| Release 5.4 BETA1 |
| ------------------ |
| |
| This is the first BETA release in the 5.4 release series. It upgrades HttpCore to version |
| 5.3-beta1 and adds a few minor improvements and fixes. |
| |
| IMPORTANT! Please note the new cache entry serialization format is incompatible with earlier |
| versions of HttpClient Cache. Persistent caches (file system based, Memcached, EhCAche |
| with object serialization) created with any earlier version MUST be flushed and re-populated |
| or the cache backend MUST be configured to use the old, deprecated cache entry serializer. |
| |
| |
| Notable changes and features included in the 5.4 series: |
| |
| * Improved conformance to RFC 9110 (HTTP Semantics), RFC 7616 (HTTP Digest Access |
| Authentication), RFC 2617 (’Basic’ HTTP Authentication Scheme). |
| |
| * UTF-8 encoding is used by default for text where appropriate. |
| |
| * Compatibility with Java Virtual Threads and Java 21 Runtime. |
| |
| * Redesign and rewrite of the HTTP caching protocol layer for better efficiency |
| and improved conformance to RFC 9111 (HTTP Caching). |
| |
| * Cache control and context APIs. |
| |
| * ETag APIs. |
| |
| * TLS SNI and endpoint identification improvements. |
| |
| * Support for RFC 2817 (Upgrading to TLS Within HTTP/1.1). |
| |
| * Auth cache no longer makes use of Java serialization. |
| |
| * Deprecation of ConnectionSocketFactory and LayeredConnectionSocketFactory. |
| |
| * HttpContext optimization and performance improvement. |
| |
| |
| |
| Change Log |
| ------------------- |
| |
| * HTTPCLIENT-2328: Blocking I/O connections to check if the opposite TLS endpoint |
| has been closed by the opposite endpoint while writing out request body. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Redesign of test server APIs and integration test setup. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2331: Skip cookie header generation if a Cookie header is already |
| present (#561). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * HTTPCLIENT-2326: Propagate original proxy response to the caller in case of |
| HTTP CONNECT request failure. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2327: Propagate CancellationExceptions from MemcachedClient operations |
| as ResourceIOExceptions (#559). |
| Contributed by jattisha <jattisha at umich.edu> |
| |
| * Callbacks for Connection initialization. |
| Contributed by Richard Tippl <richard.tippl at gmail.com> |
| |
| * HTTPCLIENT-2325 Avoid adding "; charset=" for multipart/form-data requests |
| Contributed by Vladimir Sitnikov <sitnikov.vladimir at gmail.com> |
| |
| |
| |
| Release 5.4 ALPHA2 |
| ------------------ |
| |
| This is the second and likely the last ALPHA release in the 5.3 release series. |
| It finalizes the new Cache API introduced in the previous ALPHA release and also |
| improves TLS customization for the classic transport, SNI and endpoint identification |
| support, authentication data caching, and HTTP context performance. It also introduces |
| support for optional TLS upgrades for HTTP/1.1 connections. |
| |
| Change Log |
| ------------------- |
| |
| * HttpClientContext to use instance variables for standard attributes. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2151: Support for JSSE in-built endpoint identification. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Internal connection operators to make use of the target name from the request URI |
| authority. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * DefaultRoutePlanner to take the request authority into account when determining a route for |
| HTTPS requests. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RouteInfo and HttpRoute to include the target name from the URI authority in case it differs |
| from the target host (the host recognizes multiple authorities). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2316: BasicHttpClientConnectionManager incorrectly re-uses the released connection |
| if it has been closed out by the protocol handler. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2070: Auth cache to no longer rely on Java serialization for auth state caching. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-751: Support for RFC 2817 (Upgrading to TLS Within HTTP/1.1). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Connection endpoints to provide TLS details and protocol version. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Deprecated ConnectionSocketFactory, LayeredConnectionSocketFactory, and their plain and SSL |
| implementations in favor of DefaultClientTlsStrategy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Standard client TLS strategy implementations support the upgrading of blocking sockets. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * FileResourceFactory to generate stable file names for the same request ID and entity tag. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Cache ResourceFactory to make use of strong eTags when available. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * ETag APIs. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed a design mistake of ConnectionEndpoint having a direct dependency on |
| HttpRequestExecutor class. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Cache control and context APIs. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2315: Client builders fail to apply system properties to the default |
| connection manager. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2314: Handle gracefully a failure of DnsResolver to return a list of |
| resolved addresses (#533). |
| Contributed by Philip Helger <philip at helger.com> |
| |
| * HTTPCLIENT-2314: Throw ConnectionShutdownException in case of pooled connection |
| having been closed or discarded instead of plain IllegalStateException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 5.4 ALPHA1 |
| ------------------- |
| |
| This is the first ALPHA release in the 5.4 release series that improves HTTP protocol support |
| by ensuring conformance to the latest HTTP specification (RFC 9110, RFC 9111, RFC 7616, |
| RFC 7617), ensures compatibility with Java Virtual Threads by replacing 'synchronized' keywords |
| in critical sections with Java lock primitives. The HTTP caching protocol layer has also been |
| redesigned and overhauled to improve cache efficiency and optimize performance. |
| |
| |
| Change Log |
| ------------------- |
| |
