├── .github
    ├── FUNDING.yml
    ├── ISSUE_TEMPLATE
    │   ├── bug_report.md
    │   └── feature_request.md
    ├── dependabot.yml
    └── workflows
    │   └── push.yml
├── .gitignore
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── connection.go
├── cookies.go
├── dump.go
├── example
    ├── headers
    │   └── headers.go
    ├── http2
    │   └── http2.go
    ├── ja3
    │   └── ja3.go
    └── proxy
    │   └── proxy.go
├── example_test.go
├── go.mod
├── go.sum
├── header.go
├── http2.go
├── http3.go
├── ja3.go
├── logger.go
├── pinner.go
├── presets.go
├── profiles.go
├── proxy.go
├── quic_dialer.go
├── redirect.go
├── request.go
├── response.go
├── sesion_http3.go
├── session.go
├── socks5_udp.go
├── structs.go
├── test
    ├── compression_test.go
    ├── connection_test.go
    ├── cookies_test.go
    ├── header_test.go
    ├── http2_test.go
    ├── http3_test.go
    ├── ja3_test.go
    ├── pinner_test.go
    ├── proxy_test.go
    ├── redirect_test.go
    ├── request_test.go
    ├── response_test.go
    ├── session_test.go
    ├── utils_test.go
    ├── verbose_test.go
    └── websocket_test.go
├── transport.go
├── utils.go
└── websocket.go


/.github/FUNDING.yml:
--------------------------------------------------------------------------------
1 | buy_me_a_coffee: noste
2 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Bug report
 3 | about: Create a report to help us improve
 4 | title: ''
 5 | labels: ''
 6 | assignees: ''
 7 | 
 8 | ---
 9 | 
10 | **Describe the bug**
11 | A clear and concise description of what the bug is.
12 | 
13 | **To Reproduce**
14 | Steps to reproduce the behavior:
15 | 
16 | 
17 | **Expected behavior**
18 | A clear and concise description of what you expected to happen.
19 | 
20 | **Screenshots**
21 | If applicable, add screenshots to help explain your problem.
22 | 
23 | 
24 | **Desktop (please complete the following information):**
25 |  - OS: [e.g. iOS]
26 |  - Browser [e.g. chrome, safari]
27 |  - Version [e.g. 22]
28 | 
29 | **Additional context**
30 | Add any other context about the problem here.
31 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Feature request
 3 | about: Suggest an idea for this project
 4 | title: ''
 5 | labels: ''
 6 | assignees: ''
 7 | 
 8 | ---
 9 | 
10 | **Is your feature request related to a problem? Please describe.**
11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
12 | 
13 | **Describe the solution you'd like**
14 | A clear and concise description of what you want to happen.
15 | 
16 | **Describe alternatives you've considered**
17 | A clear and concise description of any alternative solutions or features you've considered.
18 | 
19 | **Additional context**
20 | Add any other context or screenshots about the feature request here.
21 | 


--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | version: 2
 2 | updates:
 3 | - package-ecosystem: gomod
 4 |   directory: /
 5 |   schedule:
 6 |     interval: weekly
 7 | - package-ecosystem: github-actions
 8 |   directory: /
 9 |   schedule:
10 |     interval: weekly
11 | 


--------------------------------------------------------------------------------
/.github/workflows/push.yml:
--------------------------------------------------------------------------------
 1 | name: build
 2 | 
 3 | on: push
 4 | 
 5 | jobs:
 6 |   build:
 7 |     runs-on: ubuntu-latest
 8 |     steps:
 9 |       - uses: actions/checkout@v4
10 |       - name: Setup Go
11 |         uses: actions/setup-go@v5
12 |         with:
13 |           go-version: '1.24'
14 | 
15 |       - name: Run Tests
16 |         run: |
17 |           go test -v ./test -covermode=count -coverpkg=./... -coverprofile=coverage.txt
18 |         env:
19 |           SECURE_PROXY: ${{ secrets.SECURE_PROXY }}
20 |           NON_SECURE_PROXY: ${{ secrets.NON_SECURE_PROXY }}
21 |           SOCKS5_PROXY: ${{ secrets.SOCKS5_PROXY }}
22 | 
23 |       - name: Upload coverage reports to Codecov
24 |         uses: codecov/codecov-action@v5
25 |         with:
26 |           token: ${{ secrets.CODECOV_TOKEN }}
27 |           slug: Noooste/azuretls-client


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # If you prefer the allow list template instead of the deny list, see community template:
 2 | # https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
 3 | #
 4 | # Binaries for programs and plugins
 5 | *.exe
 6 | *.exe~
 7 | *.dll
 8 | *.so
 9 | *.dylib
10 | 
11 | # Test binary, built with `go test -c`
12 | *.test
13 | 
14 | # Output of the go coverage tool, specifically when used with LiteIDE
15 | *.out
16 | 
17 | # Dependency directories (remove the comment below to include it)
18 | # vendor/
19 | 
20 | # Go workspace file
21 | go.work
22 | 
23 | .idea
24 | .run


--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
  1 | # Contributor Covenant Code of Conduct
  2 | 
  3 | ## Our Pledge
  4 | 
  5 | We as members, contributors, and leaders pledge to make participation in our
  6 | community a harassment-free experience for everyone, regardless of age, body
  7 | size, visible or invisible disability, ethnicity, sex characteristics, gender
  8 | identity and expression, level of experience, education, socio-economic status,
  9 | nationality, personal appearance, race, religion, or sexual identity
 10 | and orientation.
 11 | 
 12 | We pledge to act and interact in ways that contribute to an open, welcoming,
 13 | diverse, inclusive, and healthy community.
 14 | 
 15 | ## Our Standards
 16 | 
 17 | Examples of behavior that contributes to a positive environment for our
 18 | community include:
 19 | 
 20 | * Demonstrating empathy and kindness toward other people
 21 | * Being respectful of differing opinions, viewpoints, and experiences
 22 | * Giving and gracefully accepting constructive feedback
 23 | * Accepting responsibility and apologizing to those affected by our mistakes,
 24 |   and learning from the experience
 25 | * Focusing on what is best not just for us as individuals, but for the
 26 |   overall community
 27 | 
 28 | Examples of unacceptable behavior include:
 29 | 
 30 | * The use of sexualized language or imagery, and sexual attention or
 31 |   advances of any kind
 32 | * Trolling, insulting or derogatory comments, and personal or political attacks
 33 | * Public or private harassment
 34 | * Publishing others' private information, such as a physical or email
 35 |   address, without their explicit permission
 36 | * Other conduct which could reasonably be considered inappropriate in a
 37 |   professional setting
 38 | 
 39 | ## Enforcement Responsibilities
 40 | 
 41 | Community leaders are responsible for clarifying and enforcing our standards of
 42 | acceptable behavior and will take appropriate and fair corrective action in
 43 | response to any behavior that they deem inappropriate, threatening, offensive,
 44 | or harmful.
 45 | 
 46 | Community leaders have the right and responsibility to remove, edit, or reject
 47 | comments, commits, code, wiki edits, issues, and other contributions that are
 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation
 49 | decisions when appropriate.
 50 | 
 51 | ## Scope
 52 | 
 53 | This Code of Conduct applies within all community spaces, and also applies when
 54 | an individual is officially representing the community in public spaces.
 55 | Examples of representing our community include using an official e-mail address,
 56 | posting via an official social media account, or acting as an appointed
 57 | representative at an online or offline event.
 58 | 
 59 | ## Enforcement
 60 | 
 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
 62 | reported to the community leaders responsible for enforcement at
 63 | noste@azureaio.com.
 64 | All complaints will be reviewed and investigated promptly and fairly.
 65 | 
 66 | All community leaders are obligated to respect the privacy and security of the
 67 | reporter of any incident.
 68 | 
 69 | ## Enforcement Guidelines
 70 | 
 71 | Community leaders will follow these Community Impact Guidelines in determining
 72 | the consequences for any action they deem in violation of this Code of Conduct:
 73 | 
 74 | ### 1. Correction
 75 | 
 76 | **Community Impact**: Use of inappropriate language or other behavior deemed
 77 | unprofessional or unwelcome in the community.
 78 | 
 79 | **Consequence**: A private, written warning from community leaders, providing
 80 | clarity around the nature of the violation and an explanation of why the
 81 | behavior was inappropriate. A public apology may be requested.
 82 | 
 83 | ### 2. Warning
 84 | 
 85 | **Community Impact**: A violation through a single incident or series
 86 | of actions.
 87 | 
 88 | **Consequence**: A warning with consequences for continued behavior. No
 89 | interaction with the people involved, including unsolicited interaction with
 90 | those enforcing the Code of Conduct, for a specified period of time. This
 91 | includes avoiding interactions in community spaces as well as external channels
 92 | like social media. Violating these terms may lead to a temporary or
 93 | permanent ban.
 94 | 
 95 | ### 3. Temporary Ban
 96 | 
 97 | **Community Impact**: A serious violation of community standards, including
 98 | sustained inappropriate behavior.
 99 | 
100 | **Consequence**: A temporary ban from any sort of interaction or public
101 | communication with the community for a specified period of time. No public or
102 | private interaction with the people involved, including unsolicited interaction
103 | with those enforcing the Code of Conduct, is allowed during this period.
104 | Violating these terms may lead to a permanent ban.
105 | 
106 | ### 4. Permanent Ban
107 | 
108 | **Community Impact**: Demonstrating a pattern of violation of community
109 | standards, including sustained inappropriate behavior,  harassment of an
110 | individual, or aggression toward or disparagement of classes of individuals.
111 | 
112 | **Consequence**: A permanent ban from any sort of public interaction within
113 | the community.
114 | 
115 | ## Attribution
116 | 
117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage],
118 | version 2.0, available at
119 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
120 | 
121 | Community Impact Guidelines were inspired by [Mozilla's code of conduct
122 | enforcement ladder](https://github.com/mozilla/diversity).
123 | 
124 | [homepage]: https://www.contributor-covenant.org
125 | 
126 | For answers to common questions about this code of conduct, see the FAQ at
127 | https://www.contributor-covenant.org/faq. Translations are available at
128 | https://www.contributor-covenant.org/translations.
129 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
  1 | # Contributing to AzureTLS Client
  2 | 
  3 | First off, thank you for considering contributing to this project! This document provides guidelines and instructions to help you contribute effectively.
  4 | 
  5 | ## Code of Conduct
  6 | 
  7 | By participating in this project, you agree to abide by our [Code of Conduct](CODE_OF_CONDUCT.md).
  8 | 
  9 | ## How Can I Contribute?
 10 | 
 11 | ### Reporting Bugs
 12 | 
 13 | Before submitting a bug report:
 14 | - Check the issue tracker to see if the bug has already been reported
 15 | - Ensure the bug is related to the Go HTTP client and not a dependency
 16 | 
 17 | When submitting a bug report:
 18 | - Use a clear and descriptive title
 19 | - Describe the exact steps to reproduce the bug
 20 | - Provide specific examples (code snippets, configuration files)
 21 | - Include relevant logs and error messages
 22 | - Describe the expected behavior
 23 | - Mention your environment details (Go version, OS, etc.)
 24 | 
 25 | ### Suggesting Enhancements
 26 | 
 27 | When suggesting an enhancement:
 28 | - Use a clear and descriptive title
 29 | - Provide a step-by-step description of the suggested enhancement
 30 | - Explain why this enhancement would be useful to most users
 31 | - Include code examples if applicable
 32 | 
 33 | ### Pull Requests
 34 | 
 35 | Follow these steps to submit a pull request:
 36 | 
 37 | 1. Fork the repository
 38 | 2. Create a new branch (`git checkout -b feature/your-feature-name`)
 39 | 3. Make your changes
 40 | 4. Run tests to ensure your changes don't break existing functionality
 41 | 5. Commit your changes with clear commit messages that follow our commit message conventions
 42 | 6. Push to the branch (`git push origin feature/your-feature-name`)
 43 | 7. Open a pull request
 44 | 
 45 | #### Pull Request Guidelines
 46 | 
 47 | - Follow the standard Go code style and formatting guidelines
 48 | - Write comprehensive comments for public functions, types, and methods
 49 | - Include tests for new features or bug fixes
 50 | - Update documentation to reflect any changes
 51 | - Ensure all tests pass before submitting
 52 | - Make sure your code lints without errors
 53 | - Keep each PR focused on a single change to make review easier
 54 | 
 55 | ## Development Setup
 56 | 
 57 | 1. Install Go (version 1.24+)
 58 | 2. Clone the repository
 59 | 3. Install dependencies: `go mod download`
 60 | 4. Run tests: `go test ./...`
 61 | 
 62 | ## Coding Standards
 63 | 
 64 | ### Go Code Style
 65 | 
 66 | - Follow the [Effective Go](https://golang.org/doc/effective_go) guidelines
 67 | - Use `gofmt` to format your code
 68 | - Follow standard Go naming conventions
 69 | - Document all exported functions, types, and methods
 70 | 
 71 | ### Commit Message Conventions
 72 | 
 73 | Structure your commit messages as follows:
 74 | 
 75 | ```
 76 | <type>: <subject>
 77 | 
 78 | <body>
 79 | 
 80 | <footer>
 81 | ```
 82 | 
 83 | Types:
 84 | - `feat`: A new feature
 85 | - `fix`: A bug fix
 86 | - `docs`: Documentation only changes
 87 | - `style`: Changes that do not affect code meaning (formatting, etc.)
 88 | - `refactor`: Code changes that neither fix a bug nor add a feature
 89 | - `perf`: Code changes that improve performance
 90 | - `test`: Adding or modifying tests
 91 | - `chore`: Changes to build process or auxiliary tools
 92 | 
 93 | Example:
 94 | ```
 95 | feat: add support for HTTP/2 trailers
 96 | 
 97 | Implement support for reading and setting HTTP/2 trailers in responses.
 98 | This enhances the client's compliance with RFC 7540.
 99 | 
100 | Closes #123
101 | ```
102 | 
103 | ## Testing
104 | 
105 | - Write unit tests for new features and bug fixes
106 | - Aim for high test coverage, especially for critical components
107 | - Include integration tests where appropriate
108 | - Ensure your tests are fast and reliable
109 | 
110 | ## Documentation
111 | 
112 | - Update the README.md with details of changes to the interface
113 | - Add comments to your code, especially for complex logic
114 | - Use godoc-compatible comments for exported functions and types
115 | 
116 | ## License
117 | 
118 | By contributing to this project, you agree that your contributions will be licensed under the same license as the project.
119 | 
120 | ## Questions or Need Help?
121 | 
122 | Feel free to open an issue with the "question" label if you need help or have questions about contributing.
123 | 
124 | Thank you for contributing to our project!
125 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2022 Noste
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/connection.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"context"
  5 | 	"crypto/x509"
  6 | 	"errors"
  7 | 	"github.com/Noooste/fhttp"
  8 | 	"github.com/Noooste/fhttp/http2"
  9 | 	"github.com/Noooste/utls"
 10 | 	"net"
 11 | 	"time"
 12 | )
 13 | 
 14 | func (s *Session) dialTLS(ctx context.Context, network, addr string) (net.Conn, error) {
 15 | 	conn, err := s.dial(ctx, network, addr)
 16 | 	if err != nil {
 17 | 		return nil, errors.New("failed to dial: " + err.Error())
 18 | 	}
 19 | 
 20 | 	return s.upgradeTLS(ctx, conn, addr)
 21 | }
 22 | 
 23 | func (s *Session) dial(ctx context.Context, network, addr string) (net.Conn, error) {
 24 | 	if s.ProxyDialer != nil {
 25 | 		var userAgent = s.UserAgent
 26 | 		if ctx.Value(userAgentKey) != nil {
 27 | 			userAgent = ctx.Value(userAgentKey).(string)
 28 | 		}
 29 | 		conn, err := s.ProxyDialer.DialContext(ctx, userAgent, network, addr)
 30 | 		return conn, err
 31 | 	}
 32 | 
 33 | 	dialer := &net.Dialer{
 34 | 		Timeout:   s.TimeOut,
 35 | 		KeepAlive: 30 * time.Second,
 36 | 	}
 37 | 
 38 | 	if s.ModifyDialer != nil {
 39 | 		if err := s.ModifyDialer(dialer); err != nil {
 40 | 			return nil, err
 41 | 		}
 42 | 	}
 43 | 
 44 | 	conn, err := dialer.DialContext(ctx, network, addr)
 45 | 	return conn, err
 46 | }
 47 | 
 48 | func (s *Session) upgradeTLS(ctx context.Context, conn net.Conn, addr string) (net.Conn, error) {
 49 | 	// Split addr and port
 50 | 	hostname, _, err := net.SplitHostPort(addr)
 51 | 
 52 | 	if err != nil {
 53 | 		return nil, errors.New("failed to split addr and port: " + err.Error())
 54 | 	}
 55 | 
 56 | 	if !s.InsecureSkipVerify {
 57 | 		if err = s.PinManager.AddHost(addr); err != nil {
 58 | 			return nil, errors.New("failed to pin: " + err.Error())
 59 | 		}
 60 | 	}
 61 | 
 62 | 	config := tls.Config{
 63 | 		ServerName:         hostname,
 64 | 		InsecureSkipVerify: s.InsecureSkipVerify,
 65 | 		VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
 66 | 			if s.InsecureSkipVerify {
 67 | 				return nil
 68 | 			}
 69 | 
 70 | 			now := time.Now()
 71 | 			for _, chain := range verifiedChains {
 72 | 				for _, cert := range chain {
 73 | 					if now.Before(cert.NotBefore) {
 74 | 						return errors.New("certificate is not valid yet")
 75 | 					}
 76 | 					if now.After(cert.NotAfter) {
 77 | 						return errors.New("certificate is expired")
 78 | 					}
 79 | 					if cert.IsCA {
 80 | 						continue
 81 | 					}
 82 | 					if err = cert.VerifyHostname(hostname); err != nil {
 83 | 						return err
 84 | 					}
 85 | 				}
 86 | 			}
 87 | 
 88 | 			pins := s.PinManager.GetHost(addr)
 89 | 			if pins == nil {
 90 | 				return errors.New("no pins found for " + addr)
 91 | 			}
 92 | 
 93 | 			for _, chain := range verifiedChains {
 94 | 				for _, cert := range chain {
 95 | 					if pins.Verify(cert) {
 96 | 						return nil
 97 | 					}
 98 | 				}
 99 | 			}
100 | 			return errors.New("pin verification failed")
101 | 		},
102 | 	}
103 | 
104 | 	tlsConn := tls.UClient(conn, &config, tls.HelloCustom)
105 | 
106 | 	var fn = s.GetClientHelloSpec
107 | 	if fn == nil {
108 | 		fn = GetBrowserClientHelloFunc(s.Browser)
109 | 	}
110 | 
111 | 	specs := fn()
112 | 
113 | 	if v, k := ctx.Value(forceHTTP1Key).(bool); k && v {
114 | 		for _, ext := range specs.Extensions {
115 | 			switch ext.(type) {
116 | 			case *tls.ALPNExtension:
117 | 				ext.(*tls.ALPNExtension).AlpnProtocols = []string{"http/1.1"}
118 | 			}
119 | 		}
120 | 
121 | 		config.NextProtos = []string{"http/1.1"}
122 | 	}
123 | 
124 | 	if err = tlsConn.ApplyPreset(specs); err != nil {
125 | 		return nil, errors.New("failed to apply preset: " + err.Error())
126 | 	}
127 | 
128 | 	if err = tlsConn.Handshake(); err != nil {
129 | 		return nil, errors.New("failed to handshake: " + err.Error())
130 | 	}
131 | 
132 | 	req := ctx.Value("request").(*Request)
133 | 	if tlsConn.ConnectionState().NegotiatedProtocol != http2.NextProtoTLS {
134 | 		req.HttpRequest.Header.Del(http.PHeaderOrderKey)
135 | 		req.HttpRequest.Header.Del(http.HeaderOrderKey)
136 | 	}
137 | 
138 | 	return tlsConn.Conn, nil
139 | }
140 | 


--------------------------------------------------------------------------------
/cookies.go:
--------------------------------------------------------------------------------
 1 | package azuretls
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	http "github.com/Noooste/fhttp"
 6 | 	"strings"
 7 | )
 8 | 
 9 | var cookieNameSanitizer = strings.NewReplacer("\n", "-", "\r", "-")
10 | 
11 | func CookiesToString(cookies []*http.Cookie) string {
12 | 	var buf bytes.Buffer
13 | 
14 | 	var length = 0
15 | 	for _, el := range cookies {
16 | 		length += len(el.Name) + len(el.Value) + 3
17 | 	}
18 | 
19 | 	buf.Grow(length)
20 | 	for _, el := range cookies {
21 | 		buf.WriteString(cookieNameSanitizer.Replace(el.Name))
22 | 		buf.WriteByte('=')
23 | 		buf.WriteString(cookieNameSanitizer.Replace(el.Value))
24 | 		buf.WriteString("; ")
25 | 	}
26 | 
27 | 	buf.Truncate(buf.Len() - 2)
28 | 	return buf.String()
29 | }
30 | 
31 | func GetCookiesMap(cookies []*http.Cookie) map[string]string {
32 | 	var result = make(map[string]string, len(cookies))
33 | 
34 | 	for _, cookie := range cookies {
35 | 		result[cookie.Name] = cookie.Value
36 | 	}
37 | 
38 | 	return result
39 | }
40 | 


--------------------------------------------------------------------------------
/dump.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"fmt"
  6 | 	http "github.com/Noooste/fhttp"
  7 | 	"net/url"
  8 | 	"os"
  9 | 	"path"
 10 | 	"regexp"
 11 | 	"strings"
 12 | )
 13 | 
 14 | var nonAlphaNumeric = regexp.MustCompile(`([^a-zA-Z0-9*])`)
 15 | 
 16 | func replaceNonAlphaNumeric(s string) string {
 17 | 	return nonAlphaNumeric.ReplaceAllString(s, "\\$1")
 18 | }
 19 | 
 20 | // Dump will activate requests and responses dumping to the specified directory
 21 | //
 22 | // dir is the directory to save the logs
 23 | //
 24 | // ignore (optional) is a list of uri to ignore,
 25 | // if ignore is empty, all uri will be logged
 26 | func (s *Session) Dump(dir string, uris ...string) error {
 27 | 	if err := os.MkdirAll(dir, 0755); err != nil {
 28 | 		return err
 29 | 	}
 30 | 
 31 | 	s.dump = true
 32 | 	s.dumpDir = dir
 33 | 
 34 | 	if len(uris) == 0 {
 35 | 		s.dumpIgnore = []*regexp.Regexp{}
 36 | 		return nil
 37 | 	}
 38 | 
 39 | 	s.dumpIgnore = make([]*regexp.Regexp, 0, len(uris))
 40 | 
 41 | 	for _, v := range uris {
 42 | 		s.dumpIgnore = append(s.dumpIgnore, regexp.MustCompile(
 43 | 			fmt.Sprintf(".*%s.*",
 44 | 				strings.ReplaceAll(
 45 | 					replaceNonAlphaNumeric(v), "*\\.", ".*\\.?",
 46 | 				),
 47 | 			),
 48 | 		))
 49 | 	}
 50 | 
 51 | 	return nil
 52 | }
 53 | 
 54 | // DisableDump will disable requests and responses dumping
 55 | func (s *Session) DisableDump() {
 56 | 	s.dump = false
 57 | }
 58 | 
 59 | // EnableDump will enable requests and responses dumping
 60 | func (s *Session) EnableDump() {
 61 | 	s.dump = true
 62 | }
 63 | 
 64 | // DumpIgnore will check if the given uri is ignored from dumping
 65 | func (s *Session) DumpIgnore(uri string) bool {
 66 | 	parsed, err := url.Parse(uri)
 67 | 
 68 | 	if err != nil {
 69 | 		return false
 70 | 	}
 71 | 
 72 | 	return s.urlMatch(parsed, s.dumpIgnore)
 73 | }
 74 | 
 75 | // DumpAndLog will activate requests and responses dumping to the specified directory
 76 | // and log the requests and responses
 77 | func (s *Session) DumpAndLog(dir string, uris ...string) error {
 78 | 	if err := s.Dump(dir, uris...); err != nil {
 79 | 		return err
 80 | 	}
 81 | 
 82 | 	s.Log(uris...)
 83 | 
 84 | 	return nil
 85 | }
 86 | 
 87 | func (s *Session) dumpRequest(request *Request, response *Response, err error) {
 88 | 	if !s.dump {
 89 | 		return
 90 | 	}
 91 | 
 92 | 	if s.VerboseFunc != nil {
 93 | 		s.VerboseFunc(request, response, err)
 94 | 		return
 95 | 	}
 96 | 
 97 | 	if s.urlMatch(request.parsedUrl, s.dumpIgnore) {
 98 | 		return
 99 | 	}
100 | 
101 | 	reqUrl := request.parsedUrl.Path
102 | 	if reqUrl == "" {
103 | 		reqUrl = "/"
104 | 	}
105 | 
106 | 	if reqUrl[len(reqUrl)-1] == '/' {
107 | 		reqUrl += "index.html"
108 | 	}
109 | 
110 | 	pathSplit := strings.Split(reqUrl, "/")
111 | 	length := len(pathSplit)
112 | 
113 | 	for i := 0; i < length; i++ {
114 | 		pathSplit[i] = url.PathEscape(pathSplit[i])
115 | 	}
116 | 
117 | 	folderPath := path.Join(s.dumpDir, request.parsedUrl.Hostname(), strings.Join(pathSplit[:length-1], "/"))
118 | 
119 | 	_ = os.MkdirAll(folderPath, 0755)
120 | 
121 | 	fileName := path.Join(folderPath, pathSplit[length-1])
122 | 
123 | 	iter := 1
124 | 	for _, err2 := os.ReadFile(fileName); err2 == nil; _, err2 = os.ReadFile(fileName) {
125 | 		fileName = path.Join(folderPath, pathSplit[length-1]+fmt.Sprintf(" (%d)", iter))
126 | 		iter++
127 | 	}
128 | 
129 | 	request.proxy = s.Proxy
130 | 	requestPart := request.toString()
131 | 
132 | 	var responsePart string
133 | 	if response != nil {
134 | 		responsePart = response.toString()
135 | 	} else {
136 | 		responsePart = "error : " + err.Error()
137 | 	}
138 | 
139 | 	if err2 := os.WriteFile(fileName, []byte(fmt.Sprintf(
140 | 		"%s\n\n%s\n\n\n%s", requestPart, strings.Repeat("=", 80), responsePart,
141 | 	)), 0755); err2 != nil {
142 | 		return
143 | 	}
144 | }
145 | 
146 | const newPart = "\n\n"
147 | 
148 | func (r *Request) toString() string {
149 | 	var buffer bytes.Buffer
150 | 	buffer.Grow(1024)
151 | 
152 | 	if r.proxy != "" {
153 | 		buffer.WriteString(fmt.Sprintf("Proxy : %s", r.proxy))
154 | 	} else {
155 | 		buffer.WriteString("Proxy : none")
156 | 	}
157 | 	buffer.WriteString(newPart)
158 | 
159 | 	buffer.WriteString(fmt.Sprintf("%s %s %s", r.Method, r.Url, r.Proto))
160 | 	buffer.WriteString(newPart)
161 | 
162 | 	if h, ok := r.HttpRequest.Header[http.PHeaderOrderKey]; ok {
163 | 		mapping := map[string]string{
164 | 			Authority: r.parsedUrl.Host,
165 | 			Method:    r.Method,
166 | 			Path:      r.parsedUrl.Path,
167 | 			Scheme:    r.parsedUrl.Scheme,
168 | 		}
169 | 
170 | 		for _, v := range h {
171 | 			buffer.WriteString(fmt.Sprintf("%s: %s\n", v, mapping[v]))
172 | 		}
173 | 	}
174 | 
175 | 	writeHeaders(r.HttpRequest.Header, &buffer)
176 | 
177 | 	if r.Body != nil {
178 | 		buffer.WriteByte('\n')
179 | 		buffer.Write(r.body)
180 | 	}
181 | 
182 | 	return buffer.String()
183 | }
184 | 
185 | func (r *Response) toString() string {
186 | 	var buffer bytes.Buffer
187 | 	buffer.Grow(1024)
188 | 
189 | 	buffer.WriteString(fmt.Sprintf("Status : %d %s", r.StatusCode, http.StatusText(r.StatusCode)))
190 | 	buffer.WriteString(newPart)
191 | 
192 | 	writeHeaders(r.Header, &buffer)
193 | 
194 | 	buffer.WriteString("\n")
195 | 	buffer.Write(r.Body)
196 | 
197 | 	return buffer.String()
198 | }
199 | 
200 | type orderedHeaders struct {
201 | 	key    string
202 | 	values []string
203 | }
204 | 
205 | func writeHeaders(headers http.Header, buf *bytes.Buffer) {
206 | 	var kvs []orderedHeaders
207 | 
208 | 	if headerOrder, ok := headers[http.HeaderOrderKey]; ok && len(headerOrder) > 0 {
209 | 		order := make(map[string]int, len(headerOrder))
210 | 		for i, v := range headerOrder {
211 | 			order[v] = i
212 | 		}
213 | 
214 | 		kvs = make([]orderedHeaders, 0, len(headers))
215 | 
216 | 		for _, vv := range headerOrder {
217 | 			header := headers.Values(vv)
218 | 
219 | 			if len(header) == 0 {
220 | 				continue
221 | 			}
222 | 
223 | 			kvs = append(kvs, orderedHeaders{vv, header})
224 | 		}
225 | 
226 | 	} else {
227 | 		kvs = make([]orderedHeaders, 0, len(headers))
228 | 
229 | 		for k, vv := range headers {
230 | 			if len(vv) > 0 {
231 | 				kvs = append(kvs, orderedHeaders{k, vv})
232 | 			}
233 | 		}
234 | 	}
235 | 
236 | 	for _, kv := range kvs {
237 | 		if kv.key != http.HeaderOrderKey && kv.key != http.PHeaderOrderKey {
238 | 			for _, v := range kv.values {
239 | 				if strings.ToLower(kv.key) == "cookie" {
240 | 					for _, cookie := range strings.Split(v, "; ") {
241 | 						buf.WriteString("cookie: " + cookie + "\n")
242 | 					}
243 | 				} else {
244 | 					buf.WriteString(kv.key + ": " + v + "\n")
245 | 				}
246 | 			}
247 | 		}
248 | 	}
249 | }
250 | 


--------------------------------------------------------------------------------
/example/headers/headers.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"github.com/Noooste/azuretls-client"
 6 | )
 7 | 
 8 | func main() {
 9 | 	session := azuretls.NewSession()
10 | 
11 | 	session.OrderedHeaders = azuretls.OrderedHeaders{
12 | 		{"user-agent", "test"},
13 | 		{"content-type", "application/json"},
14 | 		{"accept", "application/json"},
15 | 	}
16 | 
17 | 	response, err := session.Get("https://tls.peet.ws/api/all")
18 | 
19 | 	if err != nil {
20 | 		panic(err)
21 | 	}
22 | 
23 | 	fmt.Println(response.StatusCode)
24 | 	fmt.Println(string(response.Body))
25 | 
26 | 	session.Close()
27 | }
28 | 


--------------------------------------------------------------------------------
/example/http2/http2.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"github.com/Noooste/azuretls-client"
 6 | )
 7 | 
 8 | func main() {
 9 | 	session := azuretls.NewSession()
10 | 
11 | 	http2 := "1:65536,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p"
12 | 
13 | 	if err := session.ApplyHTTP2(http2); err != nil {
14 | 		panic(err)
15 | 	}
16 | 
17 | 	resp, err := session.Get("https://tls.peet.ws/api/all")
18 | 
19 | 	if err != nil {
20 | 		panic(err)
21 | 	}
22 | 
23 | 	fmt.Println(resp.StatusCode)
24 | 	fmt.Println(string(resp.Body))
25 | }
26 | 


--------------------------------------------------------------------------------
/example/ja3/ja3.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"github.com/Noooste/azuretls-client"
 6 | )
 7 | 
 8 | func main() {
 9 | 	session := azuretls.NewSession()
10 | 
11 | 	// First way
12 | 	ja3 := "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24-25-26,0"
13 | 	if err := session.ApplyJa3(ja3, azuretls.Chrome); err != nil {
14 | 		panic(err)
15 | 	}
16 | 
17 | 	resp, err := session.Get("https://tls.peet.ws/api/all")
18 | 
19 | 	if err != nil {
20 | 		panic(err)
21 | 	}
22 | 
23 | 	fmt.Println(resp.StatusCode)
24 | 	fmt.Println(string(resp.Body))
25 | 	session.Close()
26 | 
27 | 	// Second way
28 | 	session = azuretls.NewSession()
29 | 
30 | 	session.GetClientHelloSpec = azuretls.GetLastChromeVersion
31 | 
32 | 	resp, err = session.Get("https://tls.peet.ws/api/all")
33 | 
34 | 	if err != nil {
35 | 		panic(err)
36 | 	}
37 | 
38 | 	fmt.Println(resp.StatusCode)
39 | 	fmt.Println(string(resp.Body))
40 | }
41 | 


--------------------------------------------------------------------------------
/example/proxy/proxy.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"github.com/Noooste/azuretls-client"
 6 | )
 7 | 
 8 | func main() {
 9 | 	session := azuretls.NewSession()
10 | 
11 | 	session.SetProxy("http://username:password@ip:port")
12 | 
13 | 	response, err := session.Get("https://api.ipify.org")
14 | 
15 | 	if err != nil {
16 | 		panic(err)
17 | 	}
18 | 
19 | 	fmt.Println(response.StatusCode)
20 | 	fmt.Println(string(response.Body))
21 | 
22 | 	session.Close()
23 | }
24 | 


