nab 0.3.0

Ultra-minimal browser engine with JS support, HTTP/3, cookie auth, passkeys, and anti-fingerprinting
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184

# MicroFetch

[![Rust](https://img.shields.io/badge/rust-1.93+-blue.svg)](https://www.rust-lang.org)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

Ultra-minimal browser engine with HTTP/3, JS support, cookie auth, passkeys, and anti-fingerprinting. Optimized for LLM token efficiency.

**Smart Defaults**: Auto-detects browser cookies, outputs markdown, zero configuration needed.

## Features

- **Zero Friction**: Auto-detects default browser (Dia, Brave, Chrome, Firefox, Safari, Edge) and uses cookies automatically
- **Token-Optimized**: Markdown output by default (25× savings vs HTML)
- **HTTP Acceleration**: HTTP/2 multiplexing, HTTP/3 (QUIC) with 0-RTT, TLS 1.3, Brotli/Zstd compression
- **Browser Fingerprinting**: Realistic Chrome/Firefox/Safari profiles to avoid detection
- **Authentication**:
  - Auto browser cookie extraction (default)
  - 1Password CLI integration
  - Apple Keychain password retrieval
  - Browser password storage (Chromium-based)
- **JavaScript**: QuickJS engine with minimal DOM (ES2020 support)
- **SPA Extraction**: 80% success rate across Next.js, React, Nuxt, Vue apps
- **Streaming**: HLS/DASH streaming with native and ffmpeg backends
- **Video/Audio Analysis**: Transcription, annotation, and subtitle generation
- **WebSocket**: Full WebSocket support with JSON-RPC convenience layer
- **Prefetching**: Early Hints (103) support, link hint extraction
- **Cross-Platform**: Works on macOS, Linux, and Windows. Cookie extraction has the broadest browser support on macOS.

## Requirements

- **Rust 1.93+**
- **ffmpeg** (optional, for streaming/analyze/annotate commands): `brew install ffmpeg` / `apt install ffmpeg`
- **1Password CLI** (optional, for credential integration): [Install guide](https://developer.1password.com/docs/cli/get-started/)

## Installation

```bash
cargo install --path .
```

## Usage

### Fetch a URL
```bash
# Basic fetch (auto-detects browser cookies, outputs markdown)
nab fetch https://example.com

# Disable cookies
nab fetch https://example.com --cookies none

# Force specific browser
nab fetch https://example.com --cookies brave

# Raw HTML output (disable markdown)
nab fetch https://example.com --raw-html

# With 1Password credentials
nab fetch https://example.com --1password
```

### Extract Data from SPAs (React, Next.js, Vue, Nuxt)
```bash
# Auto-extracts embedded JSON (__NEXT_DATA__, __NUXT__, window state)
# 80% success rate, auto-cookies, 5s wait, fetch logging
nab spa https://nextjs-app.com

# Extract specific JSON path
nab spa https://nextjs-app.com --extract "props.pageProps.data"

# Structure summary
nab spa https://nextjs-app.com --summary
```

### Streaming (HLS/DASH)
```bash
# Stream to player
nab stream generic https://example.com/master.m3u8 vlc

# Stream to file with duration limit
nab stream generic https://example.com/master.m3u8 file --duration 60
```

### Video/Audio Analysis
```bash
# Transcribe and analyze media
nab analyze video.mp4

# Add subtitle annotations
nab annotate video.mp4
```

### Benchmark
```bash
nab bench "https://example.com,https://httpbin.org/get" -i 10
```

### Generate Browser Fingerprints
```bash
nab fingerprint -c 5
```

### Test 1Password Integration
```bash
nab auth https://github.com
```

### Token-Optimized Output (LLM-friendly)
```bash
# Markdown output (default, 25× token savings)
nab fetch https://example.com

# Compact format: STATUS SIZE TIME
nab fetch https://api.example.com --format compact
# 200 1234B 45ms

# JSON format for parsing
nab fetch https://api.example.com --format json

# Save full body to file (bypasses truncation)
nab fetch https://example.com --output body.html

# Raw HTML (disable markdown conversion)
nab fetch https://example.com --raw-html
```

### Custom Headers & Session Warmup
```bash
# Add custom headers (API access)
nab fetch https://api.example.com \
  --add-header "Accept: application/json" \
  --add-header "X-Custom: value"

# Auto-add Referer header
nab fetch https://api.example.com --auto-referer

# Warmup session first (for APIs requiring prior page load)
nab fetch https://api.example.com/data \
  --cookies brave \
  --warmup-url https://example.com/dashboard
```

### Get OTP Codes
```bash
nab otp github.com
```

### Validate All Features
```bash
nab validate
```

## Library Usage

```rust
use nab::AcceleratedClient;

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    let client = AcceleratedClient::new()?;
    let html = client.fetch_text("https://example.com").await?;
    println!("Fetched {} bytes", html.len());
    Ok(())
}
```

## HTTP/3 Support

HTTP/3 is enabled by default. To disable:

```bash
cargo build --no-default-features --features cli
```

## Responsible Use

This tool includes browser cookie extraction and fingerprint spoofing capabilities. These features are intended for legitimate use cases such as accessing your own authenticated content and automated testing. Use responsibly and only on sites where you have authorization.

## License

MIT License - see [LICENSE](LICENSE) for details.

## Credits

Created by [Mikko Parkkola](https://github.com/MikkoParkkola)