| * `username*` validation and decoding in DigestScheme as per RFC (#511). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * Support for Userhash parameter in Digest authentication as per RFC 7616 (#509). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * Enforce UTF-8 encoding in Digest authentication according to RFC 7616 (#508). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * Enforce UTF-8 encoding in BasicSchemeFactory as per RFC 7617 (#506). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * Stricter password validation in BasicScheme (#505). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * Bug fix: When validating a cache entry the protocol handlers must use the current request |
| message with additional headers generated by the previous request interceptors instead of |
| the original request message. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Better debug logging in the caching protocol handlers. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Better HTTP execution context management by caching protocol handlers. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2301. Fixed a concurrency defect in the connection release code of |
| BasicHttpClientConnectionManager. |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * HttpCacheEntry to cache parsed DATE, EXPIRES, and LAST_MODIFIED values; avoid parsing |
| DATE header of cache entries and HTTP messages multiple times. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2293: Via header protocol improvements and performance optimization. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2293: RFC-compliant TRACE request interceptor (#486). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * HTTPCLIENT-2293: 'If-Range' request validation as per RFC 9110 (#485). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * HTTPCLIENT-2293: Enforce port specification for CONNECT requests as per RFC 9110 (#482). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * HTTPCLIENT-2284: Internal cache storage improvements (#478). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Replace `synchronized` blocks with ReentrantLock to ensure compatibility with virtual |
| threads (#476). |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| * HTTPCLIENT-2284: Cache entry representation improvements: (#477). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2277: Rewrite the caching protocol layer for improved efficiency and |
| conformance to RFC 9111. |
| Contributed by Arturo Bernal <arturobernalg@gmail.com> and |
| Oleg Kalnichevski <olegk at apache.org> and |
| |
| * Request and response Cache-Control APIs |
| Contributed by Arturo Bernal <arturobernalg@gmail.com> and |
| Oleg Kalnichevski <olegk at apache.org> and |
| |
| * HttpByteArrayCacheEntrySerializer refactoring and performance improvements. |
| Contributed by Arturo Bernal <abernal at apache.org> |
| |
| |
| |
| Release 5.3 |
| ------------------- |
| |
| This is the first GA release in the 5.3 release series. This release finalizes the 5.3 APIs |
| and also includes all bug fixes from the 5.2 release branch. |
| |
| The 5.3 release series introduces support for the Bearer authentication scheme (RFC 6750) and |
| deprecates NTLM and GSS-based experimental authentication schemes in favor of Basic / Bearer |
| authentication with TLS. |
| |
| Notable changes and features included in the 5.3 series: |
| |
| * Introduction of the Bearer authentication scheme. |
| |
| * Deprecation of the NTLM authentication scheme. |
| |
| * Deprecation of the GSS-based experimental authentication schemes. |
| |
| * Support for load distribution across multiple proxies. |
| |
| |
| Change Log |
| ------------------- |
| |
| * HTTPCLIENT-2310: Async Connect exec handler incorrectly pipes CONNECT requests through the main |
| request protocol chain. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Upgraded HttpCore to version 5.2.4. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * SEE OTHER redirect handling fix. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2305: SSLConnectionSocketFactory allows Socket.connect() to be decorated (#499). |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * Add security warning to TrustStrategy implementations documentation (#490). |
| Contributed by Marcono1234 <Marcono1234 at users.noreply.github.com> |
| |
| * More consistent handling of OperationTimeoutException in MemcachedHttpCacheStorage. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Document exec chain behavior when automatic retries are enabled. (#480). |
| Contributed by cachescrubber <lars.uffmann at gmail.com> |
| |
| * HTTPCLIENT-2291: Fixed inconsistency in behavior between the class and async implementation |
| of the request re-execution. The async request retry exec will now restart request execution |
| from itself instead of from the very beginning of the execution chain. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 5.3 ALPHA1 |
| ------------------ |
| |
| This is the first release in the 5.3 release series that introduces support for the Bearer |
| authentication scheme (RFC 6750) and deprecates NTLM and GSS-based experimental authentication |
| schemes in favor of Basic / Bearer authentication with TLS. |
| |
| |
| Change Log |
| ------------------- |
| |
| * GSS-based experimental authentication schemes deprecated and disabled by default. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * NTLM scheme deprecated and disabled by default. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Added linear and exponential BackoffManager implementations. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * Improved AIMDBackoffManager. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * Added DistributedProxySelector with support for load distribution across multiple |
| proxies. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * Support for preamble and epilogue in multipart entities. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * HttpResponseException to include response message content (up to 256 bytes). |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * Workaround for URL quoting issue with LLv6 host literals. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * Bearer auth scheme support (RFC 6750) |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Credentials interface should be able to represent different types of user credentials |
| including token-based with no password. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Connection settings `timeToLive` and `validateAfterInactivity` set to zero to always |
| close or validate connections being leased. |
| Contributed by Christoph Kaser <berlin at caser.de> |
| |
| * Digest authentication scheme to omit the algorithm in the authentication response |
| if it has not been explicitly set in the authentication challenge, as per RFC 7616. |
| Contributed by John Vasileff <john at vasileff.com> |
| |
