Bump version 3.4.6 (#1633)

Co-authored-by: ilike2burnthing <59480337+ilike2burnthing@users.noreply.github.com>

.github/workflows/release.yml

@@ -19,17 +19,14 @@ jobs:
         id: github_changelog
         run: |
           changelog=$(git log $(git tag | tail -2 | head -1)..HEAD --no-merges --oneline)
-          changelog="${changelog//'%'/'%25'}"
-          changelog="${changelog//$'\n'/'%0A'}"
-          changelog="${changelog//$'\r'/'%0D'}"
-          echo "changelog=${changelog}" >> $GITHUB_ENV
+          echo "changelog<<EOF" >> $GITHUB_OUTPUT
+          echo "$changelog" >> $GITHUB_OUTPUT
+          echo "EOF" >> $GITHUB_OUTPUT
 
       - name: Create release
         uses: softprops/action-gh-release@v2
         with:
-          tag_name: ${{ github.ref }}
-          name: ${{ github.ref }}
-          body: ${{ env.changelog }}
+          body: ${{ steps.github_changelog.outputs.changelog }}
         env:
           GITHUB_TOKEN: ${{ secrets.GH_PAT }}
 

CHANGELOG.md

@@ -1,5 +1,26 @@
 # Changelog
 
+## v3.4.6 (2025/11/29)
+* Add disable image, css, fonts option with CDP. Thanks @Ananto30
+
+## v3.4.5 (2025/11/11)
+* Revert to Python v3.13
+
+## v3.4.4 (2025/11/04)
+* Bump dependencies, Chromium, and some other general fixes. Thanks @flowerey
+
+## v3.4.3 (2025/10/28)
+* Update proxy extension
+
+## v3.4.2 (2025/10/09)
+* Bump dependencies & CI actions. Thanks @flowerey
+* Add optional wait time after resolving the challenge before returning. Thanks @kennedyoliveira
+* Add proxy ENVs. Thanks @Robokishan
+* Handle empty string and keys without value in postData. Thanks @eZ4RK0
+* Add quote protection for password containing it. Thanks @warrenberberd
+* Add returnScreenshot parameter to screenshot the final web page. Thanks @estebanthi
+* Add log file support. Thanks @acg5159
+
 ## v3.4.1 (2025/09/15)
 * Fix regex pattern syntax in utils.py
 * Change access denied title check to use startswith

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.13-slim-bookworm as builder
+FROM python:3.13-slim-bookworm AS builder
 
 # Build dummy packages to skip installing them and their dependencies
 RUN apt-get update \
@@ -38,7 +38,12 @@ RUN dpkg -i /libgl1-mesa-dri.deb \
     # Create flaresolverr user
     && useradd --home-dir /app --shell /bin/sh flaresolverr \
     && mv /usr/bin/chromedriver chromedriver \
-    && chown -R flaresolverr:flaresolverr .
+    && chown -R flaresolverr:flaresolverr . \
+    # Create config dir
+    && mkdir /config \
+    && chown flaresolverr:flaresolverr /config
+
+VOLUME /config
 
 # Install Python dependencies
 COPY requirements.txt .
@@ -62,17 +67,17 @@ ENTRYPOINT ["/usr/bin/dumb-init", "--"]
 CMD ["/usr/local/bin/python", "-u", "/app/flaresolverr.py"]
 
 # Local build
-# docker build -t ngosang/flaresolverr:3.4.1 .
-# docker run -p 8191:8191 ngosang/flaresolverr:3.4.1
+# docker build -t ngosang/flaresolverr:3.4.6 .
+# docker run -p 8191:8191 ngosang/flaresolverr:3.4.6
 
 # Multi-arch build
 # docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
 # docker buildx create --use
-# docker buildx build -t ngosang/flaresolverr:3.4.1 --platform linux/386,linux/amd64,linux/arm/v7,linux/arm64/v8 .
+# docker buildx build -t ngosang/flaresolverr:3.4.6 --platform linux/386,linux/amd64,linux/arm/v7,linux/arm64/v8 .
 #   add --push to publish in DockerHub
 