--------------------------------------------------------------------------------
/example_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"fmt"
  6 | 	"github.com/Noooste/azuretls-client"
  7 | 	"os"
  8 | 	"strings"
  9 | 	"time"
 10 | )
 11 | 
 12 | func ExampleNewSession() {
 13 | 	session := azuretls.NewSession()
 14 | 
 15 | 	resp, err := session.Get("https://www.google.com")
 16 | 
 17 | 	if err != nil {
 18 | 		panic(err)
 19 | 	}
 20 | 
 21 | 	fmt.Println(resp.StatusCode)
 22 | 
 23 | 	// Output:
 24 | 	// 200
 25 | }
 26 | 
 27 | func ExampleSession_Get() {
 28 | 	session := azuretls.NewSession()
 29 | 
 30 | 	resp, err := session.Get("https://www.google.com")
 31 | 
 32 | 	if err != nil {
 33 | 		panic(err)
 34 | 	}
 35 | 
 36 | 	fmt.Println(resp.StatusCode)
 37 | 
 38 | 	// Output:
 39 | 	// 200
 40 | }
 41 | 
 42 | func ExampleSession_Post() {
 43 | 	session := azuretls.NewSession()
 44 | 
 45 | 	resp, err := session.Post("https://httpbin.org/post", `post me`)
 46 | 
 47 | 	if err != nil {
 48 | 		panic(err)
 49 | 	}
 50 | 
 51 | 	fmt.Println(resp.StatusCode)
 52 | 	fmt.Println(bytes.Contains(resp.Body, []byte("post me")))
 53 | 
 54 | 	// Output:
 55 | 	// 200
 56 | 	// true
 57 | }
 58 | 
 59 | func ExampleSession_DumpIgnore() {
 60 | 	session := azuretls.NewSession()
 61 | 
 62 | 	if err := session.Dump("./logs", "*.google.com"); err != nil {
 63 | 		panic(err)
 64 | 	}
 65 | 
 66 | 	fmt.Println(session.DumpIgnore("https://www.google.com"))
 67 | 	fmt.Println(session.DumpIgnore("https://google.com/search"))
 68 | 	fmt.Println(session.DumpIgnore("https://www.google.com/search"))
 69 | 
 70 | 	if err := session.Dump("./logs", "/get"); err != nil {
 71 | 		panic(err)
 72 | 	}
 73 | 
 74 | 	fmt.Println(session.DumpIgnore("https://www.google.com"))
 75 | 	fmt.Println(session.DumpIgnore("https://google.com/search"))
 76 | 	fmt.Println(session.DumpIgnore("https://www.google.com/get/the/thing"))
 77 | 
 78 | 	// Output:
 79 | 	// true
 80 | 	// true
 81 | 	// true
 82 | 	// false
 83 | 	// false
 84 | 	// true
 85 | }
 86 | 
 87 | func ExampleSession_Dump() {
 88 | 	session := azuretls.NewSession()
 89 | 
 90 | 	_ = session.Dump("./logs", "*.httpbin.org")
 91 | 
 92 | 	_, _ = session.Get("https://www.google.com", azuretls.OrderedHeaders{
 93 | 		{"User-Agent", "Mozilla/5.0"},
 94 | 		{"Accept", "text/html"},
 95 | 	})
 96 | 
 97 | 	_, _ = session.Get("https://httpbin.org/get")
 98 | 
 99 | 	time.Sleep(1 * time.Second)
100 | 
101 | 	f, _ := os.ReadDir("./logs")
102 | 
103 | 	fmt.Println(len(f))
104 | 
105 | 	// Output:
106 | 	// 1
107 | }
108 | 
109 | func ExampleSession_Log() {
110 | 	session := azuretls.NewSession()
111 | 
112 | 	session.Log("/any/path/to/ignore", "can.ignore.this", "*.all.subdomains")
113 | 
114 | 	_, _ = session.Get("https://www.google.com")
115 | 	_, _ = session.Get("https://www.google.com/any/path/to/ignore")
116 | }
117 | 
118 | func ExampleSession_SetProxy() {
119 | 	session := azuretls.NewSession()
120 | 
121 | 	err := session.SetProxy("http://username:password@proxy:8080")
122 | 
123 | 	if err != nil {
124 | 		panic(err)
125 | 	}
126 | 
127 | 	fmt.Println(session.Proxy)
128 | 
129 | 	// Output:
130 | 	// http://username:password@proxy:8080
131 | }
132 | 
133 | func ExampleSession_ApplyJa3() {
134 | 	session := azuretls.NewSession()
135 | 
136 | 	ja3 := "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0"
137 | 
138 | 	if err := session.ApplyJa3(ja3, azuretls.Chrome); err != nil {
139 | 		panic(err)
140 | 	}
141 | 
142 | 	resp, err := session.Get("https://tls.peet.ws/api/all")
143 | 
144 | 	if err != nil {
145 | 		panic(err)
146 | 	}
147 | 
148 | 	fmt.Println(strings.Contains(string(resp.Body), ja3))
149 | 
150 | 	// Output:
151 | 	// true
152 | }
153 | 
154 | func ExampleSession_ApplyHTTP2() {
155 | 	session := azuretls.NewSession()
156 | 
157 | 	preset := "1:65536;2:0;3:1000;4:6291456;6:262144|15663105|0|m,s,a,p"
158 | 
159 | 	if err := session.ApplyHTTP2(preset); err != nil {
160 | 		panic(err)
161 | 	}
162 | 
163 | 	resp, err := session.Get("https://tls.peet.ws/api/all")
164 | 
165 | 	if err != nil {
166 | 		panic(err)
167 | 	}
168 | 
169 | 	fmt.Println(strings.Contains(string(resp.Body), preset))
170 | 
171 | 	// Output:
172 | 	// true
173 | }
174 | 
175 | func ExampleUrlEncode() {
176 | 	type Foo struct {
177 | 		Bar       string `url:"bar"`
178 | 		Baz       string `url:"baz"`
179 | 		Omit      string `url:"-"`
180 | 		OmitEmpty string `url:"no,omitempty"`
181 | 	}
182 | 
183 | 	fmt.Println(azuretls.UrlEncode(Foo{
184 | 		Bar:       "bar",
185 | 		Baz:       "baz baz baz",
186 | 		Omit:      "omit",
187 | 		OmitEmpty: "",
188 | 	}))
189 | 
190 | 	// Output:
191 | 	// bar=bar&baz=baz+baz+baz
192 | }
193 | 
194 | func ExampleToBytes() {
195 | 	fmt.Println(string(azuretls.ToBytes("test1")))
196 | 
197 | 	fmt.Println(string(azuretls.ToBytes([]byte("test2"))))
198 | 
199 | 	buf := bytes.NewBufferString("test3")
200 | 	fmt.Println(string(azuretls.ToBytes(buf)))
201 | 
202 | 	type s struct {
203 | 		A string
204 | 		B int
205 | 	}
206 | 	fmt.Println(string(azuretls.ToBytes(s{"test4", 4})))
207 | 
208 | 	// Output:
209 | 	// test1
210 | 	// test2
211 | 	// test3
212 | 	// {"A":"test4","B":4}
213 | }
214 | 


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
 1 | module github.com/Noooste/azuretls-client
 2 | 
 3 | go 1.24.0
 4 | 
 5 | require (
 6 | 	github.com/Noooste/fhttp v1.0.13
 7 | 	github.com/Noooste/quic-go v0.0.16
 8 | 	github.com/Noooste/utls v1.3.17
 9 | 	github.com/Noooste/websocket v1.0.3
10 | 	github.com/fatih/color v1.18.0
11 | 	golang.org/x/net v0.40.0
12 | )
13 | 
14 | require (
15 | 	github.com/andybalholm/brotli v1.1.1 // indirect
16 | 	github.com/cloudflare/circl v1.6.1 // indirect
17 | 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
18 | 	github.com/google/pprof v0.0.0-20250501235452-c0086092b71a // indirect
19 | 	github.com/klauspost/compress v1.18.0 // indirect
20 | 	github.com/mattn/go-colorable v0.1.14 // indirect
21 | 	github.com/mattn/go-isatty v0.0.20 // indirect
22 | 	github.com/onsi/ginkgo/v2 v2.9.7 // indirect
23 | 	github.com/quic-go/qpack v0.5.1 // indirect
24 | 	go.uber.org/mock v0.5.2 // indirect
25 | 	golang.org/x/crypto v0.38.0 // indirect
26 | 	golang.org/x/mod v0.24.0 // indirect
27 | 	golang.org/x/sync v0.14.0 // indirect
28 | 	golang.org/x/sys v0.33.0 // indirect
29 | 	golang.org/x/text v0.25.0 // indirect
30 | 	golang.org/x/tools v0.33.0 // indirect
31 | )
32 | 


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
 1 | github.com/Noooste/fhttp v1.0.13 h1:32Zq6dOXBrZAGq1ZeoUdqPel3ubtFF4MuI0IMb1YH/M=
 2 | github.com/Noooste/fhttp v1.0.13/go.mod h1:CMVxKOhNheqJN5HYE4Rlvz2SRdV8Uv7YWmi6OwmB/Bk=
 3 | github.com/Noooste/quic-go v0.0.15 h1:l+AW4efjJYJEn8oXEDdxPxPFSHJsG/gNMqADu/MDLz0=
 4 | github.com/Noooste/quic-go v0.0.15/go.mod h1:ZwvLDUnDV+C7iMxU9IJGv5QGi7X/vIXVEovRNQ/8Grg=
 5 | github.com/Noooste/quic-go v0.0.16 h1:q1GVZv/fIsePoQYlaFSFkThJmIiiJL7fhCb2SsQU3Vk=
 6 | github.com/Noooste/quic-go v0.0.16/go.mod h1:BfpFvLCXkDkmh1mzpy9MUEJUFlQmFtCpQjsYAojIrZo=
 7 | github.com/Noooste/utls v1.3.8 h1:F2ZbT4I+r48ifeluHfmv1liTvJEu/IEPABXZsA7vpfs=
 8 | github.com/Noooste/utls v1.3.8/go.mod h1:n2BlVk1A+38Z6qGCRazSzOuOP8ZGtISzyMMh+2jbhyw=
 9 | github.com/Noooste/utls v1.3.15 h1:Dg+wI+vobrBWC/r0BlfZY+Q0YI/QPMOia5YxiCiHOV4=
10 | github.com/Noooste/utls v1.3.15/go.mod h1:Tem4t3EuQfqs7c1Ogkdpib2T0gPPR6w69SKItu2dmO0=
11 | github.com/Noooste/utls v1.3.17 h1:CoiTFhlPRTFrRz6s8WEjeq64XNBSDQnsl2AjCGZv/sc=
12 | github.com/Noooste/utls v1.3.17/go.mod h1:n2BlVk1A+38Z6qGCRazSzOuOP8ZGtISzyMMh+2jbhyw=
13 | github.com/Noooste/websocket v1.0.3 h1:drW7tvZ3YqzqI9wApnaH1Q0syFMXO7gbLlsBWjZvMNA=
14 | github.com/Noooste/websocket v1.0.3/go.mod h1:Qhw0Rtuju/fPPbcb3R5XGq7poa51qPDL462jTltl9nQ=
15 | github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA=
16 | github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA=
17 | github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
18 | github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
19 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
20 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
21 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
22 | github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
23 | github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
24 | github.com/francoispqt/gojay v1.2.13 h1:d2m3sFjloqoIUQU3TsHBgj6qg/BVGlTBeHDUmyJnXKk=
25 | github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY=
26 | github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
27 | github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
28 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
29 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
30 | github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
31 | github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
32 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
33 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
34 | github.com/google/pprof v0.0.0-20250501235452-c0086092b71a h1:rDA3FfmxwXR+BVKKdz55WwMJ1pD2hJQNW31d+l3mPk4=
35 | github.com/google/pprof v0.0.0-20250501235452-c0086092b71a/go.mod h1:5hDyRhoBCxViHszMt12TnOpEI4VVi+U8Gm9iphldiMA=
36 | github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
37 | github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
38 | github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
39 | github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
40 | github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
41 | github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
42 | github.com/onsi/ginkgo/v2 v2.9.7 h1:06xGQy5www2oN160RtEZoTvnP2sPhEfePYmCDc2szss=
43 | github.com/onsi/ginkgo/v2 v2.9.7/go.mod h1:cxrmXWykAwTwhQsJOPfdIDiJ+l2RYq7U8hFU+M/1uw0=
44 | github.com/onsi/gomega v1.27.7 h1:fVih9JD6ogIiHUN6ePK7HJidyEDpWGVB5mzM7cWNXoU=
45 | github.com/onsi/gomega v1.27.7/go.mod h1:1p8OOlwo2iUUDsHnOrjE5UKYJ+e3W8eQ3qSlRahPmr4=
46 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
47 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
48 | github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
49 | github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
50 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
51 | github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
52 | github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
53 | github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
54 | github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU=
55 | github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
56 | go.uber.org/mock v0.5.2 h1:LbtPTcP8A5k9WPXj54PPPbjcI4Y6lhyOZXn+VS7wNko=
57 | go.uber.org/mock v0.5.2/go.mod h1:wLlUxC2vVTPTaE3UD51E0BGOAElKrILxhVSDYQLld5o=
58 | golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
59 | golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
60 | golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU=
61 | golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
62 | golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
63 | golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
64 | golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ=
65 | golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
66 | golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
67 | golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
68 | golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
69 | golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4=
70 | golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA=
71 | golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
72 | golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
73 | google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
74 | google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
75 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
76 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
77 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
78 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
79 | 


--------------------------------------------------------------------------------
/header.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	http "github.com/Noooste/fhttp"
  5 | 	"net/url"
  6 | 	"sort"
  7 | 	"strings"
  8 | )
  9 | 
 10 | // OrderedHeaders is a slice of headers.
 11 | type OrderedHeaders [][]string
 12 | 
 13 | // PHeader is a slice of pseudo headers.
 14 | type PHeader []string
 15 | 
 16 | // HeaderOrder is a slice of header names.
 17 | type HeaderOrder []string
 18 | 
 19 | // GetDefaultPseudoHeaders returns the default pseudo headers.
 20 | func GetDefaultPseudoHeaders() PHeader {
 21 | 	return []string{Method, Authority, Scheme, Path}
 22 | }
 23 | 
 24 | // Clone returns a copy of the header.
 25 | func (oh *OrderedHeaders) Clone() OrderedHeaders {
 26 | 	if oh == nil {
 27 | 		return nil
 28 | 	}
 29 | 
 30 | 	var clone = make(OrderedHeaders, 0, len(*oh))
 31 | 
 32 | 	for _, header := range *oh {
 33 | 		var fieldClone = make([]string, 0, len(header))
 34 | 		for _, field := range header {
 35 | 			fieldClone = append(fieldClone, field)
 36 | 		}
 37 | 		clone = append(clone, fieldClone)
 38 | 	}
 39 | 
 40 | 	return clone
 41 | }
 42 | 
 43 | // Add adds the value to the field.
 44 | // It appends to any existing values associated with the field.
 45 | func (oh *OrderedHeaders) Add(field string, value ...string) {
 46 | 	field = http.CanonicalHeaderKey(field)
 47 | 	for i, c := range *oh {
 48 | 		if http.CanonicalHeaderKey(c[0]) == field {
 49 | 			(*oh)[i] = append((*oh)[i], value...)
 50 | 		}
 51 | 	}
 52 | }
 53 | 
 54 | // Set sets the field to the given value.
 55 | // It replaces any existing values associated with the field.
 56 | func (oh *OrderedHeaders) Set(field string, value ...string) {
 57 | 	field = http.CanonicalHeaderKey(field)
 58 | 	newList := append([]string{field}, value...)
 59 | 	for i, c := range *oh {
 60 | 		if http.CanonicalHeaderKey(c[0]) == field {
 61 | 			(*oh)[i] = newList
 62 | 			return
 63 | 		}
 64 | 	}
 65 | 	*oh = append(*oh, newList)
 66 | }
 67 | 
 68 | // Get returns the first value associated with the given field.
 69 | // If the field is not present, it returns an empty string.
 70 | func (oh *OrderedHeaders) Get(field string) string {
 71 | 	field = http.CanonicalHeaderKey(field)
 72 | 	for _, c := range *oh {
 73 | 		if http.CanonicalHeaderKey(c[0]) == field {
 74 | 			return strings.Join(c[1:], "; ")
 75 | 		}
 76 | 	}
 77 | 
 78 | 	return ""
 79 | }
 80 | 
 81 | // Remove removes the first instance of the field from the header.
 82 | // If the field is not present, it does nothing.
 83 | // Deprecated: Use Del instead.
 84 | func (oh *OrderedHeaders) Remove(field string) OrderedHeaders {
 85 | 	return oh.Del(http.CanonicalHeaderKey(field))
 86 | }
 87 | 
 88 | // Del removes the first instance of the field from the header.
 89 | // If the field is not present, it does nothing.
 90 | func (oh *OrderedHeaders) Del(field string) OrderedHeaders {
 91 | 	var index = -1
 92 | 	field = http.CanonicalHeaderKey(field)
 93 | 	for i := 0; i < len(*oh); i++ {
 94 | 		if http.CanonicalHeaderKey((*oh)[i][0]) == field {
 95 | 			index = i
 96 | 		}
 97 | 	}
 98 | 
 99 | 	if index != -1 {
100 | 		return append((*oh)[:index], (*oh)[index+1:]...)
101 | 	}
102 | 
103 | 	return *oh
104 | }
105 | 
106 | func (oh *OrderedHeaders) ToHeader() http.Header {
107 | 	var result = make(http.Header, len(*oh))
108 | 	var order = make([]string, 0, len(*oh))
109 | 
110 | 	for _, header := range *oh {
111 | 		if len(header) == 0 {
112 | 			continue
113 | 		}
114 | 
115 | 		var key = http.CanonicalHeaderKey(header[0])
116 | 
117 | 		if result.Get(key) != "" {
118 | 			for _, v := range header[1:] {
119 | 				result.Add(key, v)
120 | 			}
121 | 		} else {
122 | 			order = append(order, key)
123 | 			if len(header) == 1 {
124 | 				continue
125 | 			}
126 | 			result.Set(key, header[1])
127 | 			for _, v := range header[2:] {
128 | 				result.Add(key, v)
129 | 			}
130 | 		}
131 | 	}
132 | 
133 | 	return result
134 | }
135 | 
136 | //gocyclo:ignore
137 | func (r *Request) formatHeader() {
138 | 	var setUserAgent = true
139 | 
140 | 	if r.OrderedHeaders != nil && len(r.OrderedHeaders) > 0 {
141 | 		r.HttpRequest.Header = make(http.Header, len(r.OrderedHeaders)+2) // +2 for http.HeaderOrderKey and http.PHeaderOrderKey
142 | 		r.HttpRequest.Header[http.HeaderOrderKey] = make([]string, 0, len(r.OrderedHeaders))
143 | 
144 | 		for _, el := range r.OrderedHeaders {
145 | 			if len(el) == 0 || !shouldCopyHeaderOnRedirect(el[0], r.HttpRequest.URL, r.HttpRequest.URL) {
146 | 				continue
147 | 			}
148 | 
149 | 			var key = el[0]
150 | 
151 | 			r.HttpRequest.Header[http.HeaderOrderKey] = append(r.HttpRequest.Header[http.HeaderOrderKey], strings.ToLower(key))
152 | 
153 | 			if len(el) == 1 {
154 | 				// skip empty header value, the key indicates the order
155 | 				continue
156 | 			}
157 | 
158 | 			if _, ok := r.HttpRequest.Header[key]; !ok {
159 | 				if setUserAgent && strings.ToLower(key) == "user-agent" {
160 | 					setUserAgent = false
161 | 				}
162 | 			}
163 | 
164 | 			r.HttpRequest.Header[key] = make([]string, 0, len(el)-1)
165 | 			r.HttpRequest.Header[key] = append(r.HttpRequest.Header[key], el[1])
166 | 
167 | 			for _, v := range el[2:] {
168 | 				r.HttpRequest.Header.Add(key, v)
169 | 			}
170 | 		}
171 | 
172 | 	} else if r.Header != nil && len(r.Header) > 0 {
173 | 		r.HttpRequest.Header = r.Header.Clone()
174 | 		if r.HeaderOrder != nil && len(r.HeaderOrder) > 0 {
175 | 			if v, ok := r.Header[http.HeaderOrderKey]; ok {
176 | 				r.HttpRequest.Header[http.HeaderOrderKey] = append(v, r.HeaderOrder...)
177 | 			} else {
178 | 				r.HttpRequest.Header[http.HeaderOrderKey] = r.HeaderOrder
179 | 			}
180 | 		}
181 | 
182 | 		for k := range r.Header {
183 | 			if http.CanonicalHeaderKey(k) == "User-Agent" {
184 | 				setUserAgent = false
185 | 				break
186 | 			}
187 | 		}
188 | 	} else {
189 | 		r.HttpRequest.Header = make(http.Header, 4)
190 | 	}
191 | 
192 | 	if setUserAgent {
193 | 		if r.ua == "" {
194 | 			r.ua = defaultUserAgent
195 | 		}
196 | 
197 | 		r.HttpRequest.Header.Set("User-Agent", r.ua)
198 | 	}
199 | 
200 | 	if r.PHeader != nil {
201 | 		for i, el := range r.PHeader {
202 | 			if el[0] != ':' {
203 | 				r.PHeader[i] = ":" + el
204 | 			}
205 | 		}
206 | 		r.HttpRequest.Header[http.PHeaderOrderKey] = r.PHeader[:]
207 | 	} else {
208 | 		switch r.browser {
209 | 		case Firefox:
210 | 			r.HttpRequest.Header[http.PHeaderOrderKey] = []string{Method, Path, Authority, Scheme}
211 | 		case Ios:
212 | 			r.HttpRequest.Header[http.PHeaderOrderKey] = []string{Method, Scheme, Path, Authority}
213 | 		case Safari:
214 | 			r.HttpRequest.Header[http.PHeaderOrderKey] = []string{Method, Scheme, Authority, Path}
215 | 		default: //chrome sub products
216 | 			r.HttpRequest.Header[http.PHeaderOrderKey] = GetDefaultPseudoHeaders()
217 | 		}
218 | 	}
219 | }
220 | 
221 | func shouldCopyHeaderOnRedirect(headerKey string, initial, dest *url.URL) bool {
222 | 	switch http.CanonicalHeaderKey(headerKey) {
223 | 	case "Authorization", "Www-Authenticate", "Cookie", "Cookie2":
224 | 		// Permit sending auth/cookie headers from "foo.com"
225 | 		// to "sub.foo.com".
226 | 
227 | 		// Note that we don't send all cookies to subdomains
228 | 		// automatically. This function is only used for
229 | 		// Cookies set explicitly on the initial outgoing
230 | 		// client request. Cookies automatically added via the
231 | 		// CookieJar mechanism continue to follow each
232 | 		// cookie's scope as set by Set-Cookie. But for
233 | 		// outgoing requests with the Cookie header set
234 | 		// directly, we don't know their scope, so we assume
235 | 		// it's for *.domain.com.
236 | 
237 | 		ihost := getHost(initial)
238 | 		dhost := getHost(dest)
239 | 		return isDomainOrSubdomain(dhost, ihost)
240 | 	}
241 | 	// All other headers are copied:
242 | 	return true
243 | }
244 | 
245 | // makeHeadersCopier makes a function that copies headers from the
246 | // initial Request, ireq. For every redirect, this function must be called
247 | // so that it can copy headers into the upcoming Request.
248 | func (s *Session) makeHeadersCopier(ireq *Request) func(*Request) {
249 | 	// The headers to copy are from the very initial request.
250 | 	// We use a closured callback to keep a reference to these original headers.
251 | 	var (
252 | 		ireqhdr  = ireq.Header
253 | 		icookies map[string][]*http.Cookie
254 | 	)
255 | 
256 | 	var header = ireq.Header
257 | 
258 | 	if ireq.OrderedHeaders != nil {
259 | 		header = ireq.OrderedHeaders.ToHeader()
260 | 	}
261 | 
262 | 	if s.CookieJar != nil && header.Get("Cookie") != "" {
263 | 		icookies = make(map[string][]*http.Cookie)
264 | 		for _, c := range http.ReadCookies(ireq.Header, "") {
265 | 			icookies[c.Name] = append(icookies[c.Name], c)
266 | 		}
267 | 	}
268 | 
269 | 	preq := ireq // The previous request
270 | 	return func(req *Request) {
271 | 		// If Jar is present and there was some initial cookies provided
272 | 		// via the request header, then we may need to alter the initial
273 | 		// cookies as we follow redirects since each redirect may end up
274 | 		// modifying a pre-existing cookie.
275 | 		//
276 | 		// Since cookies already set in the request header do not contain
277 | 		// information about the original domain and path, the logic below
278 | 		// assumes any new set cookies override the original cookie
279 | 		// regardless of domain or path.
280 | 		//
281 | 		// See https://golang.org/issue/17494
282 | 		if s.CookieJar != nil && icookies != nil {
283 | 			var changed bool
284 | 			resp := req.Response // The response that caused the upcoming redirect
285 | 			for k := range resp.Cookies {
286 | 				if _, ok := icookies[k]; ok {
287 | 					delete(icookies, k)
288 | 					changed = true
289 | 				}
290 | 			}
291 | 			if changed {
292 | 				ireqhdr.Del("Cookie")
293 | 				var ss []string
294 | 				for _, cs := range icookies {
295 | 					for _, c := range cs {
296 | 						ss = append(ss, c.Name+"="+c.Value)
297 | 					}
298 | 				}
299 | 				sort.Strings(ss) // Ensure deterministic headers
300 | 				ireqhdr.Set("Cookie", strings.Join(ss, "; "))
301 | 			}
302 | 		}
303 | 
304 | 		// Copy the initial request's Header Values
305 | 		// (at least the safe ones).
306 | 		for k, vv := range ireqhdr {
307 | 			if shouldCopyHeaderOnRedirect(k, preq.parsedUrl, req.parsedUrl) {
308 | 				if req.OrderedHeaders != nil {
309 | 					req.OrderedHeaders.Add(k, vv...)
310 | 				} else {
311 | 					if req.Header == nil {
312 | 						req.Header = make(http.Header)
313 | 					}
314 | 
315 | 					req.Header[k] = vv
316 | 				}
317 | 			}
318 | 		}
319 | 
320 | 		preq = req // Update previous Request with the current request
321 | 	}
322 | }
323 | 


--------------------------------------------------------------------------------
/http2.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"github.com/Noooste/fhttp/http2"
  6 | 	"strconv"
  7 | 	"strings"
  8 | )
  9 | 
 10 | const (
 11 | 	invalidSettings      = "invalid SETTINGS : "
 12 | 	invalidSettingsIndex = invalidSettings + "index %d (invalid %s)"
 13 | 	invalidWindow        = "invalid WINDOW_UPDATE : %s"
 14 | 	invalidPriority      = "invalid PRIORITY : %s"
 15 | 	invalidPseudo        = "invalid PSEUDO_HEADER : %s"
 16 | )
 17 | 
 18 | // ApplyHTTP2 applies HTTP2 settings to the session from a fingerprint.
 19 | // The fingerprint is in the format:
 20 | //
 21 | //	<SETTINGS>|<WINDOW_UPDATE>|<PRIORITY>|<PSEUDO_HEADER>
 22 | //
 23 | // egs :
 24 | //
 25 | //	1:65536,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p
 26 | //
 27 | // Any 0 value will be ignored.
 28 | func (s *Session) ApplyHTTP2(fp string) error {
 29 | 	// check if HTTP2 is already initialized
 30 | 	// if not initialize it
 31 | 	if s.HTTP2Transport == nil {
 32 | 		if s.Transport == nil {
 33 | 			s.initHTTP1()
 34 | 		}
 35 | 
 36 | 		var err error
 37 | 		s.HTTP2Transport, err = http2.ConfigureTransports(s.Transport)
 38 | 		s.HTTP2Transport.StrictMaxConcurrentStreams = true
 39 | 
 40 | 		if err != nil {
 41 | 			return err
 42 | 		}
 43 | 	}
 44 | 
 45 | 	split := strings.Split(fp, "|")
 46 | 
 47 | 	// fingerprint should have 4 parts
 48 | 	if len(split) != 4 {
 49 | 		return fmt.Errorf("%s%s, invalid length : expected 4, got %d", invalidSettings, fp, len(split))
 50 | 	}
 51 | 
 52 | 	var (
 53 | 		settings      = split[0]
 54 | 		windowUpdate  = split[1]
 55 | 		priorities    = split[2]
 56 | 		pseudoHeaders = split[3]
 57 | 	)
 58 | 
 59 | 	if err := applySettings(settings, s.HTTP2Transport); err != nil {
 60 | 		return err
 61 | 	}
 62 | 
 63 | 	if err := applyWindowUpdate(windowUpdate, s.HTTP2Transport); err != nil {
 64 | 		return err
 65 | 	}
 66 | 
 67 | 	if err := applyPriorities(priorities, s.HTTP2Transport); err != nil {
 68 | 		return err
 69 | 	}
 70 | 
 71 | 	s.PHeader = make(PHeader, 4)
 72 | 	if err := applyPseudoHeaders(pseudoHeaders, s.PHeader, s.HTTP2Transport); err != nil {
 73 | 		return err
 74 | 	}
 75 | 
 76 | 	return nil
 77 | }
 78 | 
 79 | func splitSettings(settings string) []string {
 80 | 	if strings.Contains(settings, ",") {
 81 | 		return strings.Split(settings, ",")
 82 | 	}
 83 | 
 84 | 	return strings.Split(settings, ";")
 85 | }
 86 | 
 87 | func applySettings(settings string, tr *http2.Transport) error {
 88 | 	if settings != "0" {
 89 | 		values := splitSettings(settings)
 90 | 
 91 | 		settingsFrame := make(map[http2.SettingID]uint32, len(values))
 92 | 
 93 | 		var (
 94 | 			id, val uint64
 95 | 			err     error
 96 | 		)
 97 | 
 98 | 		for i, setting := range values {
 99 | 			split := strings.Split(setting, ":")
100 | 			if len(split) != 2 {
101 | 				return fmt.Errorf(invalidSettingsIndex, i, "length")
102 | 			}
103 | 
104 | 			id, err = strconv.ParseUint(split[0], 10, 16)
105 | 			if err != nil {
106 | 				return fmt.Errorf(invalidSettingsIndex, i, "id")
107 | 			}
108 | 
109 | 			val, err = strconv.ParseUint(split[1], 10, 32)
110 | 			if err != nil {
111 | 				return fmt.Errorf(invalidSettingsIndex, i, "value")
112 | 			}
113 | 
114 | 			settingsFrame[http2.SettingID(id)] = uint32(val)
115 | 
116 | 			tr.Settings = settingsFrame
117 | 			tr.SettingsOrder = append(tr.SettingsOrder, http2.SettingID(id))
118 | 		}
119 | 	} else {
120 | 		tr.Settings = make(map[http2.SettingID]uint32)
121 | 	}
122 | 
123 | 	return nil
124 | }
125 | 
126 | func applyWindowUpdate(windowUpdate string, tr *http2.Transport) error {
127 | 	if windowUpdate == "0" {
128 | 		tr.ConnectionFlow = (2 << 15) - 1
129 | 	} else {
130 | 		if ws, err := strconv.Atoi(windowUpdate); err != nil {
131 | 			return fmt.Errorf(invalidWindow, windowUpdate)
132 | 		} else {
133 | 			tr.ConnectionFlow = uint32(ws)
134 | 		}
135 | 	}
136 | 
137 | 	return nil
138 | }
139 | 
140 | func applyPriorities(priorities string, tr *http2.Transport) error {
141 | 	if priorities != "0" {
142 | 		rawPriorities := strings.Split(priorities, ",")
143 | 		streamPriorities := make([]http2.Priority, 0, len(rawPriorities))
144 | 
145 | 		var (
146 | 			id, deps, weight int
147 | 			exclusive        bool
148 | 			err              error
149 | 		)
150 | 
151 | 		for _, priority := range rawPriorities {
152 | 			s2 := strings.Split(priority, ":")
153 | 			if len(s2) != 4 {
154 | 				return fmt.Errorf(invalidPriority, priority)
155 | 			}
156 | 
157 | 			id, err = strconv.Atoi(s2[0])
158 | 			if err != nil {
159 | 				return fmt.Errorf(invalidPriority, priority)
160 | 			}
161 | 
162 | 			if s2[1] != "0" && s2[1] != "1" {
163 | 				return fmt.Errorf(invalidPriority, priority)
164 | 			}
165 | 			exclusive = s2[1] == "1"
166 | 
167 | 			deps, err = strconv.Atoi(s2[2])
168 | 			if err != nil {
169 | 				return fmt.Errorf(invalidPriority, priority)
170 | 			}
171 | 
172 | 			weight, err = strconv.Atoi(s2[3])
173 | 			if err != nil {
174 | 				return fmt.Errorf(invalidPriority, priority)
175 | 			}
176 | 
177 | 			streamPriorities = append(streamPriorities, http2.Priority{
178 | 				StreamID: uint32(id),
179 | 				PriorityParam: http2.PriorityParam{
180 | 					Weight:    uint8(weight - 1),
181 | 					Exclusive: exclusive,
182 | 					StreamDep: uint32(deps),
183 | 				},
184 | 			})
185 | 		}
186 | 
187 | 		tr.Priorities = streamPriorities
188 | 
189 | 	} else {
190 | 		tr.Priorities = make([]http2.Priority, 0)
191 | 	}
192 | 
193 | 	return nil
194 | }
195 | 
196 | func applyPseudoHeaders(pseudoHeaders string, h PHeader, tr *http2.Transport) error {
197 | 	if pseudoHeaders != "0" {
198 | 		headers := strings.Split(pseudoHeaders, ",")
199 | 		if len(headers) != 4 {
200 | 			return fmt.Errorf(invalidPseudo, pseudoHeaders)
201 | 		}
202 | 
203 | 		for i, header := range headers {
204 | 			switch header {
205 | 			case "m":
206 | 				h[i] = Method
207 | 			case "p":
208 | 				h[i] = Path
209 | 			case "s":
210 | 				h[i] = Scheme
211 | 			case "a":
212 | 				h[i] = Authority
213 | 			default:
214 | 				return fmt.Errorf(invalidPseudo, header)
215 | 			}
216 | 		}
217 | 	}
218 | 
219 | 	tr.HeaderPriority = defaultHeaderPriorities("")
220 | 
221 | 	for k, v := range tr.Settings {
222 | 		switch k {
223 | 		case http2.SettingInitialWindowSize:
224 | 			tr.InitialWindowSize = v
225 | 
226 | 		case http2.SettingHeaderTableSize:
227 | 			tr.HeaderTableSize = v
228 | 		}
229 | 	}
230 | 
231 | 	return nil
232 | }
233 | 


