Contribution, new fingerprints, OS, browsers, versions

[Aubermean]

Hi,

README mentions custom header for Edge or Android. Wrapper scripts metion Wireshark.

Wanted to get your 2 cents on how to contribute to the project, adding more natively supported browsers. Such as chrome120 on Windows, Linux, Android, and different MacOS versions.

I am using libcurl ffi bindings via env vars, so I don't believe creating new wrapper scripts will be usable.

[perklet]

Wanted to get your 2 cents on how to contribute to the project, adding more natively supported browsers. Such as chrome120 on Windows, Linux, Android, and different MacOS versions.

Thanks for your interests. Here are some general patterns I observed:

• For Chrome, it seems that the fingerprints are exactly the same across different platforms for the same version, the only difference is the header values. It's even the same for Edge, which is also Chromium-based. But I havn't looked up the values in Brave browser.

• For Safari, the iOS one and macOS differ on http2 fingerprints.

If you would like to contribute, you can help to verify that Chromium-based browsers do share the same fingerprints and find new fingerprints for different versions of Safari.

Here is a simple doc on how to capture values for this project.

[Aubermean]

Thanks so much! Checking the docs now. Final question is about iOS, how do you capture values on that platform too? I would like to try for Chrome iOS/iPad...

[perklet]

Wireshark.

[Aubermean]

Wireshark.

@yifeikong, for Safari, Priority should be 255 not 265, and Exclusive should be 0 not 1. I have looked in curl-impersonate.patch, but I don't see how to make a modification to allow these to be customized. Can you point in the right direction?

[perklet]

What do you mean by priority? I just checked here, and did not see any 255 value. Besides, there is not 265 value in the code.

[Aubermean]

My mistake I mean the 'priority weight'. Check CHROME_DEFAULT_STREAM_WEIGHT, it defaults to 255. But for Safari, its 256. I am using https://tls.peet.ws/api/all

[perklet]

I see. the chrome values are:

"priority": {
    "weight": 256,
    "depends_on": 0,
    "exclusive": 1
}

but for safari, they are:

"priority": {
    "weight": 255,
    "depends_on": 0,
    "exclusive": 0
}

These values are not for chrome and safari. And you are right, it should be added for Safari.

It's very straightforward to change, you can add this like the firefox version.

[Aubermean]

Where would it need to be changed? In the patch file? I don't really want to make another 'safari' version alongside chrome if possible. Right now, to add new browsers or update versions, I modify the curl-impersonate.patch file. I am not using Firefox at all.

[perklet]

I'm planning on fixing this in #20.

[Aubermean]

Good to hear. Another notable point is that MAX_CONCURRENT_STREAMS is hardcoded to 1000, whereas in Safari iOS latest the value is 100.

If we can maintain as much configurability for all options instead of making assumptions, we will be covered for the future in case browsers diverge away from 'chrome defaults'.

It's a completely different subject, but have you considered using a single reference for all of these values, json for example, and then building the curl patch etc. with a bash script? Or making use of what is already in place for testing.

Right now, there is a lot of repetition, and it's not easy for users to add their own custom fingerprints. I think that should be a core goal: let users do their own discovery, and define their own fingerprint parameters rather than providing them.

One last point... I think a core value of this project should be to support the latest versions of browsers a priority. Supporting older versions isn't so important for the vision of bypassing detection, considering the fact that in this modern age all browsers force auto updates.

[perklet]

I believe MAX_CONCURRENT_STREAMS has been fixed to 100 for safari since v0.6.

[Aubermean]

Here it's hardcoded to 1000. In most browsers and clients, its the default of 100. I don't know when Chrome changed to 1000. The point is, that these values need to be configurable without assumptions made or hardcoded values (the same for priorty weight, priorty exclusive, etc.)

[perklet]

No, it's not hardcoded, it's set using this option.

[Aubermean]

I'm aware of the curl easy option, but my thinking is that the value for max conncurent streams should be configurable for each browser as other values are (e.g. for Safari, set 100 in this part). Then, if different browsers or versions change the value, the variation can be maintained. Without needing to externally remember that MAX_CONCURRENT_STREAMS needs to be manually set to 100 for Safari because curl-impersonate will incorrectly assume a default of 1000.

[perklet]

CURLOPT_HTTP2_SETTINGS sets the settings frame values, for example 1:65536;3:1000;4:6291456;6:262144 (non-standard HTTP/2 options created for this project).

From readme.

[Aubermean]

I understand, thank you, I missed it at a glance due to the ordering of the parameters (3 is after 4!) 1:65536;3:1000;4:6291456;6 vs 2:0;4:4194304;3:100

Thank you again!