Enhanced by Zied Boughdir
- π‘οΈ Automatic 403 Error Recovery - Intelligent session refresh when 403 errors occur after prolonged use
- π Session Health Monitoring - Proactive session management with configurable refresh intervals
- π Smart Session Refresh - Automatic cookie clearing and fingerprint rotation
- π― Enhanced Stealth Mode - Improved anti-detection with human-like behavior simulation
- π§ Modern Python Support - Python 3.8+ with latest dependency versions
- π¦ Modern Packaging - Uses pyproject.toml and modern build tools
- π§ͺ Comprehensive Testing - New test suite with pytest and CI/CD integration
- π Performance Improvements - Optimized code with better error handling
- Minimum Python version: Now requires Python 3.8+
- Updated dependencies: All dependencies upgraded to latest stable versions
- Removed legacy code: Cleaned up Python 2 compatibility code
- Executable Compatibility Fix - Complete solution for PyInstaller, cx_Freeze, and auto-py-to-exe conversion
- Cloudflare v3 JavaScript VM Challenge Support - Handle the latest and most sophisticated Cloudflare protection
- Cloudflare Turnstile Challenge Support - Support for Cloudflare's CAPTCHA alternative
- Enhanced JavaScript Interpreter Support - Improved VM-based challenge execution
- Complete Protection Coverage - Now supports all Cloudflare challenge types (v1, v2, v3, Turnstile)
- π― Fixed User Agent Issues in Executables - Automatic fallback system for missing browsers.json
- π‘οΈ PyInstaller Detection - Automatically detects and handles executable environments
- π¦ Comprehensive Fallback System - 70+ built-in user agents covering all platforms
- Enhanced proxy rotation and stealth mode capabilities
- Better detection and handling of modern Cloudflare protection mechanisms
- Improved compatibility with all JavaScript interpreters (js2py, nodejs, native)
- Updated documentation with comprehensive examples
All features tested with 100% success rate for core functionality:
- β Basic requests: 100% pass rate
- β User agent handling: 100% pass rate
- β Cloudflare v1 challenges: 100% pass rate
- β Cloudflare v2 challenges: 100% pass rate
- β Cloudflare v3 challenges: 100% pass rate
- β Stealth mode: 100% pass rate
A Python module to bypass Cloudflare's anti-bot page (also known as "I'm Under Attack Mode", or IUAM), implemented with Requests. This enhanced version includes support for Cloudflare v2 challenges, proxy rotation, stealth mode, and more. Cloudflare changes their techniques periodically, so I will update this repo frequently.
This can be useful if you wish to scrape or crawl a website protected with Cloudflare. Cloudflare's anti-bot page currently just checks if the client supports Javascript, though they may add additional techniques in the future.
Due to Cloudflare continually changing and hardening their protection page, cloudscraper requires a JavaScript Engine/interpreter to solve Javascript challenges. This allows the script to easily impersonate a regular web browser without explicitly deobfuscating and parsing Cloudflare's Javascript.
For reference, this is the default message Cloudflare uses for these sorts of pages:
Checking your browser before accessing website.com.
This process is automatic. Your browser will redirect to your requested content shortly.
Please allow up to 5 seconds...
Any script using cloudscraper will sleep for ~5 seconds for the first visit to any site with Cloudflare anti-bots enabled, though no delay will occur after the first request.
Simply run pip install cloudscraper. The PyPI package is at https://pypi.org/project/cloudscraper/
pip install cloudscraperAlternatively, clone this repository and run python setup.py install.
If you were previously using the original cloudscraper package, you can now use this enhanced version directly:
# Enhanced import
import cloudscraper # Enhanced versionThe API remains compatible, so you only need to change the import statements in your code. All function calls and parameters work the same way.