--------------------------------------------------------------------------------
/http3.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"errors"
  5 | 	http "github.com/Noooste/fhttp"
  6 | 	tls "github.com/Noooste/utls"
  7 | 	"net/url"
  8 | 	"sync"
  9 | 	"time"
 10 | 
 11 | 	"github.com/Noooste/quic-go"
 12 | 	"github.com/Noooste/quic-go/http3"
 13 | )
 14 | 
 15 | // HTTP3Transport wraps the http3.RoundTripper with proxy support
 16 | type HTTP3Transport struct {
 17 | 	*http3.Transport
 18 | 
 19 | 	// Proxy configuration
 20 | 	ProxyURL    *url.URL
 21 | 	ProxyDialer *proxyDialer
 22 | 
 23 | 	// Connection pool for proxy connections
 24 | 	proxyConnPool sync.Map
 25 | 
 26 | 	// Session reference
 27 | 	sess *Session
 28 | }
 29 | 
 30 | // NewHTTP3Transport creates a new HTTP/3 transport
 31 | func (s *Session) NewHTTP3Transport() (*HTTP3Transport, error) {
 32 | 	tlsConfig := &tls.Config{
 33 | 		InsecureSkipVerify: s.InsecureSkipVerify,
 34 | 	}
 35 | 
 36 | 	quicConfig := &quic.Config{
 37 | 		MaxIdleTimeout:                 90 * time.Second,
 38 | 		HandshakeIdleTimeout:           s.TimeOut,
 39 | 		KeepAlivePeriod:                30 * time.Second,
 40 | 		InitialStreamReceiveWindow:     512 * 1024,
 41 | 		InitialConnectionReceiveWindow: 1024 * 1024,
 42 | 	}
 43 | 
 44 | 	//fn := s.GetClientHelloSpec
 45 | 	//if fn == nil {
 46 | 	//	fn = GetBrowserClientHelloFunc(s.Browser)
 47 | 	//}
 48 | 	//
 49 | 	//quicConfig.TLSGetClientHelloSpec = func() *tls.ClientHelloSpec {
 50 | 	//	spec := fn()
 51 | 	//	if spec == nil {
 52 | 	//		fmt.Println("Warning: GetClientHelloSpec returned nil, using default spec")
 53 | 	//		spec = &tls.ClientHelloSpec{}
 54 | 	//	}
 55 | 	//	for _, ext := range spec.Extensions {
 56 | 	//		switch extension := ext.(type) {
 57 | 	//		case *tls.ALPNExtension:
 58 | 	//			// Ensure HTTP/3 is included in ALPN protocols
 59 | 	//			if !listContains(extension.AlpnProtocols, http3.NextProtoH3) {
 60 | 	//				extension.AlpnProtocols = []string{http3.NextProtoH3}
 61 | 	//			}
 62 | 	//		case *tls.SupportedVersionsExtension:
 63 | 	//			// Ensure HTTP/3 supported versions are included
 64 | 	//			if len(extension.Versions) >= 1 && extension.Versions[0] != tls.VersionTLS13 || len(extension.Versions) == 0 {
 65 | 	//				extension.Versions = []uint16{tls.VersionTLS13}
 66 | 	//			}
 67 | 	//		}
 68 | 	//	}
 69 | 	//	return spec
 70 | 	//}
 71 | 
 72 | 	transport := &HTTP3Transport{
 73 | 		Transport: &http3.Transport{
 74 | 			TLSClientConfig: tlsConfig,
 75 | 			QUICConfig:      quicConfig,
 76 | 			Dial:            s.dialQUIC,
 77 | 		},
 78 | 		sess: s,
 79 | 	}
 80 | 
 81 | 	if s.ProxyDialer != nil {
 82 | 		transport.ProxyURL = s.ProxyDialer.ProxyURL
 83 | 		transport.ProxyDialer = s.ProxyDialer
 84 | 	}
 85 | 
 86 | 	return transport, nil
 87 | }
 88 | 
 89 | // RoundTrip implements the http.RoundTripper interface with proxy support
 90 | func (t *HTTP3Transport) RoundTrip(req *http.Request) (*http.Response, error) {
 91 | 	// Direct connection
 92 | 	return t.Transport.RoundTrip(req)
 93 | }
 94 | 
 95 | // fallbackToHTTP2 falls back to HTTP/2 when HTTP/3 through proxy isn't available
 96 | func (t *HTTP3Transport) fallbackToHTTP2(req *http.Request) (*http.Response, error) {
 97 | 	// Clone request and force HTTP/2
 98 | 	newReq := req.Clone(req.Context())
 99 | 
100 | 	// Use the session's HTTP/2 transport
101 | 	if t.sess.HTTP2Transport != nil {
102 | 		return t.sess.HTTP2Transport.RoundTrip(newReq)
103 | 	}
104 | 
105 | 	return nil, errors.New("HTTP/2 transport not available for fallback")
106 | }
107 | 


--------------------------------------------------------------------------------
/logger.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	http "github.com/Noooste/fhttp"
  6 | 	"github.com/fatih/color"
  7 | 	"net/url"
  8 | 	"regexp"
  9 | 	"strings"
 10 | 	"time"
 11 | )
 12 | 
 13 | // Log will print the request and response to the console
 14 | //
 15 | // uris (optional) is a list of uris to ignore,
 16 | // if ignore is empty, all uris will be logged
 17 | func (s *Session) Log(uris ...string) {
 18 | 	s.logging = true
 19 | 
 20 | 	s.loggingIgnore = make([]*regexp.Regexp, 0, len(uris))
 21 | 
 22 | 	for _, v := range uris {
 23 | 		s.loggingIgnore = append(s.loggingIgnore, regexp.MustCompile(
 24 | 			fmt.Sprintf(".*%s.*",
 25 | 				strings.ReplaceAll(
 26 | 					replaceNonAlphaNumeric(v), "*\\.", ".*\\.?",
 27 | 				),
 28 | 			),
 29 | 		))
 30 | 	}
 31 | }
 32 | 
 33 | // DisableLog will disable request and response logging
 34 | func (s *Session) DisableLog() {
 35 | 	s.logging = false
 36 | }
 37 | 
 38 | // EnableLog will enable request and response logging
 39 | func (s *Session) EnableLog() {
 40 | 	s.logging = true
 41 | }
 42 | 
 43 | // LogIgnore will check if the given uri is ignored from dumping
 44 | func (s *Session) LogIgnore(uri string) bool {
 45 | 	parsed, err := url.Parse(uri)
 46 | 
 47 | 	if err != nil {
 48 | 		return false
 49 | 	}
 50 | 
 51 | 	return s.urlMatch(parsed, s.loggingIgnore)
 52 | }
 53 | 
 54 | var colorMethodMap = map[string]*color.Color{
 55 | 	http.MethodGet:     color.New(color.BgBlue, color.FgHiWhite),
 56 | 	http.MethodPost:    color.New(color.BgHiBlue, color.FgHiWhite),
 57 | 	http.MethodPut:     color.New(color.BgHiYellow, color.FgBlack),
 58 | 	http.MethodPatch:   color.New(color.BgHiMagenta, color.FgHiWhite),
 59 | 	http.MethodDelete:  color.New(color.BgHiRed, color.FgHiWhite),
 60 | 	http.MethodOptions: color.New(color.BgHiCyan, color.FgHiWhite),
 61 | 	http.MethodConnect: color.New(color.BgHiWhite, color.FgBlack),
 62 | }
 63 | 
 64 | func centerString(s string, width int) string {
 65 | 	if len(s) >= width {
 66 | 		return s
 67 | 	}
 68 | 	leftPadding := (width - len(s)) / 2
 69 | 	rightPadding := width - len(s) - leftPadding
 70 | 	return strings.Repeat(" ", leftPadding) + s + strings.Repeat(" ", rightPadding)
 71 | }
 72 | 
 73 | func (s *Session) logRequest(request *Request) {
 74 | 	if !s.logging || s.urlMatch(request.parsedUrl, s.loggingIgnore) {
 75 | 		return
 76 | 	}
 77 | 
 78 | 	fmt.Printf("[%s] %v |%s | %s | %25s | %#v\n",
 79 | 		color.CyanString("AZURETLS"),
 80 | 		request.startTime.Format("01/02/2006 - 15:04:05"),
 81 | 		colorMethodMap[request.Method].Sprintf(" %-8s", request.Method),
 82 | 		centerString(request.Proto, 8),
 83 | 		request.parsedUrl.Host,
 84 | 		request.parsedUrl.Path,
 85 | 	)
 86 | }
 87 | 
 88 | func getColorStatus(status int) *color.Color {
 89 | 	switch {
 90 | 	case status < 200:
 91 | 		return color.New(color.BgHiCyan, color.FgHiWhite)
 92 | 	case status < 300:
 93 | 		return color.New(color.BgHiGreen, color.FgHiWhite)
 94 | 	case status < 400:
 95 | 		return color.New(color.BgHiYellow, color.FgHiWhite)
 96 | 	default:
 97 | 		return color.New(color.BgHiRed, color.FgHiWhite)
 98 | 	}
 99 | }
100 | 
101 | func (s *Session) logResponse(response *Response, err error) {
102 | 	if !s.logging || s.urlMatch(response.Request.parsedUrl, s.loggingIgnore) {
103 | 		return
104 | 	}
105 | 
106 | 	now := time.Now()
107 | 
108 | 	if err != nil {
109 | 		fmt.Printf("[%s] %v | %s | %13v | %25s | %#v\n",
110 | 			color.CyanString("AZURETLS"),
111 | 			now.Format("01/02/2006 - 15:04:05"),
112 | 			color.New(color.BgRed, color.FgBlack).Sprint(err),
113 | 			now.Sub(response.Request.startTime),
114 | 			response.Request.parsedUrl.Host,
115 | 			response.Request.parsedUrl.Path,
116 | 		)
117 | 		return
118 | 	}
119 | 
120 | 	fmt.Printf("[%s] %v |%s| %13v | %25s | %#v\n",
121 | 		color.CyanString("AZURETLS"),
122 | 		now.Format("01/02/2006 - 15:04:05"),
123 | 		getColorStatus(response.StatusCode).Sprintf(" %3d ", response.StatusCode),
124 | 		now.Sub(response.Request.startTime),
125 | 		response.Request.parsedUrl.Host,
126 | 		response.Request.parsedUrl.Path,
127 | 	)
128 | }
129 | 
130 | // EnableVerbose enables verbose logging
131 | //
132 | // Deprecated: use Dump instead
133 | func (s *Session) EnableVerbose(path string, ignoreHost []string) error {
134 | 	return s.Dump(path, ignoreHost...)
135 | }
136 | 


--------------------------------------------------------------------------------
/pinner.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"crypto/sha256"
  5 | 	"crypto/x509"
  6 | 	"encoding/base64"
  7 | 	"errors"
  8 | 	tls "github.com/Noooste/utls"
  9 | 	"net/url"
 10 | 	"sync"
 11 | )
 12 | 
 13 | var DefaultPinManager *PinManager
 14 | 
 15 | func init() {
 16 | 	DefaultPinManager = NewPinManager()
 17 | }
 18 | 
 19 | // Fingerprint computes the SHA256 Fingerprint of a given certificate's
 20 | // RawSubjectPublicKeyInfo. This is useful for obtaining a consistent
 21 | // identifier for a certificate's public key. The result is then base64-encoded
 22 | // to give a string representation which can be conveniently stored or compared.
 23 | func Fingerprint(c *x509.Certificate) string {
 24 | 	digest := sha256.Sum256(c.RawSubjectPublicKeyInfo)
 25 | 	return base64.StdEncoding.EncodeToString(digest[:])
 26 | }
 27 | 
 28 | type PinHost struct {
 29 | 	mu sync.RWMutex    // Read-Write mutex ensuring concurrent access safety.
 30 | 	m  map[string]bool // A map representing the certificate pins. If a pin exists and is set to true, it is considered valid.
 31 | }
 32 | 
 33 | // PinManager is a concurrency-safe struct designed to manage
 34 | // and verify public key pinning for SSL/TLS certificates. Public key pinning
 35 | // is a security feature which can be used to specify a set of valid public keys
 36 | // for a particular web service, thus preventing man-in-the-middle attacks
 37 | // due to rogue certificates.
 38 | type PinManager struct {
 39 | 	hosts map[string]*PinHost // A map of PinHost instances, each representing a set of pins for a specific host.
 40 | 	mu    sync.RWMutex        // Read-Write mutex ensuring concurrent access safety.
 41 | }
 42 | 
 43 | // NewPinManager initializes a new instance of PinManager with
 44 | // an empty set of pins. This is the entry point to begin using
 45 | // the pinning functionality.
 46 | func NewPinManager() *PinManager {
 47 | 	return &PinManager{
 48 | 		hosts: make(map[string]*PinHost),
 49 | 	}
 50 | }
 51 | 
 52 | // AddPin safely adds a new pin (Fingerprint) to the PinManager.
 53 | // If a service's certificate changes (e.g., due to renewal), new pins
 54 | // should be added to continue trusting the service.
 55 | func (p *PinHost) AddPin(pin string) {
 56 | 	p.mu.Lock()
 57 | 	defer p.mu.Unlock()
 58 | 	p.m[pin] = true
 59 | }
 60 | 
 61 | func (p *PinHost) AddPins(pin []string) {
 62 | 	p.mu.Lock()
 63 | 	defer p.mu.Unlock()
 64 | 	for _, v := range pin {
 65 | 		p.m[v] = true
 66 | 	}
 67 | }
 68 | 
 69 | // Verify checks whether a given certificate's public key is
 70 | // currently pinned in the PinManager. This method should be
 71 | // used during the SSL/TLS handshake to ensure the remote service's
 72 | // certificate matches a previously pinned public key.
 73 | func (p *PinHost) Verify(c *x509.Certificate) bool {
 74 | 	fp := Fingerprint(c)
 75 | 
 76 | 	p.mu.RLock()
 77 | 	defer p.mu.RUnlock()
 78 | 
 79 | 	v, ok := p.m[fp]
 80 | 
 81 | 	return ok && v
 82 | }
 83 | 
 84 | // New establishes a connection to the provided address, retrieves
 85 | // its SSL/TLS certificates, and pins their public keys in the
 86 | // PinManager. This can be used initially to populate the PinManager
 87 | // with pins from a trusted service.
 88 | func (p *PinHost) New(addr string) (err error) {
 89 | 	dial, err := tls.Dial("tcp", addr, &tls.Config{InsecureSkipVerify: true})
 90 | 	if err != nil {
 91 | 		return errors.New("failed to generate pins for " + addr + ": " + err.Error())
 92 | 	}
 93 | 
 94 | 	cs := dial.ConnectionState()
 95 | 	_ = dial.Close()
 96 | 
 97 | 	var pins = make([]string, 0, len(cs.PeerCertificates))
 98 | 	for _, c := range cs.PeerCertificates {
 99 | 		pins = append(pins, Fingerprint(c))
100 | 	}
101 | 
102 | 	p.mu.Lock()
103 | 	for _, c := range pins {
104 | 		p.m[c] = true
105 | 	}
106 | 	p.mu.Unlock()
107 | 
108 | 	return nil
109 | }
110 | 
111 | func (p *PinHost) GetPins() []string {
112 | 	p.mu.RLock()
113 | 	defer p.mu.RUnlock()
114 | 
115 | 	var pins = make([]string, 0, len(p.m))
116 | 	for k, v := range p.m {
117 | 		if !v {
118 | 			continue
119 | 		}
120 | 		pins = append(pins, k)
121 | 	}
122 | 
123 | 	return pins
124 | }
125 | 
126 | func (p *PinManager) Clear(host string) {
127 | 	p.mu.Lock()
128 | 	defer p.mu.Unlock()
129 | 	if _, ok := p.hosts[host]; !ok {
130 | 		return
131 | 	}
132 | 	delete(p.hosts, host)
133 | }
134 | 
135 | func (p *PinManager) AddHost(host string) error {
136 | 	p.mu.Lock()
137 | 	defer p.mu.Unlock()
138 | 	if _, ok := p.hosts[host]; !ok {
139 | 		ph := &PinHost{
140 | 			m: make(map[string]bool),
141 | 		}
142 | 		if err := ph.New(host); err != nil {
143 | 			return err
144 | 		}
145 | 		p.hosts[host] = ph
146 | 	}
147 | 	return nil
148 | }
149 | 
150 | func (p *PinManager) AddPins(host string, pins []string) {
151 | 	p.mu.Lock()
152 | 	defer p.mu.Unlock()
153 | 	if v, ok := p.hosts[host]; !ok {
154 | 		var gp = make(map[string]bool, len(pins))
155 | 		for _, v := range pins {
156 | 			gp[v] = true
157 | 		}
158 | 		p.hosts[host] = &PinHost{
159 | 			m: gp,
160 | 		}
161 | 	} else {
162 | 		v.AddPins(pins)
163 | 	}
164 | }
165 | 
166 | // GetHost retrieves the PinHost associated with a specific host.
167 | // This is useful for checking if a host has any pinned certificates
168 | // and for verifying certificates against the pins.
169 | func (p *PinManager) GetHost(host string) *PinHost {
170 | 	p.mu.RLock()
171 | 	defer p.mu.RUnlock()
172 | 	return p.hosts[host]
173 | }
174 | 
175 | // AddPins associates a set of certificate pins with a given URL within
176 | // a session. This allows for URL-specific pinning, useful in scenarios
177 | // where different services (URLs) are trusted with different certificates.
178 | func (s *Session) AddPins(u *url.URL, pins []string) error {
179 | 	s.PinManager.AddPins(getHost(u), pins)
180 | 	return nil
181 | }
182 | 
183 | // ClearPins removes all pinned certificates associated
184 | // with a specific URL in the session. This can be used to reset trust
185 | // settings or in scenarios where a service's certificate is no longer deemed trustworthy.
186 | func (s *Session) ClearPins(u *url.URL) error {
187 | 	s.PinManager.Clear(getHost(u))
188 | 	return nil
189 | }
190 | 


--------------------------------------------------------------------------------
/presets.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/fhttp/http2"
  5 | 	"math"
  6 | )
  7 | 
  8 | const (
  9 | 	Chrome  = "chrome"
 10 | 	Firefox = "firefox"
 11 | 	Opera   = "opera"
 12 | 	Safari  = "safari"
 13 | 	Edge    = "edge"
 14 | 	Ios     = "ios"
 15 | 	Android = "android" //deprecated
 16 | )
 17 | 
 18 | func defaultHeaderSettings(navigator string) (map[http2.SettingID]uint32, []http2.SettingID) {
 19 | 	switch navigator {
 20 | 	case Firefox:
 21 | 		return map[http2.SettingID]uint32{
 22 | 				http2.SettingHeaderTableSize:   65536,
 23 | 				http2.SettingEnablePush:        0,
 24 | 				http2.SettingInitialWindowSize: 131072,
 25 | 				http2.SettingMaxFrameSize:      16384,
 26 | 			}, []http2.SettingID{
 27 | 				http2.SettingHeaderTableSize,
 28 | 				http2.SettingEnablePush,
 29 | 				http2.SettingInitialWindowSize,
 30 | 				http2.SettingMaxFrameSize,
 31 | 			}
 32 | 
 33 | 	case Ios:
 34 | 		return map[http2.SettingID]uint32{
 35 | 				http2.SettingHeaderTableSize:      4096,
 36 | 				http2.SettingMaxConcurrentStreams: 100,
 37 | 				http2.SettingInitialWindowSize:    2097152,
 38 | 				http2.SettingMaxFrameSize:         16384,
 39 | 				http2.SettingMaxHeaderListSize:    math.MaxUint32,
 40 | 			}, []http2.SettingID{
 41 | 				http2.SettingHeaderTableSize,
 42 | 				http2.SettingMaxConcurrentStreams,
 43 | 				http2.SettingInitialWindowSize,
 44 | 				http2.SettingMaxFrameSize,
 45 | 				http2.SettingMaxHeaderListSize,
 46 | 			}
 47 | 
 48 | 	case Safari:
 49 | 		return map[http2.SettingID]uint32{
 50 | 				http2.SettingEnablePush:           0,
 51 | 				http2.SettingMaxConcurrentStreams: 100,
 52 | 				http2.SettingInitialWindowSize:    2097152,
 53 | 				0x8:                               1,
 54 | 				0x9:                               1,
 55 | 			}, []http2.SettingID{
 56 | 				http2.SettingEnablePush,
 57 | 				http2.SettingMaxConcurrentStreams,
 58 | 				http2.SettingInitialWindowSize,
 59 | 				0x8,
 60 | 				0x9,
 61 | 			}
 62 | 
 63 | 	default: //chrome
 64 | 		return map[http2.SettingID]uint32{
 65 | 				http2.SettingHeaderTableSize:   65536,
 66 | 				http2.SettingEnablePush:        0,
 67 | 				http2.SettingInitialWindowSize: 6291456,
 68 | 				http2.SettingMaxHeaderListSize: 262144,
 69 | 			}, []http2.SettingID{
 70 | 				http2.SettingHeaderTableSize,
 71 | 				http2.SettingEnablePush,
 72 | 				http2.SettingInitialWindowSize,
 73 | 				http2.SettingMaxHeaderListSize,
 74 | 			}
 75 | 	}
 76 | }
 77 | 
 78 | func defaultWindowsUpdate(navigator string) uint32 {
 79 | 	switch navigator {
 80 | 	case Firefox:
 81 | 		return 12517377
 82 | 	case Ios:
 83 | 		return 15663105
 84 | 	case Safari:
 85 | 		return 10420225
 86 | 	default:
 87 | 		return 15663105
 88 | 	}
 89 | }
 90 | 
 91 | func defaultStreamPriorities(navigator string) []http2.Priority {
 92 | 	switch navigator {
 93 | 	default:
 94 | 		return []http2.Priority{}
 95 | 	}
 96 | }
 97 | 
 98 | func defaultHeaderPriorities(navigator string) *http2.PriorityParam {
 99 | 	switch navigator {
100 | 	case Firefox:
101 | 		return &http2.PriorityParam{
102 | 			Weight:    41,
103 | 			StreamDep: 0,
104 | 			Exclusive: false,
105 | 		}
106 | 
107 | 	case Ios:
108 | 		return &http2.PriorityParam{
109 | 			Weight:    254,
110 | 			StreamDep: 0,
111 | 			Exclusive: false,
112 | 		}
113 | 
114 | 	default: // chrome
115 | 		return &http2.PriorityParam{
116 | 			Weight:    255,
117 | 			StreamDep: 0,
118 | 			Exclusive: true,
119 | 		}
120 | 	}
121 | }
122 | 


--------------------------------------------------------------------------------
/profiles.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/fhttp/http2"
  5 | 	tls "github.com/Noooste/utls"
  6 | 	"github.com/Noooste/utls/dicttls"
  7 | 	"math/rand"
  8 | )
  9 | 
 10 | // GetBrowserClientHelloFunc returns a function that returns a ClientHelloSpec for a specific browser
 11 | func GetBrowserClientHelloFunc(browser string) func() *tls.ClientHelloSpec {
 12 | 	switch browser {
 13 | 	case Chrome, Edge, Opera:
 14 | 		return GetLastChromeVersion
 15 | 	case Firefox:
 16 | 		return GetLastFirefoxVersion
 17 | 	case Ios:
 18 | 		return GetLastIosVersion
 19 | 	case Safari:
 20 | 		return GetLastSafariVersion
 21 | 	default:
 22 | 		return GetLastChromeVersion
 23 | 	}
 24 | }
 25 | 
 26 | // since version 110, Chrome TLS Client Hello extensions are shuffled
 27 | // https://www.fastly.com/blog/a-first-look-at-chromes-tls-clienthello-permutation-in-the-wild
 28 | // replace the rdn.Shuffle with a custom shuffle to avoid the panic
 29 | // see issue 102
 30 | func getShuffledExtensions(extensions []tls.TLSExtension) []tls.TLSExtension {
 31 | 	extensionsLength := len(extensions)
 32 | 
 33 | 	dest := make([]tls.TLSExtension, extensionsLength)
 34 | 	perm := rand.Perm(extensionsLength)
 35 | 	for i, v := range perm {
 36 | 		dest[v] = extensions[i]
 37 | 	}
 38 | 
 39 | 	final := make([]tls.TLSExtension, 0, extensionsLength+3) // first grease + last grease + padding
 40 | 	final = append(final, &tls.UtlsGREASEExtension{})
 41 | 	final = append(final, dest...)
 42 | 	final = append(final, &tls.UtlsGREASEExtension{})
 43 | 	final = append(final, &tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle})
 44 | 
 45 | 	return final
 46 | }
 47 | 
 48 | // GetLastChromeVersion apply the latest Chrome version
 49 | // Current Chrome version : 133
 50 | func GetLastChromeVersion() *tls.ClientHelloSpec {
 51 | 	extensions := []tls.TLSExtension{
 52 | 		// &tls.UtlsGREASEExtension{},
 53 | 		&tls.KeyShareExtension{
 54 | 			KeyShares: []tls.KeyShare{
 55 | 				{Group: tls.CurveID(tls.GREASE_PLACEHOLDER), Data: []byte{0}},
 56 | 				{Group: tls.X25519MLKEM768},
 57 | 				{Group: tls.X25519},
 58 | 			},
 59 | 		},
 60 | 		&tls.ALPNExtension{AlpnProtocols: []string{
 61 | 			http2.NextProtoTLS,
 62 | 			"http/1.1",
 63 | 		}},
 64 | 		&tls.SNIExtension{},
 65 | 		&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
 66 | 			tls.ECDSAWithP256AndSHA256,
 67 | 			tls.PSSWithSHA256,
 68 | 			tls.PKCS1WithSHA256,
 69 | 			tls.ECDSAWithP384AndSHA384,
 70 | 			tls.PSSWithSHA384,
 71 | 			tls.PKCS1WithSHA384,
 72 | 			tls.PSSWithSHA512,
 73 | 			tls.PKCS1WithSHA512,
 74 | 		}},
 75 | 		&tls.ExtendedMasterSecretExtension{},
 76 | 		&tls.SessionTicketExtension{},
 77 | 		&tls.SCTExtension{},
 78 | 		&tls.RenegotiationInfoExtension{},
 79 | 		&tls.PSKKeyExchangeModesExtension{Modes: []uint8{
 80 | 			tls.PskModeDHE,
 81 | 		}},
 82 | 		&tls.ApplicationSettingsExtension{SupportedProtocols: []string{http2.NextProtoTLS}},
 83 | 		&tls.UtlsCompressCertExtension{Algorithms: []tls.CertCompressionAlgo{
 84 | 			tls.CertCompressionBrotli,
 85 | 		}},
 86 | 		&tls.SupportedVersionsExtension{Versions: []uint16{
 87 | 			tls.GREASE_PLACEHOLDER,
 88 | 			tls.VersionTLS13,
 89 | 			tls.VersionTLS12,
 90 | 		}},
 91 | 		&tls.SupportedCurvesExtension{Curves: []tls.CurveID{
 92 | 			tls.GREASE_PLACEHOLDER,
 93 | 			tls.X25519MLKEM768,
 94 | 			tls.X25519,
 95 | 			tls.CurveP256,
 96 | 			tls.CurveP384,
 97 | 		}},
 98 | 		&tls.StatusRequestExtension{},
 99 | 		&tls.SupportedPointsExtension{SupportedPoints: []byte{
100 | 			0x00, // pointFormatUncompressed
101 | 		}},
102 | 		&tls.GREASEEncryptedClientHelloExtension{
103 | 			CandidateCipherSuites: []tls.HPKESymmetricCipherSuite{
104 | 				{
105 | 					KdfId:  dicttls.HKDF_SHA256,
106 | 					AeadId: dicttls.AEAD_AES_128_GCM,
107 | 				},
108 | 			},
109 | 			CandidatePayloadLens: []uint16{128, 160, 192, 224}, // +16: 144, 176, 208, 240
110 | 		},
111 | 		// &tls.UtlsGREASEExtension{},
112 | 		// &tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
113 | 	}
114 | 
115 | 	return &tls.ClientHelloSpec{
116 | 		CipherSuites: []uint16{
117 | 			tls.GREASE_PLACEHOLDER,
118 | 			tls.TLS_AES_128_GCM_SHA256,
119 | 			tls.TLS_AES_256_GCM_SHA384,
120 | 			tls.TLS_CHACHA20_POLY1305_SHA256,
121 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
122 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
123 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
124 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
125 | 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
126 | 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
127 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
128 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
129 | 			tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
130 | 			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
131 | 			tls.TLS_RSA_WITH_AES_128_CBC_SHA,
132 | 			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
133 | 		},
134 | 		CompressionMethods: []byte{
135 | 			0x00, // compressionNone
136 | 		},
137 | 		Extensions: getShuffledExtensions(extensions),
138 | 	}
139 | }
140 | 
141 | func GetLastIosVersion() *tls.ClientHelloSpec {
142 | 	return &tls.ClientHelloSpec{
143 | 		TLSVersMin: tls.VersionTLS10,
144 | 		TLSVersMax: tls.VersionTLS13,
145 | 		CipherSuites: []uint16{
146 | 			tls.GREASE_PLACEHOLDER,
147 | 			tls.TLS_AES_128_GCM_SHA256,
148 | 			tls.TLS_AES_256_GCM_SHA384,
149 | 			tls.TLS_CHACHA20_POLY1305_SHA256,
150 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
151 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
152 | 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
153 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
154 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
155 | 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
156 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
157 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
158 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
159 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
160 | 			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
161 | 			tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
162 | 			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
163 | 			tls.TLS_RSA_WITH_AES_128_CBC_SHA,
164 | 			tls.FAKE_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
165 | 			tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
166 | 			tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
167 | 		},
168 | 		CompressionMethods: []uint8{
169 | 			0x0, // no compression
170 | 		},
171 | 		Extensions: []tls.TLSExtension{
172 | 			&tls.UtlsGREASEExtension{},
173 | 			&tls.SNIExtension{},
174 | 			&tls.ExtendedMasterSecretExtension{},
175 | 			&tls.RenegotiationInfoExtension{
176 | 				Renegotiation: tls.RenegotiateOnceAsClient,
177 | 			},
178 | 			&tls.SupportedCurvesExtension{
179 | 				Curves: []tls.CurveID{
180 | 					tls.GREASE_PLACEHOLDER,
181 | 					tls.X25519,
182 | 					tls.CurveP256,
183 | 					tls.CurveP384,
184 | 					tls.CurveP521,
185 | 				},
186 | 			},
187 | 			&tls.SupportedPointsExtension{
188 | 				SupportedPoints: []uint8{
189 | 					0x0, // uncompressed
190 | 				},
191 | 			},
192 | 			&tls.ALPNExtension{
193 | 				AlpnProtocols: []string{
194 | 					"h2",
195 | 					"http/1.1",
196 | 				},
197 | 			},
198 | 			&tls.StatusRequestExtension{},
199 | 			&tls.SignatureAlgorithmsExtension{
200 | 				SupportedSignatureAlgorithms: []tls.SignatureScheme{
201 | 					tls.ECDSAWithP256AndSHA256,
202 | 					tls.PSSWithSHA256,
203 | 					tls.PKCS1WithSHA256,
204 | 					tls.ECDSAWithP384AndSHA384,
205 | 					tls.ECDSAWithSHA1,
206 | 					tls.PSSWithSHA384,
207 | 					tls.PSSWithSHA384,
208 | 					tls.PKCS1WithSHA384,
209 | 					tls.PSSWithSHA512,
210 | 					tls.PKCS1WithSHA512,
211 | 					tls.PKCS1WithSHA1,
212 | 				},
213 | 			},
214 | 			&tls.SCTExtension{},
215 | 			&tls.KeyShareExtension{
216 | 				KeyShares: []tls.KeyShare{
217 | 					{
218 | 						Group: tls.GREASE_PLACEHOLDER,
219 | 						Data: []byte{
220 | 							0,
221 | 						},
222 | 					},
223 | 					{
224 | 						Group: tls.X25519,
225 | 					},
226 | 				},
227 | 			},
228 | 			&tls.PSKKeyExchangeModesExtension{
229 | 				Modes: []uint8{
230 | 					tls.PskModeDHE,
231 | 				},
232 | 			},
233 | 			&tls.SupportedVersionsExtension{
234 | 				Versions: []uint16{
235 | 					tls.GREASE_PLACEHOLDER,
236 | 					tls.VersionTLS13,
237 | 					tls.VersionTLS12,
238 | 					tls.VersionTLS11,
239 | 					tls.VersionTLS10,
240 | 				},
241 | 			},
242 | 			&tls.UtlsCompressCertExtension{
243 | 				Algorithms: []tls.CertCompressionAlgo{
244 | 					tls.CertCompressionZlib,
245 | 				},
246 | 			},
247 | 			&tls.UtlsGREASEExtension{},
248 | 			&tls.UtlsPaddingExtension{
249 | 				GetPaddingLen: tls.BoringPaddingStyle,
250 | 			},
251 | 		},
252 | 	}
253 | }
254 | 
255 | func GetLastSafariVersion() *tls.ClientHelloSpec {
256 | 	return &tls.ClientHelloSpec{
257 | 		CipherSuites: []uint16{
258 | 			tls.GREASE_PLACEHOLDER,
259 | 			tls.TLS_AES_128_GCM_SHA256,
260 | 			tls.TLS_AES_256_GCM_SHA384,
261 | 			tls.TLS_CHACHA20_POLY1305_SHA256,
262 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
263 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
264 | 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
265 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
266 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
267 | 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
268 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
269 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
270 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
271 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
272 | 			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
273 | 			tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
274 | 			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
275 | 			tls.TLS_RSA_WITH_AES_128_CBC_SHA,
276 | 			tls.FAKE_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
277 | 			tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
278 | 			tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
279 | 		},
280 | 		CompressionMethods: []uint8{
281 | 			0x0,
282 | 		},
283 | 		Extensions: []tls.TLSExtension{
284 | 			&tls.UtlsGREASEExtension{},
285 | 			&tls.SNIExtension{},
286 | 			&tls.ExtendedMasterSecretExtension{},
287 | 			&tls.RenegotiationInfoExtension{Renegotiation: tls.RenegotiateOnceAsClient},
288 | 			&tls.SupportedCurvesExtension{Curves: []tls.CurveID{
289 | 				tls.GREASE_PLACEHOLDER,
290 | 				tls.X25519,
291 | 				tls.CurveP256,
292 | 				tls.CurveP384,
293 | 				tls.CurveP521,
294 | 			}},
295 | 			&tls.SupportedPointsExtension{SupportedPoints: []byte{
296 | 				0x0,
297 | 			}},
298 | 			&tls.ALPNExtension{AlpnProtocols: []string{"h2", "http/1.1"}},
299 | 			&tls.StatusRequestExtension{},
300 | 			&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
301 | 				tls.ECDSAWithP256AndSHA256,
302 | 				tls.PSSWithSHA256,
303 | 				tls.PKCS1WithSHA256,
304 | 				tls.ECDSAWithP384AndSHA384,
305 | 				tls.PSSWithSHA384,
306 | 				tls.PSSWithSHA384,
307 | 				tls.PKCS1WithSHA384,
308 | 				tls.PSSWithSHA512,
309 | 				tls.PKCS1WithSHA512,
310 | 				tls.PKCS1WithSHA1,
311 | 			}},
312 | 			&tls.SCTExtension{},
313 | 			&tls.KeyShareExtension{KeyShares: []tls.KeyShare{
314 | 				{Group: tls.CurveID(tls.GREASE_PLACEHOLDER), Data: []byte{0}},
315 | 				{Group: tls.X25519},
316 | 			}},
317 | 			&tls.PSKKeyExchangeModesExtension{Modes: []uint8{
318 | 				tls.PskModeDHE,
319 | 			}},
320 | 			&tls.SupportedVersionsExtension{Versions: []uint16{
321 | 				tls.GREASE_PLACEHOLDER,
322 | 				tls.VersionTLS13,
323 | 				tls.VersionTLS12,
324 | 				tls.VersionTLS11,
325 | 				tls.VersionTLS10,
326 | 			}},
327 | 			&tls.UtlsCompressCertExtension{Algorithms: []tls.CertCompressionAlgo{
328 | 				tls.CertCompressionZlib,
329 | 			}},
330 | 			&tls.UtlsGREASEExtension{},
331 | 			&tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
332 | 		},
333 | 	}
334 | }
335 | 
336 | // GetLastFirefoxVersion apply the latest Firefox,
337 | // version 138
338 | func GetLastFirefoxVersion() *tls.ClientHelloSpec {
339 | 	return &tls.ClientHelloSpec{
340 | 		CipherSuites: []uint16{
341 | 			tls.TLS_AES_128_GCM_SHA256,
342 | 			tls.TLS_CHACHA20_POLY1305_SHA256,
343 | 			tls.TLS_AES_256_GCM_SHA384,
344 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
345 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
346 | 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
347 | 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
348 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
349 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
350 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
351 | 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
352 | 			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
353 | 			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
354 | 			tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
355 | 			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
356 | 			tls.TLS_RSA_WITH_AES_128_CBC_SHA,
357 | 			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
358 | 		},
359 | 		CompressionMethods: []uint8{
360 | 			0x0, // no compression
361 | 		},
362 | 		Extensions: []tls.TLSExtension{
363 | 			&tls.SNIExtension{},
364 | 			&tls.ExtendedMasterSecretExtension{},
365 | 			&tls.RenegotiationInfoExtension{
366 | 				Renegotiation: tls.RenegotiateOnceAsClient,
367 | 			},
368 | 			&tls.SupportedCurvesExtension{Curves: []tls.CurveID{
369 | 				tls.X25519MLKEM768,
370 | 				tls.X25519,
371 | 				tls.CurveP256,
372 | 				tls.CurveP384,
373 | 				tls.CurveP521,
374 | 				tls.FakeCurveFFDHE2048,
375 | 				tls.FakeCurveFFDHE3072,
376 | 			}},
377 | 			&tls.SupportedPointsExtension{SupportedPoints: []byte{
378 | 				0x00, // pointFormatUncompressed
379 | 			}},
380 | 			&tls.SessionTicketExtension{},
381 | 			&tls.ALPNExtension{AlpnProtocols: []string{
382 | 				"h2",
383 | 				"http/1.1",
384 | 			}},
385 | 			&tls.StatusRequestExtension{},
386 | 			&tls.DelegatedCredentialsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
387 | 				tls.ECDSAWithP256AndSHA256,
388 | 				tls.ECDSAWithP384AndSHA384,
389 | 				tls.ECDSAWithP521AndSHA512,
390 | 				tls.ECDSAWithSHA1,
391 | 			}},
392 | 			&tls.SCTExtension{},
393 | 			&tls.KeyShareExtension{KeyShares: []tls.KeyShare{
394 | 				{Group: tls.X25519MLKEM768},
395 | 				{Group: tls.X25519},
396 | 				{Group: tls.CurveP256},
397 | 			}},
398 | 			&tls.SupportedVersionsExtension{Versions: []uint16{
399 | 				tls.VersionTLS13,
400 | 				tls.VersionTLS12,
401 | 			}},
402 | 			&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
403 | 				tls.ECDSAWithP256AndSHA256,
404 | 				tls.ECDSAWithP384AndSHA384,
405 | 				tls.ECDSAWithP521AndSHA512,
406 | 				tls.PSSWithSHA256,
407 | 				tls.PSSWithSHA384,
408 | 				tls.PSSWithSHA512,
409 | 				tls.PKCS1WithSHA256,
410 | 				tls.PKCS1WithSHA384,
411 | 				tls.PKCS1WithSHA512,
412 | 				tls.ECDSAWithSHA1,
413 | 				tls.PKCS1WithSHA1,
414 | 			}},
415 | 			&tls.PSKKeyExchangeModesExtension{
416 | 				Modes: []uint8{
417 | 					tls.PskModeDHE,
418 | 				},
419 | 			},
420 | 			&tls.FakeRecordSizeLimitExtension{Limit: 0x4001},
421 | 			&tls.UtlsCompressCertExtension{Algorithms: []tls.CertCompressionAlgo{
422 | 				tls.CertCompressionZlib,
423 | 				tls.CertCompressionBrotli,
424 | 				tls.CertCompressionZstd,
425 | 			}},
426 | 			&tls.GREASEEncryptedClientHelloExtension{
427 | 				CandidateCipherSuites: []tls.HPKESymmetricCipherSuite{
428 | 					{
429 | 						KdfId:  dicttls.HKDF_SHA256,
430 | 						AeadId: dicttls.AEAD_AES_128_GCM,
431 | 					},
432 | 					{
433 | 						KdfId:  dicttls.HKDF_SHA256,
434 | 						AeadId: dicttls.AEAD_AES_256_GCM,
435 | 					},
436 | 					{
437 | 						KdfId:  dicttls.HKDF_SHA256,
438 | 						AeadId: dicttls.AEAD_CHACHA20_POLY1305,
439 | 					},
440 | 				},
441 | 				CandidatePayloadLens: []uint16{128, 223}, // +16: 144, 239
442 | 			},
443 | 		},
444 | 	}
445 | }
446 | 