| * HTTPCLIENT-2271: Do not optimize the path component of the resolved URI by default. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Pass HttpContext to SSLConnectionSocketFactory#prepareSocket method (#404) |
| Contributed by Alen Turkovic <alturkovic at gmail.com> |
| |
| |
| Release 5.2.1 |
| ------------------ |
| |
| This is a maintenance release that fixes several regressions found in release 5.2. |
| |
| Change Log |
| ------------------- |
| |
| * Regression: Async execution runtimes set the negotiated protocol version in the execution |
| context at the wrong point of request execution. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Cancel connection request on exception. |
| Contributed by Bryan Keller <bryanck at gmail.com> |
| |
| * Replace deprecated use of LangUtils#equals() with Objects.equals(). |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Regression: Multipart body builder and multipart formatters fail to escape special characters |
| such as backslash and quote mark. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 5.2 |
| ------------------ |
| |
| This is the first GA release in the 5.2 release series. This release finalizes the 5.2 APIs |
| and corrects several defects discovered since the previous release. |
| |
| Please note that 5.2 upgrades the minimal JRE level to version 8 (8u251 is required). |
| |
| Please note this is likely to be the last release series with support for SPNEGO and NTLM |
| authentication. As of version 5.3 GSS-API-based authentication schemes (Kerberos, SPNEGO) |
| and NTLM authentication schemes are going to be deprecated and disabled by default. |
| |
| |
| Notable changes and features included in the 5.2 series: |
| |
| * Upgrade to Java 8. |
| |
| * Improved support for TLS upgrade and HTTP protocol upgrade (async). |
| |
| * Support for H2 tunneling via HTTP/1.1 proxy. |
| |
| * Conformance to RFC 7617 (The 'Basic' HTTP Authentication Scheme). |
| |
| * Migration to Java 8 Time primitives in State Management and Cache APIs. |
| |
| * Connection and TLS configuration on a per-route basis. |
| |
| * Base64 codec based on Commons Codec replaced with JRE Base64 codec. |
| Dependency on Commons Codec dropped. |
| |
| * Optional support for BR (Brotli) decompression. |
| |
| |
| Change Log |
| ------------------- |
| |
| * HTTPCLIENT-2242: RoutingSupport fails to copy InetAddress when normalizing HttpHost. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2240: Fixed incorrect CONNECT method initialization in ProxyClient. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2236: MultihomeIOSessionRequester fails to enhance the cause exception in case |
| of connect failure if the remoteAddress argument has been given. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Use Objects.toString() instead of String type cast |
| Contributed by Gary Gregory <garydgregory at gmail.com> |
| |
| * HTTPCLIENT-2232: Last protocol interceptors moved at the end of the H2 protocol processing |
| pipeline. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * H2 async runtime to proactively set HTTP/2 protocol version in the execution context. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2231: Fixed a race condition in the main async executor when the request execution |
| on an I/O thread is faster than execution pipeline management on the client thread. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Avoid duplicate redundant objects and use Singleton instead. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * HTTPCLIENT-2225: Connection route calculation does not take the default RequestConfig into |
| account. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Avoid unnecessary use of Instant.toEpochMilli by using Instant#compareTo to compare |
| Instants directly. |
| Contributed by jkmcl |
| |
| * HTTPCLIENT-2221 Closing a classic response/entity allows connection reuse. |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| |
| |
| Release 5.2 BETA1 |
| ------------------ |
| |
| This is the first BETA release in the 5.2 release series that upgrades the minimal JRE |
| level to version 8 (8u251 is required) and includes several protocol level and |
| API improvements. It also includes all bug fixes from the 5.1 branch. |
| |
| Change Log |
| ------------------- |
| |
| * Upgraded HttpCore to version 5.2-beta2. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2218: Use Java 8 Base64 utility (#370). |
| Contributed by j3graham <j3graham@gmail.com> |
| |
| * Added support for BR (Brotli) decompression (#363). |
| Contributed by 殷成涛 <yinwoods@163.com> |
| |
| * HTTPCLIENT-2212: MinimalHttpAsyncClient fails to release client endpoints in case of |
| a connect error (such as TLS handshake failure). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * InternalAbstractHttpAsyncClient to create daemon threads. |
| Contributed by Richard Hernandez <riher at amazon.com> |
| |
| * HTTPCLIENT-2080: Added #getRetryInterval method to HttpRequestRetryStrategy for use |
| on retriable IOExceptions (#356). |
| Contributed by Anthony Baldocchi <489445+ajbaldocchi at users.noreply.github.com> |
| |
| * Fixed infinite recursion in SSLConnectionSocketFactory. |
| Contributed by Ryan Schmitt <rschmitt at apache.org> |
| |
| * HTTPCLIENT-2200: Protocol interceptors are executed before the connection route has |
| been fully established. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2209: Pass HttpContext to AsyncClientConnectionOperator (#353). |
| Contributed by Andriy Redko <drreta at gmail.com> |
| |
| * HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * ExecSupport#getNextExchangeId() optimization (#352) |
| Contributed by David Schlosnagle <schlosna at gmail.com> |
| |
| * HTTPCLIENT-2203: Corrected target host normalization by the request execution interceptors; |
| added ContextBuilder with support for preemptive authentication initialization. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2202: MemcachedHttpCacheStorage to support MemcachedClientIF interface. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Bug fix: ByteArrayBuilder incorrectly handles empty strings. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2198: Fixed AbstractClientTlsStrategy to respect HttpVersionPolicy. |
| Contributed by Andrei Vasilev <59628447+AndreiSVasilev at users.noreply.github.com> |
| |
| * Updated AbstractClientTlsStrategy to pass only the HttpVersionPolicy set by TlsConfig |
| instead of the entire TlsConfig to H2TlsSupport#selectApplicationProtocols() method. |
| Contributed by Andrei Vasilev <59628447+AndreiSVasilev at users.noreply.github.com> |
| |
| * HTTPCLIENT-2195, regression: Classic ConnectExec incorrectly discards the proxy response |