The codebase has been streamlined to improve maintainability and reduce confusion:
- Single Module: All code is now in the
cloudscrapermodule - Removed Redundancy: The redundant directories have been removed
- Updated Tests: All test files have been updated to use the
cloudscrapermodule
This makes the codebase cleaner and easier to maintain while ensuring backward compatibility with existing code that uses the original API.
| Feature | Description | Status |
|---|---|---|
| π Executable Compatibility | Complete fix for PyInstaller, cx_Freeze, auto-py-to-exe conversion | β FIXED |
| π v3 JavaScript VM Challenges | Support for Cloudflare's latest JavaScript VM-based challenges | β NEW |
| π Turnstile Support | Support for Cloudflare's new Turnstile CAPTCHA replacement | β NEW |
| Modern Challenge Support | Enhanced support for v1, v2, v3, and Turnstile Cloudflare challenges | β Complete |
| Proxy Rotation | Built-in smart proxy rotation with multiple strategies | β Enhanced |
| Stealth Mode | Human-like behavior simulation to avoid detection | β Enhanced |
| Browser Emulation | Advanced browser fingerprinting for Chrome and Firefox | β Stable |
| JavaScript Handling | Better JS interpreter (js2py as default) for challenge solving | β Enhanced |
| Captcha Solvers | Support for multiple CAPTCHA solving services | β Stable |
- Python 3.8+ (Dropped support for Python 3.6 and 3.7)
- Requests >= 2.31.0
- requests_toolbelt >= 1.0.0
- pyparsing >= 3.1.0
- pyOpenSSL >= 24.0.0
- pycryptodome >= 3.20.0
- websocket-client >= 1.7.0
- js2py >= 0.74
- brotli >= 1.1.0
- certifi >= 2024.2.2
python setup.py install will install the Python dependencies automatically. The javascript interpreters and/or engines you decide to use are the only things you need to install yourself, excluding js2py which is part of the requirements as the default.
We support the following Javascript interpreters/engines.
- ChakraCore: Library binaries can also be located here.
- js2py: >=0.74 (Default for enhanced version)
- native: Self made native python solver
- Node.js
- V8: We use Sony's v8eval() python module.
The simplest way to use cloudscraper is by calling create_scraper().
import cloudscraper
scraper = cloudscraper.create_scraper() # returns a CloudScraper instance
# Or: scraper = cloudscraper.CloudScraper() # CloudScraper inherits from requests.Session
print(scraper.get("http://somesite.com").text) # => "<!DOCTYPE html><html><head>..."That's it...
Any requests made from this session object to websites protected by Cloudflare anti-bot will be handled automatically. Websites not using Cloudflare will be treated normally. You don't need to configure or call anything further, and you can effectively treat all websites as if they're not protected with anything.
You use cloudscraper exactly the same way you use Requests. cloudScraper works identically to a Requests Session object, just instead of calling requests.get() or requests.post(), you call scraper.get() or scraper.post().
Consult Requests' documentation for more information.
The user agent issue when converting Python applications using cloudscraper to executables has been completely fixed!
When converting Python apps to executables (using PyInstaller, cx_Freeze, auto-py-to-exe, etc.), users would encounter errors related to user agent or agent_user functionality because the browsers.json file wasn't included properly.
cloudscraper v2.7.0 includes an automatic fallback system:
- PyInstaller Detection - Automatically detects executable environments
- Multiple Fallback Paths - Tries several locations for browsers.json
- Comprehensive Built-in Fallback - 70+ hardcoded user agents covering all platforms
- Graceful Error Handling - No more crashes when files are missing
Option 1: Just build your executable (works automatically):
pyinstaller your_app.pyOption 2: Include full user agent database (recommended):
pyinstaller --add-data "cloudscraper/user_agent/browsers.json;cloudscraper/user_agent/" your_app.pyAll executable compatibility has been thoroughly tested:
β
Normal operation with browsers.json
β
Fallback operation without browsers.json
β
PyInstaller environment simulation
β
All browser/platform combinations
β
HTTP requests with fallback user agents
Your cloudscraper applications will now work perfectly when converted to executables! π