 # Test multi-arch build
 # docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
 # docker buildx create --use
-# docker buildx build -t ngosang/flaresolverr:3.4.1 --platform linux/arm/v7 --load .
-# docker run -p 8191:8191 --platform linux/arm/v7 ngosang/flaresolverr:3.4.1
+# docker buildx build -t ngosang/flaresolverr:3.4.6 --platform linux/arm/v7 --load .
+# docker run -p 8191:8191 --platform linux/arm/v7 ngosang/flaresolverr:3.4.6

README.md

@@ -187,8 +187,10 @@ session. When you no longer need to use a session you should make sure to close
 | maxTimeout          | Optional, default value 60000. Max timeout to solve the challenge in milliseconds.                                                                                                                                                                                                                                                           |
 | cookies             | Optional. Will be used by the headless browser. Eg: `"cookies": [{"name": "cookie1", "value": "value1"}, {"name": "cookie2", "value": "value2"}]`.                                                                                                                                                                                           |
 | returnOnlyCookies   | Optional, default false. Only returns the cookies. Response data, headers and other parts of the response are removed.                                                                                                                                                                                                                       |
+| returnScreenshot    | Optional, default false. Captures a screenshot of the final rendered page after all challenges and waits are completed. The screenshot is returned as a Base64-encoded PNG string in the `screenshot` field of the response.                                                                                                                 |
 | proxy               | Optional, default disabled. Eg: `"proxy": {"url": "http://127.0.0.1:8888"}`. You must include the proxy schema in the URL: `http://`, `socks4://` or `socks5://`. Authorization (username/password) is not supported. (When the `session` parameter is set, the proxy is ignored; a session specific proxy can be set in `sessions.create`.) |
-| waitInSeconds       | Optional, default none. Length to wait in seconds after solving the challenge, and before returning the results. Useful to allow it to load dynamic content.                                                                                                                                                                        |
+| waitInSeconds       | Optional, default none. Length to wait in seconds after solving the challenge, and before returning the results. Useful to allow it to load dynamic content.                                                                                                                                                                                 |
+| disableMedia        | Optional, default false. When true FlareSolverr will prevent media resources (images, CSS, and fonts) from being loaded to speed up navigation.                                                                                                                                     |
 
 > **Warning**
 > If you want to use Cloudflare clearance cookie in your scripts, make sure you use the FlareSolverr User-Agent too. If they don't match you will see the challenge.
@@ -265,14 +267,16 @@ This is the same as `request.get` but it takes one more param:
 | Name               | Default                | Notes                                                                                                                                                         |
 |--------------------|------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | LOG_LEVEL          | info                   | Verbosity of the logging. Use `LOG_LEVEL=debug` for more information.                                                                                         |
+| LOG_FILE           | none                   | Path to capture log to file. Example: `/config/flaresolver.log`.                                                                                              |
 | LOG_HTML           | false                  | Only for debugging. If `true` all HTML that passes through the proxy will be logged to the console in `debug` level.                                          |
 | PROXY_URL               | none                   | URL for proxy. Will be overwritten by `request` or `sessions` proxy, if used. Example: `http://127.0.0.1:8080`.                                                                                   |
 | PROXY_USERNAME               | none                   | Username for proxy. Will be overwritten by `request` or `sessions` proxy, if used. Example: `testuser`.                                                                                   |
 | PROXY_PASSWORD               | none                   | Password for proxy. Will be overwritten by `request` or `sessions` proxy, if used. Example: `testpass`.                                                                                   |
 | CAPTCHA_SOLVER     | none                   | Captcha solving method. It is used when a captcha is encountered. See the Captcha Solvers section.                                                            |
 | TZ                 | UTC                    | Timezone used in the logs and the web browser. Example: `TZ=Europe/London`.                                                                                   |
-| LANG               | none                   | Language used in the web browser. Example: `LANG=en_GB`.                                                                                   |
+| LANG               | none                   | Language used in the web browser. Example: `LANG=en_GB`.                                                                                                      |
 | HEADLESS           | true                   | Only for debugging. To run the web browser in headless mode or visible.                                                                                       |
+| DISABLE_MEDIA      | false                  | To disable loading images, CSS, and other media in the web browser to save network bandwidth.                                                                |
 | TEST_URL           | https://www.google.com | FlareSolverr makes a request on start to make sure the web browser is working. You can change that URL if it is blocked in your country.                      |
 | PORT               | 8191                   | Listening port. You don't need to change this if you are running on Docker.                                                                                   |
 | HOST               | 0.0.0.0                | Listening interface. You don't need to change this if you are running on Docker.                                                                              |

