Node.js library to bypass Cloudflare's anti-ddos page.
This library is a port of python module cloudflare-scrape with couple enhancements and test cases ;) . All grats to its author \m/
If the page you want to access is protected by Cloudflare, it will return special page, which expects client to support Javascript to solve challenge.
This small library encapsulates logic which extracts challenge, solves it, submits and returns the request page body.
You can use cloudscraper even if you are not sure if Cloudflare protection is turned on.
In general, Cloudflare has 4 types of common anti-bot pages:
- Simple html+javascript page with challenge
- Page which redirects to original site
- Page with recaptcha
- Page with error ( your ip was banned, etc)
Unfortunately, there is no support for handling a CAPTCHA, if the response contains it, but some convenience methods may be added in the future.
If you notice that for some reason cloudscraper stopped to work, do not hesitate and get in touch with me ( by creating an issue here, for example), so i can update it.
- Replace
cloudscraper.request(options)
withcloudscraper(options)
cloudscraper.get()
andcloudscraper.post()
method signatures are aligned with corresponding methods from request:
var options = {
uri: 'https://website.com/',
headers: {/*...*/}
};
cloudscraper.get(options, function(error, response, body) {
console.log(body);
});
or for POST
var options = {
uri: 'https://website.com/',
headers: {/*...*/},
formData: { field1: 'value', field2: 2 }
};
cloudscraper.post(options, function(error, response, body) {
console.log(body);
});
- If you are using custom promise support workarounds please remove them as cloudscraper now uses request-promise:
var cloudscraper = require('cloudscraper');
var options = {
uri: 'https://website.com/',
method: 'GET'
};
cloudscraper(options).then(function(body) {
console.log(body);
});
npm install cloudscraper
var cloudscraper = require('cloudscraper');
cloudscraper.get('https://website.com/', function(error, response, body) {
if (error) {
console.log('Error occurred');
} else {
console.log(body, response);
}
});
or for POST
action:
var options = {
uri: 'https://website.com/',
formData: { field1: 'value', field2: 2 }
};
cloudscraper.post(options, function(error, response, body) {
console.log(body);
});
A generic request can be made with cloudscraper(options, callback)
. The options object should follow request's options. Not everything is supported however, for example http methods other than GET and POST. If you wanted to request an image in binary data you could use the encoding option:
var options = {
method: 'GET',
url:'http://website.com/',
};
cloudscraper(options, function(err, response, body) {
console.log(response)
});
Cloudscraper wraps request and request-promise, so using cloudscraper is pretty much like using those two libraries.
- Cloudscraper exposes the same request methods as request:
cloudscraper.get(options, callback)
cloudscraper.post(options, callback)
cloudscraper(uri)
Please refer to request's documentation for further instructions - Cloudscraper uses request-promise, promise chaining is done exactly the same as described in docs:
cloudscraper(options)
.then(function (htmlString) {
})
.catch(function (err) {
});
cloudscraper.defaults
is a very convenient way of extending the cloudscraper requests with any of your settings.
var cloudscraper = require('cloudscraper').defaults({ 'proxy': 'http://localproxy.com' });
// Override headers
var headers = { /* ... */ };
var cloudscraper = require('cloudscraper').defaults({ headers: headers });
cloudscraper(options, function(error, response, body) {
console.log(body)
});
Cloudscraper exposes following options that are required by default but might be changed. Please note that the default values increase chances of correct work.
var options = {
uri: 'https://website',
jar: requestModule.jar(), // Custom cookie jar
headers: {
// User agent, Cache Control and Accept headers are required
'User-Agent': 'Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36',
'Cache-Control': 'private',
'Accept': 'application/xml,application/xhtml+xml,text/html;q=0.9, text/plain;q=0.8,image/png,*/*;q=0.5'
},
// Cloudflare requires a delay of 5 seconds, so wait for at least 6.
cloudflareTimeout: 6000,
// followAllRedirects - follow non-GET HTTP 3xx responses as redirects
followAllRedirects: true,
// Support only this max challenges in row. If CF returns more, throw an error
challengesToSolve: 3
};
cloudscraper(options, function(error, response, body) {
console.log(body)
});
You can access default default configuration with cloudscraper.defaultParams
Cloudscraper error object inherits from Error
has following fields:
name
-RequestError
/CaptchaError
/CloudflareError
/ParserError
options
- The request optionscause
- An alias forerror
response
- The request responseerrorType
- Custom error code WhereerrorType
can be following:
0
if request to page failed due to some native reason as bad url, http connection or so.error
in this case will be error event1
Cloudflare returned captcha. Nothing to do here. Bad luck2
Cloudflare returned page with some inner error.error
will beNumber
within this range1012, 1011, 1002, 1000, 1004, 1010, 1006, 1007, 1008
. See more here3
this error is returned when library failed to parse and solve js challenge.error
will beString
with some details.⚠️ ⚠️ Most likely it means that Cloudflare have changed their js challenge.4
CF went into a loop and started to return challenge after challenge. If number of solved challenges is greater than3
and another challenge is returned, throw an error
Do not always rely on error.cause
to be an error, it can be a string
Clone this repo, do npm install
and then just npm test
Let me know, by opening issue in this repo and i will update library asap. Please, provide url and body of page where cloudscraper failed.
Current Cloudflare implementation requires browser to respect the timeout of 5 seconds and cloudscraper mimics this behaviour. So everytime you call cloudscraper.get/post
you should expect it to return result after minimum 6 seconds. If you want to change this behaviour, you would need to make a generic request as described in above and pass cloudflareTimeout
options with your value. But be aware that Cloudflare might track this timeout and use it against you ;)
- Check for recaptcha
- Support cookies, so challenge can be solved once per session
- Support page with simple redirects
- Add proper testing
- Remove manual 302 processing, replace with
followAllRedirects
param - Parse out the timeout from challenge page
- Reoder the arguments in get/post/request methods and allow custom options to be passed in
- Expose solve methods to use them independently
- Support recaptcha solving
- Promisification