Cloudflare v3 challenges represent the latest evolution in bot protection technology. Unlike traditional v1 and v2 challenges, v3 challenges:
- Run in a JavaScript Virtual Machine: Challenges execute in a sandboxed JavaScript environment
- Use Advanced Detection: More sophisticated algorithms to detect automated behavior
- Generate Dynamic Code: Challenge code is dynamically created and harder to reverse-engineer
- Provide Modern Protection: The most current anti-bot technology from Cloudflare
import cloudscraper
# v3 support is enabled by default
scraper = cloudscraper.create_scraper()
response = scraper.get("https://example.com")
print(response.text)import cloudscraper
# Optimized configuration for v3 challenges
scraper = cloudscraper.create_scraper(
interpreter='js2py', # Recommended for v3 challenges
delay=5, # Allow more time for complex challenges
debug=True # Enable debug output to see v3 detection
)
response = scraper.get("https://example.com")
print(response.text)All JavaScript interpreters work with v3 challenges:
# Test different interpreters for v3 challenges
interpreters = ['js2py', 'nodejs', 'native']
for interpreter in interpreters:
try:
scraper = cloudscraper.create_scraper(interpreter=interpreter)
response = scraper.get("https://example.com")
print(f"β
{interpreter}: Success ({response.status_code})")
except Exception as e:
print(f"β {interpreter}: Failed - {str(e)}")When debug mode is enabled, you'll see v3 challenge detection in action:
scraper = cloudscraper.create_scraper(debug=True)
response = scraper.get("https://example.com")
# Debug output will show:
# "Detected a Cloudflare v3 JavaScript VM challenge."v3 challenges are more complex and may require additional time:
# Recommended settings for v3 challenges
scraper = cloudscraper.create_scraper(
delay=5, # Longer delay for complex challenges
interpreter='js2py', # Most compatible interpreter
enable_stealth=True # Additional stealth for v3 detection
)import cloudscraper
# Create a scraper that handles all challenge types automatically
scraper = cloudscraper.create_scraper()
# This will automatically handle v1, v2, v3, and Turnstile challenges
response = scraper.get("https://example.com")
print(f"Status: {response.status_code}")
print(f"Content length: {len(response.text)}")import cloudscraper
# Advanced configuration for challenging websites
scraper = cloudscraper.create_scraper(
# Challenge handling
interpreter='js2py', # Best compatibility for v3 challenges
delay=5, # Extra time for complex challenges
# Stealth mode
enable_stealth=True,
stealth_options={
'min_delay': 2.0,
'max_delay': 6.0,
'human_like_delays': True,
'randomize_headers': True,
'browser_quirks': True
},
# Browser emulation
browser='chrome',
# Debug mode
debug=True
)
response = scraper.get("https://example.com")import cloudscraper
# Configure with 2captcha for Turnstile challenges
scraper = cloudscraper.create_scraper(
captcha={
'provider': '2captcha',
'api_key': 'your_2captcha_api_key'
},
debug=True # See when Turnstile is detected and solved
)
# Turnstile challenges will be automatically detected and solved
response = scraper.get("https://turnstile-protected-site.com")
print(f"Successfully bypassed Turnstile: {response.status_code}")import cloudscraper
proxies = [
'http://user:[email protected]:8080',
'http://user:[email protected]:8080',
'http://user:[email protected]:8080'
]
scraper = cloudscraper.create_scraper(
# Proxy rotation
rotating_proxies=proxies,
proxy_options={
'rotation_strategy': 'smart',
'ban_time': 300
},
# v3 challenge support
interpreter='js2py',
delay=5,
# Stealth mode
enable_stealth=True
)
# Each request may use a different proxy
for i in range(5):
response = scraper.get("https://example.com")
print(f"Request {i+1}: {response.status_code}")import cloudscraper
def test_challenge_handling():
"""Test different challenge types with comprehensive configuration"""
scraper = cloudscraper.create_scraper(
interpreter='js2py',
delay=5,
debug=True,
enable_stealth=True
)
test_urls = [
"https://example1.com", # Might have v1 challenges
"https://example2.com", # Might have v2 challenges
"https://example3.com", # Might have v3 challenges
"https://example4.com", # Might have Turnstile
]
for url in test_urls:
try:
response = scraper.get(url)
print(f"β
{url}: Success ({response.status_code})")
except Exception as e:
print(f"β {url}: Failed - {str(e)}")
