Node.js/TypeScript HTTP client with browser TLS fingerprint impersonation (JA3/JA4). Bypass Cloudflare and anti-bot detection. Rust-powered, fetch()-compatible.
npm install wreq-js
Node.js/TypeScript HTTP client with browser TLS fingerprint impersonation (JA3/JA4). Bypass Cloudflare, DataDome, and other anti-bot TLS fingerprinting. Rust-powered via wreq.
- Bypass anti-bot TLS detection (Cloudflare, DataDome, Akamai, etc.)
- Native Rust performance (no browser/process spawning)
- Real browser TLS fingerprints (JA3/JA4)
- HTTP/2 impersonation (SETTINGS/PRIORITY/header ordering)
- Multiple browser profiles (Chrome/Firefox/Safari/Edge/Opera/OkHttp)
- fetch()-compatible API with sessions, cookies, and proxies
- WebSocket support with fingerprint consistency
- Prebuilt native binaries for macOS/Linux/Windows
- TypeScript-first with generated definitions
| Library | Approach | Maintained | API | Performance | Fingerprint profiles |
|---------|----------|:----------:|-----|:-----------:|:--------------------:|
| wreq-js | Rust native bindings (wreq) | Yes | fetch()-compatible, TypeScript-first | Native Rust, no subprocess overhead | Built-in, kept current via wreq-util |
| CycleTLS | Go subprocess | Sporadic | Promise-based | IPC overhead (Go subprocess) | BYO (manual JA3 strings) |
| got-scraping | Pure JS header tweaking | Yes | got-based | JS-only, no real TLS spoofing | N/A (header-level only) |
| node-tls-client | Go shared lib (bogdanfinn) | Sporadic | Custom | FFI overhead | Depends on upstream |
| curl-impersonate | Modified curl binary | Inactive (last release Mar 2024) | CLI/bindings | Subprocess | Stale |
All guides, concepts, and API reference live at:
- https://wreq.sqdsh.win
(If you're looking for examples, sessions/cookies, proxy usage, streaming, WebSockets, or the full API surface - it's all there.)
``bash`
npm install wreq-jsor
yarn add wreq-js
pnpm add wreq-js
bun add wreq-js
Prebuilt binaries are provided for:
- macOS (Intel & Apple Silicon)
- Linux (x64 & ARM64, glibc & musl)
- Windows (x64)
If a prebuilt binary for your platform/commit is unavailable, the package will build from source (requires a Rust toolchain).
`ts
import { fetch } from 'wreq-js';
const res = await fetch('https://example.com/api', {
browser: 'chrome_142',
os: 'windows',
});
console.log(await res.json());
`
For most real-world workloads, start with a session and reuse it across requests.
This keeps TLS/cookies warm and avoids paying setup costs on every call.
`ts
import { createSession } from 'wreq-js';
const session = await createSession({ browser: 'chrome_142', os: 'windows' });
try {
const a = await session.fetch('https://example.com/a');
const b = await session.fetch('https://example.com/b');
console.log(a.status, b.status);
} finally {
await session.close();
}
`
More session patterns: https://wreq.sqdsh.win
Use wreq-js when you need to make HTTP requests that pass Cloudflare, DataDome, or other anti-bot TLS fingerprinting checks without spinning up a real browser. It's a drop-in fetch() replacement that impersonates real browser TLS/HTTP2 fingerprints at the network level.
If you need DOM/JS execution, CAPTCHA solving, or full browser automation, use Playwright/Puppeteer instead.
See CONTRIBUTING.md.
This is a maintained fork of will-work-for-meal/node-wreq (originally named node-wreq`), with ongoing updates, compatibility fixes, and performance work.
- wreq - Rust HTTP client with browser impersonation
- wreq-util - source of up-to-date browser profiles
- NAPI-RS - Rust ↔ Node.js bindings