underdog-tech · dgtlctzn · Jul 18, 2025 · Jul 18, 2025 · Jul 18, 2025 · Jul 18, 2025
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -8,7 +8,7 @@ parameters:
 orbs:
   pinwheel-cicd: underdog-tech/pinwheel-cicd-orb@1.4
   macos: circleci/macos@2.4.0
-  go: circleci/go@1.7.3
+  go: circleci/go@3.0.3
 
 jobs:
   test:
@@ -17,14 +17,13 @@ jobs:
     working_directory: ~/<< pipeline.parameters.service-name >>
     steps:
       - checkout
-      - go/install:
-          version: "1.22.0"
-      - go/load-cache
-      - go/mod-download
-      - go/save-cache
-      - go/test:
-          race: true
-          covermode: "atomic"
+      - go/with-cache:
+          steps:
+            - go/install:
+                version: "1.24.1"
+            - go/mod-download
+            - go/test:
+                covermode: atomic
 
 workflows:
   test:

diff --git a/.github/assets/hypersolutions.jpg b/.github/assets/hypersolutions.jpg
diff --git a/.gitignore b/.gitignore
@@ -7,3 +7,4 @@ cffi_dist/example_node/index_ftl_cookies.js
 cffi_dist/example_node/index_nike_cookies.js
 cffi_dist/example_node/node_modules
 **/.DS_Store
+.tool-versions
diff --git a/.tool-versions b/.tool-versions
@@ -1,2 +1,2 @@
 nodejs 20.9.0
-golang 1.24.1
+golang 1.24.1
diff --git a/Readme.md b/Readme.md
@@ -21,8 +21,24 @@ With this library you are able to create a http client implementing an interface
 client interface.
 This TLS Client allows you to specify the Client (Browser and Version) you want to use, when requesting a server.
 
-The Interface of the HTTP Client looks like the following and extends the base net/http Client Interface by some useful functions.
-Most likely you will use the `Do()` function like you did before with net/http Client.
+### Features
+
+- ✅ **HTTP/1.1, HTTP/2, HTTP/3** - Full protocol support with automatic negotiation
+- ✅ **Protocol Racing** - Chrome-like "Happy Eyeballs" for HTTP/2 vs HTTP/3
+- ✅ **TLS Fingerprinting** - Mimic Chrome, Firefox, Safari, and other browsers
+- ✅ **HTTP/3 Fingerprinting** - Accurate QUIC/HTTP/3 fingerprints matching real browsers
+- ✅ **WebSocket Support** - Maintain TLS fingerprinting over WebSocket connections
+- ✅ **Custom Header Ordering** - Control the order of HTTP headers
+- ✅ **Proxy Support** - HTTP and SOCKS5 proxies
+- ✅ **Cookie Jar Management** - Built-in cookie handling
+- ✅ **Certificate Pinning** - Enhanced security with custom certificate validation
+- ✅ **Bandwidth Tracking** - Monitor upload/download bandwidth
+- ✅ **Language Bindings** - Use from JavaScript (Node.js), Python, and C# via FFI
+
+### Interface
+
+The HTTP Client interface extends the base net/http Client with additional functionality:
+
 ```go
 type HttpClient interface {
     GetCookies(u *url.URL) []*http.Cookie
@@ -38,9 +54,16 @@ type HttpClient interface {
     Get(url string) (resp *http.Response, err error)
     Head(url string) (resp *http.Response, err error)
     Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
+
+    GetBandwidthTracker() bandwidth.BandwidthTracker
+    GetDialer() proxy.ContextDialer
+    GetTLSDialer() TLSDialerFunc
 }
 ```
 
+### Detailed Documentation
+
+https://bogdanfinn.gitbook.io/open-source-oasis/
 
 ### Quick Usage Example
 
@@ -58,10 +81,10 @@ import (
 )
 