| body even if the request cannot be executed and the response is final. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2194: Async retry request interceptor fails to correct include request body |
| on retry (#343). |
| Contributed by JasonMathison <JasonMathison at users.noreply.github.com> |
| |
| * Deprecated execute methods that return an open response object in favor of execute |
| methods with a response handler and automatic resource deallocation. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2189: Cookie and Cache APIs to use Java time primitives. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * Apply English locale to all date header formatters. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * HTTPCLIENT-2184: Fixed an issue in which connections were not returned to the pool |
| when requests contained non-repeatable bodies AND responses were streamed. |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| |
| |
| Release 5.2 ALPHA1 |
| ------------------ |
| |
| This is the first ALPHA release in the 5.2 release series that upgrades minimal JRE |
| level to version 1.8 (8u251 is required) and includes several protocol level and |
| API improvements. It also includes all bug fixes from the 5.1 branch. |
| |
| Notable changes and features included in the 5.2 series: |
| |
| * Upgrade to Java 8. |
| |
| * Improved support for TLS upgrade and HTTP protocol upgrade (async). |
| |
| * Support for H2 tunneling via HTTP/1.1 proxy. |
| |
| * Conformance to RFC 7617 (The 'Basic' HTTP Authentication Scheme). |
| |
| |
| Change Log |
| ------------------- |
| |
| * Replaced SimpleDateFormat and Calendar with Java 8 Time APIs; removed thread-local |
| from DateUtils. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Support for connection 'total time to live' setting on a per-route basis. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Configurable IOReactor IO session decorator configurable. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| * HTTPCLIENT-2182: Access to SSLSession attributes via reflection is disallowed as of Java 16. |
| Core TLS functions now use new Java 1.8 API introduced by 8u251 update. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2135: TLS configuration on a per-host basis. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7230: Treat presence of userinfo in authority component in request URI as an HTTP |
| protocol violation. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * AuthCache conformance to RFC 7617. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Added immutable CredentialsProvider implementations and a CredentialsProvider builder. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2045: BASIC auth scheme conformance to RFC 7617. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2120: support for H2 via HTTP/1.1 proxy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Moved connection management-related settings from RequestConfig to new class ConnectionConfig. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2139: Cookie Header HttpOnly attribute. |
| Contributed by Arturo Bernal <arturobernalg at gmail.com> |
| |
| |
| |
| Release 5.1.1 |
| ----------- |
| |
| This release upgrades HttpCore to the latest 5.1 version and fixes a number of issues found |
| since release 5.1. |
| |
| |
| Change Log |
| ------------------- |
| |
| * Don't initialize AtomicReference to its default value. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Corrected resolution of the target host in DefaultUserTokenHandler. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2177: automatically force HTTP/1.1 protocol policy when executing requests |
| via a proxy tunnel. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2177: fixed incorrect route state tracking by the async connect executor |
| when negotiating a tunnel via a proxy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2177: keep successful tunnel connections alive regardless of `Connection: close`. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2173: async pooling connection manager to close half-open connection gracefully. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Don't retry a request for NoRouteToHostException. |
| Contributed by Jaikiran Pai <jaikiran.pai at gmail.com> |
| |
| * HTTPCLIENT-2170: Classic protocol layer no longer releases the underlying connection back |
| to the pool prematurely while the NTLM handshake is still ongoing. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed connection lease request cancellation race in both classic and asyc pooling connection |
| managers. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 5.1 |
| ----------- |
| |
| This is the first GA release in the 5.1 release series. |
| |
| Notable changes and features included in the 5.1 series: |
| |
| * Conditional conformance with RFC 3986 (Uniform Resource Identifier (URI): Generic Syntax). |
| |
| * Improved support for out of sequence response message handing by the the classic (blocking) |
| HTTP transport. |
| |
| * Improved message builders. |
| |
| |
| Please note that 5.1 is going to be the last release series compatible with Java 1.7. |
| HttpClient will require Java 1.8 as of 5.2. |
| |
| |
| Change Log |
| ------------------- |
| |
| * HTTPCLIENT-2157: Response object generated by the classic caching backend is missing |
| the original content encoding. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2152: Fixed handling of unexpected unchecked exception by the async request |
| retry exec interceptor. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Async clients to support scheduled (delayed) re-execution of requests. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2148: fluent Executor volatile access thread safety (#301). |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * HTTPCLIENT-2149: When no dNSName, match against CN. |
| Contributed by Peter Dettman <peter.dettman at bouncycastle.org> |
| |
| * HTTPCLIENT-2147: fixed broken preemptive auth in HC Fluent. |
| Contributed by Robert Rodewald <robert.rodewald at kopsis.com> |
| |
| * HTTPCORE-672: cleanup of H2 connection validation code. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HttpAsyncClientBuilder: Make IOReactor exception callback configurable |
| Contributed by Ryan Schmitt <ryansch at amazon.com> |
| |
| * HTTPCLIENT-2141: HttpClient to not retry requests if the retry interval exceeds the response |
| timeout. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed NPE during dispose in Response if entity is null |
| Contributed by Sandeep Kulkarni <sandeep at snk.local> |
| |
| * Blocking connection managers to validate connections after inactivity of more than 2s |