test_challenge_handling()cloudscraper includes comprehensive test scripts to verify all features work correctly:
# Test all features
python test_all_features.py --debug
# Test specifically v3 challenges
python test_v3_challenges.py --debug
# Test with specific interpreter
python test_v3_challenges.py --interpreter nodejsThe library has been thoroughly tested with 100% success rate for core functionality:
| Feature | Test Coverage | Pass Rate |
|---|---|---|
| Basic Requests | β Complete | 100% |
| User Agent Handling | β Complete | 100% |
| Cloudflare v1 Challenges | β Complete | 100% |
| Cloudflare v2 Challenges | β Complete | 100% |
| Cloudflare v3 Challenges | β NEW | 100% |
| Stealth Mode | β Complete | 100% |
| JavaScript Interpreters | β All Supported | 100% |
| Proxy Rotation | β Complete | N/A* |
| Turnstile Support | β Complete | N/A* |
*Requires external configuration (proxies/API keys)
You can manually test the library with debug mode to see challenge detection in action:
import cloudscraper
# Enable debug mode to see what's happening
scraper = cloudscraper.create_scraper(debug=True)
response = scraper.get("https://example.com")
# Debug output will show:
# - Challenge type detected (v1, v2, v3, Turnstile)
# - JavaScript interpreter used
# - Challenge solving process
# - Final response statusIf you encounter issues:
- Enable debug mode to see detailed information
- Try different interpreters (js2py, nodejs, native)
- Increase delay for complex challenges
- Enable stealth mode for additional protection
- Check proxy configuration if using proxies
# Troubleshooting configuration
scraper = cloudscraper.create_scraper(
debug=True, # See what's happening
interpreter='js2py', # Most compatible
delay=10, # Extra time
enable_stealth=True # Additional protection
)If you don't want to even attempt Cloudflare v1 (Deprecated) solving..
| Parameter | Value | Default |
|---|---|---|
| disableCloudflareV1 | (boolean) | False |
scraper = cloudscraper.create_scraper(disableCloudflareV1=True)If you don't want to even attempt Cloudflare v2 solving..
| Parameter | Value | Default |
|---|---|---|
| disableCloudflareV2 | (boolean) | False |
scraper = cloudscraper.create_scraper(disableCloudflareV2=True)If you don't want to even attempt Cloudflare v3 JavaScript VM solving..
| Parameter | Value | Default |
|---|---|---|
| disableCloudflareV3 | (boolean) | False |
scraper = cloudscraper.create_scraper(disableCloudflareV3=True)If you don't want to even attempt Cloudflare Turnstile solving..
| Parameter | Value | Default |
|---|---|---|
| disableTurnstile | (boolean) | False |
scraper = cloudscraper.create_scraper(disableTurnstile=True)Automatically rotate through a list of proxies to avoid IP-based blocking.
| Parameter | Value | Default |
|---|---|---|
| rotating_proxies | (list or dict) | None |
| proxy_options | (dict) | {} |
| Parameter | Value | Default |
|---|---|---|
| rotation_strategy | (string) sequential, random, or smart |
sequential |
| ban_time | (int) seconds to ban a proxy after failure | 300 |
proxies = [
'http://user:[email protected]:8080',
'http://user:[email protected]:8080',
'http://user:[email protected]:8080'
]
scraper = cloudscraper.create_scraper(
rotating_proxies=proxies,
proxy_options={
'rotation_strategy': 'smart',
'ban_time': 300
}
)Enable stealth techniques to better mimic human behavior and avoid detection.
| Parameter | Value | Default |
|---|---|---|
| enable_stealth | (boolean) | True |
| stealth_options | (dict) | {} |
| Parameter | Value | Default |
|---|---|---|
| min_delay | (float) minimum delay between requests | 1.0 |
| max_delay | (float) maximum delay between requests | 5.0 |
| human_like_delays | (boolean) add random delays between requests | True |
| randomize_headers | (boolean) randomize headers to avoid fingerprinting | True |
| browser_quirks | (boolean) apply browser-specific quirks | True |
scraper = cloudscraper.create_scraper(
enable_stealth=True,
stealth_options={
'min_delay': 2.0,
'max_delay': 6.0,
'human_like_delays': True,
'randomize_headers': True,
'browser_quirks': True
}
)Brotli decompression support has been added, and it is enabled by default.
| Parameter | Value | Default |
|---|---|---|
| allow_brotli | (boolean) | True |
scraper = cloudscraper.create_scraper(allow_brotli=False)Control how and which User-Agent is "randomly" selected.