docker-compose.yml

@@ -7,9 +7,12 @@ services:
     container_name: flaresolverr
     environment:
       - LOG_LEVEL=${LOG_LEVEL:-info}
+      - LOG_FILE=${LOG_FILE:-none}
       - LOG_HTML=${LOG_HTML:-false}
       - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
       - TZ=Europe/London
     ports:
       - "${PORT:-8191}:8191"
+    volumes:
+      - /var/lib/flaresolver:/config
     restart: unless-stopped

package.json

@@ -1,6 +1,6 @@
 {
   "name": "flaresolverr",
-  "version": "3.4.1",
+  "version": "3.4.6",
   "description": "Proxy server to bypass Cloudflare protection",
   "author": "Diego Heras (ngosang / ngosang@hotmail.es)",
   "license": "MIT"

requirements.txt

@@ -1,14 +1,14 @@
 bottle==0.13.4
 waitress==3.0.2
-selenium==4.35.0
+selenium==4.38.0
 func-timeout==4.3.5
-prometheus-client==0.22.1
+prometheus-client==0.23.1
 # Required by undetected_chromedriver
 requests==2.32.5
-certifi==2025.8.3
+certifi==2025.10.5
 websockets==15.0.1
 packaging==25.0
 # Only required for Linux and macOS
-xvfbwrapper==0.2.14; platform_system != "Windows"
+xvfbwrapper==0.2.15; platform_system != "Windows"
 # Only required for Windows
 pefile==2024.8.26; platform_system == "Windows"

src/bottle_plugins/logger_plugin.py

@@ -5,7 +5,7 @@ import logging
 def logger_plugin(callback):
     """
     Bottle plugin to use logging module
-    http://bottlepy.org/docs/dev/plugindev.html
+    https://bottlepy.org/docs/dev/plugindev.html
 
     Wrap a Bottle request so that a log line is emitted after it's handled.
     (This decorator can be extended to take the desired logger as a param.)

src/bottle_plugins/prometheus_plugin.py

@@ -18,7 +18,7 @@ def setup():
 def prometheus_plugin(callback):
     """
     Bottle plugin to expose Prometheus metrics
-    http://bottlepy.org/docs/dev/plugindev.html
+    https://bottlepy.org/docs/dev/plugindev.html
     """
     def wrapper(*args, **kwargs):
         actual_response = callback(*args, **kwargs)

src/build_package.py

@@ -25,7 +25,7 @@ def clean_files():
 
 def download_chromium():
     # https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html?prefix=Linux_x64/
-    revision = "1465706" if os.name == 'nt' else '1465706'
+    revision = "1522586" if os.name == 'nt' else '1522586'
     arch = 'Win_x64' if os.name == 'nt' else 'Linux_x64'
     dl_file = 'chrome-win' if os.name == 'nt' else 'chrome-linux'
     dl_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), os.pardir, 'dist_chrome')

src/dtos.py

@@ -10,6 +10,7 @@ class ChallengeResolutionResultT:
     response: str = None
     cookies: list = None
     userAgent: str = None
+    screenshot: str | None = None
 
     def __init__(self, _dict):
         self.__dict__.update(_dict)
@@ -41,9 +42,12 @@ class V1RequestBase(object):
     url: str = None
     postData: str = None
     returnOnlyCookies: bool = None
+    returnScreenshot: bool = None
     download: bool = None   # deprecated v2.0.0, not used
     returnRawHtml: bool = None  # deprecated v2.0.0, not used
     waitInSeconds: int = None
+    # Optional resource blocking flag (blocks images, CSS, and fonts)
+    disableMedia: bool = None
 
     def __init__(self, _dict):
         self.__dict__.update(_dict)

src/flaresolverr.py

@@ -81,12 +81,13 @@ if __name__ == "__main__":
 