| by default. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Deprecated request factory classes in favor of request builders. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2140: Upgraded Commons Codec to version 1.15. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Deprecated message copiers in favor of generic message builders. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Kerberos/SPNego fixes |
| Contributed by Carey Lin <careylin1111 at gmail.com> |
| |
| |
| |
| Release 5.1 BETA1 |
| ------------------ |
| |
| This is the first BETA release in the 5.1 release series that includes a number of |
| new features as well performance optimizations in the classic HTTP transport. |
| |
| Notable changes and features included in the 5.1 series: |
| |
| * Conditional conformance with RFC 3986 (Uniform Resource Identifier (URI): Generic Syntax). |
| |
| * Improved support for out of sequence response message handing by the the classic (blocking) |
| HTTP transport. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * RFC 3986 conformance: URIUtils to re-use URIBuilder functionality. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Improved I/O session and wire logging. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Add interceptors before MAIN_TRANSPORT so they won't be ignored (#272) |
| Contributed by Rob Spoor <robtimus at users.noreply.github.com> |
| |
| * HTTPCLIENT-2104: ManagedHttpClientConnectionFactory to support ResponseOutOfOrderStrategy configuration. |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * Fixed NPE when H2/Async client interceptors are added using first/last (#268). |
| Contributed by Koji Lin <koji.lin at gmail.com> |
| |
| * HTTPCLIENT-2126: `InternalAbstractHttpAsyncClient` incorrectly handles response messages with no enclosed |
| entity. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2124: Fixed NOE in MinimalHttpClient#doExecute (#261). |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * HTTPCLIENT-2122: async client to throw `HTTP/2 tunneling not supported` protocol exception in case of |
| `force HTTP/2` version policy used along with request proxy routing. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2123: H2AsyncClientBuilder incorrectly adds last request interceptors to the head of |
| the interceptor list. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Use decimal numbers for endpoint/execution IDs (#249). |
| Contributed by Michael Osipov <michaelo@apache.org> |
| |
| * HTTPCLIENT-2106: Added charset parameter for DigestScheme. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2103: ManagedHttpClientConnectionFactory provides a fluent builder |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| |
| |
| Release 5.0.3 |
| ----------------- |
| |
| This release upgrades HttpCore to the latest version, improves conformance to RFC 7235 |
| (Hypertext Transfer Protocol (HTTP/1.1): Authentication) and addresses a number of |
| issues found since 5.0.2 release. |
| |
| Changelog: |
| ------------------- |
| |
| * PR #270: Master try w res and more. |
| - Use try-with-resources. |
| - Use Arrays.fill(). |
| - Add missing @override. |
| - Simplify if/else. |
| - Remove redundant modifiers. … |
| - Remove redundant returns. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| |
| |
| Release 5.0.2 |
| ----------------- |
| |
| This release upgrades HttpCore to the latest version, improves conformance to RFC 7235 |
| (Hypertext Transfer Protocol (HTTP/1.1): Authentication) and addresses a number of |
| issues found since 5.0.1 release. |
| |
| Changelog: |
| ------------------- |
| |
| * HTTPCLIENT-2116: Incorrect request message composition when routing requests |
| via a proxy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * PoolingAsyncClientConnectionManager incorrectly emits Ping commands to HTTP/1.1 |
| endpoints (#255). |
| Contributed by 滕杰1 <tengjie1 at xdf.cn> |
| |
| * HTTPCLIENT-2115: HttpAsyncClientBuilder and H2AsyncClientBuilder fail to take |
| `replaceExecInterceptor()` into account. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2112: AbstractMultipartFormat respects ByteBuffer.arrayOffset (#253). |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * Avoid updating Content-Length header in a 304 response. |
| Contributed by Dirk Henselin <dirk.henselin at vwgis.de> |
| |
| * HTTPCLIENT-2105: Async clients incorrectly handle redirects of requests with enclosed |
| entity. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2100: Incorrect handling of EXTENDED mode by MultipartEntityBuilder |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2099, HTTPCLIENT-2091: SSLConnectionSocketFactory connect timeout fix (#241). |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * Bug fix: BasicExpiresHandler is annotated as immutable but is not (#240). |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * HTTPCLIENT-2096: Migrate instance loggers to static fields |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * Added Automatic-Module-Name to the artefact manifests. |
| Contributed by Niels Basjes <niels at basjes.nl> |
| |
| * MultipartEntityBuilder#generateBoundary optimization (#233) |
| Contributed by slisaasquatch <slisaasquatch at users.noreply.github.com> |
| |
| * HTTPCLIENT-2094: ConnectionManager validateAfterInactivity zero duration agreement |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| * RFC 7235 compliance, HTTPCLIENT-2086: Fixed parsing of token68 based (base64-encoded) |
| auth schemes. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2091: Connect timeout is used instead of socket timeout after a tls upgrade |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2084: Client builders incorrectly add message interceptors with LAST position |
| to the head of the list. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2083: Fix NPE when classic client interceptors are added. |
| Contributed by Carter Kozak <ckozak at apache.org> |
| |
| |
| Release 5.0.1 |
| ----------------- |
| |
| This release upgrades HttpCore to the latest version and addresses a number of issues found |
| since 5.0 release. |
| |
| Changelog: |
| ------------------- |
| |
| * Bug fix: Classic connection managers fail to take #isConsistent() flag into account when |
| re-using persistent connections. |
| 7 Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2077: Authentication failure due to incorrect NTLM auth value check. |
| Contributed by vonahok <64310078+vonahok at users.noreply.github.com> |
| |
| * HTTPCLIENT-2051: Corrected handling of 303 redirects. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPASYNC-160: HttpAsyncClient in INACTIVE or STOPPED state throws a IllegalStateException |