--------------------------------------------------------------------------------
/proxy.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"bufio"
  5 | 	"context"
  6 | 	"encoding/base64"
  7 | 	"errors"
  8 | 	"fmt"
  9 | 	http "github.com/Noooste/fhttp"
 10 | 	"github.com/Noooste/fhttp/http2"
 11 | 	tls "github.com/Noooste/utls"
 12 | 	"golang.org/x/net/proxy"
 13 | 	"io"
 14 | 	"net"
 15 | 	"net/url"
 16 | 	"strings"
 17 | 	"sync"
 18 | )
 19 | 
 20 | type proxyDialer struct {
 21 | 	ProxyURL      *url.URL
 22 | 	DefaultHeader http.Header
 23 | 
 24 | 	Dialer net.Dialer
 25 | 
 26 | 	DialTLS func(network string, address string) (net.Conn, string, error)
 27 | 
 28 | 	h2Mu   sync.Mutex
 29 | 	H2Conn *http2.ClientConn
 30 | 	conn   net.Conn
 31 | 
 32 | 	sess *Session
 33 | }
 34 | 
 35 | const (
 36 | 	invalidProxy = "invalid proxy `%s`, %s"
 37 | )
 38 | 
 39 | func (s *Session) assignProxy(proxy string) error {
 40 | 	parsed, err := url.Parse(proxy)
 41 | 
 42 | 	if err != nil {
 43 | 		return err
 44 | 	}
 45 | 
 46 | 	switch parsed.Scheme {
 47 | 	case SchemeHttp:
 48 | 		if parsed.Port() == "" {
 49 | 			parsed.Host = net.JoinHostPort(parsed.Host, "80")
 50 | 		}
 51 | 
 52 | 	case SchemeHttps:
 53 | 		if parsed.Port() == "" {
 54 | 			parsed.Host = net.JoinHostPort(parsed.Host, "443")
 55 | 		}
 56 | 
 57 | 	case Socks5, Socks5H:
 58 | 		if parsed.Port() == "" {
 59 | 			parsed.Host = net.JoinHostPort(parsed.Host, "1080")
 60 | 		}
 61 | 
 62 | 	default:
 63 | 		return fmt.Errorf(invalidProxy, proxy, "scheme "+parsed.Scheme+" is not supported")
 64 | 	}
 65 | 
 66 | 	s.ProxyDialer = &proxyDialer{
 67 | 		ProxyURL:      parsed,
 68 | 		DefaultHeader: make(http.Header),
 69 | 		sess:          s,
 70 | 	}
 71 | 
 72 | 	if parsed.User != nil {
 73 | 		if parsed.User.Username() != "" {
 74 | 			if password, ok := parsed.User.Password(); !ok {
 75 | 				return fmt.Errorf(invalidProxy, proxy, "password is empty")
 76 | 			} else {
 77 | 				auth := parsed.User.Username() + ":" + password
 78 | 				basicAuth := "Basic " + base64.StdEncoding.EncodeToString([]byte(auth))
 79 | 				s.ProxyDialer.DefaultHeader.Add("Proxy-Authorization", basicAuth)
 80 | 			}
 81 | 		}
 82 | 	}
 83 | 
 84 | 	return nil
 85 | }
 86 | 
 87 | func (c *proxyDialer) Dial(userAgent, network, address string) (net.Conn, error) {
 88 | 	return c.DialContext(context.Background(), userAgent, network, address)
 89 | }
 90 | 
 91 | func (c *proxyDialer) DialContext(ctx context.Context, userAgent, network, address string) (net.Conn, error) {
 92 | 	if c.ProxyURL == nil {
 93 | 		return nil, errors.New("proxy is not set")
 94 | 	}
 95 | 
 96 | 	if strings.HasPrefix(c.ProxyURL.Scheme, "socks") {
 97 | 		dial, err := proxy.FromURL(c.ProxyURL, proxy.Direct)
 98 | 		if err != nil {
 99 | 			return nil, err
100 | 		}
101 | 		return dial.(proxy.ContextDialer).DialContext(ctx, network, address)
102 | 	}
103 | 
104 | 	req := (&http.Request{
105 | 		Method: http.MethodConnect,
106 | 		URL: &url.URL{
107 | 			Host: address,
108 | 		},
109 | 		Header: make(http.Header),
110 | 		Host:   address,
111 | 	}).WithContext(ctx)
112 | 
113 | 	req.Header.Set("User-Agent", userAgent)
114 | 	req.Header.Set("Connection", "keep-alive")
115 | 
116 | 	for k, v := range c.DefaultHeader {
117 | 		req.Header[k] = v
118 | 	}
119 | 
120 | 	for k, v := range c.sess.ProxyHeader {
121 | 		if k == http.HeaderOrderKey {
122 | 			for _, vv := range v {
123 | 				req.Header[http.HeaderOrderKey] = append(req.Header[http.HeaderOrderKey], strings.ToLower(vv))
124 | 			}
125 | 		} else {
126 | 			req.Header[k] = v
127 | 		}
128 | 	}
129 | 
130 | 	if ctxHeader, ctxHasHeader := ctx.Value(ContextKeyHeader{}).(http.Header); ctxHasHeader {
131 | 		for k, v := range ctxHeader {
132 | 			req.Header[k] = v
133 | 		}
134 | 	}
135 | 
136 | 	if c.H2Conn != nil && c.conn != nil {
137 | 		c.h2Mu.Lock()
138 | 		if c.H2Conn.CanTakeNewRequest() {
139 | 			rc := c.conn
140 | 			cc := c.H2Conn
141 | 			c.h2Mu.Unlock()
142 | 			if proxyConn, err := c.connectHTTP2(req, rc, cc); err == nil {
143 | 				return proxyConn, nil
144 | 			}
145 | 		}
146 | 		c.h2Mu.Unlock()
147 | 	}
148 | 
149 | 	rawConn, negotiatedProtocol, err := c.InitProxyConn(ctx, network)
150 | 
151 | 	if err != nil {
152 | 		return nil, err
153 | 	}
154 | 
155 | 	_, port, err := net.SplitHostPort(address)
156 | 	if err != nil {
157 | 		return nil, err
158 | 	}
159 | 
160 | 	if port == portMap[SchemeHttp] {
161 | 		return rawConn, nil
162 | 	}
163 | 
164 | 	return c.connect(req, rawConn, negotiatedProtocol)
165 | }
166 | 
167 | type ContextKeyHeader struct{}
168 | 
169 | func (c *proxyDialer) connectHTTP1(req *http.Request, conn net.Conn) error {
170 | 	req.Proto = "HTTP/1.1"
171 | 	req.ProtoMajor = 1
172 | 	req.ProtoMinor = 1
173 | 
174 | 	err := req.Write(conn)
175 | 	if err != nil {
176 | 		_ = conn.Close()
177 | 		return err
178 | 	}
179 | 
180 | 	resp, err := http.ReadResponse(bufio.NewReader(conn), req)
181 | 	if err != nil {
182 | 		_ = conn.Close()
183 | 		return err
184 | 	}
185 | 
186 | 	if resp.StatusCode != http.StatusOK {
187 | 		_ = conn.Close()
188 | 		return fmt.Errorf("proxy error : %s", resp.Status)
189 | 	}
190 | 
191 | 	return nil
192 | }
193 | 
194 | func (c *proxyDialer) connectHTTP2(req *http.Request, conn net.Conn, h2clientConn *http2.ClientConn) (net.Conn, error) {
195 | 	req.Proto = "HTTP/2.0"
196 | 	req.ProtoMajor = 2
197 | 	req.ProtoMinor = 0
198 | 	pr, pw := io.Pipe()
199 | 	req.Body = pr
200 | 
201 | 	resp, err := h2clientConn.RoundTrip(req)
202 | 	if err != nil {
203 | 		_ = conn.Close()
204 | 		return nil, err
205 | 	}
206 | 
207 | 	if resp.StatusCode != http.StatusOK {
208 | 		_ = conn.Close()
209 | 		return nil, fmt.Errorf("proxy error : %s", resp.Status)
210 | 	}
211 | 
212 | 	return newHTTP2Conn(conn, pw, resp.Body), nil
213 | }
214 | 
215 | func (c *proxyDialer) InitProxyConn(ctx context.Context, network string) (rawConn net.Conn, negotiatedProtocol string, err error) {
216 | 	switch c.ProxyURL.Scheme {
217 | 	case SchemeHttp:
218 | 		rawConn, err = c.Dialer.DialContext(ctx, network, c.ProxyURL.Host)
219 | 		if err != nil {
220 | 			return nil, "", err
221 | 		}
222 | 
223 | 	case SchemeHttps:
224 | 		if c.DialTLS != nil {
225 | 			rawConn, negotiatedProtocol, err = c.DialTLS(network, c.ProxyURL.Host)
226 | 			if err != nil {
227 | 				return nil, "", err
228 | 			}
229 | 		} else {
230 | 			tlsConf := tls.Config{
231 | 				NextProtos:         []string{"h2", "http/1.1"},
232 | 				ServerName:         c.ProxyURL.Hostname(),
233 | 				InsecureSkipVerify: true,
234 | 			}
235 | 			var tlsConn *tls.Conn
236 | 			tlsConn, err = tls.Dial(network, c.ProxyURL.Host, &tlsConf)
237 | 			if err != nil {
238 | 				return nil, "", err
239 | 			}
240 | 			err = tlsConn.Handshake()
241 | 			if err != nil {
242 | 				return nil, "", err
243 | 			}
244 | 			negotiatedProtocol = tlsConn.ConnectionState().NegotiatedProtocol
245 | 			rawConn = tlsConn
246 | 		}
247 | 	default:
248 | 		return nil, "", errors.New("scheme " + c.ProxyURL.Scheme + " is not supported")
249 | 	}
250 | 
251 | 	return
252 | }
253 | 
254 | func (c *proxyDialer) connect(req *http.Request, conn net.Conn, negotiatedProtocol string) (net.Conn, error) {
255 | 	if negotiatedProtocol == http2.NextProtoTLS {
256 | 		if h2clientConn, err := c.sess.HTTP2Transport.NewClientConn(conn); err == nil {
257 | 			if proxyConn, err := c.connectHTTP2(req, conn, h2clientConn); err == nil {
258 | 				c.h2Mu.Lock()
259 | 				c.H2Conn = h2clientConn
260 | 				c.conn = conn
261 | 				c.h2Mu.Unlock()
262 | 				return proxyConn, nil
263 | 			}
264 | 		}
265 | 	}
266 | 
267 | 	if err := c.connectHTTP1(req, conn); err != nil {
268 | 		_ = conn.Close()
269 | 		return nil, err
270 | 	}
271 | 
272 | 	return conn, nil
273 | 
274 | }
275 | 
276 | func newHTTP2Conn(c net.Conn, pipedReqBody *io.PipeWriter, respBody io.ReadCloser) net.Conn {
277 | 	return &http2Conn{Conn: c, in: pipedReqBody, out: respBody}
278 | }
279 | 
280 | type http2Conn struct {
281 | 	net.Conn
282 | 	in  *io.PipeWriter
283 | 	out io.ReadCloser
284 | }
285 | 
286 | func (h *http2Conn) Read(p []byte) (n int, err error) {
287 | 	return h.out.Read(p)
288 | }
289 | 
290 | func (h *http2Conn) Write(p []byte) (n int, err error) {
291 | 	return h.in.Write(p)
292 | }
293 | 
294 | func (h *http2Conn) Close() error {
295 | 	var retErr error = nil
296 | 	if err := h.in.Close(); err != nil {
297 | 		retErr = err
298 | 	}
299 | 	if err := h.out.Close(); err != nil {
300 | 		retErr = err
301 | 	}
302 | 	return retErr
303 | }
304 | 
305 | func (h *http2Conn) CloseConn() error {
306 | 	return h.Conn.Close()
307 | }
308 | 
309 | func (h *http2Conn) CloseWrite() error {
310 | 	return h.in.Close()
311 | }
312 | 
313 | func (h *http2Conn) CloseRead() error {
314 | 	return h.out.Close()
315 | }
316 | 


--------------------------------------------------------------------------------
/quic_dialer.go:
--------------------------------------------------------------------------------
 1 | package azuretls
 2 | 
 3 | import (
 4 | 	"context"
 5 | 	"errors"
 6 | 	"github.com/Noooste/quic-go"
 7 | 	tls "github.com/Noooste/utls"
 8 | 	"net"
 9 | )
10 | 
11 | // dialQUIC establishes a QUIC connection
12 | func (s *Session) dialQUIC(ctx context.Context, addr string, tlsConf *tls.Config, quicConf *quic.Config) (quic.EarlyConnection, error) {
13 | 	// Resolve address
14 | 	udpAddr, err := net.ResolveUDPAddr("udp", addr)
15 | 	if err != nil {
16 | 		return nil, err
17 | 	}
18 | 
19 | 	// Apply custom dialer modifications if set
20 | 	if s.ModifyDialer != nil {
21 | 		// Note: ModifyDialer works with net.Dialer, need adaptation for UDP
22 | 		// This is a limitation of the current design
23 | 	}
24 | 
25 | 	// Create UDP connection
26 | 	udpConn, err := net.ListenUDP("udp", &net.UDPAddr{IP: net.IPv4zero, Port: 0})
27 | 	if err != nil {
28 | 		return nil, err
29 | 	}
30 | 
31 | 	// Handle proxy if configured
32 | 	if s.ProxyDialer != nil {
33 | 		return s.dialQUICViaProxy(ctx, udpConn, udpAddr, tlsConf, quicConf)
34 | 	}
35 | 
36 | 	// Direct QUIC connection
37 | 	return quic.DialEarly(ctx, udpConn, udpAddr, tlsConf, quicConf)
38 | }
39 | 
40 | // dialQUICViaProxy establishes a QUIC connection through a proxy
41 | func (s *Session) dialQUICViaProxy(ctx context.Context, udpConn *net.UDPConn,
42 | 	remoteAddr *net.UDPAddr, tlsConf *tls.Config, quicConf *quic.Config) (quic.EarlyConnection, error) {
43 | 
44 | 	switch s.ProxyDialer.ProxyURL.Scheme {
45 | 	case "socks5", "socks5h":
46 | 		// SOCKS5 UDP ASSOCIATE implementation
47 | 		return s.dialQUICViaSocks5(ctx, udpConn, remoteAddr, tlsConf, quicConf)
48 | 
49 | 	case "http", "https":
50 | 		// HTTP proxy doesn't support UDP directly
51 | 		// Would need CONNECT-UDP or MASQUE protocol
52 | 		return nil, errors.New("HTTP proxy not supported for direct QUIC connections")
53 | 
54 | 	default:
55 | 		return nil, errors.New("unsupported proxy type for QUIC")
56 | 	}
57 | }
58 | 


--------------------------------------------------------------------------------
/redirect.go:
--------------------------------------------------------------------------------
 1 | package azuretls
 2 | 
 3 | import (
 4 | 	"errors"
 5 | 	http "github.com/Noooste/fhttp"
 6 | 	"net/url"
 7 | 	"strings"
 8 | )
 9 | 
10 | var ErrTooManyRedirects = errors.New("too many redirects")
11 | 
12 | // RefererForURL returns a referer without any authentication info or
13 | // an empty string if lastReq scheme is https and newReq scheme is http.
14 | func RefererForURL(ireq, newReq *url.URL) string {
15 | 	// https://tools.ietf.org/html/rfc7231#section-5.5.2
16 | 	//   "Clients SHOULD NOT include a Referer header field in a
17 | 	//    (non-secure) HTTP request if the referring page was
18 | 	//    transferred with a secure protocol."
19 | 	if ireq.Scheme == "https" && newReq.Scheme == "http" {
20 | 		return ""
21 | 	}
22 | 	referer := ireq.String()
23 | 	if ireq.User != nil {
24 | 		// This is not very efficient, but is the best we can
25 | 		// do without:
26 | 		// - introducing a new method on URL
27 | 		// - creating a race condition
28 | 		// - copying the URL struct manually, which would cause
29 | 		//   maintenance problems down the line
30 | 		auth := ireq.User.String() + "@"
31 | 		referer = strings.Replace(referer, auth, "", 1)
32 | 	}
33 | 	return referer
34 | }
35 | 
36 | // RedirectBehavior describes what should happen when the
37 | // client encounters a 3xx status code from the server
38 | func RedirectBehavior(reqMethod string, resp *Response, ireq *Request) (redirectMethod string, shouldRedirect, includeBody bool) {
39 | 	switch resp.StatusCode {
40 | 	case 301, 302, 303:
41 | 		redirectMethod = reqMethod
42 | 		shouldRedirect = true
43 | 		includeBody = false
44 | 
45 | 		// RFC 2616 allowed automatic redirection only with GET and
46 | 		// HEAD requests. RFC 7231 lifts this restriction, but we still
47 | 		// restrict other methods to GET to maintain compatibility.
48 | 		if reqMethod != http.MethodGet && reqMethod != http.MethodHead {
49 | 			redirectMethod = http.MethodGet
50 | 		}
51 | 
52 | 	case 307, 308:
53 | 		redirectMethod = reqMethod
54 | 		shouldRedirect = true
55 | 		includeBody = true
56 | 
57 | 		// Treat 307 and 308 specially, since they're new in
58 | 		// Go 1.8, and they also require re-sending the request body.
59 | 		if resp.Header.Get("Location") == "" {
60 | 			// 308s have been observed in the wild being served
61 | 			// without Location headers. Since Go 1.7 and earlier
62 | 			// didn't follow these codes, just stop here instead
63 | 			// of returning an error.
64 | 			shouldRedirect = false
65 | 			break
66 | 		}
67 | 
68 | 		if ireq.Body == nil && ireq.ContentLength != 0 {
69 | 			shouldRedirect = false
70 | 		}
71 | 	}
72 | 
73 | 	return redirectMethod, shouldRedirect, includeBody
74 | }
75 | 
76 | func defaultCheckRedirect(req *Request, via []*Request) error {
77 | 	if uint(len(via)) >= req.MaxRedirects {
78 | 		return ErrTooManyRedirects
79 | 	}
80 | 	return nil
81 | }
82 | 
83 | func (s *Session) checkRedirect(req *Request, via []*Request) error {
84 | 	fn := s.CheckRedirect
85 | 	if fn == nil {
86 | 		fn = defaultCheckRedirect
87 | 	}
88 | 	return fn(req, via)
89 | }
90 | 


--------------------------------------------------------------------------------
/request.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"context"
  6 | 	"errors"
  7 | 	http "github.com/Noooste/fhttp"
  8 | 	"io"
  9 | 	"strings"
 10 | 	"time"
 11 | )
 12 | 
 13 | func (r *Request) CloseBody() {
 14 | 	if r.HttpRequest.Body != nil {
 15 | 		_ = r.HttpRequest.Body.Close()
 16 | 	}
 17 | }
 18 | 
 19 | func (s *Session) prepareRequest(request *Request, args ...any) error {
 20 | 	for _, arg := range args {
 21 | 		switch arg.(type) {
 22 | 		case OrderedHeaders:
 23 | 			oh := arg.(OrderedHeaders)
 24 | 			request.OrderedHeaders = oh.Clone()
 25 | 		case PHeader:
 26 | 			request.PHeader = arg.(PHeader)
 27 | 		case http.Header:
 28 | 			request.Header = arg.(http.Header)
 29 | 		case HeaderOrder:
 30 | 			request.HeaderOrder = arg.(HeaderOrder)
 31 | 		case time.Duration:
 32 | 			request.TimeOut = arg.(time.Duration)
 33 | 		case context.Context:
 34 | 			request.ctx = arg.(context.Context)
 35 | 
 36 | 		default:
 37 | 			if request.Body != nil {
 38 | 				return errors.New("ambiguous argument, multiple body detected")
 39 | 			}
 40 | 			request.Body = arg
 41 | 		}
 42 | 	}
 43 | 
 44 | 	s.fillEmptyValues(request)
 45 | 
 46 | 	if s.PreHookWithContext != nil {
 47 | 		return s.PreHookWithContext(&Context{
 48 | 			Session: s,
 49 | 			Request: request,
 50 | 		})
 51 | 	}
 52 | 
 53 | 	if s.PreHook != nil {
 54 | 		return s.PreHook(request)
 55 | 	}
 56 | 
 57 | 	return nil
 58 | }
 59 | 
 60 | func (s *Session) fillHeaders(request *Request) {
 61 | 	if request.OrderedHeaders == nil {
 62 | 		if s.OrderedHeaders != nil && len(s.OrderedHeaders) > 0 {
 63 | 			request.OrderedHeaders = s.OrderedHeaders.Clone()
 64 | 			return
 65 | 		}
 66 | 
 67 | 		if request.Header == nil {
 68 | 			if s.Header != nil {
 69 | 				request.Header = s.Header.Clone()
 70 | 			} else {
 71 | 				request.Header = make(http.Header)
 72 | 			}
 73 | 		}
 74 | 
 75 | 		if request.HeaderOrder == nil {
 76 | 			if s.HeaderOrder != nil && len(s.HeaderOrder) > 0 {
 77 | 				request.HeaderOrder = make(HeaderOrder, len(s.HeaderOrder))
 78 | 				copy(request.HeaderOrder, s.HeaderOrder)
 79 | 			} else {
 80 | 				request.HeaderOrder = make(HeaderOrder, 0)
 81 | 			}
 82 | 		}
 83 | 	}
 84 | }
 85 | 
 86 | func (s *Session) fillEmptyValues(request *Request) {
 87 | 	s.fillHeaders(request)
 88 | 
 89 | 	if request.TimeOut == 0 {
 90 | 		request.TimeOut = s.TimeOut
 91 | 	}
 92 | 
 93 | 	if request.Method == "" {
 94 | 		request.Method = http.MethodGet
 95 | 	}
 96 | 
 97 | 	if request.MaxRedirects == 0 {
 98 | 		if s.MaxRedirects == 0 {
 99 | 			s.MaxRedirects = 10
100 | 		}
101 | 		request.MaxRedirects = s.MaxRedirects
102 | 	}
103 | 
104 | 	if !request.InsecureSkipVerify {
105 | 		request.InsecureSkipVerify = s.InsecureSkipVerify
106 | 	}
107 | }
108 | 
109 | func (s *Session) buildRequest(ctx context.Context, req *Request) (err error) {
110 | 	req.HttpRequest, err = newRequest(ctx, s.Verbose || s.VerboseFunc != nil, req)
111 | 
112 | 	req.browser = s.Browser
113 | 	req.ua = s.UserAgent
114 | 
115 | 	if err != nil {
116 | 		return
117 | 	}
118 | 
119 | 	if req.PHeader == nil {
120 | 		req.PHeader = s.PHeader
121 | 	}
122 | 
123 | 	req.formatHeader()
124 | 
125 | 	if !req.NoCookie {
126 | 		cookies := s.CookieJar.Cookies(req.HttpRequest.URL)
127 | 		if cookies != nil && len(cookies) > 0 {
128 | 			if c := req.HttpRequest.Header.Get("Cookie"); c != "" {
129 | 				req.HttpRequest.Header.Set("Cookie", c+"; "+CookiesToString(cookies))
130 | 			} else {
131 | 				req.HttpRequest.Header.Set("Cookie", CookiesToString(cookies))
132 | 			}
133 | 		}
134 | 	}
135 | 	return
136 | }
137 | 
138 | func newRequest(ctx context.Context, verbose bool, req *Request) (newReq *http.Request, err error) {
139 | 	if req.Body != nil {
140 | 		if verbose {
141 | 			req.body = ToBytes(req.Body)
142 | 			newReq, err = http.NewRequestWithContext(ctx, strings.ToUpper(req.Method), req.Url, bytes.NewReader(req.body))
143 | 		} else {
144 | 			var reader io.Reader
145 | 
146 | 			if reader, err = ToReader(req.Body); err != nil {
147 | 				return nil, err
148 | 			}
149 | 
150 | 			newReq, err = http.NewRequestWithContext(ctx, strings.ToUpper(req.Method), req.Url, reader)
151 | 		}
152 | 	} else {
153 | 		newReq, err = http.NewRequestWithContext(ctx, strings.ToUpper(req.Method), req.Url, nil)
154 | 	}
155 | 
156 | 	return
157 | }
158 | 
159 | // SetContext sets the context for the request.
160 | func (r *Request) SetContext(ctx context.Context) {
161 | 	r.ctx = ctx
162 | }
163 | 
164 | // Context returns the context for the request.
165 | func (r *Request) Context() context.Context {
166 | 	return r.ctx
167 | }
168 | 


--------------------------------------------------------------------------------
/response.go:
--------------------------------------------------------------------------------
 1 | package azuretls
 2 | 
 3 | import (
 4 | 	"encoding/json"
 5 | 	"fmt"
 6 | 	http "github.com/Noooste/fhttp"
 7 | 	"io"
 8 | 	"net/url"
 9 | 	"sync"
10 | )
11 | 
12 | func (s *Session) buildResponse(response *Response, httpResponse *http.Response) (err error) {
13 | 	response.RawBody = httpResponse.Body
14 | 	response.HttpResponse = httpResponse
15 | 	response.Session = s
16 | 
17 | 	var (
18 | 		wg      sync.WaitGroup
19 | 		headers = make(http.Header, len(httpResponse.Header))
20 | 	)
21 | 
22 | 	if !response.IgnoreBody {
23 | 		wg.Add(1)
24 | 
25 | 		go func() {
26 | 			defer wg.Done()
27 | 
28 | 			if readBody, readErr := response.ReadBody(); readErr == nil {
29 | 				response.Body = readBody
30 | 			} else {
31 | 				err = readErr
32 | 			}
33 | 		}()
34 | 	}
35 | 
36 | 	for key, value := range httpResponse.Header {
37 | 		headers[key] = value
38 | 	}
39 | 
40 | 	response.StatusCode = httpResponse.StatusCode
41 | 	response.Status = httpResponse.Status
42 | 
43 | 	response.Header = headers
44 | 
45 | 	var u *url.URL
46 | 	if response.Url == "" {
47 | 		response.Url = httpResponse.Request.URL.String()
48 | 		u = httpResponse.Request.URL
49 | 	} else {
50 | 		u, _ = url.Parse(response.Url)
51 | 	}
52 | 
53 | 	cookies := httpResponse.Cookies()
54 | 	s.CookieJar.SetCookies(u, cookies)
55 | 	response.Cookies = GetCookiesMap(cookies)
56 | 	response.ContentLength = httpResponse.ContentLength
57 | 
58 | 	wg.Wait()
59 | 
60 | 	return
61 | }
62 | 
63 | func (r *Response) ReadBody() (body []byte, err error) {
64 | 	defer func() {
65 | 		_ = r.HttpResponse.Body.Close()
66 | 	}()
67 | 	return io.ReadAll(r.HttpResponse.Body)
68 | }
69 | 
70 | func (r *Response) CloseBody() error {
71 | 	if r.RawBody != nil {
72 | 		return r.RawBody.Close()
73 | 	}
74 | 
75 | 	return nil
76 | }
77 | 
78 | func (r *Response) JSON(v any) error {
79 | 	if r.Body == nil {
80 | 		return fmt.Errorf("response body is nil")
81 | 	}
82 | 
83 | 	return json.Unmarshal(r.Body, v)
84 | }
85 | 
86 | func (r *Response) MustJSON(v any) {
87 | 	if err := r.JSON(v); err != nil {
88 | 		panic(err)
89 | 	}
90 | }
91 | 
92 | func (r *Response) String() string {
93 | 	return string(r.Body)
94 | }
95 | 


--------------------------------------------------------------------------------
/sesion_http3.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"errors"
  5 | 	http "github.com/Noooste/fhttp"
  6 | 	"sync"
  7 | )
  8 | 
  9 | // HTTP3Config holds HTTP/3 specific configuration
 10 | type HTTP3Config struct {
 11 | 	// Enable HTTP/3 support
 12 | 	Enabled bool
 13 | 
 14 | 	// Force HTTP/3 for all requests (no fallback)
 15 | 	ForceHTTP3 bool
 16 | 
 17 | 	// Alt-Svc cache for HTTP/3 discovery
 18 | 	altSvcCache sync.Map
 19 | 
 20 | 	// HTTP/3 transport
 21 | 	transport *HTTP3Transport
 22 | }
 23 | 
 24 | // EnableHTTP3 enables HTTP/3 support for the session
 25 | func (s *Session) EnableHTTP3() error {
 26 | 	s.mu.Lock()
 27 | 	defer s.mu.Unlock()
 28 | 
 29 | 	if s.HTTP3Config == nil {
 30 | 		s.HTTP3Config = &HTTP3Config{
 31 | 			Enabled: true,
 32 | 		}
 33 | 	}
 34 | 
 35 | 	transport, err := s.NewHTTP3Transport()
 36 | 	if err != nil {
 37 | 		return err
 38 | 	}
 39 | 
 40 | 	s.HTTP3Config.transport = transport
 41 | 	return nil
 42 | }
 43 | 
 44 | // DisableHTTP3 disables HTTP/3 support
 45 | func (s *Session) DisableHTTP3() {
 46 | 	s.mu.Lock()
 47 | 	defer s.mu.Unlock()
 48 | 
 49 | 	if s.HTTP3Config != nil {
 50 | 		s.HTTP3Config.Enabled = false
 51 | 		if s.HTTP3Config.transport != nil {
 52 | 			_ = s.HTTP3Config.transport.Close()
 53 | 		}
 54 | 	}
 55 | }
 56 | 
 57 | // selectTransport chooses the appropriate transport for a request
 58 | func (s *Session) selectTransport(req *Request) (rt http.RoundTripper, err error) {
 59 | 	defer func() {
 60 | 		if rt == s.HTTP3Config.transport {
 61 | 			req.HttpRequest.Header.Del(http.HeaderOrderKey)
 62 | 			req.HttpRequest.Header.Del(http.PHeaderOrderKey)
 63 | 		}
 64 | 	}()
 65 | 
 66 | 	// Check if HTTP/3 is forced for this request
 67 | 	if req.ForceHTTP3 {
 68 | 		if s.HTTP3Config == nil || !s.HTTP3Config.Enabled {
 69 | 			return nil, errors.New("HTTP/3 not enabled")
 70 | 		}
 71 | 		rt = s.HTTP3Config.transport
 72 | 		return rt, nil
 73 | 	}
 74 | 
 75 | 	// Check if HTTP/3 is available for this host
 76 | 	if s.HTTP3Config != nil && s.HTTP3Config.Enabled {
 77 | 		if s.shouldUseHTTP3(req.parsedUrl.Host) {
 78 | 			rt = s.HTTP3Config.transport
 79 | 			return rt, nil
 80 | 		}
 81 | 	}
 82 | 
 83 | 	// Fall back to HTTP/2 or HTTP/1.1
 84 | 	return s.Transport, nil
 85 | }
 86 | 
 87 | // shouldUseHTTP3 checks if HTTP/3 should be used for a host
 88 | func (s *Session) shouldUseHTTP3(host string) bool {
 89 | 	if s.HTTP3Config == nil || !s.HTTP3Config.Enabled {
 90 | 		return false
 91 | 	}
 92 | 
 93 | 	// Check Alt-Svc cache
 94 | 	if _, ok := s.HTTP3Config.altSvcCache.Load(host); ok {
 95 | 		return true
 96 | 	}
 97 | 
 98 | 	// Check if ForceHTTP3 is set globally
 99 | 	return s.HTTP3Config.ForceHTTP3
100 | }
101 | 
102 | // handleAltSvc processes Alt-Svc headers for HTTP/3 discovery
103 | func (s *Session) handleAltSvc(resp *Response) {
104 | 	if s.HTTP3Config == nil || !s.HTTP3Config.Enabled {
105 | 		return
106 | 	}
107 | 
108 | 	altSvc := resp.Header.Get("Alt-Svc")
109 | 	if altSvc == "" {
110 | 		return
111 | 	}
112 | 
113 | 	if containsHTTP3(altSvc) {
114 | 		s.HTTP3Config.altSvcCache.Store(resp.Request.parsedUrl.Host, true)
115 | 	}
116 | }
117 | 
118 | // containsHTTP3 checks if the Alt-Svc header contains HTTP/3
119 | func containsHTTP3(altSvc string) bool {
120 | 	// Check for h3 or h3-xx versions
121 | 	return contains(altSvc, "h3") || contains(altSvc, "h3-")
122 | }
123 | 
124 | // contains checks if a string contains a substring
125 | func contains(str, substr string) bool {
126 | 	return len(str) >= len(substr) && str[:len(substr)] == substr
127 | }
128 | 
129 | func listContains[T comparable](list []T, item T) bool {
130 | 	for _, v := range list {
131 | 		if v == item {
132 | 			return true
133 | 		}
134 | 	}
135 | 	return false
136 | }
137 | 