     # fix ssl certificates for compiled binaries
     # https://github.com/pyinstaller/pyinstaller/issues/7229
-    # https://stackoverflow.com/questions/55736855/how-to-change-the-cafile-argument-in-the-ssl-module-in-python3
+    # https://stackoverflow.com/q/55736855
     os.environ["REQUESTS_CA_BUNDLE"] = certifi.where()
     os.environ["SSL_CERT_FILE"] = certifi.where()
 
     # validate configuration
     log_level = os.environ.get('LOG_LEVEL', 'info').upper()
+    log_file = os.environ.get('LOG_FILE', None)
     log_html = utils.get_config_log_html()
     headless = utils.get_config_headless()
     server_host = os.environ.get('HOST', '0.0.0.0')
@@ -104,6 +105,13 @@ if __name__ == "__main__":
             logging.StreamHandler(sys.stdout)
         ]
     )
+    if log_file:
+        log_file = os.path.realpath(log_file)
+        log_path = os.path.dirname(log_file)
+        os.makedirs(log_path, exist_ok=True)
+
+        logging.getLogger().addHandler(logging.FileHandler(log_file))
+
     # disable warning traces from urllib3
     logging.getLogger('urllib3').setLevel(logging.ERROR)
     logging.getLogger('selenium.webdriver.remote.remote_connection').setLevel(logging.WARNING)

src/flaresolverr_service.py

@@ -287,10 +287,36 @@ def _evil_logic(req: V1RequestBase, driver: WebDriver, method: str) -> Challenge
     res.status = STATUS_OK
     res.message = ""
 
+    # optionally block resources like images/css/fonts using CDP
+    disable_media = utils.get_config_disable_media()
+    if req.disableMedia is not None:
+        disable_media = req.disableMedia
+    if disable_media:
+        block_urls = [
+            # Images
+            "*.png", "*.jpg", "*.jpeg", "*.gif", "*.webp", "*.bmp", "*.svg", "*.ico",
+            "*.PNG", "*.JPG", "*.JPEG", "*.GIF", "*.WEBP", "*.BMP", "*.SVG", "*.ICO",
+            "*.tiff", "*.tif", "*.jpe", "*.apng", "*.avif", "*.heic", "*.heif",
+            "*.TIFF", "*.TIF", "*.JPE", "*.APNG", "*.AVIF", "*.HEIC", "*.HEIF",
+            # Stylesheets
+            "*.css",
+            "*.CSS",
+            # Fonts
+            "*.woff", "*.woff2", "*.ttf", "*.otf", "*.eot",
+            "*.WOFF", "*.WOFF2", "*.TTF", "*.OTF", "*.EOT"
+        ]
+        try:
+            logging.debug("Network.setBlockedURLs: %s", block_urls)
+            driver.execute_cdp_cmd("Network.enable", {})
+            driver.execute_cdp_cmd("Network.setBlockedURLs", {"urls": block_urls})
+        except Exception:
+            # if CDP commands are not available or fail, ignore and continue
+            logging.debug("Network.setBlockedURLs failed or unsupported on this webdriver")
 
     # navigate to the page
-    logging.debug(f'Navigating to... {req.url}')
-    if method == 'POST':
+    logging.debug(f"Navigating to... {req.url}")
+
+    if method == "POST":
         _post_request(req, driver)
     else:
         driver.get(req.url)
@@ -397,6 +423,9 @@ def _evil_logic(req: V1RequestBase, driver: WebDriver, method: str) -> Challenge
 
         challenge_res.response = driver.page_source
 
+    if req.returnScreenshot:
+        challenge_res.screenshot = driver.get_screenshot_as_base64()
+
     res.result = challenge_res
     return res
 

src/tests.py

@@ -21,11 +21,11 @@ class TestFlareSolverr(unittest.TestCase):
     proxy_socks_url = "socks5://127.0.0.1:1080"
     google_url = "https://www.google.com"
     post_url = "https://httpbin.org/post"
-    cloudflare_url = "https://nowsecure.nl"
+    cloudflare_url = "https://nowsecure.nl/"
     cloudflare_url_2 = "https://idope.se/torrent-list/harry/"
-    ddos_guard_url = "https://anidex.info/"
+    ddos_guard_url = "https://www.litres.ru/"
     fairlane_url = "https://www.pararius.com/apartments/amsterdam"
-    custom_cloudflare_url = "https://www.muziekfabriek.org"
+    custom_cloudflare_url = "https://www.muziekfabriek.org/"
     cloudflare_blocked_url = "https://cpasbiens3.fr/index.php?do=search&subaction=search"
 