 func main() {
-    jar := tls_client.NewCookieJar()
+	jar := tls_client.NewCookieJar()
 	options := []tls_client.HttpClientOption{
 		tls_client.WithTimeoutSeconds(30),
-		tls_client.WithClientProfile(profiles.Chrome_120),
+		tls_client.WithClientProfile(profiles.Chrome_144),
 		tls_client.WithNotFollowRedirects(),
 		tls_client.WithCookieJar(jar), // create cookieJar instance and pass it as argument
 	}
@@ -109,10 +132,6 @@ func main() {
 }
 ```
 
-### Detailed Documentation
-
-https://bogdanfinn.gitbook.io/open-source-oasis/
-
 ### Questions?
 
 Join my discord support server for free: https://discord.gg/7Ej9eJvHqk
@@ -123,3 +142,21 @@ No Support in DMs!
 
 [!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/CaptainBarnius)
 
+---
+
+## 🛡️ Need Antibot Bypass?
+
+<a href="https://hypersolutions.co/?utm_source=github&utm_medium=readme&utm_campaign=tls-client" target="_blank"><img src="https://raw.githubusercontent.com/bogdanfinn/tls-client/master/.github/assets/hypersolutions.jpg" height="47" width="149"></a>
+
+TLS fingerprinting alone isn't enough for modern bot protection. **[Hyper Solutions](https://hypersolutions.co?utm_source=github&utm_medium=readme&utm_campaign=tls-client)** provides the missing piece - API endpoints that generate valid antibot tokens for:
+
+**Akamai** • **DataDome** • **Kasada** • **Incapsula**
+
+No browser automation. Just simple API calls that return the exact cookies and headers these systems require.
+
+🚀 **[Get Your API Key](https://hypersolutions.co?utm_source=github&utm_medium=readme&utm_campaign=tls-client)** | 📖 **[Docs](https://docs.justhyped.dev)** | 💬 **[Discord](https://discord.gg/akamai)**
+
+---
+
+### Powered by
+[![JetBrains logo.](https://resources.jetbrains.com/storage/products/company/brand/logos/jetbrains.svg)](https://jb.gg/OpenSource)
diff --git a/cffi_dist/.tool-versions b/cffi_dist/.tool-versions
@@ -1,2 +1,2 @@
 nodejs 20.10.0
-golang 1.20
+golang 1.24.1
diff --git a/cffi_dist/Dockerfile b/cffi_dist/Dockerfile
@@ -7,7 +7,7 @@ RUN apt-get update -y -q && apt-get upgrade -y -q
 RUN apt-get install --no-install-recommends -y -q curl build-essential ca-certificates git gcc g++ bash
 
 # Download Go 1.22 and install it to /usr/local/go
-RUN curl -s https://dl.google.com/go/go1.22.3.linux-amd64.tar.gz | tar -v -C /usr/local -xz
+RUN curl -s https://dl.google.com/go/go1.24.1.linux-amd64.tar.gz | tar -v -C /usr/local -xz
 
 # Let's people find our Go binaries
 ENV PATH $PATH:/usr/local/go/bin
diff --git a/cffi_dist/Dockerfile.alpine.compile b/cffi_dist/Dockerfile.alpine.compile
@@ -1,4 +1,4 @@
-FROM golang:1.22-alpine3.20
+FROM golang:1.24.1-alpine3.21
 RUN apk add --no-cache \
   git \
   gcc \

diff --git a/cffi_dist/build.sh b/cffi_dist/build.sh
@@ -18,12 +18,12 @@ GOOS=darwin CGO_ENABLED=1 GOARCH=amd64 go build -buildmode=c-shared -o ./pinwhee
 # # CC is needed when you cross compile from OSX to Linux
 # GOOS=linux CGO_ENABLED=1 GOARCH=arm CC="armv7-linux-gnueabihf-gcc" go build -buildmode=c-shared -o ./dist/tls-client-linux-armv7-$1.so
 
-# # CC is needed when you cross compile from OSX to Linux
+# CC is needed when you cross compile from OSX to Linux
 # echo 'Build Linux Alpine'
-# # For some reason my OSX gcc cross compiler does not work. Therefore i use a alpine docker image
-# # GOOS=linux CGO_ENABLED=1 GOARCH=amd64 CC="x86_64-linux-musl-gcc" go build -buildmode=c-shared -o ./dist/tls-client-linux-amd64.so
-# # Make sure to first build the image based on the Dockerfile.alpine.compile in this directory.
-# docker run -v $PWD/../:/tls-client tls-client-alpine-go-1.20 bash -c "cd /tls-client/cffi_dist && GOOS=linux CGO_ENABLED=1 GOARCH=amd64 go build -buildmode=c-shared -o /tls-client/cffi_dist/dist/tls-client-linux-alpine-amd64-$1.so"
+# For some reason my OSX gcc cross compiler does not work. Therefore i use a alpine docker image
+# GOOS=linux CGO_ENABLED=1 GOARCH=amd64 CC="x86_64-linux-musl-gcc" go build -buildmode=c-shared -o ./dist/tls-client-linux-amd64.so