--------------------------------------------------------------------------------
/session.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"context"
  5 | 	"errors"
  6 | 	"fmt"
  7 | 	http "github.com/Noooste/fhttp"
  8 | 	"github.com/Noooste/fhttp/cookiejar"
  9 | 	"io"
 10 | 	"net/url"
 11 | 	"strconv"
 12 | 	"strings"
 13 | 	"sync"
 14 | 	"time"
 15 | )
 16 | 
 17 | // NewSession creates a new session
 18 | // It is a shortcut for NewSessionWithContext(context.Background())
 19 | func NewSession() *Session {
 20 | 	return NewSessionWithContext(context.Background())
 21 | }
 22 | 
 23 | // NewSessionWithContext creates a new session with context
 24 | // It is recommended to use this function to create a new session instead of creating a new Session struct
 25 | func NewSessionWithContext(ctx context.Context) *Session {
 26 | 	cookieJar, _ := cookiejar.New(nil)
 27 | 
 28 | 	s := &Session{
 29 | 		OrderedHeaders: make(OrderedHeaders, 0),
 30 | 
 31 | 		CookieJar: cookieJar,
 32 | 		Browser:   Chrome,
 33 | 
 34 | 		UserAgent: defaultUserAgent,
 35 | 
 36 | 		MaxRedirects: 10,
 37 | 
 38 | 		PinManager: DefaultPinManager,
 39 | 
 40 | 		mu: new(sync.Mutex),
 41 | 
 42 | 		TimeOut: 30 * time.Second,
 43 | 		ctx:     ctx,
 44 | 	}
 45 | 
 46 | 	return s
 47 | }
 48 | 
 49 | // SetTimeout sets timeout for the session
 50 | func (s *Session) SetTimeout(timeout time.Duration) {
 51 | 	s.TimeOut = timeout
 52 | 	if s.Transport != nil {
 53 | 		s.Transport.TLSHandshakeTimeout = timeout
 54 | 		s.Transport.ResponseHeaderTimeout = timeout
 55 | 	}
 56 | }
 57 | 
 58 | // SetContext sets the given context for the session
 59 | func (s *Session) SetContext(ctx context.Context) {
 60 | 	s.ctx = ctx
 61 | }
 62 | 
 63 | func (s *Session) Context() context.Context {
 64 | 	return s.ctx
 65 | }
 66 | 
 67 | // Ip returns the public IP address of the session
 68 | func (s *Session) Ip() (ip string, err error) {
 69 | 	r, err := s.Get("https://api.ipify.org")
 70 | 	if err != nil {
 71 | 		return
 72 | 	}
 73 | 	return string(r.Body), nil
 74 | }
 75 | 
 76 | // SetProxy sets the proxy for the session
 77 | func (s *Session) SetProxy(proxy string) error {
 78 | 	if proxy == "" {
 79 | 		return fmt.Errorf("proxy is empty")
 80 | 	}
 81 | 
 82 | 	proxy = strings.Trim(proxy, " \n\r")
 83 | 
 84 | 	switch {
 85 | 	case strings.Contains(proxy, "://"):
 86 | 		s.Proxy = proxy
 87 | 
 88 | 	default:
 89 | 		s.Proxy = formatProxy(proxy)
 90 | 	}
 91 | 
 92 | 	if err := s.assignProxy(s.Proxy); err != nil {
 93 | 		return err
 94 | 	}
 95 | 
 96 | 	if s.Transport != nil {
 97 | 		s.Transport.CloseIdleConnections()
 98 | 	}
 99 | 	return nil
100 | }
101 | 
102 | // ClearProxy removes the proxy from the session
103 | func (s *Session) ClearProxy() {
104 | 	if s.ProxyDialer != nil {
105 | 		if s.ProxyDialer.conn != nil {
106 | 			_ = s.ProxyDialer.conn.Close()
107 | 		}
108 | 		if s.ProxyDialer.H2Conn != nil {
109 | 			_ = s.ProxyDialer.H2Conn.Close()
110 | 		}
111 | 		s.ProxyDialer = nil
112 | 	}
113 | 
114 | 	if s.Transport != nil {
115 | 		s.Transport.Proxy = nil
116 | 		s.Transport.CloseIdleConnections()
117 | 	}
118 | 	if s.HTTP2Transport != nil {
119 | 		s.HTTP2Transport.CloseIdleConnections()
120 | 	}
121 | 
122 | 	s.Proxy = ""
123 | }
124 | 
125 | func (s *Session) send(request *Request) (response *Response, err error) {
126 | 	var (
127 | 		httpResponse *http.Response
128 | 		roundTripper http.RoundTripper
129 | 	)
130 | 
131 | 	if err = s.buildRequest(request.ctx, request); err != nil {
132 | 		return nil, err
133 | 	}
134 | 
135 | 	request.parsedUrl = request.HttpRequest.URL
136 | 
137 | 	response = &Response{
138 | 		IgnoreBody: request.IgnoreBody,
139 | 		Request:    request,
140 | 	}
141 | 
142 | 	defer func() {
143 | 		if s.Callback != nil {
144 | 			s.Callback(request, response, err)
145 | 		}
146 | 
147 | 		if s.CallbackWithContext != nil {
148 | 			c := &Context{
149 | 				Session:          s,
150 | 				Request:          request,
151 | 				Response:         response,
152 | 				Err:              err,
153 | 				ctx:              s.ctx,
154 | 				RequestStartTime: request.startTime,
155 | 			}
156 | 
157 | 			s.CallbackWithContext(c)
158 | 
159 | 			err = c.Err
160 | 			response = c.Response
161 | 		}
162 | 	}()
163 | 
164 | 	if err = s.initTransport(s.Browser); err != nil {
165 | 		s.dumpRequest(request, nil, err)
166 | 		return nil, err
167 | 	}
168 | 
169 | 	roundTripper, err = s.selectTransport(request)
170 | 	if err != nil {
171 | 		s.dumpRequest(request, nil, err)
172 | 		return nil, err
173 | 	}
174 | 
175 | 	s.logRequest(request)
176 | 
177 | 	request.ctx = context.WithValue(request.ctx, "request", request)
178 | 
179 | 	if request.ForceHTTP1 {
180 | 		request.ctx = context.WithValue(request.ctx, forceHTTP1Key, true)
181 | 	}
182 | 
183 | 	request.HttpRequest = request.HttpRequest.WithContext(request.ctx)
184 | 
185 | 	httpResponse, err = roundTripper.RoundTrip(request.HttpRequest)
186 | 
187 | 	if err != nil {
188 | 		if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) {
189 | 			err = fmt.Errorf("timeout")
190 | 		}
191 | 
192 | 		s.dumpRequest(request, response, err)
193 | 		s.logResponse(response, err)
194 | 
195 | 		return nil, err
196 | 	}
197 | 
198 | 	if err = s.buildResponse(response, httpResponse); err != nil {
199 | 		_ = httpResponse.Body.Close()
200 | 
201 | 		if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) {
202 | 			err = fmt.Errorf("read body: timeout")
203 | 		}
204 | 
205 | 		return nil, err
206 | 	}
207 | 
208 | 	s.dumpRequest(request, response, err)
209 | 	s.logResponse(response, err)
210 | 
211 | 	if err != nil {
212 | 		return nil, err
213 | 	}
214 | 
215 | 	return response, err
216 | }
217 | 
218 | // Do sends a request and returns a response
219 | func (s *Session) Do(request *Request, args ...any) (*Response, error) {
220 | 	return s.do(request, args...)
221 | }
222 | 
223 | func (s *Session) do(req *Request, args ...any) (resp *Response, err error) {
224 | 	if s.closed {
225 | 		return nil, errors.New("session is closed")
226 | 	}
227 | 
228 | 	if err = s.prepareRequest(req, args...); err != nil {
229 | 		return
230 | 	}
231 | 
232 | 	if req.ctx == nil {
233 | 		req.ctx = s.ctx
234 | 	}
235 | 
236 | 	if req.deadline.IsZero() {
237 | 		req.deadline = time.Now().Add(req.TimeOut)
238 | 	}
239 | 
240 | 	var cancel context.CancelFunc
241 | 
242 | 	if !req.IgnoreBody {
243 | 		req.ctx, cancel = context.WithDeadline(req.ctx, req.deadline)
244 | 	}
245 | 
246 | 	defer func() {
247 | 		if cancel != nil {
248 | 			cancel()
249 | 		}
250 | 	}()
251 | 
252 | 	if req.DisableRedirects {
253 | 		req.startTime = time.Now()
254 | 		resp, err = s.send(req)
255 | 		if err != nil {
256 | 			return
257 | 		}
258 | 		req.CloseBody()
259 | 		req.Response = resp
260 | 		return
261 | 	}
262 | 
263 | 	var reqs = make([]*Request, 0, req.MaxRedirects+1)
264 | 
265 | 	var (
266 | 		redirectMethod string
267 | 		includeBody    bool
268 | 		copyHeaders    = s.makeHeadersCopier(req)
269 | 	)
270 | 
271 | 	var ireq = req
272 | 
273 | 	for {
274 | 		// For all but the first request, create the next
275 | 		// request hop and replace req.
276 | 		if len(reqs) > 0 {
277 | 			if resp == nil {
278 | 				return nil, errors.New("internal error: nil response")
279 | 			}
280 | 
281 | 			loc := resp.Header.Get("Location")
282 | 			if loc == "" {
283 | 				_ = resp.CloseBody()
284 | 				return nil, fmt.Errorf("%d response missing Location header", resp.StatusCode)
285 | 			}
286 | 
287 | 			var u *url.URL
288 | 			u, err = req.parsedUrl.Parse(loc)
289 | 			if err != nil {
290 | 				_ = resp.CloseBody()
291 | 				return nil, fmt.Errorf("failed to parse Location header %q: %v", loc, err)
292 | 			}
293 | 
294 | 			oldReq := req
295 | 
296 | 			req = &Request{
297 | 				Method:             redirectMethod,
298 | 				Url:                u.String(),
299 | 				parsedUrl:          u,
300 | 				Response:           resp,
301 | 				IgnoreBody:         oldReq.IgnoreBody,
302 | 				TimeOut:            oldReq.TimeOut,
303 | 				InsecureSkipVerify: oldReq.InsecureSkipVerify,
304 | 				PHeader:            oldReq.PHeader,
305 | 				ctx:                oldReq.ctx,
306 | 				deadline:           oldReq.deadline,
307 | 				MaxRedirects:       oldReq.MaxRedirects,
308 | 			}
309 | 
310 | 			copyHeaders(req)
311 | 
312 | 			// Add the Referer header from the first
313 | 			// request URL to the new one, if it's not https->http:
314 | 			if ref := RefererForURL(ireq.parsedUrl, req.parsedUrl); ref != "" {
315 | 				if req.OrderedHeaders != nil {
316 | 					if req.OrderedHeaders.Get("Referer") == "" || req.OrderedHeaders.Get("referer") == "" {
317 | 						req.OrderedHeaders.Set("Referer", ref)
318 | 					}
319 | 				} else {
320 | 					if req.Header == nil {
321 | 						req.Header = make(http.Header)
322 | 						if req.Header.Get("Referer") == "" || req.Header.Get("referer") == "" {
323 | 							req.Header.Set("Referer", ref)
324 | 						}
325 | 					}
326 | 				}
327 | 			}
328 | 
329 | 			err = s.checkRedirect(req, reqs)
330 | 			if errors.Is(err, ErrUseLastResponse) || errors.Is(err, http.ErrUseLastResponse) {
331 | 				return resp, nil
332 | 			}
333 | 
334 | 			const maxBodySlurpSize = 2 << 10
335 | 			if resp.ContentLength == -1 || resp.ContentLength <= maxBodySlurpSize {
336 | 				_, _ = io.CopyN(io.Discard, resp.RawBody, maxBodySlurpSize)
337 | 			}
338 | 
339 | 			_ = resp.RawBody.Close()
340 | 
341 | 			if err != nil {
342 | 				return nil, err
343 | 			}
344 | 
345 | 			if includeBody && ireq.Body != nil {
346 | 				req.Body = ireq.Body
347 | 				req.ContentLength = ireq.ContentLength
348 | 				req.OrderedHeaders.Set("Content-Length", strconv.Itoa(int(req.ContentLength)))
349 | 			} else {
350 | 				req.ContentLength = 0
351 | 				req.OrderedHeaders.Del("Content-Length")
352 | 				req.OrderedHeaders.Del("Content-Type")
353 | 			}
354 | 
355 | 			if s.PreHookWithContext != nil {
356 | 				if err = s.PreHookWithContext(&Context{
357 | 					Session: s,
358 | 					Request: req,
359 | 				}); err != nil {
360 | 					return nil, err
361 | 				}
362 | 			}
363 | 
364 | 			if s.PreHook != nil {
365 | 				if err = s.PreHook(req); err != nil {
366 | 					return nil, err
367 | 				}
368 | 			}
369 | 
370 | 			s.fillEmptyValues(req)
371 | 		}
372 | 
373 | 		reqs = append(reqs, req)
374 | 
375 | 		req.startTime = time.Now()
376 | 
377 | 		if resp, err = s.send(req); err != nil {
378 | 			return nil, err
379 | 		}
380 | 
381 | 		req.Response = resp
382 | 
383 | 		var shouldRedirect bool
384 | 
385 | 		redirectMethod, shouldRedirect, includeBody = RedirectBehavior(req.Method, resp, reqs[0])
386 | 		if !shouldRedirect {
387 | 			return resp, nil
388 | 		}
389 | 
390 | 		if redirectMethod == http.MethodGet {
391 | 			req.Body = nil
392 | 			req.ContentLength = 0
393 | 			req.OrderedHeaders.Del("Content-Length")
394 | 			req.OrderedHeaders.Del("Content-Type")
395 | 			req.Header.Del("Content-Length")
396 | 			req.Header.Del("Content-Type")
397 | 		}
398 | 
399 | 		req.CloseBody()
400 | 	}
401 | }
402 | 
403 | // Get provides shortcut for sending GET request
404 | func (s *Session) Get(url string, args ...any) (*Response, error) {
405 | 	request := &Request{
406 | 		Method: http.MethodGet,
407 | 		Url:    url,
408 | 	}
409 | 
410 | 	return s.do(request, args...)
411 | }
412 | 
413 | // Head provides shortcut for sending HEAD request
414 | func (s *Session) Head(url string, args ...any) (*Response, error) {
415 | 	request := &Request{
416 | 		Method:     http.MethodHead,
417 | 		IgnoreBody: true,
418 | 		Url:        url,
419 | 	}
420 | 
421 | 	return s.do(request, args...)
422 | }
423 | 
424 | // Post provides shortcut for sending POST request
425 | func (s *Session) Post(url string, data any, args ...any) (*Response, error) {
426 | 	request := &Request{
427 | 		Method: http.MethodPost,
428 | 		Url:    url,
429 | 		Body:   data,
430 | 	}
431 | 
432 | 	return s.do(request, args...)
433 | }
434 | 
435 | // Put provides shortcut for sending PUT request
436 | func (s *Session) Put(url string, data any, args ...any) (*Response, error) {
437 | 	request := &Request{
438 | 		Method: http.MethodPut,
439 | 		Url:    url,
440 | 		Body:   data,
441 | 	}
442 | 
443 | 	return s.do(request, args...)
444 | }
445 | 
446 | // Delete provides shortcut for sending DELETE request
447 | func (s *Session) Delete(url string, args ...any) (*Response, error) {
448 | 	request := &Request{
449 | 		Method: http.MethodDelete,
450 | 		Url:    url,
451 | 	}
452 | 
453 | 	return s.do(request, args...)
454 | }
455 | 
456 | // Options provides shortcut for sending OPTIONS request
457 | func (s *Session) Options(url string, args ...any) (*Response, error) {
458 | 	request := &Request{
459 | 		Method: http.MethodOptions,
460 | 		Url:    url,
461 | 	}
462 | 
463 | 	return s.do(request, args...)
464 | }
465 | 
466 | // Patch provides shortcut for sending PATCH request
467 | func (s *Session) Patch(url string, data any, args ...any) (*Response, error) {
468 | 	request := &Request{
469 | 		Method: http.MethodPatch,
470 | 		Url:    url,
471 | 		Body:   data,
472 | 	}
473 | 
474 | 	return s.do(request, args...)
475 | }
476 | 
477 | // Connect initiates a connection to the specified URL
478 | func (s *Session) Connect(u string) error {
479 | 	req := &Request{
480 | 		Method: http.MethodConnect,
481 | 		Url:    u,
482 | 	}
483 | 
484 | 	_, err := s.do(req)
485 | 	return err
486 | }
487 | 
488 | func (c *Context) Context() context.Context {
489 | 	return c.ctx
490 | }
491 | 
492 | // Close closes the session and all its connections.
493 | // It is recommended to call this function when the session is no longer needed.
494 | //
495 | // After calling this function, the session is no longer usable.
496 | func (s *Session) Close() {
497 | 	s.closed = true
498 | 	s.mu = nil
499 | 
500 | 	s.ClearProxy()
501 | 
502 | 	s.dumpIgnore = nil
503 | 	s.loggingIgnore = nil
504 | 	s.CookieJar = nil
505 | 	s.HTTP2Transport = nil
506 | 	s.Transport = nil
507 | 	s.ctx = nil
508 | }
509 | 


--------------------------------------------------------------------------------
/structs.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"context"
  5 | 	"errors"
  6 | 	http "github.com/Noooste/fhttp"
  7 | 	"github.com/Noooste/fhttp/http2"
  8 | 	tls "github.com/Noooste/utls"
  9 | 	"io"
 10 | 	"net"
 11 | 	"net/url"
 12 | 	"regexp"
 13 | 	"sync"
 14 | 	"time"
 15 | )
 16 | 
 17 | const (
 18 | 	Path      = ":path"
 19 | 	Method    = ":method"
 20 | 	Authority = ":authority"
 21 | 	Scheme    = ":scheme"
 22 | )
 23 | 
 24 | var ErrUseLastResponse = errors.New("azuretls: use last response")
 25 | 
 26 | // Session represents the core structure for managing and conducting HTTP(S)
 27 | // sessions. It holds configuration settings, headers, cookie storage,
 28 | // connection pool, and other attributes necessary to perform and customize
 29 | // requests.
 30 | type Session struct {
 31 | 	PHeader        PHeader
 32 | 	OrderedHeaders OrderedHeaders
 33 | 
 34 | 	// Default headers for all requests. Deprecated: Use OrderedHeaders instead.
 35 | 	Header http.Header
 36 | 	// Order of headers for all requests.
 37 | 	HeaderOrder HeaderOrder
 38 | 
 39 | 	// Stores cookies across session requests.
 40 | 	CookieJar http.CookieJar
 41 | 
 42 | 	// Name or identifier of the browser used in the session.
 43 | 	Browser string
 44 | 
 45 | 	Transport      *http.Transport
 46 | 	HTTP2Transport *http2.Transport
 47 | 	HTTP3Config    *HTTP3Config
 48 | 
 49 | 	// Function to provide custom TLS handshake details.
 50 | 	GetClientHelloSpec func() *tls.ClientHelloSpec
 51 | 
 52 | 	// Proxy address.
 53 | 	Proxy string
 54 | 	// If true, use HTTP2 for proxy connections.
 55 | 	H2Proxy     bool
 56 | 	ProxyDialer *proxyDialer
 57 | 
 58 | 	// If true, print detailed logs or debugging information. Deprecated: Use Dump instead.
 59 | 	Verbose bool
 60 | 	// Path for logging verbose information. Deprecated: Use Log instead.
 61 | 	VerbosePath string
 62 | 	// List of hosts to ignore when logging verbose info. Deprecated: Use Log instead.
 63 | 	VerboseIgnoreHost []string
 64 | 	// Custom function to handle verbose logging. Deprecated: Use Log instead.
 65 | 	VerboseFunc func(request *Request, response *Response, err error)
 66 | 
 67 | 	// Maximum number of redirects to follow.
 68 | 	MaxRedirects uint
 69 | 
 70 | 	// Maximum time to wait for request to complete.
 71 | 	TimeOut time.Duration
 72 | 
 73 | 	// Deprecated, use PreHookWithContext instead.
 74 | 	PreHook func(request *Request) error
 75 | 	// Function called before sending a request.
 76 | 	PreHookWithContext func(ctx *Context) error
 77 | 
 78 | 	// Deprecated, use CallbackWithContext instead.
 79 | 	Callback func(request *Request, response *Response, err error)
 80 | 
 81 | 	// Function called after receiving a response.
 82 | 	CallbackWithContext func(ctx *Context)
 83 | 
 84 | 	// Function to modify the dialer used for establishing connections.
 85 | 	ModifyDialer func(dialer *net.Dialer) error
 86 | 
 87 | 	// CheckRedirect specifies the policy for handling redirects.
 88 | 	// If CheckRedirect is not nil, the client calls it before
 89 | 	// following an HTTP redirect. The arguments req and via are
 90 | 	// the upcoming request and the requests made already, oldest
 91 | 	// first. If CheckRedirect returns an error, the Session's Get
 92 | 	// method returns both the previous Response (with its Body
 93 | 	// closed) and CheckRedirect's error (wrapped in an url.Error)
 94 | 	// instead of issuing the Request req.
 95 | 	// As a special case, if CheckRedirect returns ErrUseLastResponse,
 96 | 	// then the most recent response is returned, along with a nil error.
 97 | 	//
 98 | 	// If CheckRedirect is nil, the Session uses its default policy,
 99 | 	// which is to stop after 10 consecutive requests.
100 | 	CheckRedirect func(req *Request, reqs []*Request) error
101 | 
102 | 	// Deprecated: This field is ignored as pin verification is always true.
103 | 	// To disable pin verification, use InsecureSkipVerify.
104 | 	VerifyPins bool
105 | 
106 | 	// PinManager is used to manage and verify TLS pins.
107 | 	// By default, DefaultPinManager is used: it is a singleton and is shared across all sessions.
108 | 	// You can create a new PinManager using NewPinManager() and set it here to have a specific pin manager for this Session.
109 | 	PinManager *PinManager
110 | 
111 | 	// If true, server's certificate is not verified (insecure: this may facilitate attack from middleman).
112 | 	InsecureSkipVerify bool
113 | 
114 | 	// Headers for User-Agent and Sec-Ch-Ua, respectively.
115 | 	UserAgent string
116 | 
117 | 	// HeaderPriority specifies the priority of the request's headers.
118 | 	// As this information is not included in the Akamai fingerprint, you may have to specify it manually.
119 | 	// Note that you can also specify the browser in the session so that this is done automatically.
120 | 	HeaderPriority *http2.PriorityParam
121 | 
122 | 	// ProxyHeader defines the headers used for the CONNECT method to the proxy,
123 | 	// you may define the order with the http.HeaderOrderKey
124 | 	ProxyHeader http.Header
125 | 
126 | 	proxyConnected bool
127 | 
128 | 	dump       bool
129 | 	dumpDir    string
130 | 	dumpIgnore []*regexp.Regexp
131 | 
132 | 	logging       bool
133 | 	loggingIgnore []*regexp.Regexp
134 | 
135 | 	ctx context.Context
136 | 
137 | 	mu *sync.Mutex
138 | 
139 | 	closed bool
140 | }
141 | 
142 | // Request represents the details and configuration for an individual HTTP(S)
143 | // request. It encompasses URL, headers, method, body, proxy settings,
144 | // timeouts, and other configurations necessary for customizing the request
145 | // and its execution.
146 | type Request struct {
147 | 	HttpRequest *http.Request
148 | 	Response    *Response
149 | 
150 | 	// HTTP method, e.g., GET, POST.
151 | 	Method string
152 | 
153 | 	Url string
154 | 	// Parsed version of Url.
155 | 	parsedUrl *url.URL
156 | 
157 | 	Body any
158 | 	body []byte
159 | 
160 | 	PHeader        PHeader
161 | 	OrderedHeaders OrderedHeaders
162 | 
163 | 	// Headers for the request. Deprecated: Use OrderedHeaders instead.
164 | 	Header http.Header
165 | 	// Order of headers for the request.
166 | 	HeaderOrder HeaderOrder
167 | 
168 | 	proxy   string
169 | 	ua      string
170 | 	browser string
171 | 
172 | 	// If true, redirects won't be followed.
173 | 	DisableRedirects bool
174 | 	// Maximum number of redirects to follow.
175 | 	MaxRedirects uint
176 | 	// If true, cookies won't be included in the request.
177 | 	NoCookie bool
178 | 	// Maximum time to wait for request to complete.
179 | 	TimeOut time.Duration
180 | 	// Indicates if the current request is a result of a redirection.
181 | 	IsRedirected bool
182 | 	// If true, server's certificate is not verified.
183 | 	InsecureSkipVerify bool
184 | 
185 | 	// If true, the body of the response is not read.
186 | 	// The response body can be read from Response.RawBody and
187 | 	// you will have to close using Response.CloseBody manually.
188 | 	IgnoreBody bool
189 | 	Proto      string
190 | 
191 | 	ForceHTTP1 bool
192 | 	ForceHTTP3 bool
193 | 
194 | 	// Length of content in the request.
195 | 	ContentLength int64
196 | 	// Context for cancellable and timeout operations.
197 | 	ctx context.Context
198 | 
199 | 	startTime time.Time
200 | 
201 | 	deadline time.Time
202 | }
203 | 
204 | // Response encapsulates the received data and metadata from an HTTP(S)
205 | // request. This includes status code, body, headers, cookies, associated
206 | // request details, TLS connection state, etc.
207 | type Response struct {
208 | 	// HTTP status code, e.g., 200, 404.
209 | 	StatusCode int
210 | 
211 | 	// HTTP status message, e.g., "OK", "Not Found".
212 | 	Status string
213 | 
214 | 	// Byte representation of the response body.
215 | 	Body []byte
216 | 	// Raw body stream.
217 | 	RawBody io.ReadCloser
218 | 	// Response headers.
219 | 	Header http.Header
220 | 	// Parsed cookies from the response.
221 | 	Cookies map[string]string
222 | 	// URL from which the response was received.
223 | 	Url string
224 | 	// Indicates if the body of the response was ignored.
225 | 	IgnoreBody bool
226 | 
227 | 	// The underlying HTTP response.
228 | 	HttpResponse *http.Response
229 | 	// Reference to the associated request.
230 | 	Request *Request
231 | 	// Length of content in the response.
232 | 	ContentLength int64
233 | 
234 | 	Session *Session
235 | }
236 | 
237 | // Context represents the context of a request. It holds the session, request,
238 | // response, error, and other details associated with the request.
239 | type Context struct {
240 | 	// Session is the session associated with the request.
241 | 	Session *Session
242 | 
243 | 	// Request is the request being made.
244 | 	Request *Request
245 | 
246 | 	// Response is the response received.
247 | 	// It can be modified to change the response returned by the request.
248 | 	Response *Response
249 | 
250 | 	// Err is the error, if any, that occurred during the request.
251 | 	// It can be modified to change the error returned by the request.
252 | 	Err error
253 | 
254 | 	// Ctx is the context associated with the request.
255 | 	ctx context.Context
256 | 
257 | 	// RequestStartTime is the time when the request was started.
258 | 	RequestStartTime time.Time
259 | }
260 | 


--------------------------------------------------------------------------------
/test/compression_test.go:
--------------------------------------------------------------------------------
 1 | package azuretls
 2 | 
 3 | import (
 4 | 	"github.com/Noooste/azuretls-client"
 5 | 	"strings"
 6 | 	"testing"
 7 | )
 8 | 
 9 | func TestDecompressBody_Gzip(t *testing.T) {
10 | 	session := azuretls.NewSession()
11 | 
12 | 	session.OrderedHeaders = azuretls.OrderedHeaders{
13 | 		{"Accept-Encoding", "gzip"},
14 | 	}
15 | 
16 | 	response, err := session.Get("https://httpbin.org/gzip")
17 | 
18 | 	if err != nil {
19 | 		t.Fatal(err)
20 | 	}
21 | 
22 | 	if !strings.Contains(string(response.Body), "\"gzipped\": true") {
23 | 		t.Fatal("TestDecompressBody_Gzip failed, expected: ", "\"gzipped\": true", ", got: ", string(response.Body))
24 | 	}
25 | }
26 | 
27 | func tTestDecompressBody_Deflate(t *testing.T) {
28 | 	session := azuretls.NewSession()
29 | 
30 | 	session.OrderedHeaders = azuretls.OrderedHeaders{
31 | 		{"Accept-Encoding", "gzip, deflate, br"},
32 | 	}
33 | 
34 | 	response, err := session.Get("https://httpbin.org/deflate")
35 | 
36 | 	if err != nil {
37 | 		t.Fatal(err)
38 | 	}
39 | 
40 | 	if !strings.Contains(string(response.Body), "\"deflated\": true") {
41 | 		t.Fatal("TestDecompressBody_Deflate failed, expected: ", "\"deflated\": true", ", got: ", string(response.Body))
42 | 	}
43 | }
44 | 
45 | func TestDecompressBody_Brotli(t *testing.T) {
46 | 	session := azuretls.NewSession()
47 | 
48 | 	session.OrderedHeaders = azuretls.OrderedHeaders{
49 | 		{"Accept-Encoding", "br"},
50 | 	}
51 | 
52 | 	response, err := session.Get("https://httpbin.org/brotli")
53 | 
54 | 	if err != nil {
55 | 		t.Fatal(err)
56 | 	}
57 | 
58 | 	if !strings.Contains(string(response.Body), "\"brotli\": true") {
59 | 		t.Fatal("TestDecompressBody_Brotli failed, expected: ", "\"brotli\": true", ", got: ", string(response.Body))
60 | 	}
61 | }
62 | 


--------------------------------------------------------------------------------
/test/connection_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"github.com/Noooste/azuretls-client"
  6 | 	"net"
  7 | 	"sync"
  8 | 	"sync/atomic"
  9 | 	"testing"
 10 | 	"time"
 11 | )
 12 | 
 13 | func TestHTTP1Conn(t *testing.T) {
 14 | 	session := azuretls.NewSession()
 15 | 
 16 | 	_, err := session.Get("https://api.ipify.org/")
 17 | 
 18 | 	if err != nil {
 19 | 		t.Fatal(err)
 20 | 	}
 21 | }
 22 | 
 23 | func TestCloudflareRequest(t *testing.T) {
 24 | 	session := azuretls.NewSession()
 25 | 	defer session.Close()
 26 | 
 27 | 	response, err := session.Get("https://www.cloudflare.com/cdn-cgi/trace")
 28 | 
 29 | 	if err != nil {
 30 | 		t.Fatal(err)
 31 | 	}
 32 | 
 33 | 	if response.StatusCode != 200 {
 34 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
 35 | 	}
 36 | }
 37 | 
 38 | func concurrency(session *azuretls.Session, wg *sync.WaitGroup, ok *int64) bool {
 39 | 	defer wg.Done()
 40 | 
 41 | 	for i := 0; i < 10; i++ {
 42 | 		_, err2 := session.Do(&azuretls.Request{
 43 | 			Method: "GET",
 44 | 			Url:    "http://example.com/",
 45 | 		})
 46 | 
 47 | 		if err2 != nil {
 48 | 			fmt.Println(err2)
 49 | 			return false
 50 | 		}
 51 | 	}
 52 | 
 53 | 	atomic.AddInt64(ok, 1)
 54 | 
 55 | 	return true
 56 | }
 57 | 
 58 | func TestHighConcurrency(t *testing.T) {
 59 | 	session := azuretls.NewSession()
 60 | 	defer session.Close()
 61 | 
 62 | 	wait := &sync.WaitGroup{}
 63 | 
 64 | 	var count int64 = 100
 65 | 
 66 | 	wait.Add(int(count))
 67 | 
 68 | 	var ok = new(int64)
 69 | 
 70 | 	var i int64
 71 | 
 72 | 	for i = 0; i < count; i++ {
 73 | 		go concurrency(session, wait, ok)
 74 | 	}
 75 | 
 76 | 	wait.Wait()
 77 | 
 78 | 	if atomic.LoadInt64(ok) < count-1 { //~1 request can fail
 79 | 		t.Fatal("TestHighConcurrency failed, expected: ", count, ", got: ", ok)
 80 | 	}
 81 | }
 82 | 
 83 | func TestPeetClosingConn(t *testing.T) {
 84 | 	session := azuretls.NewSession()
 85 | 	defer session.Close()
 86 | 
 87 | 	_, err := session.Get("https://tls.peet.ws/api/all")
 88 | 
 89 | 	if err != nil {
 90 | 		panic(err)
 91 | 	}
 92 | 
 93 | 	_, err = session.Get("https://tls.peet.ws/api/all")
 94 | 
 95 | 	if err != nil {
 96 | 		panic(err)
 97 | 	}
 98 | }
 99 | 
100 | func TestForceHTTP1Request(t *testing.T) {
101 | 	session := azuretls.NewSession()
102 | 	defer session.Close()
103 | 
104 | 	response, err := session.Do(&azuretls.Request{
105 | 		Method:     "GET",
106 | 		Url:        "https://tls.peet.ws/api/all",
107 | 		ForceHTTP1: true,
108 | 	})
109 | 
110 | 	if err != nil {
111 | 		t.Fatal(err)
112 | 	}
113 | 
114 | 	if response.StatusCode != 200 {
115 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
116 | 	}
117 | 
118 | 	var result map[string]any
119 | 
120 | 	if err = response.JSON(&result); err != nil {
121 | 		t.Fatal(err)
122 | 	}
123 | 
124 | 	if result["http_version"] != "HTTP/1.1" {
125 | 		t.Fatal("TestHeader failed, expected: HTTP/1.1, got: ", result["protocol"])
126 | 	}
127 | 
128 | 	response, err = session.Do(&azuretls.Request{
129 | 		Method: "GET",
130 | 		Url:    "https://tls.peet.ws/api/all",
131 | 	})
132 | 
133 | 	if err != nil {
134 | 		t.Fatal(err)
135 | 	}
136 | 
137 | 	if response.StatusCode != 200 {
138 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
139 | 	}
140 | 
141 | 	if err = response.JSON(&result); err != nil {
142 | 		t.Fatal(err)
143 | 	}
144 | 
145 | 	if result["http_version"] != "h2" {
146 | 		t.Fatal("TestHeader failed, expected: HTTP/1.1, got: ", result["protocol"])
147 | 	}
148 | }
149 | func TestModifyDialer(t *testing.T) {
150 | 	session := azuretls.NewSession()
151 | 	defer session.Close()
152 | 
153 | 	session.ModifyDialer = func(dialer *net.Dialer) error {
154 | 		dialer.Timeout = 10 * time.Second
155 | 		return nil
156 | 	}
157 | 
158 | 	response, err := session.Get("https://tls.peet.ws/api/all")
159 | 
160 | 	if err != nil {
161 | 		t.Fatal(err)
162 | 	}
163 | 
164 | 	if response.StatusCode != 200 {
165 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
166 | 	}
167 | }
168 | 


