Development Status
- 4 - Beta
Intended Audience
- Developers
Programming Language
- Python :: 3
- Python :: 3.10
- Python :: 3.11
- Python :: 3.12
- Python :: 3.13
- Python :: 3.14
- Python :: Free Threading
curl_cffi
Python binding for curl-impersonate fork via cffi. For commercial support, visit impersonate.pro.
curl_cffi is the most popular Python binding for curl. Unlike other pure
python http clients like httpx or requests, curl_cffi can impersonate
browsers' TLS/JA3 and HTTP/2 fingerprints. If you are blocked by some
website for no obvious reason, you can give curl_cffi a try.
Python 3.10 is the minimum supported version since v0.14.
Recent highlights
- π¨ http/3 fingerprints and UDP socks5 proxy support was added in
v0.15.0! - π¦ Added
curl-cffiCLI and skills for debugging and for claws/agents.
Recall.ai - API for meeting recordings
If youβre looking for a meeting recording API, consider checking out Recall.ai, an API that records Zoom, Google Meet, Microsoft Teams, in-person meetings, and more.
Residential Proxies
Thordata: A reliable and cost-effective proxy service provider. One-click collection of public network data, providing enterprises and developers with stable, efficient, and compliant global proxy IP services. Register for a free trial of residential proxies and receive 2000 free SERP API calls.
Sponsors
Maintenance of this project is made possible by all the contributors and sponsors. If you'd like to sponsor this project and have your avatar or company logo appear below click here. π
Bypass Cloudflare with API
Yescaptcha is a proxy service that bypasses Cloudflare and uses the API interface to
obtain verified cookies (e.g. cf_clearance). Click here
to register: https://yescaptcha.com/i/stfnIO
TLS fingerprinting alone isn't enough for modern bot protection. Hyper Solutions provides the missing piece - API endpoints that generate valid antibot tokens for:
Akamai β’ DataDome β’ Kasada β’ Incapsula
No browser automation. Just simple API calls that return the exact cookies and headers these systems require.
π Get Your API Key | π Docs | π¬ Discord
Features
- Supports JA3/TLS and http2 fingerprints impersonation, including recent browsers and custom fingerprints.
- Much faster than requests/httpx, on par with aiohttp/pycurl, see benchmarks.
- Mimics the requests API, no need to learn another one.
- Pre-compiled, so you don't have to compile on your machine.
- Supports
asynciowith proxy rotation on each request. - Supports http 2.0, which requests does not.
- Supports http 3.0, with fingerprints and udp proxy.
- Supports websocket.
- MIT licensed.
| requests | aiohttp | httpx | pycurl | curl_cffi | |
|---|---|---|---|---|---|
| http/2 | β | β | β | β | β |
| http/3 | β | β | β | βοΈ1 | β 2 |
| sync | β | β | β | β | β |
| async | β | β | β | β | β |
| websocket | β | β | β | β | β |
| native retry | β | β | β | β | β |
| fingerprints | β | β | β | β | β |
| speed | π | ππ | π | ππ | ππ |
Notes:
- For pycurl, http/3 is usually disabled at compile time by default.
- http/3 support since v0.11.4, http/3 proxy and fingerprints since v0.15.0.
curl-cffi CLI(new)
Since v0.15, curl_cffi comes with a CLI called curl-cffi, you can use it for debugging
a certain url with the --impersonate option. It can also serve as a web_fetch
replacement for "claws" and "agents".
| curl | httpie | curl-cffi | |
|---|---|---|---|
| http/2 | β | β | β |
| http/3 | βοΈ1 | β | β |
| human-friendly | βοΈ2 | β | β |
| colorful | β | β | β |
| fingerprints | β | β | β |
Notes:
- You need an http/3 enabled curl build, it's not enabled by default, at leat on my machine.
- As a long time command line user, I personally feel very comfortable using
curl -X POST httpbin.org, but some users may preferhttp GET httpbin.orgsyntax. If you prefer the curl syntax, you can keep usingcurl-impersonate.