+# Make sure to first build the image based on the Dockerfile.alpine.compile in this directory.
+# docker run -v $PWD/../:/tls-client tls-client-alpine-go-1.20 bash -c "cd /tls-client/cffi_dist && GOOS=linux CGO_ENABLED=1 GOARCH=amd64 go build -buildmode=c-shared -buildvcs=false -o /tls-client/cffi_dist/dist/tls-client-linux-alpine-amd64-$1.so"
 
 # CC is needed when you cross compile from OSX to Linux
 echo 'Build Linux Ubuntu'

diff --git a/cffi_dist/example_csharp/Requester.cs b/cffi_dist/example_csharp/Requester.cs
@@ -24,7 +24,7 @@ class RequestPayload
     public bool FollowRedirects { get; set; } = true;
     public bool InsecureSkipVerify { get; set; } = false;
     public bool WithoutCookieJar { get; set; } = false;
-    public bool WithDefaultCookieJar { get; set; } = false;
+    public bool WithCustomCookieJar { get; set; } = false;
     public bool IsByteRequest { get; set; } = false;
     public bool ForceHttp1 { get; set; } = false;
     public bool WithDebug { get; set; } = false;

diff --git a/cffi_dist/example_node/index.js b/cffi_dist/example_node/index.js
@@ -15,7 +15,7 @@ const requestPayload = {
     "followRedirects": true,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "isByteRequest": false,
     "catchPanics": false,
     "withDebug": false,

diff --git a/cffi_dist/example_node/index_async.js b/cffi_dist/example_node/index_async.js
@@ -15,7 +15,7 @@ const requestPayload = {
     "followRedirects": false,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "isByteRequest": false,
     "forceHttp1": false,
     "withRandomTLSExtensionOrder": false,

diff --git a/cffi_dist/example_node/index_cookies.js b/cffi_dist/example_node/index_cookies.js
@@ -15,7 +15,7 @@ const requestPayload = {
     "followRedirects": true,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "isByteRequest": false,
     "catchPanics": false,
     "withDebug": false,

diff --git a/cffi_dist/example_node/index_custom_client.js b/cffi_dist/example_node/index_custom_client.js
@@ -14,7 +14,7 @@ const requestPayload = {
     "followRedirects": false,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "isByteRequest": false,
     "catchPanics": false,
     "forceHttp1": false,

diff --git a/cffi_dist/example_node/index_ffi_rs.js b/cffi_dist/example_node/index_ffi_rs.js
@@ -62,7 +62,7 @@ const requestPayload = {
     "followRedirects": true,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "isByteRequest": false,
     "catchPanics": false,
     "withDebug": false,

diff --git a/cffi_dist/example_node/index_image.js b/cffi_dist/example_node/index_image.js
@@ -16,7 +16,7 @@ const requestPayload = {
     "followRedirects": false,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "forceHttp1": false,
     "withDebug": false,
     "withRandomTLSExtensionOrder": false,

diff --git a/cffi_dist/example_node/index_image_upload.js b/cffi_dist/example_node/index_image_upload.js
@@ -18,7 +18,7 @@ const requestPayload = {
     "followRedirects": false,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "forceHttp1": false,
     "withDebug": false,
     "withRandomTLSExtensionOrder": false,

diff --git a/cffi_dist/example_node/index_post.js b/cffi_dist/example_node/index_post.js
@@ -15,7 +15,7 @@ const requestPayload = {
     "followRedirects": false,
     "insecureSkipVerify": false,
     "withoutCookieJar": false,
-    "withDefaultCookieJar": false,
+    "withCustomCookieJar": false,
     "forceHttp1": false,
     "withDebug": false,
     "withRandomTLSExtensionOrder": false,

diff --git a/cffi_dist/example_python/example.py b/cffi_dist/example_python/example.py
@@ -32,7 +32,7 @@
     "followRedirects": False,
     "insecureSkipVerify": False,
     "withoutCookieJar": False,
-    "withDefaultCookieJar": False,
+    "withCustomCookieJar": False,
     "isByteRequest": False,
     "forceHttp1": False,
     "withDebug": False,

diff --git a/cffi_dist/example_python/example_cookies.py b/cffi_dist/example_python/example_cookies.py