--------------------------------------------------------------------------------
/test/cookies_test.go:
--------------------------------------------------------------------------------
 1 | package azuretls_test
 2 | 
 3 | import (
 4 | 	"github.com/Noooste/azuretls-client"
 5 | 	http "github.com/Noooste/fhttp"
 6 | 	"testing"
 7 | )
 8 | 
 9 | func TestCookiesToString(t *testing.T) {
10 | 	cookies := []*http.Cookie{
11 | 		{
12 | 			Name:  "test",
13 | 			Value: "test",
14 | 		},
15 | 	}
16 | 
17 | 	if azuretls.CookiesToString(cookies) != "test=test" {
18 | 		t.Fatal("TestCookiesToString failed, expected: test=test, got: ", azuretls.CookiesToString(cookies))
19 | 	}
20 | }
21 | 
22 | func TestGetCookiesMap(t *testing.T) {
23 | 	cookies := []*http.Cookie{
24 | 		{
25 | 			Name:  "test",
26 | 			Value: "test",
27 | 		},
28 | 	}
29 | 
30 | 	if azuretls.GetCookiesMap(cookies)["test"] != "test" {
31 | 		t.Fatal("TestGetCookiesMap failed, expected: test=test, got: ", azuretls.GetCookiesMap(cookies)["test"])
32 | 	}
33 | }
34 | 


--------------------------------------------------------------------------------
/test/header_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/azuretls-client"
  5 | 	http "github.com/Noooste/fhttp"
  6 | 	"regexp"
  7 | 	"testing"
  8 | )
  9 | 
 10 | var userAgentReg = regexp.MustCompile(`user-agent`)
 11 | var contentTypeReg = regexp.MustCompile(`content-type`)
 12 | var acceptReg = regexp.MustCompile(`accept`)
 13 | 
 14 | func TestHeader(t *testing.T) {
 15 | 	session := azuretls.NewSession()
 16 | 	defer session.Close()
 17 | 
 18 | 	session.OrderedHeaders = azuretls.OrderedHeaders{
 19 | 		{"user-agent", "test"},
 20 | 		{"accept", "application/json"},
 21 | 	}
 22 | 
 23 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 24 | 
 25 | 	if err != nil {
 26 | 		t.Fatal(err)
 27 | 	}
 28 | 
 29 | 	if response.StatusCode != 200 {
 30 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
 31 | 	}
 32 | 
 33 | 	uaIndex := userAgentReg.FindIndex(response.Body)
 34 | 	if uaIndex == nil {
 35 | 		t.Fatal("TestHeader failed, User-Agent should be present")
 36 | 	}
 37 | 
 38 | 	acceptIndex := acceptReg.FindIndex(response.Body)
 39 | 	if acceptIndex == nil {
 40 | 		t.Fatal("TestHeader failed, Accept should be present")
 41 | 	}
 42 | 
 43 | 	if uaIndex[0] > acceptIndex[0] {
 44 | 		t.Fatal("TestHeader failed, User-Agent should be before Accept")
 45 | 	}
 46 | 
 47 | 	session = azuretls.NewSession()
 48 | 
 49 | 	session.OrderedHeaders = azuretls.OrderedHeaders{
 50 | 		{"accept", "application/json"},
 51 | 		{"user-agent", "test"},
 52 | 	}
 53 | 
 54 | 	response, err = session.Get("https://tls.peet.ws/api/all")
 55 | 
 56 | 	if err != nil {
 57 | 		t.Fatal(err)
 58 | 	}
 59 | 
 60 | 	if response.StatusCode != 200 {
 61 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
 62 | 	}
 63 | 
 64 | 	uaIndex = userAgentReg.FindIndex(response.Body)
 65 | 	if uaIndex == nil {
 66 | 		t.Fatal("TestHeader failed, User-Agent should be present")
 67 | 	}
 68 | 
 69 | 	acceptIndex = acceptReg.FindIndex(response.Body)
 70 | 	if acceptIndex == nil {
 71 | 		t.Fatal("TestHeader failed, Accept should be present")
 72 | 	}
 73 | 
 74 | 	if uaIndex[0] < acceptIndex[0] {
 75 | 		t.Fatal("TestHeader failed, User-Agent should be before Accept")
 76 | 	}
 77 | }
 78 | 
 79 | func TestHeader2(t *testing.T) {
 80 | 	session := azuretls.NewSession()
 81 | 
 82 | 	session.Header = http.Header{
 83 | 		"accept":     {"application/json"},
 84 | 		"user-agent": {"test"},
 85 | 	}
 86 | 
 87 | 	session.HeaderOrder = []string{"user-agent", "content-type", "accept"}
 88 | 
 89 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 90 | 
 91 | 	if err != nil {
 92 | 		t.Fatal(err)
 93 | 	}
 94 | 
 95 | 	if response.StatusCode != 200 {
 96 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
 97 | 	}
 98 | }
 99 | 
100 | type scrapeResponse struct {
101 | 	HttpProtocolVersion string `json:"http_protocol_version"`
102 | 	Http2               struct {
103 | 		Fingerprint string `json:"fingerprint"`
104 | 		Digest      string `json:"digest"`
105 | 		Http2Frames []struct {
106 | 			Type        int    `json:"type"`
107 | 			Name        string `json:"name"`
108 | 			SettingsMap struct {
109 | 				Field1 int `json:"1"`
110 | 				Field2 int `json:"2"`
111 | 				Field3 int `json:"4"`
112 | 				Field4 int `json:"6"`
113 | 			} `json:"settings_map,omitempty"`
114 | 			SettingsOrder     []int `json:"settings_order,omitempty"`
115 | 			Increment         int   `json:"increment,omitempty"`
116 | 			Stream            int   `json:"stream,omitempty"`
117 | 			Headers           http.Header
118 | 			OrderedHeadersKey []string `json:"ordered_headers_key,omitempty"`
119 | 		} `json:"http2_frames"`
120 | 	} `json:"http2"`
121 | 	Headers struct {
122 | 		Fingerprint string `json:"fingerprint"`
123 | 		Digest      string `json:"digest"`
124 | 		Headers     map[string]string
125 | 		Tls         struct {
126 | 			Ja3              string `json:"ja3"`
127 | 			Ja3Digest        string `json:"ja3_digest"`
128 | 			Ja3N             string `json:"ja3n"`
129 | 			Ja3NDigest       string `json:"ja3n_digest"`
130 | 			ScrapflyFp       string `json:"scrapfly_fp"`
131 | 			ScrapflyFpDigest string `json:"scrapfly_fp_digest"`
132 | 		} `json:"tls"`
133 | 	}
134 | }
135 | 
136 | func checkOrder(response scrapeResponse, expectedOrder []string) bool {
137 | 	for _, frame := range response.Http2.Http2Frames {
138 | 		if frame.Name == "HEADERS" {
139 | 			for i, order := range frame.OrderedHeadersKey[4:] {
140 | 				if expectedOrder[i] != order {
141 | 					return false
142 | 				}
143 | 			}
144 | 		}
145 | 	}
146 | 
147 | 	return true
148 | }
149 | 
150 | func TestHeaderAndOrderInParamWithRedirect(t *testing.T) {
151 | 	session := azuretls.NewSession()
152 | 	defer session.Close()
153 | 
154 | 	session.Log()
155 | 
156 | 	orders := azuretls.HeaderOrder{"cache-control", "sec-ch-ua", "sec-ch-ua-mobile", "sec-ch-ua-platform", "upgrade-insecure-requests", "user-agent", "accept", "sec-fetch-site", "sec-fetch-mode", "sec-fetch-user", "sec-fetch-dest", "accept-encoding", "accept-language"}
157 | 	headers := http.Header{
158 | 		"accept":                    {"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"},
159 | 		"accept-encoding":           {"gzip, deflate, br"},
160 | 		"accept-language":           {"zh-HK,zh-TW;q=0.9,zh;q=0.8"},
161 | 		"cache-control":             {"max-age=0"},
162 | 		"sec-ch-ua":                 {`"Not_A Brand";v="8", "Chromium";v="120", "Google Chrome";v="120"`},
163 | 		"sec-ch-ua-mobile":          {"?0"},
164 | 		"sec-ch-ua-platform":        {`"Windows"`},
165 | 		"sec-fetch-site":            {"none"},
166 | 		"sec-fetch-mode":            {"navigate"},
167 | 		"sec-fetch-user":            {"?1"},
168 | 		"sec-fetch-dest":            {"document"},
169 | 		"user-agent":                {"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"},
170 | 		"upgrade-insecure-requests": {"1"},
171 | 	}
172 | 
173 | 	response, err := session.Get("https://jigsaw.w3.org/HTTP/300/302.html", headers, orders)
174 | 
175 | 	if err != nil {
176 | 		t.Fatal(err)
177 | 	}
178 | 
179 | 	if response.StatusCode != 200 {
180 | 		t.Fatal("TestHeader failed, expected: 200, got: ", response.StatusCode)
181 | 	}
182 | }
183 | 
184 | func TestOrderedHeaders_Get(t *testing.T) {
185 | 	headers := azuretls.OrderedHeaders{
186 | 		{"user-agent", "test"},
187 | 		{"content-type", "application/json"},
188 | 		{"accept", "application/json"},
189 | 	}
190 | 
191 | 	if headers.Get("accept") != "application/json" {
192 | 		t.Fatal("TestOrderedHeaders_Get failed, expected: application/json, got: ", headers.Get("accept"))
193 | 	}
194 | }
195 | 
196 | func TestOrderedHeaders_Add(t *testing.T) {
197 | 	headers := azuretls.OrderedHeaders{
198 | 		{"user-agent", "test"},
199 | 		{"content-type", "application/json"},
200 | 		{"accept", "application/json"},
201 | 	}
202 | 
203 | 	headers.Add("accept", "application/xml")
204 | 
205 | 	if len(headers) != 3 {
206 | 		t.Fatal("TestOrderedHeaders_Add failed, expected: 3, got: ", len(headers))
207 | 	}
208 | 
209 | 	if headers.Get("accept") != "application/json; application/xml" {
210 | 		t.Fatal("TestOrderedHeaders_Add failed, expected: application/xml, got: ", headers.Get("accept"))
211 | 	}
212 | }
213 | 
214 | func TestOrderedHeaders_Del(t *testing.T) {
215 | 
216 | 	headers := azuretls.OrderedHeaders{
217 | 		{"user-agent", "test"},
218 | 		{"content-type", "application/json"},
219 | 		{"accept", "application/json"},
220 | 	}
221 | 
222 | 	headers = headers.Remove("accept")
223 | 
224 | 	if len(headers) != 2 {
225 | 		t.Fatal("TestOrderedHeaders_Del failed, expected: 2, got: ", len(headers))
226 | 	}
227 | 
228 | 	if headers.Get("accept") != "" {
229 | 		t.Fatal("TestOrderedHeaders_Del failed, expected: , got: ", headers.Get("accept"))
230 | 	}
231 | }
232 | 
233 | func TestOrderedHeaders_Set(t *testing.T) {
234 | 
235 | 	headers := azuretls.OrderedHeaders{
236 | 		{"user-agent", "test"},
237 | 		{"content-type", "application/json"},
238 | 		{"accept", "application/json"},
239 | 	}
240 | 
241 | 	headers.Set("accept", "application/xml")
242 | 
243 | 	if len(headers) != 3 {
244 | 		t.Fatal("TestOrderedHeaders_Set failed, expected: 3, got: ", len(headers))
245 | 	}
246 | 
247 | 	if headers.Get("accept") != "application/xml" {
248 | 		t.Fatal("TestOrderedHeaders_Set failed, expected: application/xml, got: ", headers.Get("accept"))
249 | 	}
250 | }
251 | 
252 | func TestOrderedHeaders_Set2(t *testing.T) {
253 | 
254 | 	headers := azuretls.OrderedHeaders{
255 | 		{"user-agent", "test"},
256 | 		{"content-type", "application/json"},
257 | 		{"accept", "application/json"},
258 | 	}
259 | 
260 | 	headers.Set("accept2", "application/xml")
261 | 
262 | 	if len(headers) != 4 {
263 | 		t.Fatal("TestOrderedHeaders_Set failed, expected: 3, got: ", len(headers))
264 | 	}
265 | 
266 | 	if headers.Get("accept2") != "application/xml" {
267 | 		t.Fatal("TestOrderedHeaders_Set failed, expected: application/xml, got: ", headers.Get("accept2"))
268 | 	}
269 | }
270 | 
271 | func TestContentTypeInGetRequest(t *testing.T) {
272 | 	session := azuretls.NewSession()
273 | 
274 | 	response, err := session.Get("https://tls.peet.ws/api/all", azuretls.OrderedHeaders{
275 | 		{"content-type", "application/json"},
276 | 	})
277 | 
278 | 	if err != nil {
279 | 		t.Fatal(err)
280 | 	}
281 | 
282 | 	if contentTypeReg.FindIndex(response.Body) == nil {
283 | 		t.Fatal("TestContentTypeInGetRequest failed, Content-Type should be present")
284 | 	}
285 | }
286 | 


--------------------------------------------------------------------------------
/test/http2_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"encoding/json"
  5 | 	"github.com/Noooste/azuretls-client"
  6 | 	"testing"
  7 | )
  8 | 
  9 | func TestSession_ApplyAkamaiFingerprintChrome(t *testing.T) {
 10 | 
 11 | 	session := azuretls.NewSession()
 12 | 
 13 | 	expectedAf := "1:65536;2:0;3:1000;4:6291456;6:262144|15663105|0|m,s,a,p"
 14 | 
 15 | 	if err := session.ApplyHTTP2(expectedAf); err != nil {
 16 | 		t.Fatal(err)
 17 | 	}
 18 | 
 19 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 20 | 
 21 | 	if err != nil {
 22 | 		t.Fatal(err)
 23 | 	}
 24 | 
 25 | 	if response.StatusCode != 200 {
 26 | 		t.Fatal("Expected 200")
 27 | 	}
 28 | 
 29 | 	var loaded map[string]any
 30 | 
 31 | 	err = json.Unmarshal(response.Body, &loaded)
 32 | 
 33 | 	if err != nil {
 34 | 		t.Fatal(err)
 35 | 	}
 36 | 
 37 | 	af := loaded["http2"].(map[string]any)["akamai_fingerprint"].(string)
 38 | 
 39 | 	if af != expectedAf {
 40 | 		t.Fatal("Expected "+expectedAf+", got ", af)
 41 | 	}
 42 | }
 43 | 
 44 | func TestSession_ApplyAkamaiFingerprintFirefox(t *testing.T) {
 45 | 
 46 | 	session := azuretls.NewSession()
 47 | 	expectedAf := "1:65536;4:131072;5:16384|12517377|3:0:0:201,5:0:0:101,7:0:0:1,9:0:7:1,11:0:3:1,13:0:0:241|m,p,a,s"
 48 | 
 49 | 	if err := session.ApplyHTTP2(expectedAf); err != nil {
 50 | 		t.Fatal(err)
 51 | 	}
 52 | 
 53 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 54 | 
 55 | 	if err != nil {
 56 | 		t.Fatal(err)
 57 | 	}
 58 | 
 59 | 	if response.StatusCode != 200 {
 60 | 		t.Fatal("Expected 200")
 61 | 	}
 62 | 
 63 | 	var loaded map[string]any
 64 | 
 65 | 	err = json.Unmarshal(response.Body, &loaded)
 66 | 
 67 | 	if err != nil {
 68 | 		t.Fatal(err)
 69 | 	}
 70 | 
 71 | 	af := loaded["http2"].(map[string]any)["akamai_fingerprint"].(string)
 72 | 
 73 | 	if af != expectedAf {
 74 | 		t.Fatal("Expected "+expectedAf+", got ", af)
 75 | 	}
 76 | }
 77 | 
 78 | func TestIos(t *testing.T) {
 79 | 	session := azuretls.NewSession()
 80 | 	session.Browser = azuretls.Ios
 81 | 	expected := "1:4096;3:100;4:2097152;5:16384;6:4294967295|15663105|0|m,s,p,a"
 82 | 
 83 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 84 | 
 85 | 	if err != nil {
 86 | 		t.Fatal(err)
 87 | 	}
 88 | 
 89 | 	if response.StatusCode != 200 {
 90 | 		t.Fatal("Expected 200")
 91 | 	}
 92 | 
 93 | 	var loaded map[string]any
 94 | 
 95 | 	err = json.Unmarshal(response.Body, &loaded)
 96 | 
 97 | 	if err != nil {
 98 | 		t.Fatal(err)
 99 | 	}
100 | 
101 | 	af := loaded["http2"].(map[string]any)["akamai_fingerprint"].(string)
102 | 
103 | 	if af != expected {
104 | 		t.Fatal("Expected "+expected+", got ", af)
105 | 	}
106 | }
107 | 
108 | func applyBadHTTP2(t *testing.T, s *azuretls.Session, fp string) {
109 | 	if err := s.ApplyHTTP2(fp); err == nil {
110 | 		t.Fatal("Expected error on fingerprint: ", fp)
111 | 	}
112 | }
113 | 
114 | func TestWrongFp(t *testing.T) {
115 | 	session := azuretls.NewSession()
116 | 	applyBadHTTP2(t, session, "1:65536,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,v")
117 | 	applyBadHTTP2(t, session, "1:65536,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p,v")
118 | 	applyBadHTTP2(t, session, "1,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p")
119 | 	applyBadHTTP2(t, session, "1:a,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p")
120 | 	applyBadHTTP2(t, session, "a:1,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p")
121 | 	applyBadHTTP2(t, session, "a:1,2:0,3:1000,4:6291456,6:262144|15663105|0|m,s,a,p")
122 | 	applyBadHTTP2(t, session, "a:1,2:0,3:1000,4:6291456,6:262144|a|0|m,s,a,p")
123 | 	applyBadHTTP2(t, session, "a:1,2:0,3:1000,4:6291456,6:262144|0|a|m,s,a,p")
124 | 	applyBadHTTP2(t, session, "0|0|a|m,s,a,p")
125 | 	applyBadHTTP2(t, session, "0|0|1:2::|m,s,a,p")
126 | 	applyBadHTTP2(t, session, "0|0|a:2:3:4|m,s,a,p")
127 | 	applyBadHTTP2(t, session, "0|0|1:a:3:4|m,s,a,p")
128 | 	applyBadHTTP2(t, session, "0|0|1:2:a:4|m,s,a,p")
129 | 	applyBadHTTP2(t, session, "0|0|1:2:3:a|m,s,a,p")
130 | }
131 | 


--------------------------------------------------------------------------------
/test/http3_test.go:
--------------------------------------------------------------------------------
  1 | // test/http3_socks5_test.go
  2 | package azuretls_test
  3 | 
  4 | import (
  5 | 	"testing"
  6 | 	"time"
  7 | 
  8 | 	"github.com/Noooste/azuretls-client"
  9 | )
 10 | 
 11 | func TestHTTP3Direct(t *testing.T) {
 12 | 	// Create session
 13 | 	session := azuretls.NewSession()
 14 | 	defer session.Close()
 15 | 
 16 | 	// Enable HTTP/3
 17 | 	err := session.EnableHTTP3()
 18 | 	if err != nil {
 19 | 		t.Fatal(err)
 20 | 	}
 21 | 
 22 | 	// Enable logging
 23 | 	session.Log()
 24 | 
 25 | 	// Test direct HTTP/3
 26 | 	resp, err := session.Do(&azuretls.Request{
 27 | 		Method:     "GET",
 28 | 		Url:        "https://cloudflare.com/cdn-cgi/trace", // Cloudflare supports HTTP/3
 29 | 		ForceHTTP3: true,
 30 | 		TimeOut:    10 * time.Second,
 31 | 	})
 32 | 
 33 | 	if err != nil {
 34 | 		t.Fatal(err)
 35 | 	}
 36 | 
 37 | 	// Check response
 38 | 	if resp.StatusCode != 200 {
 39 | 		t.Fatalf("Expected status 200, got %d", resp.StatusCode)
 40 | 	}
 41 | 
 42 | 	// Verify HTTP/3 was used
 43 | 	if resp.HttpResponse.Proto != "HTTP/3.0" {
 44 | 		t.Logf("Warning: Expected HTTP/3.0, got %s (server might not support HTTP/3)", resp.HttpResponse.Proto)
 45 | 	}
 46 | 
 47 | 	t.Logf("Response body: %s", string(resp.Body))
 48 | }
 49 | 
 50 | //func TestHTTP3WithSOCKS5(t *testing.T) {
 51 | //	// Start a local SOCKS5 server for testing
 52 | //	server, err := socks5.NewClassicServer("127.0.0.1:1080", "127.0.0.1", "", "", 0, 0)
 53 | //	if err != nil {
 54 | //		t.Fatal(err)
 55 | //	}
 56 | //
 57 | //	// Start the server in background
 58 | //	go func() {
 59 | //		if err := server.ListenAndServe(nil); err != nil {
 60 | //			log.Printf("SOCKS5 server error: %v", err)
 61 | //		}
 62 | //	}()
 63 | //
 64 | //	// Wait for server to start
 65 | //	time.Sleep(time.Second)
 66 | //
 67 | //	// Create session
 68 | //	session := azuretls.NewSession()
 69 | //	defer session.Close()
 70 | //
 71 | //	// Set SOCKS5 proxy
 72 | //	if err := session.SetProxy("socks5://127.0.0.1:1080"); err != nil {
 73 | //		t.Fatal(err)
 74 | //	}
 75 | //
 76 | //	// Enable HTTP/3
 77 | //	err = session.EnableHTTP3()
 78 | //	if err != nil {
 79 | //		t.Fatal(err)
 80 | //	}
 81 | //
 82 | //	// Enable logging
 83 | //	session.Log()
 84 | //
 85 | //	// Test direct HTTP/3
 86 | //	resp, err := session.Do(&azuretls.Request{
 87 | //		Method:     "GET",
 88 | //		Url:        "https://fp.impersonate.pro/api/http3", // Cloudflare supports HTTP/3
 89 | //		ForceHTTP3: true,
 90 | //		TimeOut:    10 * time.Second,
 91 | //	})
 92 | //
 93 | //	if err != nil {
 94 | //		t.Fatal(err)
 95 | //	}
 96 | //
 97 | //	// Check response
 98 | //	if resp.StatusCode != 200 {
 99 | //		t.Fatalf("Expected status 200, got %d", resp.StatusCode)
100 | //	}
101 | //
102 | //	// Verify HTTP/3 was used
103 | //	if resp.HttpResponse.Proto != "HTTP/3.0" {
104 | //		t.Logf("Warning: Expected HTTP/3.0, got %s (server might not support HTTP/3)", resp.HttpResponse.Proto)
105 | //	}
106 | //
107 | //	t.Logf("Response body: %s", string(resp.Body))
108 | //}
109 | //
110 | //func TestSOCKS5UDPDirect(t *testing.T) {
111 | //	// Start a local SOCKS5 server
112 | //	server, err := socks5.NewClassicServer("127.0.0.1:1081", "127.0.0.1", "", "", 0, 0)
113 | //	if err != nil {
114 | //		t.Fatal(err)
115 | //	}
116 | //
117 | //	go func() {
118 | //		if err := server.ListenAndServe(nil); err != nil {
119 | //			log.Printf("SOCKS5 server error: %v", err)
120 | //		}
121 | //	}()
122 | //
123 | //	time.Sleep(time.Second)
124 | //
125 | //	// Test direct SOCKS5 UDP connection
126 | //	dialer := azuretls.NewSOCKS5UDPDialer("127.0.0.1:1081", "", "")
127 | //
128 | //	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
129 | //	defer cancel()
130 | //
131 | //	conn, err := dialer.DialUDP(ctx, "udp", "8.8.8.8:53")
132 | //	if err != nil {
133 | //		t.Fatal(err)
134 | //	}
135 | //	defer conn.Close()
136 | //
137 | //	// Build a simple DNS query
138 | //	query := buildDNSQuery("example.com")
139 | //
140 | //	_, err = conn.Write(query)
141 | //	if err != nil {
142 | //		t.Fatal(err)
143 | //	}
144 | //
145 | //	// Read response
146 | //	response := make([]byte, 512)
147 | //	n, err := conn.Read(response)
148 | //	if err != nil {
149 | //		t.Fatal(err)
150 | //	}
151 | //
152 | //	if n < 12 {
153 | //		t.Fatal("DNS response too short")
154 | //	}
155 | //
156 | //	t.Logf("Successfully received DNS response of %d bytes", n)
157 | //}
158 | //
159 | //func TestHTTP3MultipleRequests(t *testing.T) {
160 | //	// Start SOCKS5 server
161 | //	server, err := socks5.NewClassicServer("127.0.0.1:1082", "127.0.0.1", "", "", 0, 0)
162 | //	if err != nil {
163 | //		t.Fatal(err)
164 | //	}
165 | //
166 | //	go func() {
167 | //		if err := server.ListenAndServe(nil); err != nil {
168 | //			log.Printf("SOCKS5 server error: %v", err)
169 | //		}
170 | //	}()
171 | //
172 | //	time.Sleep(time.Second)
173 | //
174 | //	// Create session
175 | //	session := azuretls.NewSession()
176 | //	defer session.Close()
177 | //
178 | //	if err := session.SetProxy("socks5://127.0.0.1:1082"); err != nil {
179 | //		t.Fatal(err)
180 | //	}
181 | //
182 | //	err = session.EnableHTTP3()
183 | //	if err != nil {
184 | //		t.Fatal(err)
185 | //	}
186 | //
187 | //	// Test multiple sites that support HTTP/3
188 | //	sites := []string{
189 | //		"https://cloudflare.com/cdn-cgi/trace",
190 | //		"https://blog.cloudflare.com/",
191 | //		"https://one.one.one.one/",
192 | //	}
193 | //
194 | //	for _, site := range sites {
195 | //		t.Run(site, func(t *testing.T) {
196 | //			resp, err := session.Do(&azuretls.Request{
197 | //				Method:     "GET",
198 | //				Url:        site,
199 | //				ForceHTTP3: true,
200 | //				TimeOut:    10 * time.Second,
201 | //			})
202 | //
203 | //			if err != nil {
204 | //				t.Errorf("Failed to fetch %s: %v", site, err)
205 | //				return
206 | //			}
207 | //
208 | //			if resp.StatusCode != 200 {
209 | //				t.Errorf("Expected status 200 for %s, got %d", site, resp.StatusCode)
210 | //				return
211 | //			}
212 | //
213 | //			t.Logf("%s - Protocol: %s, Status: %d", site, resp.HttpResponse.Proto, resp.StatusCode)
214 | //		})
215 | //	}
216 | //}
217 | //
218 | //func TestHTTP3Fallback(t *testing.T) {
219 | //	// Start SOCKS5 server
220 | //	server, err := socks5.NewClassicServer("127.0.0.1:1083", "127.0.0.1", "", "", 0, 0)
221 | //	if err != nil {
222 | //		t.Fatal(err)
223 | //	}
224 | //
225 | //	go func() {
226 | //		if err := server.ListenAndServe(nil); err != nil {
227 | //			log.Printf("SOCKS5 server error: %v", err)
228 | //		}
229 | //	}()
230 | //
231 | //	time.Sleep(time.Second)
232 | //
233 | //	// Create session
234 | //	session := azuretls.NewSession()
235 | //	defer session.Close()
236 | //
237 | //	if err := session.SetProxy("socks5://127.0.0.1:1083"); err != nil {
238 | //		t.Fatal(err)
239 | //	}
240 | //
241 | //	err = session.EnableHTTP3()
242 | //	if err != nil {
243 | //		t.Fatal(err)
244 | //	}
245 | //
246 | //	// Test site that might not support HTTP/3
247 | //	resp, err := session.Get("https://example.com")
248 | //
249 | //	if err != nil {
250 | //		t.Fatal(err)
251 | //	}
252 | //
253 | //	if resp.StatusCode != 200 {
254 | //		t.Fatalf("Expected status 200, got %d", resp.StatusCode)
255 | //	}
256 | //
257 | //	// Should fall back to HTTP/2 or HTTP/1.1
258 | //	t.Logf("Protocol used: %s (fallback is expected for sites without HTTP/3)", resp.HttpResponse.Proto)
259 | //}
260 | //
261 | //// Helper function to build DNS query
262 | //func buildDNSQuery(domain string) []byte {
263 | //	query := make([]byte, 0, 512)
264 | //
265 | //	// Header
266 | //	query = append(query, 0x00, 0x01) // ID
267 | //	query = append(query, 0x01, 0x00) // Flags
268 | //	query = append(query, 0x00, 0x01) // Questions
269 | //	query = append(query, 0x00, 0x00) // Answers
270 | //	query = append(query, 0x00, 0x00) // Authority
271 | //	query = append(query, 0x00, 0x00) // Additional
272 | //
273 | //	// Question
274 | //	parts := []string{}
275 | //	for _, p := range strings.Split(domain, ".") {
276 | //		if p != "" {
277 | //			parts = append(parts, p)
278 | //		}
279 | //	}
280 | //
281 | //	for _, part := range parts {
282 | //		query = append(query, byte(len(part)))
283 | //		query = append(query, []byte(part)...)
284 | //	}
285 | //	query = append(query, 0x00)       // Root
286 | //	query = append(query, 0x00, 0x01) // Type A
287 | //	query = append(query, 0x00, 0x01) // Class IN
288 | //
289 | //	return query
290 | //}
291 | //
292 | //func TestSOCKS5Authentication(t *testing.T) {
293 | //	// Test with username/password authentication
294 | //	server, err := socks5.NewClassicServer("127.0.0.1:1084", "127.0.0.1", "testuser", "testpass", 0, 0)
295 | //	if err != nil {
296 | //		t.Fatal(err)
297 | //	}
298 | //
299 | //	go func() {
300 | //		if err := server.ListenAndServe(nil); err != nil {
301 | //			log.Printf("SOCKS5 server error: %v", err)
302 | //		}
303 | //	}()
304 | //
305 | //	time.Sleep(time.Second)
306 | //
307 | //	// Test with correct credentials
308 | //	session := azuretls.NewSession()
309 | //	defer session.Close()
310 | //
311 | //	if err := session.SetProxy("socks5://testuser:testpass@127.0.0.1:1084"); err != nil {
312 | //		t.Fatal(err)
313 | //	}
314 | //
315 | //	err = session.EnableHTTP3()
316 | //	if err != nil {
317 | //		t.Fatal(err)
318 | //	}
319 | //
320 | //	resp, err := session.Get("https://cloudflare.com/cdn-cgi/trace")
321 | //	if err != nil {
322 | //		t.Fatal(err)
323 | //	}
324 | //
325 | //	if resp.StatusCode != 200 {
326 | //		t.Fatalf("Expected status 200, got %d", resp.StatusCode)
327 | //	}
328 | //
329 | //	t.Log("Authentication successful")
330 | //}
331 | //
332 | //// Benchmark SOCKS5 UDP performance
333 | //func BenchmarkSOCKS5UDP(b *testing.B) {
334 | //	// Start server
335 | //	server, err := socks5.NewClassicServer("127.0.0.1:1085", "127.0.0.1", "", "", 0, 0)
336 | //	if err != nil {
337 | //		b.Fatal(err)
338 | //	}
339 | //
340 | //	go func() {
341 | //		if err := server.ListenAndServe(nil); err != nil {
342 | //			log.Printf("SOCKS5 server error: %v", err)
343 | //		}
344 | //	}()
345 | //
346 | //	time.Sleep(time.Second)
347 | //
348 | //	dialer := azuretls.NewSOCKS5UDPDialer("127.0.0.1:1085", "", "")
349 | //	ctx := context.Background()
350 | //
351 | //	conn, err := dialer.DialUDP(ctx, "udp", "8.8.8.8:53")
352 | //	if err != nil {
353 | //		b.Fatal(err)
354 | //	}
355 | //	defer conn.Close()
356 | //
357 | //	query := buildDNSQuery("example.com")
358 | //	response := make([]byte, 512)
359 | //
360 | //	b.ResetTimer()
361 | //
362 | //	for i := 0; i < b.N; i++ {
363 | //		_, err := conn.Write(query)
364 | //		if err != nil {
365 | //			b.Fatal(err)
366 | //		}
367 | //
368 | //		_, err = conn.Read(response)
369 | //		if err != nil {
370 | //			b.Fatal(err)
371 | //		}
372 | //	}
373 | //}
374 | 