| causing the current thread to terminate. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2076: Fixed NPE in LaxExpiresHandler. |
| Contributed by heejeongkim <aprilhjk at gmail.com> |
| |
| * HTTPCLIENT-2074: Disallow direct execution of CONNECT methods by standard client implementations. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2075: New method Request.responseTimeout(Timeout) in Fluent HC. |
| Contributed by Ralph <ralph.geerkens at rwth-aachen.de> |
| |
| * HTTPCLIENT-2073: (regression) WindowsNegotiateScheme incorrectly rejects empty NTLM challenge. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2069: RequestConfig#copy does not copy #responseTimeout. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2061: Corrected sequence of request execution interceptors in classic HttpClient. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed NPE for null HttpContext in minimal async clients. |
| Contributed by slisaasquatch <sli at saasquat.ch> |
| |
| |
| |
| Release 5.0 |
| ----------------- |
| |
| This is the first stable (GA) release of HttpClient 5.0. |
| |
| Notable changes and features included in the 5.0 series are: |
| |
| * Support for the HTTP/2 protocol and conformance to requirements and |
| recommendations of the latest HTTP/2 protocol specification documents |
| (RFC 7540, RFC 7541.) |
| |
| Supported features: |
| |
| ** HPACK header compression |
| ** Stream multiplexing (client and server) |
| ** Flow control |
| ** Response push |
| ** Message trailers |
| ** Expect-continue handshake |
| ** Connection validation (ping) |
| ** Application-layer protocol negotiation (ALPN) |
| ** TLS 1.2 security features |
| |
| * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol |
| specification documents (RFC 7230, RFC 7231.) |
| |
| * New connection pool implementation with lax connection limit guarantees and better |
| performance under higher concurrency due to absence of a global pool lock. |
| |
| * Support for Reactive Streams API [http://www.reactive-streams.org/] |
| |
| * Package name space changed to 'org.apache.hc.client5'. |
| |
| * Maven group id changed to 'org.apache.httpcomponents.client5'. |
| |
| HttpClient 5.0 releases can be co-located with earlier major versions on the same classpath |
| due to the change in package names and Maven module coordinates. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * Removed work-around for resumed TLS sessions given that JDK-8212885 fix has been ported to Java 11 |
| and released in Oracle JDK 11.0.3. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Upgraded HttpCore dependency to version 5.0 |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * DefaultHttpRequestRetryStrategy: Allow zero retry interval |
| Contributed by Ryan Schmitt <rschmitt at apache.org> |
| |
| * HTTPCLIENT-2047: fixed regression in DefaultHostnameVerifier causing rejection of certs with non-standard domains. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * GitHub #204: Build requests from method names in ClassicHttpRequests: |
| ClassicHttpRequests.create(String, String) |
| ClassicHttpRequests.create(String, URI) |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * GitHub #205: Update request factory classes with matching APIs for Method and String method name inputs: |
| BasicHttpRequests.create(String, URI) |
| BasicHttpRequests.create(String, String) |
| ClassicHttpRequests.create(Method, String) |
| ClassicHttpRequests.create(Method, URI) |
| SimpleHttpRequests.create(String, URI) |
| SimpleHttpRequests.create(String, String) |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * GitHub #208: Do not use input type names in method names: |
| SimpleHttpRequest: Delete setBodyBytes(byte[], ContentType) in favor of setBody(byte[], ContentType) |
| SimpleHttpRequest: Delete setBodyText(String, ContentType) in favor of setBody(String, ContentType) |
| SimpleHttpResponse: Delete setBodyBytes(byte[], ContentType) in favor of setBody(byte[], ContentType) |
| SimpleHttpResponse: Delete setBodyText(String, ContentType) in favor of setBody(String, ContentType) |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| |
| Release 5.0-BETA7 |
| ----------------- |
| |
| This BETA release upgrades HttpCore to the latest version and addresses a number of issues found |
| since the previous BETA release. |
| |
| IMPORTANT: This release is expected to be the last BETA version. If no major |
| design flaws are found the actual 5.0 API will be frozen and the next version will be |
| promoted to GA. |
| |
| Changelog: |
| ------------------- |
| |
| * Improved domain name normalization by DefaultHostnameVerifier. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * DefaultHostnameVerifier: Match DNS and CN names against ICANN domains. |
| Contributed by Ryan Schmitt <rschmitt at apache.org> |
| |
| * HTTPCORE-615: Implement HTTP-based cache serializer-deserializer. |
| Contributed by Scott Gifford <sgifford at suspectclass.com> |
| |
| * HTTPCLIENT-2040: Copy headers from the original request to the redirect request. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Removed RFC 2965 specific requirements deprecated and superseded by RFC 6265. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2035: Remove HttpRequestRetryHandler in favor of HttpRequestRetryStrategy. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * HTTPCLIENT-2019: Remove ServiceUnavailableRetryStrategy in favor of HttpRequestRetryStrategy. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * HTTPCLIENT-2034: Introduce HttpRequestRetryStrategy. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * CloseableHttpAsyncClient to support explicit HttpHost execution parameter. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-2020: DefaultBackoffStrategy to support TOO_MANY_REQUESTS (429). |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * HTTPCLIENT-2030: Fixed PublicSuffixMatcher#getDomainRoot behavior with invalid hostnames. |
| Contributed by Niels Basjes <niels at basjes.nl> |
| |
| * HTTPCLIENT-2028: Connection managers to allow 0 for `validateAfterInactivity` time value. |
| Contributed by Peter Frank <pfrank at fandango.com> |
| |
| * HTTPCLIENT-2023: Allow nested arrays and all primitive types in DefaultHttpCacheEntrySerializer. |
| Contributed by Olof Larsson <olof at sylt.nu> |
| |
| |
| |
| Release 5.0-BETA6 |
| ------------------- |
| |
| This BETA release picks up the latest fixes and performance improvements from HttpCore |
| and addresses a number of issues found since the previous BETA release. |
| |
| Changelog: |
| ------------------- |
| |
| * Fixed fallback PublicSuffixMatcher. |
| Contributed by Ryan Schmitt <rschmitt at apache.org> |
| |
| * Enforce h2 TLS rules after negotiating TLS, not before. |
