From fa96a507f4163ee8875db38129e363384105b0d0 Mon Sep 17 00:00:00 2001
From: 4JX <79868816+4JX@users.noreply.github.com>
Date: Thu, 5 Jan 2023 02:25:20 +0100
Subject: [PATCH] Chrome V108

---
 examples/tls.rs                |  37 +++++++++++
 flake.nix                      |   5 +-
 src/browser/chrome/mod.rs      |   1 +
 src/browser/chrome/ver/mod.rs  |   2 +
 src/browser/chrome/ver/v108.rs | 110 +++++++++++++++++++++++++++++++++
 5 files changed, 154 insertions(+), 1 deletion(-)
 create mode 100644 examples/tls.rs
 create mode 100644 src/browser/chrome/ver/v108.rs

diff --git a/examples/tls.rs b/examples/tls.rs
new file mode 100644
index 0000000..79f3ae1
--- /dev/null
+++ b/examples/tls.rs
@@ -0,0 +1,37 @@
+//! `cargo run --example tls --features=blocking,chrome`
+
+#![deny(warnings)]
+
+use reqwest_impersonate::browser::ChromeVersion;
+
+// This is using the `tokio` runtime. You'll need the following dependency:
+//
+// `tokio = { version = "1", features = ["full"] }`
+#[cfg(not(target_arch = "wasm32"))]
+
+fn main() -> Result<(), reqwest_impersonate::Error> {
+    // Build a client to mimic Chrome 104
+    let client = reqwest_impersonate::blocking::Client::builder()
+        .chrome_builder(ChromeVersion::V108)
+        .build()
+        .unwrap();
+
+    // Use the API you're already familiar with
+    match client.get("https://tls.peet.ws/api/all").send() {
+        Ok(res) => {
+            println!("{}", res.text().unwrap());
+        }
+        Err(err) => {
+            dbg!(err);
+        }
+    };
+
+    Ok(())
+}
+
+// The [cfg(not(target_arch = "wasm32"))] above prevent building the tokio::main function
+// for wasm32 target, because tokio isn't compatible with wasm32.
+// If you aren't building for wasm32, you don't need that line.
+// The two lines below avoid the "'main' function not found" error when building for wasm32 target.
+#[cfg(target_arch = "wasm32")]
+fn main() {}
diff --git a/flake.nix b/flake.nix
index 3f7c6f2..e7d3e80 100644
--- a/flake.nix
+++ b/flake.nix
@@ -56,7 +56,7 @@
 
         # The main application derivation
         reqwest-impersonate = craneLib.buildPackage
-          ({
+          (rec {
             src = nixLib.cleanSourceWith
               {
                 src = workspaceSrc;
@@ -68,6 +68,7 @@
             buildInputs = with pkgs;
               [
                 openssl
+                boringssl
               ]
               ++ pkgs.lib.optionals pkgs.stdenv.isDarwin [ ];
 
@@ -76,6 +77,8 @@
                 clang
                 pkg-config
               ] ++ pkgs.lib.optionals pkgs.stdenv.isDarwin [ ];
+
+            LD_LIBRARY_PATH = nixLib.makeLibraryPath buildInputs;
           } // envVars);
       in
       {
diff --git a/src/browser/chrome/mod.rs b/src/browser/chrome/mod.rs
index 648097d..c7bd274 100644
--- a/src/browser/chrome/mod.rs
+++ b/src/browser/chrome/mod.rs
@@ -27,4 +27,5 @@ pub enum ChromeVersion {
     V104,
     V105,
     V106,
+    V108,
 }
diff --git a/src/browser/chrome/ver/mod.rs b/src/browser/chrome/ver/mod.rs
index 8e919e0..bb2bef8 100644
--- a/src/browser/chrome/ver/mod.rs
+++ b/src/browser/chrome/ver/mod.rs
@@ -5,11 +5,13 @@ use super::ChromeVersion;
 mod v104;
 mod v105;
 mod v106;
+mod v108;
 