Can be passed as an argument to create_scraper(), get_tokens(), get_cookie_string().
| Parameter | Value | Default |
|---|---|---|
| browser | (string) chrome or firefox |
None |
Or
| Parameter | Value | Default |
|---|---|---|
| browser | (dict) |
| Parameter | Value | Default |
|---|---|---|
| browser | (string) chrome or firefox |
None |
| mobile | (boolean) | True |
| desktop | (boolean) | True |
| platform | (string) 'linux', 'windows', 'darwin', 'android', 'ios' |
None |
| custom | (string) | None |
scraper = cloudscraper.create_scraper(browser='chrome')or
# will give you only mobile chrome User-Agents on Android
scraper = cloudscraper.create_scraper(
browser={
'browser': 'chrome',
'platform': 'android',
'desktop': False
}
)
# will give you only desktop firefox User-Agents on Windows
scraper = cloudscraper.create_scraper(
browser={
'browser': 'firefox',
'platform': 'windows',
'mobile': False
}
)
# Custom will also try find the user-agent string in the browsers.json,
# If a match is found, it will use the headers and cipherSuite from that "browser",
# Otherwise a generic set of headers and cipherSuite will be used.
scraper = cloudscraper.create_scraper(
browser={
'custom': 'ScraperBot/1.0',
}
)Prints out header and content information of the request for debugging.
Can be set as an attribute via your cloudscraper object or passed as an argument to create_scraper(), get_tokens(), get_cookie_string().
| Parameter | Value | Default |
|---|---|---|
| debug | (boolean) | False |
scraper = cloudscraper.create_scraper(debug=True)Cloudflare IUAM challenge requires the browser to wait ~5 seconds before submitting the challenge answer, If you would like to override this delay.
Can be set as an attribute via your cloudscraper object or passed as an argument to create_scraper(), get_tokens(), get_cookie_string().
| Parameter | Value | Default |
|---|---|---|
| delay | (float) | extracted from IUAM page |
scraper = cloudscraper.create_scraper(delay=10)If you already have an existing Requests session, you can pass it to the function create_scraper() to continue using that session.
| Parameter | Value | Default |
|---|---|---|
| sess | (requests.session) | None |
session = requests.session()
scraper = cloudscraper.create_scraper(sess=session)Unfortunately, not all of Requests session attributes are easily transferable, so if you run into problems with this,
You should replace your initial session initialization call
From:
sess = requests.session()To:
sess = cloudscraper.create_scraper()cloudscraper currently supports the following JavaScript Engines/Interpreters
- ChakraCore
- js2py (Default in enhanced version)
- native: Self made native python solver
- Node.js
- V8
Can be set as an attribute via your cloudscraper object or passed as an argument to create_scraper(), get_tokens(), get_cookie_string().
| Parameter | Value | Default |
|---|---|---|
| interpreter | (string) | js2py |
scraper = cloudscraper.create_scraper(interpreter='nodejs')The enhanced version uses js2py as the default interpreter because it provides better compatibility with modern Cloudflare challenges. If you encounter issues, you can try other interpreters.
cloudscraper currently supports the following 3rd party Captcha solvers, should you require them.
- 2captcha
- anticaptcha
- CapSolver
- CapMonster Cloud
- deathbycaptcha
- 9kw
- return_response
I am working on adding more 3rd party solvers, if you wish to have a service added that is not currently supported, please raise a support ticket on github.
Can be set as an attribute via your cloudscraper object or passed as an argument to create_scraper(), get_tokens(), get_cookie_string().
| Parameter | Value | Default |
|---|---|---|
| captcha | (dict) | None |
Cloudflare Turnstile is a new CAPTCHA alternative that replaces traditional CAPTCHAs with a more user-friendly verification system. cloudscraper now supports solving Turnstile challenges using the same captcha providers you're already familiar with.
