Any problematic flags?

[MichaelM00]

Hi, thanks for this nice project!

I was looking to use the program with some extra curl flags such as --cookie/--ipv4 and wondered if any of these could cause the default fingerprint to change. I heard that even the order of the headers sent could affect the fingerprint so I am wondering if there are any issues using additional flags such as the above. Are there any known "problematic" flags which could possibly affect the default fingerprint?

[lwthiker]

Hi,

Any flag that deals with TLS is very likely to change the TLS fingerprint. I would suggest not to use them and just use the default set of TLS flags that are used by the wrapper scripts.

I was looking to use the program with some extra curl flags such as --cookie

It would likely not change the TLS fingerprint. However the --cookie flag will add an additional HTTP header, which may be placed differently than how the browser places it. You may want to check the order of HTTP headers as sent by the browser, and then add the cookie manually with -H "Cookie: ..." to the wrapper scripts in the correct place.

If you want to be extra careful and verify that you got your TLS fingerprint right, you can check out my ts1 library. It's still not user friendly enough (you'll have to capture the traffic in Wireshark feed it to the library) but it will allow you to compare signatures and be more certain about your fingerprint.

[MichaelM00]

Thanks for the reply @lwthiker. Do you think it's a good idea for the program to detect certain flags and either auto reorder flags that can be safely used but need reordering or warn if a flag could change the default fingerprint regardless?. This could be useful even if done just for the most popular/commonly used flags.