spectreq 0.1.1

High-efficiency HTTP client with browser impersonation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178

# Architecture

This document describes the internal architecture of the Spectreq HTTP client library.

## Overview

Spectreq is a Rust HTTP client designed for browser impersonation and anti-bot detection bypass. It provides accurate TLS, HTTP/2, and TCP fingerprinting to mimic real browsers.

```mermaid
graph TB
    subgraph "Public API"
        Client[Client]
        Profile[Profile]
    end
    
    subgraph "Core Layer"
        TLS[TLS Configuration]
        HTTP2[HTTP/2 Settings]
        TCP[TCP Configuration]
        JA4[JA4 Fingerprinting]
    end
    
    subgraph "Client Layer"
        Auth[Authentication]
        Cache[Caching]
        Cookies[Cookie Jar]
        Compression[Compression]
        Middleware[Middleware]
    end
    
    subgraph "Transport"
        Hyper[Hyper HTTP]
        Rustls[Rustls TLS]
        Quinn[Quinn HTTP/3]
    end
    
    Client --> Profile
    Profile --> TLS
    Profile --> HTTP2
    Profile --> TCP
    
    Client --> Auth
    Client --> Cache
    Client --> Cookies
    Client --> Compression
    Client --> Middleware
    
    Client --> Hyper
    TLS --> Rustls
    Client -.-> Quinn
```

## Module Structure

```
spectreq/
├── src/
│   ├── lib.rs              # Public API re-exports
│   ├── core/               # Core fingerprinting
│   │   ├── mod.rs
│   │   ├── profile.rs      # Browser profiles
│   │   ├── tls.rs          # TLS configuration
│   │   ├── tcp.rs          # TCP settings
│   │   ├── ja4.rs          # JA4 fingerprinting
│   │   ├── headers.rs      # Header ordering
│   │   ├── ech.rs          # Encrypted Client Hello
│   │   └── error.rs        # Error types
│   │
│   └── client/             # HTTP client implementation
│       ├── mod.rs
│       ├── client.rs       # Main client
│       ├── auth.rs         # Authentication
│       ├── cache.rs        # Response caching
│       ├── cookies.rs      # Cookie management
│       ├── compression.rs  # Decompression
│       ├── metrics.rs      # Request timing
│       ├── middleware.rs   # Middleware chain
│       ├── proxy.rs        # Proxy support
│       └── session.rs      # Session persistence
│
└── spectreq-py/            # Python bindings
    └── src/
        ├── lib.rs          # PyO3 module
        ├── profile.rs      # Profile bindings
        └── client.rs       # Client bindings
```

## Core Components

### Profile System

Profiles encapsulate all browser-specific configuration:

| Component | Description |
|-----------|-------------|
| TLS Config | Cipher suites, extensions, ALPN, GREASE |
| HTTP/2 Settings | Window size, concurrent streams, header table |
| TCP Config | TTL, window size, keepalive |
| Headers | Ordered headers for JA4H fingerprinting |
| Client Hints | Sec-CH-UA-* headers |

### TLS Fingerprinting

The TLS layer ensures the ClientHello matches real browsers:

1. **Cipher Suite Order**: Matches browser preference
2. **Extensions**: Correct order and values
3. **GREASE**: Chrome uses GREASE, Firefox doesn't
4. **ALPN**: h2, http/1.1 negotiation
5. **Post-Quantum**: X25519Kyber768 for Chrome 131+

### JA4 Fingerprint Generation

JA4 fingerprints are generated from:
- Protocol version (t = TLS)
- SNI present flag (d/i)
- Cipher count
- Extension count  
- ALPN first value
- Cipher hash (truncated)
- Extension hash (truncated)

## Request Flow

```mermaid
sequenceDiagram
    participant App as Application
    participant Client as Client
    participant MW as Middleware
    participant TLS as TLS Layer
    participant Server as Server

    App->>Client: request(url)
    Client->>MW: pre-process request
    MW->>MW: rate limit, logging
    Client->>TLS: build TLS config
    TLS->>TLS: apply profile fingerprint
    Client->>Server: HTTP request
    Server->>Client: HTTP response
    Client->>MW: post-process response
    MW->>MW: metrics, caching
    Client->>App: response
```

## Python Bindings

The Python bindings use PyO3 to expose a Python-native async API:

```python
from spectreq import Client, Profile

async def example():
    profile = Profile.chrome_143_windows()
    client = Client(profile=profile)
    response = await client.get("https://example.com")
    print(response.json())
```

The bindings translate between Python and Rust types, using `pyo3-async-runtimes` for async conversion.

## Feature Flags

| Feature | Description | Dependencies |
|---------|-------------|--------------|
| `post-quantum` | X25519Kyber768 key exchange | rustls-post-quantum |
| `ech` | Encrypted Client Hello | reqwest (for ECH config fetch) |
| `http3` | HTTP/3 support | quinn, h3, h3-quinn |

## Performance Considerations

1. **Connection Pooling**: HTTP/2 connections are reused
2. **Compression**: Automatic Brotli/Gzip/Zstd decompression
3. **Caching**: In-memory cache with Cache-Control support
4. **Zero-Copy**: Streaming responses where possible

## Security Considerations

See [SECURITY.md](./SECURITY.md) for security policies and practices.