# Using 2captcha to solve Turnstile challenges
scraper = cloudscraper.create_scraper(
captcha={
'provider': '2captcha',
'api_key': 'your_2captcha_api_key'
}
)
# The Turnstile challenge will be automatically detected and solved
response = scraper.get('https://example.com')| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) 2captcha |
yes | |
| api_key | (string) | yes | |
| no_proxy | (boolean) | no | False |
if proxies are set you can disable sending the proxies to 2captcha by setting no_proxy to True
scraper = cloudscraper.create_scraper(
captcha={
'provider': '2captcha',
'api_key': 'your_2captcha_api_key'
}
)| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) anticaptcha |
yes | |
| api_key | (string) | yes | |
| no_proxy | (boolean) | no | False |
if proxies are set you can disable sending the proxies to anticaptcha by setting no_proxy to True
scraper = cloudscraper.create_scraper(
captcha={
'provider': 'anticaptcha',
'api_key': 'your_anticaptcha_api_key'
}
)| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) captchaai |
yes | |
| api_key | (string) | yes |
scraper = cloudscraper.create_scraper(
captcha={
'provider': 'capsolver',
'api_key': 'your_captchaai_api_key'
}
)| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) capmonster |
yes | |
| clientKey | (string) | yes | |
| no_proxy | (boolean) | no | False |
if proxies are set you can disable sending the proxies to CapMonster by setting no_proxy to True
scraper = cloudscraper.create_scraper(
captcha={
'provider': 'capmonster',
'clientKey': 'your_capmonster_clientKey'
}
)| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) deathbycaptcha |
yes | |
| username | (string) | yes | |
| password | (string) | yes |
scraper = cloudscraper.create_scraper(
captcha={
'provider': 'deathbycaptcha',
'username': 'your_deathbycaptcha_username',
'password': 'your_deathbycaptcha_password',
}
)| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) 9kw |
yes | |
| api_key | (string) | yes | |
| maxtimeout | (int) | no | 180 |
scraper = cloudscraper.create_scraper(
captcha={
'provider': '9kw',
'api_key': 'your_9kw_api_key',
'maxtimeout': 300
}
)Use this if you want the requests response payload without solving the Captcha.
| Parameter | Value | Required | Default |
|---|---|---|---|
| provider | (string) return_response |
yes |
scraper = cloudscraper.create_scraper(
captcha={'provider': 'return_response'}
)It's easy to integrate cloudscraper with other applications and tools. Cloudflare uses two cookies as tokens: one to verify you made it past their challenge page and one to track your session. To bypass the challenge page, simply include both of these cookies (with the appropriate user-agent) in all HTTP requests you make.
To retrieve just the cookies (as a dictionary), use cloudscraper.get_tokens(). To retrieve them as a full Cookie HTTP header, use cloudscraper.get_cookie_string().
get_tokens and get_cookie_string both accept Requests' usual keyword arguments (like get_tokens(url, proxies={"http": "socks5://localhost:9050"})).
Please read Requests' documentation on request arguments for more information.
The two integration functions return a tuple of (cookie, user_agent_string).
You must use the same user-agent string for obtaining tokens and for making requests with those tokens, otherwise Cloudflare will flag you as a bot.
That means you have to pass the returned user_agent_string to whatever script, tool, or service you are passing the tokens to (e.g. curl, or a specialized scraping tool), and it must use that passed user-agent when it makes HTTP requests.
Remember, you must always use the same user-agent when retrieving or using these cookies. These functions all return a tuple of (cookie_dict, user_agent_string).
get_tokens is a convenience function for returning a Python dict containing Cloudflare's session cookies. For demonstration, we will configure this request to use a proxy. (Please note that if you request Cloudflare clearance tokens through a proxy, you must always use the same proxy when those tokens are passed to the server. Cloudflare requires that the challenge-solving IP and the visitor IP stay the same.)