Install
pip install curl_cffi --upgrade
This should work on Linux, macOS and Windows out of the box.
If it does not work on you platform, you may need to compile and install curl-impersonate
first and set some environment variables like LD_LIBRARY_PATH.
Android support, including Termux, is currently in beta, you can install the beta release for testing. For BSD systems, we need to get libcurl-impersonate compile first, and then add support in curl_cffi. If you are using these OSes, please lend an hand.
To install beta releases:
pip install curl_cffi --upgrade --pre
To install unstable version from GitHub:
git clone https://github.com/lexiforest/curl_cffi/
cd curl_cffi
make preprocess
pip install .
Usage
curl_cffi comes with a low-level curl API and a high-level requests-like API.
curl_cffi also bundles with a CLI called curl-cffi.
CLI
curl-cffi get tls.browserleaks.com/json
# curl-cffi can be hard to type, use an alias if you want
alias imp=curl-cffi
imp get tls.browserleaks.com/json --impersonate chrome
For a complete CLI guide, see docs.
requests-like
import curl_cffi
# Notice the impersonate parameter
r = curl_cffi.get("https://tls.browserleaks.com/json", impersonate="chrome")
print(r.json())
# output: {..., "ja3n_hash": "aa56c057ad164ec4fdcb7a5a283be9fc", ...}
# the js3n fingerprint should be the same as target browser
# To keep using the latest browser version as `curl_cffi` updates,
# simply set impersonate="chrome" without specifying a version.
# Other similar values are: "safari" and "safari_ios"
r = curl_cffi.get("https://tls.browserleaks.com/json", impersonate="chrome")
# Use http/3 with impersonation
r = curl_cffi.get(
"https://fp.impersonate.pro/api/http3",
http_version="v3",
impersonate="chrome"
)
# Randomly choose a browser version based on current market share in real world
# from: https://caniuse.com/usage-table
# NOTE: this is a pro feature.
r = curl_cffi.get("https://example.com", impersonate="realworld")
# To pin a specific version, use version numbers together.
r = curl_cffi.get("https://tls.browserleaks.com/json", impersonate="chrome124")
# To impersonate other than browsers, bring your own ja3/akamai strings
# See examples directory for details.
r = curl_cffi.get("https://tls.browserleaks.com/json", ja3=..., akamai=...)
# http/socks proxies are supported
proxies = {"https": "http://localhost:3128"}
r = curl_cffi.get("https://tls.browserleaks.com/json", impersonate="chrome", proxies=proxies)
proxies = {"https": "socks://localhost:3128"}
r = curl_cffi.get("https://tls.browserleaks.com/json", impersonate="chrome", proxies=proxies)
Sessions
s = curl_cffi.Session()
# httpbin is a http test website, this endpoint makes the server set cookies
s.get("https://httpbin.org/cookies/set/foo/bar")
print(s.cookies)
# <Cookies[<Cookie foo=bar for httpbin.org />]>
# retrieve cookies again to verify
r = s.get("https://httpbin.org/cookies")
print(r.json())
# {'cookies': {'foo': 'bar'}}
Supported impersonate browsers
curl_cffi supports the same browser versions as supported by my fork of curl-impersonate:
Open source version of curl_cffi includes versions whose fingerprints differ from previous versions.
If you see a version, e.g. chrome135, were skipped, you can simply impersonate it with your own headers and the previous version.
If you don't want to look up the headers etc, by yourself, consider buying commercial support from impersonate.pro, we have comprehensive browser fingerprints database for almost all the browser versions on various platforms.