 pub(super) fn get_config_from_ver(ver: ChromeVersion) -> BrowserSettings {
     match ver {
         ChromeVersion::V104 => v104::get_settings(),
         ChromeVersion::V105 => v105::get_settings(),
         ChromeVersion::V106 => v106::get_settings(),
+        ChromeVersion::V108 => v108::get_settings(),
     }
 }
diff --git a/src/browser/chrome/ver/v108.rs b/src/browser/chrome/ver/v108.rs
new file mode 100644
index 0000000..344ea76
--- /dev/null
+++ b/src/browser/chrome/ver/v108.rs
@@ -0,0 +1,110 @@
+use boring::ssl::{
+    CertCompressionAlgorithm, SslConnector, SslConnectorBuilder, SslMethod, SslVersion,
+};
+use http::{
+    header::{ACCEPT, ACCEPT_ENCODING, ACCEPT_LANGUAGE, UPGRADE_INSECURE_REQUESTS, USER_AGENT},
+    HeaderMap, HeaderValue,
+};
+use std::sync::Arc;
+
+use crate::browser::{BrowserSettings, Http2Data};
+
+pub(super) fn get_settings() -> BrowserSettings {
+    BrowserSettings {
+        tls_builder_func: Arc::new(create_ssl_connector),
+        http2: Http2Data {
+            initial_stream_window_size: 6291456,
+            initial_connection_window_size: 15728640,
+            max_concurrent_streams: 1000,
+            max_header_list_size: 262144,
+            header_table_size: 65536,
+            enable_push: Some(false),
+        },
+        headers: create_headers(),
+        gzip: true,
+        brotli: true,
+    }
+}
+
+fn create_ssl_connector() -> SslConnectorBuilder {
+    let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
+
+    builder.set_grease_enabled(true);
+
+    builder.enable_ocsp_stapling();
+
+    let cipher_list = [
+        "TLS_AES_128_GCM_SHA256",
+        "TLS_AES_256_GCM_SHA384",
+        "TLS_CHACHA20_POLY1305_SHA256",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+        "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_RSA_WITH_AES_256_CBC_SHA",
+    ];
+
+    builder.set_cipher_list(&cipher_list.join(":")).unwrap();
+
+    let sigalgs_list = [
+        "ecdsa_secp256r1_sha256",
+        "rsa_pss_rsae_sha256",
+        "rsa_pkcs1_sha256",
+        "ecdsa_secp384r1_sha384",
+        "rsa_pss_rsae_sha384",
+        "rsa_pkcs1_sha384",
+        "rsa_pss_rsae_sha512",
+        "rsa_pkcs1_sha512",
+    ];
+
+    builder.set_sigalgs_list(&sigalgs_list.join(":")).unwrap();
+
+    builder.enable_signed_cert_timestamps();
+
+    builder.set_alpn_protos(b"\x02h2\x08http/1.1").unwrap();
+
+    builder
+        .add_cert_compression_alg(CertCompressionAlgorithm::Brotli)
+        .unwrap();
+
+    builder
+        .set_min_proto_version(Some(SslVersion::TLS1_2))
+        .unwrap();
+
+    builder
+        .set_max_proto_version(Some(SslVersion::TLS1_3))
+        .unwrap();
+
+    builder
+}
+
+fn create_headers() -> HeaderMap {
+    let mut headers = HeaderMap::new();
+
+    headers.insert(
+        "sec-ch-ua",
+        HeaderValue::from_static(
+            "\"Not?A_Brand\";v=\"8\", \"Chromium\";v=\"108\", \"Google Chrome\";v=\"108\"",
+        ),
+    );
+    headers.insert("sec-ch-ua-mobile", "?0".parse().unwrap());
+    headers.insert("sec-ch-ua-platform", "\"Windows\"".parse().unwrap());
+    headers.insert(UPGRADE_INSECURE_REQUESTS, "1".parse().unwrap());
+    headers.insert(USER_AGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36".parse().unwrap());
+    headers.insert(ACCEPT, "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9".parse().unwrap());
+    headers.insert("sec-fetch-site", "none".parse().unwrap());
+    headers.insert("sec-fetch-mode", "navigate".parse().unwrap());
+    headers.insert("sec-fetch-user", "?1".parse().unwrap());
+    headers.insert("sec-fetch-dest", "document".parse().unwrap());
+    headers.insert(ACCEPT_ENCODING, "gzip, deflate, br".parse().unwrap());
+    headers.insert(ACCEPT_LANGUAGE, "en-US,en;q=0.9".parse().unwrap());
+
+    headers
+}