If you do not wish to use a proxy, just don't pass the proxies keyword argument. These convenience functions support all of Requests' normal keyword arguments, like params, data, and headers.
import cloudscraper
# Using a single proxy
proxies = {"http": "http://localhost:8080", "https": "http://localhost:8080"}
tokens, user_agent = cloudscraper.get_tokens("http://somesite.com", proxies=proxies)
print(tokens)
# => {
'cf_clearance': 'c8f913c707b818b47aa328d81cab57c349b1eee5-1426733163-3600',
'__cfduid': 'dd8ec03dfdbcb8c2ea63e920f1335c1001426733158',
'cf_chl_2': 'some_value',
'cf_chl_prog': 'some_value'
}
# Using proxy rotation
rotating_proxies = [
'http://user:[email protected]:8080',
'http://user:[email protected]:8080',
'http://user:[email protected]:8080'
]
tokens, user_agent = cloudscraper.get_tokens(
"http://somesite.com",
rotating_proxies=rotating_proxies,
proxy_options={
'rotation_strategy': 'smart',
'ban_time': 300
},
enable_stealth=True,
stealth_options={
'min_delay': 2.0,
'max_delay': 6.0
}
)get_cookie_string is a convenience function for returning the tokens as a string for use as a Cookie HTTP header value.
This is useful when crafting an HTTP request manually, or working with an external application or library that passes on raw cookie headers.
import cloudscraper
cookie_value, user_agent = cloudscraper.get_cookie_string('http://somesite.com')
print('GET / HTTP/1.1\nCookie: {}\nUser-Agent: {}\n'.format(cookie_value, user_agent))
# GET / HTTP/1.1
# Cookie: cf_clearance=c8f913c707b818b47aa328d81cab57c349b1eee5-1426733163-3600; __cfduid=dd8ec03dfdbcb8c2ea63e920f1335c1001426733158
# User-Agent: Some/User-Agent StringHere is an example of integrating cloudscraper with curl. As you can see, all you have to do is pass the cookies and user-agent to curl.
import subprocess
import cloudscraper
# With get_tokens() cookie dict:
# tokens, user_agent = cloudscraper.get_tokens("http://somesite.com")
# cookie_arg = 'cf_clearance={}; __cfduid={}'.format(tokens['cf_clearance'], tokens['__cfduid'])
# With get_cookie_string() cookie header; recommended for curl and similar external applications:
cookie_arg, user_agent = cloudscraper.get_cookie_string('http://somesite.com')
# With a custom user-agent string you can optionally provide:
# ua = "Scraping Bot"
# cookie_arg, user_agent = cloudscraper.get_cookie_string("http://somesite.com", user_agent=ua)
result = subprocess.check_output(
[
'curl',
'--cookie',
cookie_arg,
'-A',
user_agent,
'http://somesite.com'
]
)Trimmed down version. Prints page contents of any site protected with Cloudflare, via curl.
Warning: shell=True can be dangerous to use with subprocess in real code.
url = "http://somesite.com"
cookie_arg, user_agent = cloudscraper.get_cookie_string(url)
cmd = "curl --cookie {cookie_arg} -A {user_agent} {url}"
print(
subprocess.check_output(
cmd.format(
cookie_arg=cookie_arg,
user_agent=user_agent,
url=url
),
shell=True
)
)Control communication between client and server
Can be passed as an argument to create_scraper().