@@ -32,7 +32,7 @@
     "followRedirects": False,
     "insecureSkipVerify": False,
     "withoutCookieJar": False,
-    "withDefaultCookieJar": False,
+    "withCustomCookieJar": False,
     "isByteRequest": False,
     "forceHttp1": False,
     "withDebug": False,

diff --git a/cffi_dist/example_python/example_custom_client.py b/cffi_dist/example_python/example_custom_client.py
@@ -31,7 +31,7 @@
     "followRedirects": False,
     "insecureSkipVerify": False,
     "withoutCookieJar": False,
-    "withDefaultCookieJar": False,
+    "withCustomCookieJar": False,
     "isByteRequest": False,
     "forceHttp1": False,
     "catchPanics": False,

diff --git a/cffi_dist/example_python/example_image.py b/cffi_dist/example_python/example_image.py
@@ -34,7 +34,7 @@
     "followRedirects": False,
     "insecureSkipVerify": False,
     "withoutCookieJar": False,
-    "withDefaultCookieJar": False,
+    "withCustomCookieJar": False,
     "isByteRequest": False,
     "forceHttp1": False,
     "withDebug": False,

diff --git a/cffi_dist/example_python/example_image_upload.py b/cffi_dist/example_python/example_image_upload.py
@@ -37,7 +37,7 @@
     "followRedirects": False,
     "insecureSkipVerify": False,
     "withoutCookieJar": False,
-    "withDefaultCookieJar": False,
+    "withCustomCookieJar": False,
     "isByteRequest": True,
     "forceHttp1": False,
     "withDebug": False,

diff --git a/cffi_dist/example_python/example_post.py b/cffi_dist/example_python/example_post.py
@@ -34,7 +34,7 @@
     "followRedirects": False,
     "insecureSkipVerify": False,
     "withoutCookieJar": False,
-    "withDefaultCookieJar": False,
+    "withCustomCookieJar": False,
     "forceHttp1": False,
     "withDebug": False,
     "withRandomTLSExtensionOrder": False,

diff --git a/cffi_dist/example_typescript/src/client.ts b/cffi_dist/example_typescript/src/client.ts
@@ -66,10 +66,10 @@ export class TLSClient implements TLSClientInstance {
 const createWrapper = (): LibraryObject<never> => {
     const sharedLibraryPath = join(__dirname, './../../dist/');
     const sharedLibraryFilename = platform() === 'win32'
-        ? `tls-client-windows-64-1.7.2.dll`
+        ? `tls-client-windows-64-1.12.1.dll`
         : arch() === 'arm64'
-            ? `tls-client-darwin-arm64-1.7.2.dylib`
-            : `tls-client-darwin-amd64-1.7.2.dylib`;
+            ? `tls-client-darwin-arm64-1.12.1.dylib`
+            : `tls-client-darwin-amd64-1.12.1.dylib`;
 
     return Library(join(sharedLibraryPath, sharedLibraryFilename), {
         request: ['string', ['string']],

diff --git a/cffi_dist/go.mod b/cffi_dist/go.mod
@@ -3,21 +3,25 @@ module tls_client_cffi
 go 1.24.1
 
 require (
-	github.com/bogdanfinn/fhttp v0.6.0
-	github.com/bogdanfinn/tls-client v1.10.0
+	github.com/bogdanfinn/fhttp v0.6.8
+	github.com/bogdanfinn/tls-client v1.14.0
 	github.com/google/uuid v1.6.0
 )
 
 require (
-	github.com/andybalholm/brotli v1.1.1 // indirect
-	github.com/bogdanfinn/utls v1.7.3-barnius // indirect
-	github.com/cloudflare/circl v1.5.0 // indirect
-	github.com/klauspost/compress v1.17.11 // indirect
+	github.com/andybalholm/brotli v1.2.0 // indirect
+	github.com/bdandy/go-errors v1.2.2 // indirect
+	github.com/bdandy/go-socks4 v1.2.3 // indirect
+	github.com/bogdanfinn/quic-go-utls v1.0.9-utls // indirect
+	github.com/bogdanfinn/utls v1.7.7-barnius // indirect
+	github.com/bogdanfinn/websocket v1.5.5-barnius // indirect
+	github.com/klauspost/compress v1.18.2 // indirect
+	github.com/quic-go/qpack v0.6.0 // indirect
 	github.com/tam7t/hpkp v0.0.0-20160821193359-2b70b4024ed5 // indirect
-	golang.org/x/crypto v0.36.0 // indirect
-	golang.org/x/net v0.38.0 // indirect
-	golang.org/x/sys v0.31.0 // indirect
-	golang.org/x/text v0.23.0 // indirect
+	golang.org/x/crypto v0.46.0 // indirect
+	golang.org/x/net v0.48.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
 )
 
 // replace github.com/bogdanfinn/tls-client => ../