     app = TestApp(flaresolverr.app)
@@ -92,6 +92,29 @@ class TestFlareSolverr(unittest.TestCase):
         self.assertGreater(len(solution.cookies), 0)
         self.assertIn("Chrome/", solution.userAgent)
 
+    def test_v1_endpoint_request_get_disable_resources(self):
+        res = self.app.post_json("/v1", {
+            "cmd": "request.get",
+            "url": self.google_url,
+            "disableMedia": True
+        })
+        self.assertEqual(res.status_code, 200)
+
+        body = V1ResponseBase(res.json)
+        self.assertEqual(STATUS_OK, body.status)
+        self.assertEqual("Challenge not detected!", body.message)
+        self.assertGreater(body.startTimestamp, 10000)
+        self.assertGreaterEqual(body.endTimestamp, body.startTimestamp)
+        self.assertEqual(utils.get_flaresolverr_version(), body.version)
+
+        solution = body.solution
+        self.assertIn(self.google_url, solution.url)
+        self.assertEqual(solution.status, 200)
+        self.assertIs(len(solution.headers), 0)
+        self.assertIn("<title>Google</title>", solution.response)
+        self.assertGreater(len(solution.cookies), 0)
+        self.assertIn("Chrome/", solution.userAgent)
+
     def test_v1_endpoint_request_get_cloudflare_js_1(self):
         res = self.app.post_json('/v1', {
             "cmd": "request.get",
@@ -162,7 +185,7 @@ class TestFlareSolverr(unittest.TestCase):
         self.assertIn(self.ddos_guard_url, solution.url)
         self.assertEqual(solution.status, 200)
         self.assertIs(len(solution.headers), 0)
-        self.assertIn("<title>AniDex</title>", solution.response)
+        self.assertIn("<title>Литрес", solution.response)
         self.assertGreater(len(solution.cookies), 0)
         self.assertIn("Chrome/", solution.userAgent)
 

src/utils.py

@@ -28,6 +28,10 @@ def get_config_headless() -> bool:
     return os.environ.get('HEADLESS', 'true').lower() == 'true'
 
 
+def get_config_disable_media() -> bool:
+    return os.environ.get('DISABLE_MEDIA', 'false').lower() == 'true'
+
+
 def get_flaresolverr_version() -> str:
     global FLARESOLVERR_VERSION
     if FLARESOLVERR_VERSION is not None:
@@ -58,18 +62,21 @@ def create_proxy_extension(proxy: dict) -> str:
     manifest_json = """
     {
         "version": "1.0.0",
-        "manifest_version": 2,
+        "manifest_version": 3,
         "name": "Chrome Proxy",
         "permissions": [
             "proxy",
             "tabs",
-            "unlimitedStorage",
             "storage",
-            "<all_urls>",
             "webRequest",
-            "webRequestBlocking"
+            "webRequestAuthProvider"
         ],
-        "background": {"scripts": ["background.js"]},
+        "host_permissions": [
+          "<all_urls>"
+        ],
+        "background": {
+          "service_worker": "background.js"
+        },
         "minimum_chrome_version": "76.0.0"
     }
     """
@@ -154,6 +161,7 @@ def get_webdriver(proxy: dict = None) -> WebDriver:
     proxy_extension_dir = None
     if proxy and all(key in proxy for key in ['url', 'username', 'password']):
         proxy_extension_dir = create_proxy_extension(proxy)
+        options.add_argument("--disable-features=DisableLoadExtensionCommandLineSwitch")
         options.add_argument("--load-extension=%s" % os.path.abspath(proxy_extension_dir))
     elif proxy and 'url' in proxy:
         proxy_url = proxy['url']

test-requirements.txt

@@ -1 +1 @@
-WebTest==3.0.6
+WebTest==3.0.7