Skip to main content

Crate zendriver_imperva

Crate zendriver_imperva 

Source
Expand description

Imperva WAF / Incapsula bypass for zendriver.

See the Imperva chapter of the zendriver-rs user guide for end-to-end usage, surface variants, and CAPTCHA-callback recipes.

Stealth required. Imperva’s reese84 sensor is itself a browser fingerprint check. Run with BrowserBuilder::stealth enabled or this bypass will fail on nearly all real Imperva-protected sites.

§Limitations

This crate observes the page; it does not modify Imperva’s response. A ClearanceOutcome::TokenAcquired result means the JS challenge completed and the reese84 cookie landed — it does not guarantee the next request will be accepted. Imperva runs a second validation pass on every request that ships the token; if its scoring of the fingerprint collected during the challenge falls below threshold, the next request returns a 403 challenge page with edet=15 / B15(x,y,z) (general bot protection). Root causes for that are upstream of this crate:

  • Browser stealth gaps. Missing fingerprint shim — canvas, audio, WebGL, client hints — leaks “automation” even when the challenge JS itself runs to completion.
  • IP reputation. Residential / datacenter pools flagged at the edge return B15 before the JS challenge runs at all.
  • UA-vs-binary drift. Claiming Chrome 146 from a Chromium 148 binary leaks JS-API behavior inconsistent with the claimed version.

If ImpervaBypass::wait_for_clearance returns TokenAcquired but subsequent requests still hit edet=15, look upstream — the fingerprint the browser emitted is the problem, not the clearance detection.

Most users go through zendriver’s Tab::imperva() (feature-gated) rather than constructing the bypass directly. The ImpervaBypass type is the underlying driver.

use std::time::Duration;
use zendriver_imperva::{ClearanceOutcome, ImpervaBypass};

let outcome = ImpervaBypass::new(tab)
    .timeout(Duration::from_secs(30))
    .wait_for_clearance()
    .await?;
match outcome {
    ClearanceOutcome::TokenAcquired { reese84, .. } => {
        println!("token: {reese84}")
    }
    ClearanceOutcome::ChallengeGone => println!("legacy cleared"),
    ClearanceOutcome::AlreadyClear => println!("no challenge present"),
    ClearanceOutcome::TimedOut { last_surface } => {
        println!("timed out; last_surface = {last_surface:?}")
    }
}

Re-exports§

pub use bypass::ClearanceOutcome;
pub use bypass::ImpervaBypass;
pub use captcha::CaptchaChallenge;
pub use captcha::CaptchaSolution;
pub use detection::CaptchaKind;
pub use detection::CookieSnapshot;
pub use detection::DetectionSnapshot;
pub use detection::ImpervaSurface;
pub use detection::detect_surface;
pub use error::ImpervaError;

Modules§

bypass
Imperva bypass driver.
captcha
CAPTCHA escalation path: types passed to / returned from the caller-supplied solver, plus the small CDP helpers that probe the page for the embed’s site key and inject the solver’s response back into the form field. Kept out of bypass.rs so that file stays focused on the poll loop.
detection
Imperva surface detection.
error
Imperva-bypass errors.