour)

Initialize a session mimicking a Chrome 133 browser:

from horaa_tls import Session, ClientProfile

# Create a stateful, browser-emulating session
session = Session(profile=ClientProfile.CHROME_133)

try:
    # Perform a request (headers, JA3/JA4, and Client Hints are automatically injected)
    response = session.get("https://httpbingo.org/get")
    print(f"Status Code: {response.status_code}")
    print(response.json())
finally:
    # Always close the session to release low-level FFI memory allocations
    session.close()

🛠️ Core Concepts & Advanced Guide

🧬 Aligned Browser Profiles

horaa-tls currently offers pre-configured emulation profiles:

  • Chrome Series: chrome_103, chrome_110, chrome_120, chrome_133
  • Firefox Series: firefox_117, firefox_123, firefox_133
  • Safari Series: safari_16_0, safari_ios_17_0
  • Opera Series: opera_90

🏗️ Stateful Middleware Pipeline

You can easily intercept, modify, or retry requests using the built-in middleware engine. Registering rotators or exponential backoffs is straightforward:

from horaa_tls import Session, ClientProfile
from horaa_tls.middleware.proxy import ProxyRotatorMiddleware
from horaa_tls.middleware.retry import RetryMiddleware

session = Session(profile=ClientProfile.CHROME_133)

# 1. State-aware proxy rotator with failover recovery
proxies = ["http://proxy1.example.com:8080", "http://proxy2.example.com:8080"]
session.middleware_pipeline.register(
    ProxyRotatorMiddleware(proxies=proxies, mode="failover", max_failovers=3)
)

# 2. Exponential backoff retry handler for transport/network drops
session.middleware_pipeline.register(
    RetryMiddleware(max_retries=3, backoff_factor=2.0, status_forcelist=[500, 502, 503, 504])
)

# Request executes automatically through the middleware pipeline
res = session.get("https://httpbingo.org/get")
session.close()

📦 Session Snapshots (Persistence)

Export and restore session states (cookies, custom headers, active proxies, and middleware indicators) to distribute scraper instances across servers or queues:

# Save current state
session_state_json = session.to_json()

# Recreate an identical session in a different worker/process
restored_session = Session.from_json(session_state_json)

🍪 Direct FFI Cookie Management

Interact directly with the Go-layer cookie jar for fine-grained token/session management:

# Read active cookies stored in the Go memory layer
cookies = session.get_cookies_from_backend("https://example.com")

# Inject cookies directly into the Go-layer FFI engine
session.add_cookies_to_backend("https://example.com", [
    {"name": "session_token", "value": "token_value", "domain": ".example.com", "path": "/"}
])

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

horaa_tls-0.1.3.tar.gz (20.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

horaa_tls-0.1.3-py3-none-any.whl (22.9 kB view details)

Uploaded Python 3

File details

Details for the file horaa_tls-0.1.3.tar.gz.

File metadata

  • Download URL: horaa_tls-0.1.3.tar.gz
  • Upload date:
  • Size: 20.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.0

File hashes

Hashes for horaa_tls-0.1.3.tar.gz
Algorithm Hash digest
SHA256 977752c0bfb8f3ab14dee28e4dd6685f34d916de263fde7595edb1f28edbf400
MD5 0f67ba1e56f203beec83fc32532895ed
BLAKE2b-256 ee0bda1c1811455836a7b6494ad40172a1921b2bee1c1189875158de81593bfd

See more details on using hashes here.

File details

Details for the file horaa_tls-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: horaa_tls-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 22.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.0

File hashes

Hashes for horaa_tls-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 ce0bbc9ccf7333450693138ff92e7cc1f53a6881b1323cc923d33c70690e800b
MD5 04733db94a1570c752342e935d732bee
BLAKE2b-256 ff60b95827cfa22a3f08ea2dca347c28cc7e9dc919e0fe1f5dfe6f8d65cab66c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page