--------------------------------------------------------------------------------
/test/ja3_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/azuretls-client"
  5 | 	"log"
  6 | 	"os"
  7 | 	"strings"
  8 | 	"sync"
  9 | 	"testing"
 10 | )
 11 | 
 12 | func TestDefaultConfig(t *testing.T) {
 13 | 	session := azuretls.NewSession()
 14 | 
 15 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 16 | 
 17 | 	if err != nil {
 18 | 		t.Fatal(err)
 19 | 	}
 20 | 
 21 | 	if response.StatusCode != 200 {
 22 | 		t.Fatal("Expected 200")
 23 | 	}
 24 | }
 25 | 
 26 | func TestChrome(t *testing.T) {
 27 | 	session := azuretls.NewSession()
 28 | 
 29 | 	var ja3 = "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,65281-27-0-51-65037-23-5-35-11-13-10-16-18-43-45-17613,29-23-24,0"
 30 | 	if err := session.ApplyJa3(ja3, azuretls.Chrome); err != nil {
 31 | 		t.Fatal(err)
 32 | 	}
 33 | 
 34 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 35 | 
 36 | 	if err != nil {
 37 | 		t.Fatal(err)
 38 | 	}
 39 | 
 40 | 	if response.StatusCode != 200 {
 41 | 		t.Fatal("Expected 200")
 42 | 		return
 43 | 	}
 44 | 
 45 | 	var loaded map[string]any
 46 | 
 47 | 	response.MustJSON(&loaded)
 48 | 
 49 | 	ref := strings.Split(ja3, ",")
 50 | 
 51 | 	actual := strings.Split(loaded["tls"].(map[string]any)["ja3"].(string), ",")
 52 | 
 53 | 	if len(actual) != 5 {
 54 | 		t.Fatal("Expected 4 parts, got ", len(actual))
 55 | 		return
 56 | 	}
 57 | 
 58 | 	if actual[0] != ref[0] {
 59 | 		t.Fatal("Expected "+ref[0]+", got ", actual[0])
 60 | 		return
 61 | 	}
 62 | 
 63 | 	if actual[1] != ref[1] {
 64 | 		t.Fatal("Expected "+ref[1]+", got ", actual[1])
 65 | 		return
 66 | 	}
 67 | 
 68 | 	if actual[2] != ref[2] && strings.TrimSuffix(ref[2], "-21") != strings.TrimSuffix(ref[2], "-21") {
 69 | 		t.Fatal("Expected "+ref[2]+", got ", actual[2])
 70 | 		return
 71 | 	}
 72 | 
 73 | 	if actual[3] != ref[3] {
 74 | 		t.Fatal("Expected "+ref[3]+", got ", actual[3])
 75 | 		return
 76 | 	}
 77 | 
 78 | 	if actual[4] != ref[4] {
 79 | 		t.Fatal("Expected "+ref[4]+", got ", actual[4])
 80 | 		return
 81 | 	}
 82 | }
 83 | 
 84 | func TestFirefox(t *testing.T) {
 85 | 	session := azuretls.NewSession()
 86 | 
 87 | 	var ja3 = "771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-34-51-43-13-45-28-65037,29-23-24-25-256-257,0"
 88 | 	if err := session.ApplyJa3(ja3, azuretls.Firefox); err != nil {
 89 | 		t.Fatal(err)
 90 | 	}
 91 | 
 92 | 	response, err := session.Get("https://tls.peet.ws/api/all")
 93 | 
 94 | 	if err != nil {
 95 | 		t.Fatal(err)
 96 | 	}
 97 | 
 98 | 	if response.StatusCode != 200 {
 99 | 		t.Fatal("Expected 200")
100 | 		return
101 | 	}
102 | 
103 | 	var loaded map[string]any
104 | 
105 | 	response.MustJSON(&loaded)
106 | 
107 | 	ref := strings.Split(ja3, ",")
108 | 
109 | 	actual := strings.Split(loaded["tls"].(map[string]any)["ja3"].(string), ",")
110 | 
111 | 	if len(actual) != 5 {
112 | 		t.Fatal("Expected 4 parts, got ", len(actual))
113 | 		return
114 | 	}
115 | 
116 | 	if actual[0] != ref[0] {
117 | 		t.Fatal("Expected "+ref[0]+", got ", actual[0])
118 | 		return
119 | 	}
120 | 
121 | 	if actual[1] != ref[1] {
122 | 		t.Fatal("Expected "+ref[1]+", got ", actual[1])
123 | 		return
124 | 	}
125 | 
126 | 	if actual[2] != ref[2] {
127 | 		t.Fatal("Expected "+ref[2]+", got ", actual[2])
128 | 		return
129 | 	}
130 | 
131 | 	if actual[3] != ref[3] {
132 | 		t.Fatal("Expected "+ref[3]+", got ", actual[3])
133 | 		return
134 | 	}
135 | 
136 | 	if actual[4] != ref[4] {
137 | 		t.Fatal("Expected "+ref[4]+", got ", actual[4])
138 | 		return
139 | 	}
140 | }
141 | 
142 | func TestSession_ApplyJa3(t *testing.T) {
143 | 	session := azuretls.NewSession()
144 | 
145 | 	ja3Origin := "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,23-13-10-11-17613-43-45-35-65037-5-51-65281-16-18-0-27-21,29-23-24,0"
146 | 
147 | 	if err := session.ApplyJa3(ja3Origin, azuretls.Chrome); err != nil {
148 | 		t.Fatal(err)
149 | 	}
150 | 
151 | 	response, err := session.Get("https://tls.peet.ws/api/all")
152 | 
153 | 	if err != nil {
154 | 		t.Fatal(err)
155 | 	}
156 | 
157 | 	if response.StatusCode != 200 {
158 | 		t.Fatal("Expected 200")
159 | 	}
160 | 
161 | 	var loaded map[string]any
162 | 	if err = response.JSON(&loaded); err != nil {
163 | 		t.Fatal(err)
164 | 	}
165 | 
166 | 	ja3 := loaded["tls"].(map[string]any)["ja3"].(string)
167 | 	split := strings.Split(ja3, ",")
168 | 	splitOrigin := strings.Split(ja3Origin, ",")
169 | 
170 | 	if len(split) != 5 {
171 | 		t.Fatal("Expected 4 parts, got ", len(split))
172 | 	}
173 | 
174 | 	if split[0] != splitOrigin[0] {
175 | 		t.Fatal("Expected "+splitOrigin[0]+", got ", split[0])
176 | 	}
177 | 
178 | 	if split[1] != splitOrigin[1] {
179 | 		t.Fatal("Expected "+splitOrigin[1]+", got ", split[1])
180 | 	}
181 | 
182 | 	if split[2] != splitOrigin[2] && strings.TrimSuffix(splitOrigin[2], "-21") != split[2] {
183 | 		t.Fatal("Expected "+splitOrigin[2]+", got ", split[2])
184 | 	}
185 | 
186 | 	if split[3] != splitOrigin[3] {
187 | 		t.Fatal("Expected "+splitOrigin[3]+", got ", split[3])
188 | 	}
189 | 
190 | 	if split[4] != splitOrigin[4] {
191 | 		t.Fatal("Expected "+splitOrigin[4]+", got ", split[4])
192 | 	}
193 | }
194 | 
195 | func applyWrongJA3(t *testing.T, s *azuretls.Session, ja3 string, navigator string) {
196 | 	if err := s.ApplyJa3(ja3, navigator); err == nil {
197 | 		t.Fatal("Expected error on ja3: " + ja3 + " with navigator: " + navigator)
198 | 	}
199 | }
200 | 
201 | func TestSession_ApplyJa32(t *testing.T) {
202 | 	session := azuretls.NewSession()
203 | 	applyWrongJA3(t, session, "70,0,0,0,0,0", azuretls.Chrome)
204 | 	applyWrongJA3(t, session, ",4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0", azuretls.Chrome)
205 | 	applyWrongJA3(t, session, "771,,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0", azuretls.Chrome)
206 | 	applyWrongJA3(t, session, "a-771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0", azuretls.Safari)
207 | 	applyWrongJA3(t, session, "771,a-4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0", azuretls.Safari)
208 | 	applyWrongJA3(t, session, "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,a-45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,0", azuretls.Safari)
209 | 	applyWrongJA3(t, session, "771,a-4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,a-29-23-24,0", azuretls.Safari)
210 | 	applyWrongJA3(t, session, "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,45-13-43-0-16-65281-51-18-11-27-35-23-10-5-17613-21,29-23-24,a-0", azuretls.Safari)
211 | 
212 | 	if err := session.ApplyJa3("771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,,29-23-24,0", azuretls.Firefox); err != nil {
213 | 		t.Fatal(err)
214 | 	}
215 | 
216 | 	if err := session.ApplyJa3("771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,,,0", azuretls.Firefox); err != nil {
217 | 		t.Fatal(err)
218 | 	}
219 | 
220 | 	if err := session.ApplyJa3("771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,,,", azuretls.Firefox); err != nil {
221 | 		t.Fatal(err)
222 | 	}
223 | }
224 | 
225 | func TestECH(t *testing.T) {
226 | 	session := azuretls.NewSession()
227 | 
228 | 	if err := session.ApplyJa3("771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,65037-45-13-18-35-23-5-65281-27-10-16-11-43-51-17613-0-21,29-23-24,0", azuretls.Chrome); err != nil {
229 | 		t.Fatal(err)
230 | 	}
231 | 
232 | 	response, err := session.Get("https://tls.peet.ws/api/all")
233 | 
234 | 	if err != nil {
235 | 		t.Fatal(err)
236 | 	}
237 | 
238 | 	if response.StatusCode != 200 {
239 | 		t.Fatal("Expected 200")
240 | 		return
241 | 	}
242 | }
243 | 
244 | func TestJa3(t *testing.T) {
245 | 	session := azuretls.NewSession()
246 | 	defer session.Close()
247 | 
248 | 	err := session.ApplyJa3("771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-34-51-43-13-45-28-65037,29-23-24-25-256-257,0", azuretls.Firefox)
249 | 	if err != nil {
250 | 		log.Fatal(err)
251 | 		return
252 | 	}
253 | 
254 | 	err = session.ApplyHTTP2("1:65536,4:131072,5:16384|12517377|3:0:0:201,5:0:0:101,7:0:0:1,9:0:7:1,11:0:3:1,13:0:0:241|m,p,a,s")
255 | 	if err != nil {
256 | 		log.Fatal(err)
257 | 		return
258 | 	}
259 | 
260 | 	response, err := session.Get("https://www.cloudflare.com/cdn-cgi/trace")
261 | 
262 | 	if err != nil {
263 | 		t.Fatal(err)
264 | 	}
265 | 
266 | 	if response.StatusCode != 200 {
267 | 		t.Fatal("Expected 200")
268 | 	}
269 | }
270 | 
271 | func test(wg *sync.WaitGroup) {
272 | 	defer wg.Done()
273 | 	for i := 0; i < 1e3; i++ {
274 | 		azuretls.GetLastChromeVersion()
275 | 	}
276 | }
277 | 
278 | func TestGetLastChromeVersion(t *testing.T) {
279 | 	var (
280 | 		wg = new(sync.WaitGroup)
281 | 	)
282 | 
283 | 	for i := 0; i < 1e3; i++ {
284 | 		wg.Add(1)
285 | 		go test(wg)
286 | 	}
287 | 
288 | 	wg.Wait()
289 | }
290 | 
291 | func TestGetMondialRelay(t *testing.T) {
292 | 	t.SkipNow()
293 | 
294 | 	session := azuretls.NewSession()
295 | 	defer session.Close()
296 | 
297 | 	if err := session.SetProxy(os.Getenv("NON_SECURE_PROXY")); err != nil {
298 | 		t.Fatal(err)
299 | 	}
300 | 
301 | 	resp, err := session.Get("https://www.mondialrelay.fr/suivi-de-colis/")
302 | 
303 | 	if err != nil {
304 | 		t.Fatal(err)
305 | 	}
306 | 
307 | 	if resp.StatusCode != 200 {
308 | 		t.Fatal("Expected 200")
309 | 	}
310 | }
311 | 
312 | func TestFirefoxProfile(t *testing.T) {
313 | 	session := azuretls.NewSession()
314 | 
315 | 	response, err := session.Get("https://tls.peet.ws/api/all")
316 | 
317 | 	if err != nil {
318 | 		t.Fatal(err)
319 | 	}
320 | 
321 | 	var loaded map[string]any
322 | 	if err = response.JSON(&loaded); err != nil {
323 | 		t.Fatal(err)
324 | 	}
325 | 
326 | 	hash := loaded["tls"].(map[string]any)["peetprint_hash"].(string)
327 | 
328 | 	if hash == "" {
329 | 		t.Fatal("Expected hash")
330 | 	}
331 | 
332 | 	session.Close()
333 | 
334 | 	session = azuretls.NewSession()
335 | 	session.Browser = azuretls.Firefox
336 | 
337 | 	response, err = session.Get("https://tls.peet.ws/api/all")
338 | 
339 | 	if err != nil {
340 | 		t.Fatal(err)
341 | 	}
342 | 
343 | 	if err = response.JSON(&loaded); err != nil {
344 | 		t.Fatal(err)
345 | 	}
346 | 
347 | 	fHash := loaded["tls"].(map[string]any)["peetprint_hash"].(string)
348 | 
349 | 	if fHash == "" {
350 | 		t.Fatal("Expected hash")
351 | 	}
352 | 
353 | 	if fHash == hash {
354 | 		t.Fatal("Expected different hashes")
355 | 	}
356 | }
357 | 
358 | func TestIosProfile(t *testing.T) {
359 | 	session := azuretls.NewSession()
360 | 
361 | 	response, err := session.Get("https://tls.peet.ws/api/all")
362 | 
363 | 	if err != nil {
364 | 		t.Fatal(err)
365 | 	}
366 | 
367 | 	var loaded map[string]any
368 | 	if err = response.JSON(&loaded); err != nil {
369 | 		t.Fatal(err)
370 | 	}
371 | 
372 | 	hash := loaded["tls"].(map[string]any)["peetprint_hash"].(string)
373 | 
374 | 	if hash == "" {
375 | 		t.Fatal("Expected hash")
376 | 	}
377 | 
378 | 	session.Close()
379 | 
380 | 	session = azuretls.NewSession()
381 | 	session.Browser = azuretls.Ios
382 | 
383 | 	response, err = session.Get("https://tls.peet.ws/api/all")
384 | 
385 | 	if err != nil {
386 | 		t.Fatal(err)
387 | 	}
388 | 
389 | 	if err = response.JSON(&loaded); err != nil {
390 | 		t.Fatal(err)
391 | 	}
392 | 
393 | 	fHash := loaded["tls"].(map[string]any)["peetprint_hash"].(string)
394 | 
395 | 	if fHash == "" {
396 | 		t.Fatal("Expected hash")
397 | 	}
398 | 
399 | 	if fHash == hash {
400 | 		t.Fatal("Expected different hashes")
401 | 	}
402 | }
403 | 
404 | func TestGetApplyJa3WithoutSpecifications(t *testing.T) {
405 | 	session := azuretls.NewSession()
406 | 	defer session.Close()
407 | 
408 | 	err := session.ApplyJa3WithSpecifications("771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-34-51-43-13-45-28-65037,29-23-24-25-256-257,0", &azuretls.TlsSpecifications{}, azuretls.Firefox)
409 | 	if err != nil {
410 | 		log.Fatal(err)
411 | 		return
412 | 	}
413 | 
414 | 	err = session.ApplyJa3WithSpecifications("771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-34-51-43-13-45-28-65037,29-23-24-25-256-257,0", &azuretls.TlsSpecifications{}, azuretls.Chrome)
415 | 	if err != nil {
416 | 		log.Fatal(err)
417 | 		return
418 | 	}
419 | }
420 | 
421 | func TestGetApplyJa3WithMLKEM(t *testing.T) {
422 | 	session := azuretls.NewSession()
423 | 	defer session.Close()
424 | 
425 | 	if err := session.ApplyJa3("771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,27-45-11-5-13-0-17613-65281-10-23-18-16-65037-43-35-51,4588-29-23-24,0", azuretls.Chrome); err != nil {
426 | 		panic(err)
427 | 	}
428 | 
429 | 	response, err := session.Get("https://www.google.com/")
430 | 
431 | 	if err != nil {
432 | 		panic(err)
433 | 	}
434 | 
435 | 	if response.StatusCode != 200 {
436 | 		panic(err)
437 | 	}
438 | }
439 | 


--------------------------------------------------------------------------------
/test/pinner_test.go:
--------------------------------------------------------------------------------
 1 | package azuretls_test
 2 | 
 3 | import (
 4 | 	"github.com/Noooste/azuretls-client"
 5 | 	"net/url"
 6 | 	"strings"
 7 | 	"testing"
 8 | )
 9 | 
10 | func TestPins(t *testing.T) {
11 | 	session := azuretls.NewSession()
12 | 
13 | 	_, err := session.Get("https://example.com")
14 | 
15 | 	if err != nil {
16 | 		t.Fatal(err)
17 | 	}
18 | }
19 | 
20 | func TestSession_AddPins2(t *testing.T) {
21 | 	session := azuretls.NewSession()
22 | 	session.PinManager = azuretls.NewPinManager() // use a specific one to test pinning
23 | 
24 | 	if err := session.AddPins(&url.URL{
25 | 		Scheme: "https",
26 | 		Host:   "example.com",
27 | 	}, []string{
28 | 		"not a good pin here",
29 | 	}); err != nil {
30 | 		t.Fatal("TestPins failed, expected: error, got: ", err)
31 | 	}
32 | 
33 | 	_, err := session.Get("https://example.com")
34 | 
35 | 	if err != nil && !strings.Contains(err.Error(), "pin verification failed") {
36 | 		t.Fatal("TestPins failed, expected: pin verification failed, got: ", err)
37 | 	} else if err == nil {
38 | 		t.Fatal("TestPins failed, expected: pin verification failed, got: ", err)
39 | 	}
40 | }
41 | 
42 | func TestSession_ClearPins(t *testing.T) {
43 | 	session := azuretls.NewSession()
44 | 
45 | 	if err := session.AddPins(&url.URL{
46 | 		Scheme: "https",
47 | 		Host:   "example.com",
48 | 	}, []string{
49 | 		"RQeZkB42znUfsDIIFWIRiYEcKl7nHwNFwWCrnMMJbVc=",
50 | 		"Xs+pjRp23QkmXeH31KEAjM1aWvxpHT6vYy+q2ltqtaM=",
51 | 	}); err != nil {
52 | 		t.Fatal("TestPins failed, expected: nothing wrong, got: ", err)
53 | 	}
54 | 
55 | 	if err := session.ClearPins(&url.URL{
56 | 		Scheme: "https",
57 | 		Host:   "example.com",
58 | 	}); err != nil {
59 | 		t.Fatal("TestPins failed, expected: nothing wrong, got: ", err)
60 | 	}
61 | 
62 | 	_, err := session.Get("https://example.com")
63 | 
64 | 	if err != nil {
65 | 		t.Fatal("TestPins failed, expected: nothing wrong, got: ", err)
66 | 	}
67 | }
68 | 


--------------------------------------------------------------------------------
/test/proxy_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/azuretls-client"
  5 | 	http "github.com/Noooste/fhttp"
  6 | 	"os"
  7 | 	"testing"
  8 | )
  9 | 
 10 | func testAssignProxy(t *testing.T, proxy string) {
 11 | 	s := azuretls.NewSession()
 12 | 	defer s.Close()
 13 | 
 14 | 	err := s.SetProxy(proxy)
 15 | 
 16 | 	if err != nil {
 17 | 		t.Fatal("TestProxyDialer failed with ", proxy, ", expected: ", nil, ", got: ", err)
 18 | 		return
 19 | 	}
 20 | }
 21 | 
 22 | func TestGoodProxyFormat(t *testing.T) {
 23 | 	testAssignProxy(t, "http://username:password@aaaaa:9999")
 24 | 	testAssignProxy(t, "http://username:password@aaaaa")
 25 | 	testAssignProxy(t, "http://aaaaa:9999")
 26 | 	testAssignProxy(t, "http://aaaaa")
 27 | 	testAssignProxy(t, "https://aaaaa")
 28 | 	testAssignProxy(t, "socks5://aaaaa:9999")
 29 | 	testAssignProxy(t, "socks5://aaaaa")
 30 | 	testAssignProxy(t, "socks5h://aaaaa:9999")
 31 | 	testAssignProxy(t, "socks5h://aaaaa")
 32 | 	testAssignProxy(t, "aaaaa")
 33 | }
 34 | 
 35 | func testAssignBadProxy(t *testing.T, proxy string) {
 36 | 	s := azuretls.NewSession()
 37 | 	defer s.Close()
 38 | 
 39 | 	err := s.SetProxy(proxy)
 40 | 
 41 | 	if err == nil {
 42 | 		t.Fatal("TestProxyDialer failed with ", proxy, ", expected: ", "error", ", got: ", nil)
 43 | 		return
 44 | 	}
 45 | }
 46 | 
 47 | func TestBadProxyFormat(t *testing.T) {
 48 | 	testAssignBadProxy(t, "unsupported-scheme://username")
 49 | 	testAssignBadProxy(t, "://,")
 50 | 	testAssignBadProxy(t, "http://only_username@aaaaa:9999:9999")
 51 | 	testAssignBadProxy(t, "")
 52 | }
 53 | 
 54 | func TestHTTPProxy(t *testing.T) {
 55 | 	t.SkipNow()
 56 | 	session := azuretls.NewSession()
 57 | 	defer session.Close()
 58 | 
 59 | 	ip, err := session.Ip()
 60 | 
 61 | 	if err != nil {
 62 | 		t.Fatal(err)
 63 | 	}
 64 | 
 65 | 	if os.Getenv("NON_SECURE_PROXY") == "" {
 66 | 		t.Skip("NON_SECURE_PROXY is not set")
 67 | 	}
 68 | 
 69 | 	if err = session.SetProxy(os.Getenv("NON_SECURE_PROXY")); err != nil {
 70 | 		t.Fatal(err)
 71 | 	}
 72 | 
 73 | 	session.ProxyHeader = http.Header{
 74 | 		"User-Agent":        []string{"Mozilla/5.0"},
 75 | 		http.HeaderOrderKey: []string{"User-Agent"},
 76 | 	}
 77 | 
 78 | 	ipAfter, err := session.Ip()
 79 | 
 80 | 	if err != nil {
 81 | 		t.Fatal(err)
 82 | 	}
 83 | 
 84 | 	if ip == ipAfter {
 85 | 		t.Fatal("Proxy is not working")
 86 | 	}
 87 | }
 88 | 
 89 | func TestHTTPSProxy(t *testing.T) {
 90 | 	t.SkipNow()
 91 | 	session := azuretls.NewSession()
 92 | 	defer session.Close()
 93 | 
 94 | 	ip, err := session.Ip()
 95 | 
 96 | 	if err != nil {
 97 | 		t.Fatal(err)
 98 | 	}
 99 | 
100 | 	if os.Getenv("SECURE_PROXY") == "" {
101 | 		t.Skip("SECURE_PROXY is not set")
102 | 	}
103 | 
104 | 	if err = session.SetProxy(os.Getenv("SECURE_PROXY")); err != nil {
105 | 		t.Fatal(err)
106 | 	}
107 | 
108 | 	session.ProxyHeader = http.Header{
109 | 		"User-Agent": []string{"Mozilla/5.0"},
110 | 	}
111 | 
112 | 	ipAfter, err := session.Ip()
113 | 
114 | 	if err != nil {
115 | 		t.Fatal(err)
116 | 	}
117 | 
118 | 	if ip == ipAfter {
119 | 		t.Fatal("Proxy is not working")
120 | 	}
121 | }
122 | 
123 | func TestSOCKSProxy(t *testing.T) {
124 | 	t.SkipNow()
125 | 
126 | 	session := azuretls.NewSession()
127 | 	defer session.Close()
128 | 
129 | 	ip, err := session.Ip()
130 | 
131 | 	if err != nil {
132 | 		t.Fatal(err)
133 | 	}
134 | 
135 | 	if os.Getenv("SOCKS5_PROXY") == "" {
136 | 		t.Skip("SOCKS5_PROXY is not set")
137 | 	}
138 | 
139 | 	if err = session.SetProxy(os.Getenv("SOCKS5_PROXY")); err != nil {
140 | 		t.Fatal(err)
141 | 	}
142 | 
143 | 	session.ProxyHeader = http.Header{
144 | 		"User-Agent": []string{"Mozilla/5.0"},
145 | 	}
146 | 
147 | 	ipAfter, err := session.Ip()
148 | 
149 | 	if err != nil {
150 | 		t.Fatal(err)
151 | 	}
152 | 
153 | 	if ip == ipAfter {
154 | 		t.Fatal("Proxy is not working")
155 | 	}
156 | }
157 | 


--------------------------------------------------------------------------------
/test/redirect_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/azuretls-client"
  5 | 	http "github.com/Noooste/fhttp"
  6 | 	"net/url"
  7 | 	"strings"
  8 | 	"testing"
  9 | )
 10 | 
 11 | func TestRedirect(t *testing.T) {
 12 | 	session := azuretls.NewSession()
 13 | 
 14 | 	response, err := session.Get("https://httpbin.org/redirect/1")
 15 | 
 16 | 	if err != nil {
 17 | 		t.Fatal(err)
 18 | 	}
 19 | 
 20 | 	if response.StatusCode != 200 {
 21 | 		t.Fatal("TestRedirect failed, expected: 200, got: ", response.StatusCode)
 22 | 	}
 23 | 
 24 | 	if response.Url != "https://httpbin.org/get" {
 25 | 		t.Fatal("TestRedirect failed, expected: https://httpbin.org/get, got: ", response.Url)
 26 | 	}
 27 | }
 28 | 
 29 | func TestRedirect2_307(t *testing.T) {
 30 | 	session := azuretls.NewSession()
 31 | 
 32 | 	response, err := session.Get("https://httpbin.org/status/307")
 33 | 
 34 | 	if err != nil {
 35 | 		t.Fatal(err)
 36 | 	}
 37 | 
 38 | 	if response.StatusCode != 200 {
 39 | 		t.Fatal("TestRedirect2_307 failed, expected: 200, got: ", response.StatusCode)
 40 | 	}
 41 | 
 42 | 	if response.Url != "https://httpbin.org/get" {
 43 | 		t.Fatal("TestRedirect2_307 failed, expected: https://httpbin.org/get, got: ", response.Url)
 44 | 	}
 45 | }
 46 | 
 47 | func TestRedirect2(t *testing.T) {
 48 | 	resp := &azuretls.Response{
 49 | 		StatusCode: http.StatusPermanentRedirect,
 50 | 		Header:     make(http.Header),
 51 | 	}
 52 | 
 53 | 	_, shouldRedirect, _ := azuretls.RedirectBehavior(http.MethodGet, resp, &azuretls.Request{})
 54 | 
 55 | 	if shouldRedirect {
 56 | 		t.Fatal("TestRedirect2 failed, expected no redirection")
 57 | 	}
 58 | 
 59 | 	resp.Header.Set("Location", "something")
 60 | 	_, shouldRedirect, _ = azuretls.RedirectBehavior(http.MethodGet, resp, &azuretls.Request{
 61 | 		ContentLength: 1,
 62 | 	})
 63 | 
 64 | 	if shouldRedirect {
 65 | 		t.Fatal("TestRedirect2 failed, expected no redirection")
 66 | 	}
 67 | 
 68 | 	resp.StatusCode = http.StatusFound
 69 | 	m, _, _ := azuretls.RedirectBehavior(http.MethodPost, resp, &azuretls.Request{})
 70 | 
 71 | 	if m != http.MethodGet {
 72 | 		t.Fatal("TestRedirect2 failed, expected no redirection")
 73 | 	}
 74 | 
 75 | 	if v := azuretls.RefererForURL(&url.URL{Host: "example.com", Scheme: azuretls.SchemeHttps}, &url.URL{Host: "example.com", Scheme: azuretls.SchemeHttp}); v != "" {
 76 | 		t.Fatal("TestRedirect2 failed, expected no referer, got", v)
 77 | 	}
 78 | 
 79 | 	if v := azuretls.RefererForURL(&url.URL{User: &url.Userinfo{}, Host: "example.com", Scheme: azuretls.SchemeHttps}, &url.URL{Host: "example.com", Scheme: azuretls.SchemeHttp}); strings.Contains(v, "@") {
 80 | 		t.Fatal("TestRedirect2 failed, expected referer without @, got", v)
 81 | 	}
 82 | }
 83 | 
 84 | func TestRedirectWithCheckRedirect(t *testing.T) {
 85 | 	session := azuretls.NewSession()
 86 | 	defer session.Close()
 87 | 
 88 | 	session.CheckRedirect = func(req *azuretls.Request, via []*azuretls.Request) error {
 89 | 		if req.Response == nil {
 90 | 			t.Error("expected non-nil Request.Response")
 91 | 		}
 92 | 
 93 | 		return azuretls.ErrUseLastResponse
 94 | 	}
 95 | 
 96 | 	response, err := session.Get("https://httpbin.org/redirect/1")
 97 | 
 98 | 	if err != nil {
 99 | 		t.Fatal(err)
100 | 	}
101 | 
102 | 	if response.StatusCode != 302 {
103 | 		t.Fatal("TestRedirectWithCheckRedirect failed, expected: 200, got: ", response.StatusCode)
104 | 	}
105 | }
106 | 


--------------------------------------------------------------------------------
/test/request_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"context"
  6 | 	"errors"
  7 | 	"fmt"
  8 | 	"github.com/Noooste/azuretls-client"
  9 | 	http "github.com/Noooste/fhttp"
 10 | 	"net/url"
 11 | 	"strings"
 12 | 	"testing"
 13 | 	"time"
 14 | )
 15 | 
 16 | func TestRequest_SetContext(t *testing.T) {
 17 | 	session := azuretls.NewSession()
 18 | 
 19 | 	req := &azuretls.Request{
 20 | 		Method: http.MethodGet,
 21 | 		Url:    "https://httpbin.org/delay/5",
 22 | 	}
 23 | 
 24 | 	ctx := context.Background()
 25 | 
 26 | 	var cancel context.CancelFunc
 27 | 	ctx, cancel = context.WithTimeout(ctx, 1*time.Second)
 28 | 	defer cancel()
 29 | 
 30 | 	req.SetContext(ctx)
 31 | 
 32 | 	_, err := session.Do(req)
 33 | 
 34 | 	if err == nil || err.Error() != "timeout" {
 35 | 		t.Fatal("TestSession_SetTimeout failed, expected: timeout, got: ", err)
 36 | 		return
 37 | 	}
 38 | 
 39 | }
 40 | 
 41 | func TestRequest_NoCookies(t *testing.T) {
 42 | 	session := azuretls.NewSession()
 43 | 
 44 | 	session.CookieJar.SetCookies(&url.URL{
 45 | 		Scheme: "https",
 46 | 		Host:   "httpbin.org",
 47 | 	}, []*http.Cookie{
 48 | 		{
 49 | 			Name:  "test",
 50 | 			Value: "test",
 51 | 		},
 52 | 	})
 53 | 
 54 | 	req := &azuretls.Request{
 55 | 		Method:   http.MethodGet,
 56 | 		Url:      "https://httpbin.org/cookies",
 57 | 		NoCookie: true,
 58 | 	}
 59 | 
 60 | 	resp, err := session.Do(req)
 61 | 
 62 | 	if err != nil {
 63 | 		t.Fatal("TestRequest_NoCookies failed, expected: nil, got: ", err)
 64 | 		return
 65 | 	}
 66 | 
 67 | 	if resp.StatusCode != http.StatusOK {
 68 | 		t.Fatal("TestRequest_NoCookies failed, expected: 200, got: ", resp.StatusCode)
 69 | 		return
 70 | 	}
 71 | 
 72 | 	if strings.Contains(string(resp.Body), "test") {
 73 | 		t.Fatal("TestRequest_NoCookies failed, expected: false, got: true")
 74 | 		return
 75 | 	}
 76 | }
 77 | 
 78 | func TestRequest_TooManyRedirects(t *testing.T) {
 79 | 	session := azuretls.NewSession()
 80 | 
 81 | 	req := &azuretls.Request{
 82 | 		Method:       http.MethodGet,
 83 | 		Url:          "https://httpbin.org/redirect/5",
 84 | 		MaxRedirects: 1,
 85 | 	}
 86 | 
 87 | 	resp, err := session.Do(req)
 88 | 
 89 | 	if err == nil || !errors.Is(err, azuretls.ErrTooManyRedirects) {
 90 | 		t.Fatal("TestSession_TooManyRedirects failed, expected: too many Redirects, got: ", err)
 91 | 		return
 92 | 	}
 93 | 
 94 | 	if resp != nil {
 95 | 		t.Fatal("TestSession_TooManyRedirects failed, expected: nil, got: ", resp)
 96 | 		return
 97 | 	}
 98 | }
 99 | 
100 | func TestRequestBody(t *testing.T) {
101 | 	m := []any{
102 | 		"test",
103 | 		[]byte("test"),
104 | 		strings.NewReader("test"),
105 | 		bytes.NewBufferString("test"),
106 | 		map[string]string{
107 | 			"test": "test",
108 | 		},
109 | 		&map[string]string{
110 | 			"test": "test",
111 | 		},
112 | 		[]string{"test", "test"},
113 | 		&[]string{"test", "test"},
114 | 	}
115 | 
116 | 	for _, v := range m {
117 | 		req := &azuretls.Request{
118 | 			Method: http.MethodPost,
119 | 			Url:    "https://httpbin.org/post",
120 | 			Body:   v,
121 | 		}
122 | 
123 | 		resp, err := azuretls.NewSession().Do(req)
124 | 
125 | 		if err != nil {
126 | 			t.Fatal("TestRequestBody failed, expected: nil, got: ", err)
127 | 			return
128 | 		}
129 | 
130 | 		if resp.StatusCode != http.StatusOK {
131 | 			t.Fatal("TestRequestBody failed, expected: 200, got: ", resp.StatusCode)
132 | 			return
133 | 		}
134 | 
135 | 		if !strings.Contains(string(resp.Body), "test") {
136 | 			t.Fatal("TestRequestBody failed, expected: true, got: false")
137 | 			return
138 | 		}
139 | 	}
140 | }
141 | 
142 | func TestRequest_BadBody(t *testing.T) {
143 | 	req := &azuretls.Request{
144 | 		Method: http.MethodPost,
145 | 		Url:    "https://httpbin.org/post",
146 | 		Body:   make(chan int),
147 | 	}
148 | 
149 | 	resp, err := azuretls.NewSession().Do(req)
150 | 
151 | 	if err == nil || err.Error() != "unsupported body type : chan" {
152 | 		t.Fatal("TestRequest_BadBody failed, expected: invalid body, got:", err)
153 | 		return
154 | 	}
155 | 
156 | 	if resp != nil {
157 | 		t.Fatal("TestRequest_BadBody failed, expected: nil, got: ", resp)
158 | 		return
159 | 	}
160 | }
161 | 
162 | func TestRequest_NoCookies2(t *testing.T) {
163 | 	session := azuretls.NewSession()
164 | 
165 | 	session.CookieJar.SetCookies(&url.URL{
166 | 		Scheme: "https",
167 | 		Host:   "httpbin.org",
168 | 	}, []*http.Cookie{
169 | 		{
170 | 			Name:  "test",
171 | 			Value: "test",
172 | 		},
173 | 	})
174 | 
175 | 	req := &azuretls.Request{
176 | 		Method:   http.MethodGet,
177 | 		Url:      "https://httpbin.org/cookies",
178 | 		NoCookie: true,
179 | 	}
180 | 
181 | 	resp, err := session.Do(req)
182 | 
183 | 	if err != nil {
184 | 		t.Fatal("TestRequest_NoCookies2 failed, expected: nil, got: ", err)
185 | 		return
186 | 	}
187 | 
188 | 	if resp.StatusCode != http.StatusOK {
189 | 		t.Fatal("TestRequest_NoCookies2 failed, expected: 200, got: ", resp.StatusCode)
190 | 		return
191 | 	}
192 | 
193 | 	if strings.Contains(string(resp.Body), "test") {
194 | 		t.Fatal("TestRequest_NoCookies2 failed, expected: false, got: true")
195 | 		return
196 | 	}
197 | }
198 | 
199 | func TestRequest_InsecureSkipVerify(t *testing.T) {
200 | 	session := azuretls.NewSession()
201 | 
202 | 	// commenting out this line will make the code work
203 | 	session.InsecureSkipVerify = true
204 | 
205 | 	response, err := session.Get("https://www.google.com")
206 | 	if err != nil {
207 | 		panic(err)
208 | 	}
209 | 	fmt.Println(response.StatusCode)
210 | 	response, err = session.Get("https://www.google.com")
211 | 	if err != nil {
212 | 		panic(err)
213 | 	}
214 | 	fmt.Println(response.StatusCode)
215 | }
216 | 
217 | func TestHTTP1Request(t *testing.T) {
218 | 	session := azuretls.NewSession()
219 | 
220 | 	req := &azuretls.Request{
221 | 		Method:     http.MethodGet,
222 | 		Url:        "https://tls.peet.ws/api/all",
223 | 		ForceHTTP1: true,
224 | 	}
225 | 
226 | 	resp, err := session.Do(req)
227 | 
228 | 	if err != nil {
229 | 		t.Fatal("TestHTTP1Request failed, expected: nil, got: ", err)
230 | 		return
231 | 	}
232 | 
233 | 	if resp.StatusCode != http.StatusOK {
234 | 		t.Fatal("TestHTTP1Request failed, expected: 200, got: ", resp.StatusCode)
235 | 		return
236 | 	}
237 | }
238 | 
239 | func TestRequestNoDuplicateContentLength(t *testing.T) {
240 | 	session := azuretls.NewSession()
241 | 
242 | 	req := &azuretls.Request{
243 | 		Method: http.MethodPost,
244 | 		Url:    "https://httpbin.org/post",
245 | 		Body:   "test",
246 | 		OrderedHeaders: azuretls.OrderedHeaders{
247 | 			{"content-length", "4"},
248 | 		},
249 | 	}
250 | 
251 | 	resp, err := session.Do(req)
252 | 
253 | 	if err != nil {
254 | 		t.Fatal("TestRequestNoDuplicateContentLength failed, expected: nil, got: ", err)
255 | 		return
256 | 	}
257 | 
258 | 	if resp.StatusCode != http.StatusOK {
259 | 		t.Fatal("TestRequestNoDuplicateContentLength failed, expected: 200, got: ", resp.StatusCode)
260 | 		return
261 | 	}
262 | 
263 | 	if !strings.Contains(string(resp.Body), "test") {
264 | 		t.Fatal("TestRequestNoDuplicateContentLength failed, expected: true, got: false")
265 | 		return
266 | 	}
267 | 
268 | 	fmt.Println(resp.String())
269 | }
270 | 
271 | func TestRequestDuplicateHeaders(t *testing.T) {
272 | 	s := azuretls.NewSession()
273 | 	defer s.Close()
274 | 
275 | 	s.Browser = azuretls.Chrome
276 | 	header := map[string][]string{
277 | 		"User-Agent": {"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36"},
278 | 	}
279 | 	for range 5 {
280 | 		time.Sleep(1 * time.Second)
281 | 		_, err := s.Do(&azuretls.Request{
282 | 			Method:  http.MethodPost,
283 | 			Url:     "https://www.twayair.com",
284 | 			Header:  header,
285 | 			Body:    "hello",
286 | 			TimeOut: 3 * time.Second,
287 | 		})
288 | 		if err != nil {
289 | 			panic(err)
290 | 		}
291 | 	}
292 | }
293 | 


