[Feature]Websocket in Cloudflare

lexiforest / curl_cffi

Python binding for curl-impersonate fork via cffi. A http client that can impersonate browser tls/ja3/http2 fingerprints.

https://curl-cffi.readthedocs.io/

MIT License

2.49k stars 265 forks source link

[Feature]Websocket in Cloudflare #409

Closed OwenChen0911 closed 1 month ago

OwenChen0911 commented 1 month ago

A great feture that support websocket,

but once url behind cloudflare, how to break in?

uri = 'wss://velnt-talo-ssb-pr.sportslottery.com.tw/notification/listen/026/x0te0aqn/websocket'

got error

Exception has occurred: CurlError Failed to perform, curl: (22) Refused WebSockets upgrade: 403. See https://curl.se/libcurl/c/libcurl-errors.html first for more details.

lexiforest commented 1 month ago

Could you please post a reproducible snippet here?

OwenChen0911 commented 1 month ago

jsut try use websocket to connect the url

'wss://velnt-talo-ssb-pr.sportslottery.com.tw/notification/listen/026/x0te0aqn/websocket'

it would be failed....with 403

lexiforest commented 1 month ago

This is a perfect valid response from a server, possible causes can be:

You did not specify the credentials needed for this API endpoint
You did not provide some authentication header
Your IP address was banned

Feel free to reopen the issue if you have more details to provide. At least we need to know when this particular URL works and what is the expected behavior.

lexiforest commented 1 month ago

Moreover, curl_cffi provides impersonation support, but impersonation alone is only one factor in many WAF services, e.g. Cloudflare. It's your responsibility to verify that the impersonation is not correct, then we can fix that issue. To bypass the cloudflare anti-bot machanism is beyond the scope of this project.