| Contributed by Ryan Schmitt <rschmitt at apache.org> |
| |
| * HTTPCLIENT-2013: Revised handling of connect exceptions; improved consistency in behavior |
| of the classic and async clients; ConnectTimeoutException now extends SocketTimeoutException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Improved handling of request cancellation (classic API). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed concurrent use of threading unsafe ClassicHttpRequest messages. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Execute Socket#connect under doPrivileged. |
| Contributed by Simon Willnauer <simonw at apache.org> |
| |
| * HTTPCLIENT-2009: Fixed StringIndexOutOfBoundsException in AuthSupport#extractFromAuthority. |
| Contributed by itonyli <429284840 at qq.com> |
| |
| * Make Accept-Encoding header handling thread-safe. |
| Contributed by Linton Miller <linton.miller at coxautoinc.com> |
| |
| |
| |
| Release 5.0-BETA5 |
| ------------------- |
| |
| This BETA release picks up the latest fixes and performance improvements from HttpCore |
| and addresses a number of issues found since the previous BETA release. |
| |
| IMPORTANT: This release is expected to be the last BETA version. If no major |
| design flaws are found the actual 5.0 API will be frozen and the next version will be |
| promoted to GA. |
| |
| Changelog: |
| ------------------- |
| |
| * Information response (1xx) processing support. |
| Contributed by Kirill Usov <kirill.usov at gmail.com> |
| |
| * HTTPCLIENT-1968: Preserve escaped PATHSAFE characters when normalizing URI path segments. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1992: Impossible to access trailer-headers available in chunked transfer-encoding |
| with classic API. |
| Contributed by Serkan Turgut <sturgut at amazon.com> |
| |
| * HTTPCLIENT-1991: incorrect handling of non-standard DNS entries by PublicSuffixMatcher. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Refactor to enable support for non-form based multipart requests |
| Contributed by Adam Retter <adam.retter at googlemail.com> |
| |
| * HTTPCLIENT-1981: disallow TRACE requests with an enclosed entity |
| Contributed by Jay Modi <jay at elastic dot com> |
| |
| |
| |
| Release 5.0-BETA4 |
| ------------------- |
| |
| This BETA release picks up the latest fixes and performance improvements from HttpCore |
| and addresses a number of issues found since the previous BETA release. |
| |
| Notable features in this release: |
| |
| * Security improvements. |
| |
| * URI handling improvements. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * HTTPCLIENT-1976: Unsafe deserialization in DefaultHttpCacheEntrySerializer. |
| Contributed by Artem Smotrakov <artem.smotrakov at gmail.com> |
| |
| * HTTPCLIENT-1969: Filter out weak cipher suites. |
| Contributed by Artem Smotrakov <artem.smotrakov at gmail.com> |
| |
| * HttpClient should not retry requests in case of ConnectionClosedException |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Bug fix: Simple response consumer to discard stored content when releasing resources. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Bug fix: main async request execution handlers to release the associated response consumer |
| upon exception. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Update Apache Commons Codec from 1.11 to 1.12. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update RxJava from 2.2.2 to 2.2.7. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update JNA from 5.0.0 to 5.2.0. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Some well known proxies respond with Content-Length=0, when returning 304. For robustness, |
| always use the cached entity's content length, as modern browsers do. |
| Contributed by Jayson Raymond <Jayson.Raymond15 at T-Mobile.com> |
| |
| * HTTPCLIENT-1960: URIBuilder incorrect handling of multiple leading slashes in path component. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1958: PoolingHttpClientConnectionManager to throw ExecutionException |
| in case of a lease operation cancellation instead of InterruptedException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Shutdown executorService on AbstractHttpAsyncClientBase shutdown. |
| Contributed by 吴雪山 <xueshan.wu at ndkey.com.cn> |
| |
| * [HTTPCLIENT-1952: Allow default User Agent to be disabled |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * Improve HttpResponseException#getMessage. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * Better handling of http(s).proxyUser and http(s).proxyPassword |
| Contributed by Jens Borgland <jborglan at tibco.com> |
| |
| * Wrong argument name in PoolingAsyncClientConnectionManagerBuilder#setConnPoolPolicy results |
| with self assignment of variable. |
| Contributed by Eryk Szymanski <eszymanski at collab.net> |
| |
| |
| |
| Release 5.0-BETA3 |
| ------------------- |
| |
| This BETA release adds support for advanced TLS functions (such as ALPN protocol negotiation) |
| on Java 1.7 and Java 1.8 through Conscrypt TLS library and picks up the latest fixes |
| and performance improvements from HttpCore. |
| |
| Notable features in this release: |
| |
| * TLS ALPN protocol negotiation support on older JREs through Conscrypt TLS library. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * Added optional dependency on conscrypt-openjdk-uber 1.4.1; support for advanced TLS functions |
| (such as ALPN extension) on Java 1.7 and Java 1.8 through Conscrypt TLS library |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Removed OSGi module |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Removed experimental CredSsp auth scheme |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1949: DigestScheme to use HttpRequest#getRequestUri instead of HttpRequest#getPath |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 5.0-BETA2 |
| ------------------- |
| |
| This BETA release resolves compatibility issues with Java 11 new TLS engine as well as |
| a number of defects found since the previous release. |
| |
| Notable new features in this release: |
| |
| * JDK 11 compatibility |
| |
| * Support for request specific push consumers |
| |
| * Support for Reactive Streams API [http://www.reactive-streams.org/] |
| |
| |
| Changelog: |
| ------------------- |
| |
| * Hack to make hostname verification work with TLSv1.3 resumed sessions. |
| For details see https://markmail.org/message/mxf5v2d2gh6ws2j3 |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Added builders for SSLConnectionSocketFactory and client TlsStrategy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Added enum for supported TLS versions & TLS version parser. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1946: handling of 308 status as per RFC 7538. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Upgraded HttpCore to version 5.0-beta5. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Async clients to support request specific push consumers. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1944: Add hardCancellationEnabled option to RequestConfig. |