--------------------------------------------------------------------------------
/test/response_test.go:
--------------------------------------------------------------------------------
 1 | package azuretls_test
 2 | 
 3 | import (
 4 | 	"github.com/Noooste/azuretls-client"
 5 | 	http "github.com/Noooste/fhttp"
 6 | 	"io"
 7 | 	"testing"
 8 | )
 9 | 
10 | func TestResponse_CloseBody(t *testing.T) {
11 | 	session := azuretls.NewSession()
12 | 
13 | 	response, err := session.Do(&azuretls.Request{
14 | 		Method:     http.MethodGet,
15 | 		Url:        "https://tls.peet.ws/api/all",
16 | 		IgnoreBody: true,
17 | 	})
18 | 
19 | 	if err != nil {
20 | 		t.Fatal(err)
21 | 	}
22 | 
23 | 	if _, err = io.ReadAll(response.RawBody); err != nil {
24 | 		t.Fatal("TestResponse_ReadAll failed, expected: nil, got: ", err)
25 | 	}
26 | 
27 | 	if err = response.CloseBody(); err != nil {
28 | 		t.Fatal("TestResponse_CloseBody failed, expected: nil, got: ", err)
29 | 	}
30 | }
31 | 
32 | func TestResponse_Load(t *testing.T) {
33 | 	session := azuretls.NewSession()
34 | 	defer session.Close()
35 | 
36 | 	var response, err = session.Do(&azuretls.Request{
37 | 		Method:     http.MethodGet,
38 | 		Url:        "https://tls.peet.ws/api/all",
39 | 		IgnoreBody: true,
40 | 	})
41 | 
42 | 	if err != nil {
43 | 		t.Fatal(err)
44 | 	}
45 | 
46 | 	var loaded map[string]any
47 | 
48 | 	session = azuretls.NewSession()
49 | 	defer session.Close()
50 | 
51 | 	if err = response.JSON(&loaded); err == nil {
52 | 		t.Fatal("TestResponse_Load failed, expected: err, got: ", nil)
53 | 	}
54 | 
55 | 	response, err = session.Get("https://tls.peet.ws/api/all")
56 | 
57 | 	if err != nil {
58 | 		t.Fatal(err)
59 | 	}
60 | 
61 | 	if err = response.JSON(&loaded); err != nil {
62 | 		t.Fatal("TestResponse_Load failed, expected: nil, got: ", err)
63 | 	}
64 | }
65 | 


--------------------------------------------------------------------------------
/test/utils_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"github.com/Noooste/azuretls-client"
  6 | 	"strings"
  7 | 	"testing"
  8 | )
  9 | 
 10 | func TestToBytes(t *testing.T) {
 11 | 	var testString = "test"
 12 | 	var testBytes = []byte(testString)
 13 | 
 14 | 	if !bytes.Equal(azuretls.ToBytes(testString), testBytes) {
 15 | 		t.Fatal("TestToBytes failed, expected: ", testBytes, ", got: ", azuretls.ToBytes(testString))
 16 | 	}
 17 | 
 18 | 	buf := new(bytes.Buffer)
 19 | 	buf.Write(testBytes)
 20 | 	got := azuretls.ToBytes(buf)
 21 | 	if !bytes.Equal(got, testBytes) {
 22 | 		t.Fatal("TestToBytes failed, expected: ", string(testBytes), ", got: ", string(got))
 23 | 	}
 24 | 
 25 | 	buf2 := bytes.Buffer{}
 26 | 	buf2.Write(testBytes)
 27 | 	got = azuretls.ToBytes(buf2)
 28 | 	if !bytes.Equal(got, testBytes) {
 29 | 		t.Fatal("TestToBytes failed, expected: ", string(testBytes), ", got: ", string(got))
 30 | 	}
 31 | 
 32 | 	buf3 := new(strings.Builder)
 33 | 	buf3.Write(testBytes)
 34 | 	got = azuretls.ToBytes(buf3)
 35 | 	if !bytes.Equal(got, testBytes) {
 36 | 		t.Fatal("TestToBytes failed, expected: ", string(testBytes), ", got: ", string(got))
 37 | 	}
 38 | 
 39 | 	buf4 := strings.Builder{}
 40 | 	buf4.Write(testBytes)
 41 | 	got = azuretls.ToBytes(buf4)
 42 | 	if !bytes.Equal(got, testBytes) {
 43 | 		t.Fatal("TestToBytes failed, expected: ", string(testBytes), ", got: ", string(got))
 44 | 	}
 45 | 
 46 | 	buf5 := append([]byte{}, testBytes...)
 47 | 	got = azuretls.ToBytes(buf5)
 48 | 	if !bytes.Equal(got, testBytes) {
 49 | 		t.Fatal("TestToBytes failed, expected: ", string(testBytes), ", got: ", string(got))
 50 | 	}
 51 | 
 52 | 	var testInt = 1
 53 | 	var testIntBytes = []byte{49}
 54 | 	if !bytes.Equal(azuretls.ToBytes(testInt), testIntBytes) {
 55 | 		t.Fatal("TestToBytes failed, expected: ", string(testIntBytes), ", got: ", azuretls.ToBytes(testInt))
 56 | 	}
 57 | }
 58 | 
 59 | func TestToReader(t *testing.T) {
 60 | 	var testString = "test"
 61 | 	var testBytes = []byte(testString)
 62 | 
 63 | 	if !bytes.Equal(azuretls.ToBytes(testString), testBytes) {
 64 | 		t.Fatal("TestToReader failed, expected: ", testBytes, ", got: ", azuretls.ToBytes(testString))
 65 | 	}
 66 | 
 67 | 	buf := new(bytes.Buffer)
 68 | 	buf.Write(testBytes)
 69 | 	reader, err := azuretls.ToReader(buf)
 70 | 	if err != nil {
 71 | 		t.Fatal("TestToReader failed")
 72 | 	}
 73 | 
 74 | 	if !bytes.Equal(azuretls.ToBytes(reader), testBytes) {
 75 | 		t.Fatal("TestToReader failed")
 76 | 	}
 77 | 
 78 | 	buf2 := bytes.Buffer{}
 79 | 	buf2.Write(testBytes)
 80 | 	reader, err = azuretls.ToReader(buf2)
 81 | 	if err != nil {
 82 | 		t.Fatal("TestToReader failed")
 83 | 	}
 84 | 
 85 | 	if !bytes.Equal(azuretls.ToBytes(reader), testBytes) {
 86 | 		t.Fatal("TestToReader failed")
 87 | 	}
 88 | 
 89 | 	buf3 := new(strings.Builder)
 90 | 	buf3.Write(testBytes)
 91 | 	reader, err = azuretls.ToReader(buf3)
 92 | 	if err != nil {
 93 | 		t.Fatal("TestToReader failed")
 94 | 	}
 95 | 
 96 | 	if !bytes.Equal(azuretls.ToBytes(reader), testBytes) {
 97 | 		t.Fatal("TestToReader failed")
 98 | 	}
 99 | 
100 | 	buf4 := strings.Builder{}
101 | 	buf4.Write(testBytes)
102 | 	reader, err = azuretls.ToReader(buf4)
103 | 	if err != nil {
104 | 		t.Fatal("TestToReader failed")
105 | 	}
106 | 
107 | 	if !bytes.Equal(azuretls.ToBytes(reader), testBytes) {
108 | 		t.Fatal("TestToReader failed")
109 | 	}
110 | 
111 | 	buf5 := append([]byte{}, testBytes...)
112 | 	reader, err = azuretls.ToReader(buf5)
113 | 	if err != nil {
114 | 		t.Fatal("TestToReader failed")
115 | 	}
116 | 
117 | 	if !bytes.Equal(azuretls.ToBytes(reader), testBytes) {
118 | 		t.Fatal("TestToReader failed")
119 | 	}
120 | }
121 | 
122 | func TestUrlEncode(t *testing.T) {
123 | 	type Foo struct {
124 | 		Bar string `url:"bar"`
125 | 		Baz string `url:"baz"`
126 | 	}
127 | 
128 | 	var f = Foo{
129 | 		Bar: "bar",
130 | 		Baz: "baz baz baz",
131 | 	}
132 | 
133 | 	var testString = "bar=bar&baz=baz+baz+baz"
134 | 	var otherTestString = "baz=baz+baz+baz&bar=bar"
135 | 
136 | 	if azuretls.UrlEncode(f) != testString {
137 | 		t.Fatal("TestUrlEncode failed, expected: ", testString, ", got: ", azuretls.UrlEncode(f))
138 | 	}
139 | 
140 | 	var FooMap = map[string]string{
141 | 		"bar": "bar",
142 | 		"baz": "baz baz baz",
143 | 	}
144 | 
145 | 	encoded := azuretls.UrlEncode(FooMap)
146 | 	if encoded != testString && encoded != otherTestString {
147 | 		t.Fatal("TestUrlEncode failed, expected: ", testString, ", got: ", encoded)
148 | 	}
149 | 
150 | 	var FooString = "baz baz baz baz"
151 | 	if azuretls.UrlEncode(FooString) != "baz+baz+baz+baz" {
152 | 		t.Fatal("TestUrlEncode failed, expected: baz+baz+baz+baz, got: ", azuretls.UrlEncode(FooString))
153 | 	}
154 | }
155 | 
156 | type q struct {
157 | 	A int    `url:"a"`
158 | 	B string `url:"b"`
159 | 	C string `url:"c,omitempty"`
160 | }
161 | 
162 | func TestQuery2(t *testing.T) {
163 | 	dumped := azuretls.UrlEncode(q{
164 | 		A: 1,
165 | 		B: "b",
166 | 	})
167 | 	if dumped != "a=1&b=b" {
168 | 		t.Error("UrlEncode() failed, expected a=1&b=b, got", dumped)
169 | 	}
170 | }
171 | 


--------------------------------------------------------------------------------
/test/verbose_test.go:
--------------------------------------------------------------------------------
  1 | package azuretls_test
  2 | 
  3 | import (
  4 | 	"github.com/Noooste/azuretls-client"
  5 | 	"os"
  6 | 	"testing"
  7 | 	"time"
  8 | )
  9 | 
 10 | func TestSession_EnableVerbose(t *testing.T) {
 11 | 	defer func() {
 12 | 		_ = os.RemoveAll("./tmp")
 13 | 	}()
 14 | 
 15 | 	session := azuretls.NewSession()
 16 | 
 17 | 	_, err := session.Post("https://httpbin.org/post", "ahhhhhh")
 18 | 
 19 | 	if err != nil {
 20 | 		t.Error(err)
 21 | 		return
 22 | 	}
 23 | 
 24 | 	if err = session.Dump("./tmp"); err != nil {
 25 | 		t.Fatal(err)
 26 | 	}
 27 | 
 28 | 	_, err = session.Get("https://httpbin.org/get?t=v")
 29 | 
 30 | 	if err != nil {
 31 | 		t.Error(err)
 32 | 		return
 33 | 	}
 34 | 
 35 | 	time.Sleep(50 * time.Millisecond)
 36 | 	f, err := os.ReadDir("./tmp")
 37 | 
 38 | 	if err != nil {
 39 | 		t.Error(err)
 40 | 		return
 41 | 	}
 42 | 
 43 | 	if len(f) == 0 {
 44 | 		t.Error("No files created")
 45 | 		return
 46 | 	}
 47 | }
 48 | 
 49 | func TestSession_EnableVerbose2(t *testing.T) {
 50 | 	defer func() {
 51 | 		_ = os.RemoveAll("./tmp")
 52 | 	}()
 53 | 
 54 | 	session := azuretls.NewSession()
 55 | 
 56 | 	if err := session.Dump("./tmp", "/get"); err != nil {
 57 | 		t.Fatal(err)
 58 | 	}
 59 | 	session.DisableDump()
 60 | 	session.EnableDump()
 61 | 
 62 | 	_, err := session.Get("https://httpbin.org/get")
 63 | 
 64 | 	if err != nil {
 65 | 		t.Error(err)
 66 | 		return
 67 | 	}
 68 | 
 69 | 	time.Sleep(50 * time.Millisecond)
 70 | 	f, err := os.ReadDir("./tmp")
 71 | 
 72 | 	if err != nil {
 73 | 		t.Error(err)
 74 | 		return
 75 | 	}
 76 | 
 77 | 	if len(f) != 0 {
 78 | 		t.Error("files created")
 79 | 		return
 80 | 	}
 81 | 
 82 | 	if err != nil {
 83 | 		t.Error(err)
 84 | 		return
 85 | 	}
 86 | 
 87 | 	if err := session.EnableVerbose("./tmp", nil); err != nil {
 88 | 		t.Fatal(err)
 89 | 	}
 90 | 
 91 | 	var headers = azuretls.OrderedHeaders{
 92 | 		{"sec-ch-ua-mobile", "?0"},
 93 | 		{"user-agent", session.UserAgent},
 94 | 		{"content-type", "application/json; charset=UTF-8"},
 95 | 		{"accept", "application/json"},
 96 | 		{"sec-ch-ua-platform", "\"Windows\""},
 97 | 		{"origin", "https://www.nike.com"},
 98 | 		{"sec-fetch-site", "same-site"},
 99 | 		{"sec-fetch-mode", "cors"},
100 | 		{"sec-fetch-dest", "empty"},
101 | 		{"referer", "https://www.nike.com/"},
102 | 		{"accept-encoding", "gzip, deflate, br"},
103 | 		{"accept-language", "en-US,en;q=0.9"},
104 | 	}
105 | 
106 | 	_, err = session.Get("https://httpbin.org/anything/test/test2%2ftest/", headers)
107 | 
108 | 	if err != nil {
109 | 		t.Error(err)
110 | 		return
111 | 	}
112 | 
113 | 	time.Sleep(50 * time.Millisecond)
114 | 	f, err = os.ReadDir("./tmp")
115 | 
116 | 	if err != nil {
117 | 		t.Error(err)
118 | 		return
119 | 	}
120 | 
121 | 	if len(f) == 0 {
122 | 		t.Error("No files created")
123 | 		return
124 | 	}
125 | }
126 | 
127 | func TestSession_Log(t *testing.T) {
128 | 	session := azuretls.NewSession()
129 | 
130 | 	session.Log()
131 | 
132 | 	session.DisableLog()
133 | 	session.EnableLog()
134 | 
135 | 	session.Get("https://httpbin.org/get")
136 | 	session.Get("https://httpbin.org/redirect")
137 | 	session.Get("https://httpbin.org/unkown")
138 | }
139 | 
140 | func TestSession_DumpAndLog(t *testing.T) {
141 | 	defer func() {
142 | 		_ = os.RemoveAll("./tmp")
143 | 	}()
144 | 
145 | 	session := azuretls.NewSession()
146 | 
147 | 	session.DumpAndLog("./tmp", "/redirect")
148 | 
149 | 	if !session.LogIgnore("https://httpbin.org/redirect") {
150 | 		t.Error("LogIgnore failed")
151 | 		return
152 | 	}
153 | 
154 | 	session.Get("https://httpbin.org/get")
155 | 	session.Get("https://httpbin.org/redirect")
156 | 	session.Get("https://httpbin.org/unkown")
157 | 
158 | 	time.Sleep(50 * time.Millisecond)
159 | 	f, err := os.ReadDir("./tmp")
160 | 
161 | 	if err != nil {
162 | 		t.Error(err)
163 | 		return
164 | 	}
165 | 
166 | 	if len(f) == 0 {
167 | 		t.Error("No files created")
168 | 		return
169 | 	}
170 | }
171 | 


--------------------------------------------------------------------------------
/test/websocket_test.go:
--------------------------------------------------------------------------------
 1 | package azuretls_test
 2 | 
 3 | import (
 4 | 	"github.com/Noooste/azuretls-client"
 5 | 	"testing"
 6 | )
 7 | 
 8 | func TestSession_Websocket(t *testing.T) {
 9 | 	s := azuretls.NewSession()
10 | 
11 | 	_, err := s.NewWebsocket("", 0, 0)
12 | 
13 | 	if err == nil {
14 | 		t.Fatal("TestSession_Websocket failed, expected: error, got: nil")
15 | 	}
16 | 
17 | 	ws, err := s.NewWebsocket(
18 | 		"wss://demo.piesocket.com/v3/channel_123?api_key=VCXCEuvhGcBDP7XhiJJUDvR1e1D3eiVjgZ9VRiaV&notify_self",
19 | 		1024, 1024,
20 | 		azuretls.OrderedHeaders{
21 | 			{"User-Agent", "fhttp"},
22 | 		})
23 | 
24 | 	if err != nil {
25 | 		t.Fatal(err)
26 | 	}
27 | 
28 | 	if ws == nil {
29 | 		t.Fatal("TestSession_Websocket failed, expected: *Websocket, got: nil")
30 | 	}
31 | 
32 | 	if err = ws.WriteJSON(map[string]string{
33 | 		"event": "new_message",
34 | 	}); err != nil {
35 | 		t.Fatal(err)
36 | 	}
37 | }
38 | 
39 | func TestSession_WebsocketHTTP(t *testing.T) {
40 | 	s := azuretls.NewSession()
41 | 
42 | 	_, err := s.NewWebsocket("", 0, 0)
43 | 
44 | 	if err == nil {
45 | 		t.Fatal("TestSession_Websocket failed, expected: error, got: nil")
46 | 	}
47 | 
48 | 	ws, err := s.NewWebsocket(
49 | 		"ws://demo.piesocket.com/v3/channel_123?api_key=VCXCEuvhGcBDP7XhiJJUDvR1e1D3eiVjgZ9VRiaV&notify_self",
50 | 		0, 0,
51 | 		azuretls.OrderedHeaders{
52 | 			{"User-Agent", "fhttp"},
53 | 		})
54 | 
55 | 	if err != nil {
56 | 		t.Fatal(err)
57 | 	}
58 | 
59 | 	if ws == nil {
60 | 		t.Fatal("TestSession_Websocket failed, expected: *Websocket, got: nil")
61 | 	}
62 | 
63 | 	if err = ws.WriteJSON(map[string]string{
64 | 		"event": "new_message",
65 | 	}); err != nil {
66 | 		t.Fatal(err)
67 | 	}
68 | }
69 | 


--------------------------------------------------------------------------------
/transport.go:
--------------------------------------------------------------------------------
 1 | package azuretls
 2 | 
 3 | import (
 4 | 	http "github.com/Noooste/fhttp"
 5 | 	"github.com/Noooste/fhttp/http2"
 6 | 	"time"
 7 | )
 8 | 
 9 | func (s *Session) initTransport(browser string) (err error) {
10 | 	s.mu.Lock()
11 | 	defer s.mu.Unlock()
12 | 
13 | 	if s.Transport == nil {
14 | 		s.initHTTP1()
15 | 	}
16 | 
17 | 	if s.HTTP2Transport == nil {
18 | 		if err = s.initHTTP2(browser); err != nil {
19 | 			return
20 | 		}
21 | 	}
22 | 
23 | 	return
24 | }
25 | 
26 | func (s *Session) initHTTP1() {
27 | 	s.Transport = &http.Transport{
28 | 		TLSHandshakeTimeout:   s.TimeOut,
29 | 		ResponseHeaderTimeout: s.TimeOut,
30 | 		DialTLSContext:        s.dialTLS,
31 | 		DialContext:           s.dial,
32 | 		MaxIdleConns:          1e3,
33 | 		IdleConnTimeout:       90 * time.Second,
34 | 		ExpectContinueTimeout: 1 * time.Second,
35 | 	}
36 | }
37 | 
38 | func (s *Session) initHTTP2(browser string) error {
39 | 	tr, err := http2.ConfigureTransports(s.Transport) // upgrade to HTTP2, while keeping http.Transport
40 | 
41 | 	if err != nil {
42 | 		return err
43 | 	}
44 | 
45 | 	tr.Priorities = defaultStreamPriorities(browser)
46 | 	tr.Settings, tr.SettingsOrder = defaultHeaderSettings(browser)
47 | 	tr.ConnectionFlow = defaultWindowsUpdate(browser)
48 | 
49 | 	if s.HeaderPriority != nil {
50 | 		tr.HeaderPriority = s.HeaderPriority
51 | 	} else {
52 | 		tr.HeaderPriority = defaultHeaderPriorities(browser)
53 | 	}
54 | 
55 | 	tr.StrictMaxConcurrentStreams = true
56 | 
57 | 	tr.PushHandler = &http2.DefaultPushHandler{}
58 | 
59 | 	for k, v := range tr.Settings {
60 | 		switch k {
61 | 		case http2.SettingInitialWindowSize:
62 | 			tr.InitialWindowSize = v
63 | 		case http2.SettingHeaderTableSize:
64 | 			tr.HeaderTableSize = v
65 | 		}
66 | 	}
67 | 
68 | 	s.HTTP2Transport = tr
69 | 
70 | 	return nil
71 | }
72 | 


--------------------------------------------------------------------------------
/utils.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"encoding/json"
  6 | 	"errors"
  7 | 	"fmt"
  8 | 	"golang.org/x/net/idna"
  9 | 	"io"
 10 | 	"net"
 11 | 	"net/url"
 12 | 	"reflect"
 13 | 	"regexp"
 14 | 	"strings"
 15 | 	"unicode/utf8"
 16 | )
 17 | 
 18 | const (
 19 | 	SchemeHttp  = "http"
 20 | 	SchemeHttps = "https"
 21 | 	SchemeWs    = "ws"
 22 | 	SchemeWss   = "wss"
 23 | 	Socks5      = "socks5"
 24 | 	Socks5H     = "socks5h"
 25 | 
 26 | 	defaultUserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"
 27 | 
 28 | 	forceHTTP1Key = "force-http1"
 29 | 	userAgentKey  = "user-agent"
 30 | )
 31 | 
 32 | var (
 33 | 	numberReg = regexp.MustCompile(`\d+`)
 34 | )
 35 | 
 36 | func formatProxy(proxy string) string {
 37 | 	var split = strings.Split(proxy, ":")
 38 | 	length := len(split)
 39 | 	switch length {
 40 | 	case 1:
 41 | 		// proxy = ip
 42 | 		return "http://" + split[0]
 43 | 	case 2:
 44 | 		// proxy = ip:port
 45 | 		return "http://" + split[0] + ":" + split[1]
 46 | 	case 3:
 47 | 		// proxy = username:password@ip:port
 48 | 		return "http://" + proxy
 49 | 	case 4:
 50 | 		if numberReg.MatchString(split[1]) {
 51 | 			// proxy = ip:port:username:password
 52 | 			return "http://" + split[2] + ":" + split[3] + "@" + split[0] + ":" + split[1]
 53 | 		}
 54 | 
 55 | 		// proxy = username:password:ip:port
 56 | 		return "http://" + split[0] + ":" + split[1] + "@" + split[2] + ":" + split[3]
 57 | 	default:
 58 | 		return ""
 59 | 	}
 60 | }
 61 | 
 62 | // ToBytes converts any type to []byte, it supports string, []byte, io.Reader,
 63 | // strings.Builder and any other type that can be marshaled to json
 64 | func ToBytes(b any) []byte {
 65 | 	switch b.(type) {
 66 | 	case string:
 67 | 		return []byte(b.(string))
 68 | 
 69 | 	case []byte:
 70 | 		return b.([]byte)
 71 | 
 72 | 	case io.Reader:
 73 | 		var buf = new(bytes.Buffer)
 74 | 		_, _ = io.Copy(buf, b.(io.Reader))
 75 | 		return buf.Bytes()
 76 | 
 77 | 	case bytes.Buffer:
 78 | 		buf := b.(bytes.Buffer)
 79 | 		return buf.Bytes()
 80 | 
 81 | 	case strings.Builder:
 82 | 		buf := b.(strings.Builder)
 83 | 		return []byte(buf.String())
 84 | 
 85 | 	case *strings.Builder:
 86 | 		buf := b.(*strings.Builder)
 87 | 		return []byte(buf.String())
 88 | 
 89 | 	default:
 90 | 		var dumped []byte
 91 | 		dumped, _ = json.Marshal(b)
 92 | 		return dumped
 93 | 	}
 94 | }
 95 | 
 96 | func ToReader(b any) (io.Reader, error) {
 97 | 	switch b.(type) {
 98 | 	case string:
 99 | 		return strings.NewReader(b.(string)), nil
100 | 
101 | 	case []byte:
102 | 		return bytes.NewReader(b.([]byte)), nil
103 | 
104 | 	case io.Reader:
105 | 		return b.(io.Reader), nil
106 | 
107 | 	case bytes.Buffer:
108 | 		buf := b.(bytes.Buffer)
109 | 		return bytes.NewReader(buf.Bytes()), nil
110 | 
111 | 	case strings.Builder:
112 | 		buf := b.(strings.Builder)
113 | 		return strings.NewReader(buf.String()), nil
114 | 
115 | 	case *strings.Builder:
116 | 		buf := b.(*strings.Builder)
117 | 		return strings.NewReader(buf.String()), nil
118 | 
119 | 	default:
120 | 		value := reflect.ValueOf(b)
121 | 
122 | 		if value.Kind() == reflect.Ptr {
123 | 			value = value.Elem()
124 | 		}
125 | 
126 | 		switch value.Kind() {
127 | 		case reflect.Struct, reflect.Map, reflect.Slice, reflect.Array:
128 | 			var (
129 | 				dumped []byte
130 | 				err    error
131 | 			)
132 | 
133 | 			if dumped, err = json.Marshal(b); err != nil {
134 | 				return nil, err
135 | 			}
136 | 
137 | 			return bytes.NewReader(dumped), nil
138 | 
139 | 		default:
140 | 			return nil, errors.New("unsupported body type : " + value.Kind().String())
141 | 		}
142 | 	}
143 | }
144 | 
145 | var portMap = map[string]string{
146 | 	SchemeHttp:  "80",
147 | 	SchemeHttps: "443",
148 | 	SchemeWs:    "80",
149 | 	SchemeWss:   "443",
150 | 	Socks5:      "1080",
151 | 	Socks5H:     "1080",
152 | }
153 | 
154 | func idnaASCII(v string) (string, error) {
155 | 	if isASCII(v) {
156 | 		return v, nil
157 | 	}
158 | 	return idna.Lookup.ToASCII(v)
159 | }
160 | func isASCII(s string) bool {
161 | 	for i := 0; i < len(s); i++ {
162 | 		if s[i] >= utf8.RuneSelf {
163 | 			return false
164 | 		}
165 | 	}
166 | 	return true
167 | }
168 | 
169 | func isDomainOrSubdomain(sub, parent string) bool {
170 | 	if sub == parent {
171 | 		return true
172 | 	}
173 | 	// If sub is "foo.example.com" and parent is "example.com",
174 | 	// that means sub must end in "."+parent.
175 | 	// Do it without allocating.
176 | 	if !strings.HasSuffix(sub, parent) {
177 | 		return false
178 | 	}
179 | 	return sub[len(sub)-len(parent)-1] == '.'
180 | }
181 | 
182 | // UrlEncode encodes a map[string]string to url encoded string
183 | // If you want to encode a struct, you will use the `url` tag
184 | func UrlEncode(obj any) string {
185 | 	r := reflect.ValueOf(obj)
186 | 
187 | 	if r.Kind() == reflect.Ptr {
188 | 		r = r.Elem()
189 | 	}
190 | 
191 | 	switch r.Kind() {
192 | 	case reflect.Map:
193 | 		keys := r.MapKeys()
194 | 		var result = make([]string, 0, len(keys))
195 | 		for _, key := range keys {
196 | 			result = append(result, fmt.Sprintf("%s=%v", key, url.QueryEscape(fmt.Sprintf("%v", r.MapIndex(key)))))
197 | 		}
198 | 		return strings.Join(result, "&")
199 | 
200 | 	case reflect.Struct:
201 | 		var result = make([]string, 0, r.NumField())
202 | 		for i := 0; i < r.NumField(); i++ {
203 | 			if name, ok := r.Type().Field(i).Tag.Lookup("url"); ok {
204 | 				if name == "-" {
205 | 					continue
206 | 				}
207 | 				//detect if omitempty is set
208 | 				split := strings.Split(name, ",")
209 | 				if len(split) > 1 && split[1] == "omitempty" {
210 | 					if r.Field(i).IsZero() {
211 | 						continue
212 | 					}
213 | 				}
214 | 				result = append(result, fmt.Sprintf("%s=%s", split[0], url.QueryEscape(fmt.Sprintf("%v", r.Field(i)))))
215 | 			}
216 | 
217 | 		}
218 | 		return strings.Join(result, "&")
219 | 
220 | 	case reflect.String:
221 | 		return url.QueryEscape(r.String())
222 | 
223 | 	default:
224 | 		return ""
225 | 	}
226 | }
227 | 
228 | func (s *Session) urlMatch(host *url.URL, urls []*regexp.Regexp) bool {
229 | 	if urls == nil {
230 | 		return false
231 | 	}
232 | 
233 | 	for _, h := range urls {
234 | 		if h.MatchString(host.String()) {
235 | 			return true
236 | 		}
237 | 	}
238 | 
239 | 	return false
240 | }
241 | 
242 | func getHost(u *url.URL) string {
243 | 	addr := u.Hostname()
244 | 	if v, err := idnaASCII(addr); err == nil {
245 | 		addr = v
246 | 	}
247 | 	port := u.Port()
248 | 	if port == "" {
249 | 		port = portMap[u.Scheme]
250 | 	}
251 | 	return net.JoinHostPort(addr, port)
252 | }
253 | 


--------------------------------------------------------------------------------
/websocket.go:
--------------------------------------------------------------------------------
  1 | package azuretls
  2 | 
  3 | import (
  4 | 	"context"
  5 | 	"errors"
  6 | 	http "github.com/Noooste/fhttp"
  7 | 	"github.com/Noooste/websocket"
  8 | 	"net"
  9 | 	url2 "net/url"
 10 | )
 11 | 
 12 | type Websocket struct {
 13 | 	Url     string
 14 | 	Headers http.Header
 15 | 
 16 | 	Request  *Request
 17 | 	Response *http.Response
 18 | 
 19 | 	dialer *websocket.Dialer
 20 | 
 21 | 	*websocket.Conn
 22 | }
 23 | 
 24 | // NewWebsocket returns a new websocket connection.
 25 | func (s *Session) NewWebsocket(url string, readBufferSize, writeBufferSize int, args ...any) (*Websocket, error) {
 26 | 	return s.NewWebsocketWithContext(s.ctx, url, readBufferSize, writeBufferSize, args...)
 27 | }
 28 | 
 29 | // NewWebsocketWithContext returns a new websocket connection with a context.
 30 | func (s *Session) NewWebsocketWithContext(ctx context.Context, url string, readBufferSize, writeBufferSize int, args ...any) (*Websocket, error) {
 31 | 	if url == "" {
 32 | 		return nil, errors.New("url is empty")
 33 | 	}
 34 | 
 35 | 	if readBufferSize <= 0 {
 36 | 		readBufferSize = 1024
 37 | 	}
 38 | 
 39 | 	if writeBufferSize <= 0 {
 40 | 		writeBufferSize = 1024
 41 | 	}
 42 | 
 43 | 	req := new(Request)
 44 | 	req.Url = url
 45 | 
 46 | 	if err := s.prepareRequest(req, args...); err != nil {
 47 | 		return nil, err
 48 | 	}
 49 | 
 50 | 	var (
 51 | 		ws  = new(Websocket)
 52 | 		h   = make(http.Header)
 53 | 		err error
 54 | 	)
 55 | 
 56 | 	req.HttpRequest = &http.Request{}
 57 | 	req.parsedUrl, err = url2.Parse(req.Url)
 58 | 
 59 | 	if err != nil {
 60 | 		return nil, err
 61 | 	}
 62 | 
 63 | 	if err = s.buildRequest(ctx, req); err != nil {
 64 | 		return nil, err
 65 | 	}
 66 | 
 67 | 	if !req.NoCookie {
 68 | 		cookies := s.CookieJar.Cookies(req.parsedUrl)
 69 | 		if cookies != nil && len(cookies) > 0 {
 70 | 			if c := req.HttpRequest.Header.Get("Cookie"); c != "" {
 71 | 				req.HttpRequest.Header.Set("Cookie", c+"; "+CookiesToString(cookies))
 72 | 			} else {
 73 | 				req.HttpRequest.Header.Set("Cookie", CookiesToString(cookies))
 74 | 			}
 75 | 		}
 76 | 	}
 77 | 
 78 | 	req.ForceHTTP1 = true
 79 | 
 80 | 	ws.dialer = &websocket.Dialer{
 81 | 		HandshakeTimeout: s.TimeOut,
 82 | 		ReadBufferSize:   readBufferSize,
 83 | 		WriteBufferSize:  writeBufferSize,
 84 | 		Jar:              s.CookieJar,
 85 | 		NetDialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 86 | 			ctx = context.WithValue(ctx, forceHTTP1Key, true)
 87 | 			ctx = context.WithValue(ctx, "request", req)
 88 | 			return s.dialTLS(ctx, network, addr)
 89 | 		},
 90 | 		NetDialContext: s.dial,
 91 | 	}
 92 | 
 93 | 	c, resp, err := ws.dialer.DialContext(ctx, req.Url, req.HttpRequest.Header, req.HttpRequest.Header[http.HeaderOrderKey])
 94 | 
 95 | 	if err != nil {
 96 | 		return nil, err
 97 | 	}
 98 | 
 99 | 	return &Websocket{
100 | 		Url:      req.Url,
101 | 		Headers:  h,
102 | 		Conn:     c,
103 | 		Request:  req,
104 | 		Response: resp,
105 | 	}, nil
106 | }
107 | 


--------------------------------------------------------------------------------