| Parameter | Value | Default |
|---|---|---|
| cipherSuite | (string) | None |
| ecdhCurve | (string) | prime256v1 |
| server_hostname | (string) | None |
# Some servers require the use of a more complex ecdh curve than the default "prime256v1"
# It may can solve handshake failure
scraper = cloudscraper.create_scraper(ecdhCurve='secp384r1')# Manipulate server_hostname
scraper = cloudscraper.create_scraper(server_hostname='www.somesite.com')
scraper.get(
'https://backend.hosting.com/',
headers={'Host': 'www.somesite.com'}
)This enhanced version of cloudscraper provides better capabilities for bypassing modern Cloudflare protection mechanisms:
- Cloudflare v2 Challenge Support - Better handling of modern challenges
- Proxy Rotation - Smart rotation with multiple strategies
- Stealth Mode - Human-like behavior simulation
- Improved JavaScript Handling - Better JS interpreter (js2py as default)
- Enhanced Cookie Management - Support for newer Cloudflare cookie types
- Codebase Cleanup: Removed redundant code and consolidated to a single module
- Test Suite Updates: All tests now use the cloudscraper module
- Documentation: Improved README with clearer examples and usage instructions
import cloudscraper
# Create a scraper with all enhanced features
scraper = cloudscraper.create_scraper(
# Use js2py interpreter for better compatibility
interpreter='js2py',
# Enable proxy rotation
rotating_proxies=[
'http://user:[email protected]:8080',
'http://user:[email protected]:8080',
'http://user:[email protected]:8080'
],
proxy_options={
'rotation_strategy': 'smart',
'ban_time': 300
},
# Enable stealth mode
enable_stealth=True,
stealth_options={
'min_delay': 2.0,
'max_delay': 6.0,
'human_like_delays': True,
'randomize_headers': True,
'browser_quirks': True
},
# Set browser fingerprint
browser={
'browser': 'chrome',
'platform': 'windows',
'mobile': False
},
# Enable debugging if needed
debug=False
)
# Make a request to a Cloudflare-protected site
response = scraper.get('https://example.com')
print(response.text)-
Cloudflare v3 JavaScript VM Challenge Support
- Added comprehensive support for Cloudflare's latest v3 challenges
- Challenges run inside a JavaScript Virtual Machine for enhanced security
- Automatic detection and handling of v3 challenge patterns
- Support for all JavaScript interpreters (js2py, nodejs, native)
- Enhanced fallback mechanisms for complex VM challenges
-
Enhanced Turnstile Support
- Improved detection of Cloudflare Turnstile challenges
- Better integration with CAPTCHA solving services
- Support for all major CAPTCHA providers (2captcha, anticaptcha, etc.)
-
JavaScript Interpreter Enhancements
- Better compatibility with v3 JavaScript VM challenges
- Improved error handling and fallback mechanisms
- Enhanced context creation for VM-based challenges
-
Challenge Detection
- More accurate detection of different challenge types
- Better differentiation between v1, v2, v3, and Turnstile challenges
- Improved regex patterns for modern Cloudflare protection
-
Configuration Options
- Added
disableCloudflareV3parameter for selective challenge handling - Enhanced debug output for v3 challenge detection
- Better error messages and troubleshooting information
- Added
-
Comprehensive Test Suite
- 100% pass rate for all core functionality
- Dedicated v3 challenge testing script
- Enhanced test coverage for all challenge types
- Automated testing for all JavaScript interpreters
-
Documentation
- Complete rewrite of README with v3 examples
- Added comprehensive usage examples
- Enhanced troubleshooting guide
- Added testing and verification section
- Fixed compatibility issues with modern Cloudflare challenges
- Improved error handling for edge cases
- Better handling of malformed JavaScript challenges
- Enhanced cookie management for newer Cloudflare implementations
- Initial Turnstile challenge support
- Enhanced proxy rotation capabilities
- Improved stealth mode functionality
- Better browser fingerprinting
- Codebase consolidation to single module
- Enhanced v2 challenge support
- Improved JavaScript interpreter handling
- Added comprehensive test suite
- Original cloudscraper by VeNoMouS
- Enhanced Edition by Zied Boughdir
The library includes comprehensive test scripts to verify functionality:
Quick test to verify the library is working:
import cloudscraper
# Create a scraper instance
scraper = cloudscraper.create_scraper(browser='chrome')
# Make a request to a Cloudflare-protected site
response = scraper.get('https://example.com')
print(f"Status code: {response.status_code}")The library includes several test scripts:
# Run the comprehensive test suite
python test_cloudscraper_comprehensive.py https://example-cloudflare-site.com
# Test with a specific Cloudflare-protected site
python test_cloudflare_site.py https://example-cloudflare-site.com --browser firefox --stealthIf you encounter issues:
- Try different browser emulation - Some sites work better with Chrome vs Firefox
- Enable stealth mode - Helps bypass sophisticated protection
- Use proxy rotation - For IP blocks or rate limits
- Try different JS interpreters - js2py, nodejs, or v8
For issues or questions, please open an issue on the GitHub repository.
pip install --upgrade cloudscraper # Always use the latest version