If you are trying to impersonate a target other than a browser, use ja3=... and akamai=...
to specify your own customized fingerprints. See the docs on impersonation for details.
| Browser | Open Source | Pro version |
|---|---|---|
| Chrome | chrome99, chrome100, chrome101, chrome104, chrome107, chrome110, chrome116[1], chrome119[1], chrome120[1], chrome123[3], chrome124[3], chrome131[4], chrome133a[5][6], chrome136[6], chrome142, chrome145[9], chrome146[9] | chrome132, chrome134, chrome135 |
| Chrome Android | chrome99_android, chrome131_android [4] | chrome132_android, chrome133_android, chrome134_android, chrome135_android |
| Chrome iOS | N/A | coming soon |
| Safari [7] | safari153 [2], safari155 [2], safari170 [1], safari180 [4], safari184 [6], safari260 [8] | coming soon |
| Safari iOS [7] | safari172_ios[1], safari180_ios[4], safari184_ios [6], safari260_ios [8] | coming soon |
| Firefox | firefox133[5], firefox135[7], firefox144, firefox147[9] | coming soon |
| Firefox Android | N/A | firefox135_android |
| Tor | tor145 [7] | coming soon |
| Edge | edge99, edge101 | edge133, edge135 |
| Opera | N/A | coming soon |
| Brave | N/A | coming soon |
Notes:
- Added in version
0.6.0. - Fixed in version
0.6.0, previous http2 fingerprints were not correct. - Added in version
0.7.0. - Added in version
0.8.0. - Added in version
0.9.0. - The version postfix
-a(e.g.chrome133a) means that this is an alternative version, i.e. the fingerprint has not been officially updated by browser, but has been observed because of A/B testing. - Added in version
0.10.0. - Added in version
0.11.0. - Since
0.11.0, the formatsafari184_iosis preferred oversafari18_4_ios, both are supported, but the latter is quite confusing and hard to parse. - Added in
0.12.0. - http3 support included.
Asyncio
from curl_cffi import AsyncSession
async with AsyncSession() as s:
r = await s.get("https://example.com")
More concurrency:
import asyncio
from curl_cffi import AsyncSession
urls = [
"https://google.com/",
"https://facebook.com/",
"https://twitter.com/",
]
async with AsyncSession() as s:
tasks = []
for url in urls:
task = s.get(url)
tasks.append(task)
results = await asyncio.gather(*tasks)
For low-level APIs, Scrapy integration and other advanced topics, see the docs for more details.
WebSockets
from curl_cffi import WebSocket
def on_message(ws: WebSocket, message: str | bytes):
print(message)
ws = WebSocket(on_message=on_message)
ws.run_forever("wss://api.gemini.com/v1/marketdata/BTCUSD")
Asyncio WebSockets
import asyncio
from curl_cffi import AsyncSession
async with AsyncSession() as session:
async with session.ws_connect("wss://echo.websocket.org") as ws:
await asyncio.gather(*[ws.send_str("Hello, World!") for _ in range(10)])
async for message in ws:
print(message)
Ecosystem
- Integrating with Scrapy: divtiply/scrapy-curl-cffi, jxlil/scrapy-impersonate and tieyongjie/scrapy-fingerprint.
- Integrating with requests, httpx as adapter.
- Integrating with captcha resolvers: YesCaptcha. Please see the head area for promo code and link.
Acknowledgement
- Originally forked from multippt/python_curl_cffi, which is under the MIT license.
- Headers/Cookies files are copied from httpx, which is under the BSD license.
- Asyncio support is inspired by Tornado's curl http client.
- The synchronous WebSocket API is inspired by websocket_client.
- The asynchronous WebSocket API is inspired by aiohttp.
Contributing
When submitting an PR, please use a different branch other than main and check the
"Allow edits by maintainers" box, so I can update your PR with lint or style fixes. Thanks!
AI Policy
- Using AI is neither encouraged nor discouraged, use it by your own choice.
- The bottom line here is that every line of code should be reviewed by human, and should be proven to work.
- It's not guaranteed that AI will come up with the cleanest solution, you are responsible to guide it to the right way you know.
- Fix any lint errors, make sure your code follows the established convention in this project.
- LLM tends to generate extensive or none comments, revise the comments and make sure they are concise and helpful.
- It's absolutely not acceptable to generate the entire PR summary by LLM. To communicate with other human, use words from a human.
- The only acceptable exception is to fix grammar issues if you are not a native English speaker.
- The essence here is to keep Human in the loop
You can even feed the policy above to your "copilot" to let it adjust the style for you. :P
