Hi! Love rnet's protocol-level emulation approach! I found one issue with the Chrome136 profile.
The Issue
Real Chrome 136 sends 5 HTTP/2 SETTINGS during connection:
HEADER_TABLE_SIZE = 65536
ENABLE_PUSH = 0
INITIAL_WINDOW_SIZE = 6291456
MAX_HEADER_LIST_SIZE = 262144
UNKNOWN_SETTING_31386 = 3814263365 ← Missing in rnet
rnet Chrome136 only sends the first 4. This causes different HTTP/2 Akamai fingerprint hashes:
- Real browser:
bad541c167b7b74e8b573127ea385fcb
- rnet:
52d84b11737d980aef856699f885ca86
Impact
Akamai-protected sites can detect this instantly since they fingerprint the HTTP/2 SETTINGS frame.
Test Code
import rnet
from datetime import timedelta
client = rnet.blocking.Client(emulation=rnet.Emulation.Chrome136)
response = client.get('https://tls.peet.ws/api/all', timeout=timedelta(seconds=30))
data = response.json()
print(data['http2']['akamai_fingerprint'])
# Missing the :3814263365 part that real Chrome hasEnvironment
- rnet: 3.0.0rc16
- Python: 3.13
Note
Your TLS fingerprint is spot-on! Just this one HTTP/2 setting needs to be added. This setting appeared in Chrome 130+ and is used by Akamai for bot detection.
Happy to provide more test data if needed. Thanks for the awesome library!
Hi! Love rnet's protocol-level emulation approach! I found one issue with the Chrome136 profile.
The Issue
Real Chrome 136 sends 5 HTTP/2 SETTINGS during connection:
rnet Chrome136 only sends the first 4. This causes different HTTP/2 Akamai fingerprint hashes:
bad541c167b7b74e8b573127ea385fcb52d84b11737d980aef856699f885ca86Impact
Akamai-protected sites can detect this instantly since they fingerprint the HTTP/2 SETTINGS frame.
Test Code
Environment
Note
Your TLS fingerprint is spot-on! Just this one HTTP/2 setting needs to be added. This setting appeared in Chrome 130+ and is used by Akamai for bot detection.
Happy to provide more test data if needed. Thanks for the awesome library!