| Contributed by Ryan Schmitt <ryansch at amazon.com> |
| |
| * Overload Request's execute method to allow custom CloseableHttpClient. |
| Contributed by Nicolas Gomez <nicolas at imogene.fr> |
| |
| * Fix HttpClient 4.5.4 regression in BasicCookieStore serialization. |
| Contributed by Mark Mielke <mmielke at ciena.com> |
| |
| * HTTPCLIENT-1934: Default client TLS strategy passes wrong hostname to the hostname verifier. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1882: reset authentication state on I/O or runtime error for connection based |
| authentication schemes (such as NTLM). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1924: HttpClient to shut down the connection manager if a fatal error occurs |
| in the course of a request execution. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Pooling connection managers to implement graceful and immediate shut down. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1906: certificates containing alternative subject names other than DNS and IP |
| (such as RFC822) get rejected as invalid. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1904: check cookie domain for null |
| Contributed by Hans-Peter Keck <hans-peter.keck at haufe-lexware.com> |
| |
| * HTTPCLIENT-1900: proxy protocol processor in the CONNECT exec interceptor does not |
| post-process CONNECT response messages. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1898: Incorrect comment in example class ClientMultiThreadedExecution.java |
| Contributed by Ulrich Romahn <ulrich at ulrichromahn dot net> |
| |
| * HTTPCLIENT-1931: Add factory enum org.apache.hc.client5.http.classic.methods.ClassicHttpRequests |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * HTTPCLIENT-1932: Add factory enum org.apache.hc.client5.http.async.methods.HttpRequests |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * HTTPCLIENT-1939: Update Apache Commons Codec from 1.10 to 1.11 |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * HTTPCLIENT-1947: Update JNA from 4.5.2 to 5.0.0 |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| Release 5.0-BETA1 |
| ------------------- |
| |
| This is the first BETA release of HttpClient 5.0. The 5.0 release serices introduces |
| support for the HTTP/2 protocol and event driven messaging APIs consistent for all |
| supported HTTP protocol versions. |
| |
| Changelog: |
| ------------------- |
| |
| * DefaultHostnameVerifier to use a custom distinguished name (DN) parser instead of LdapName. |
| Removed dependency on Java Naming extensions. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTP/2 client implementations to support cancellation of ongoing message exchanges without |
| terminating the underlying connections. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1395: added config parameter to skip an extra cache entry freshness check upon |
| cache update in case of a cache miss. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1824, HTTPCLIENT-1384: asynchronous HTTP cache invalidator. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Redesign of CacheKeyGenerator and HttpCacheInvalidator APIs. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * New APIs for cache entry bulk retrieval; bulk retrieval support by Memcached storage |
| implementation. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1824, HTTPCLIENT-1868: Asynchronous HTTP cache storage API. Memcached backend |
| implementation of async HTTP cache storage. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HTTPCLIENT-1885: Content compression exec interceptor generates incorrect |
| 'Accept-Encoding' header value. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 5.0-ALPHA3 |
| ------------------- |
| |
| This is a major release that introduces support for the HTTP/2 protocol and event driven |
| messaging APIs consistent for all supported HTTP protocol versions. |
| |
| HttpClient ships with two client implementations: |
| |
| * HttpClient Classic is based on the classic (blocking) I/O model; largely compatible |
| with the 4.x APIs; supports HTTP/1.1 only. |
| |
| * HttpClient Async is based on NIO model; new event driven APIs consistent for all supported |
| HTTP protocol versions; supports both HTTP/1.1 and HTTP/2. |
| |
| |
| Notable new features in this release: |
| |
| * Asynchronous HttpClient implementations optimized for HTTP/2 multiplexed request execution. |
| |
| * Full support for HTTP caching by asynchronous HttpClient implementations including |
| streaming message exchanages. |
| |
| |
| Notable changes and features included in the 5.0 series are: |
| |
| * Support for the HTTP/2 protocol and conformance to requirements and |
| recommendations of the latest HTTP/2 protocol specification documents |
| (RFC 7540, RFC 7541.) |
| |
| Supported features: |
| |
| ** HPACK header compression |
| ** Stream multiplexing (client and server) |
| ** Flow control |
| ** Response push |
| ** Message trailers |
| ** Expect-continue handshake |
| ** Connection validation (ping) |
| ** Application-layer protocol negotiation (ALPN) on Java 9.0.1+ |
| ** TLS 1.2 security features |
| |
| * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol |
| specification documents (RFC 7230, RFC 7231.) |
| |
| * Redesigned connection pool implementation with reduced pool lock contention. |
| |
| * Package name space changed to 'org.apache.hc.client5'. |
| |
| * Maven group id changed to 'org.apache.httpcomponents.client5'. |
| |
| * Apache Log4j2 logging APIs used for internal logging instead of Commons Logging APIs. |
| |
| HttpClient 5.0 releases can be co-located with earlier major versions on the same classpath |
| due to the change in package names and Maven module coordinates. |
| |
| Please note that as of 5.0, HttpClient requires Java 1.7 or newer. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * HttpAsyncClient implementations optimized for HTTP/2 multiplexed |
| request execution. |
| Contributed by Oleg Kalnichevski <olegk@apache.org> |
| |
| * Improved Ehcache and Memcached storage backends. |
| Contributed by Oleg Kalnichevski <olegk@apache.org> |
| |
| * [HTTPCLIENT-1827] Full support for HTTP caching by asynchronous HTTP clients. |
| Contributed by Oleg Kalnichevski <olegk@apache.org> |
| |
| * Redesign of HTTP cache resource APIs. |
| Contributed by Oleg Kalnichevski <olegk@apache.org> |
| |
| * Deprecated Content-Transfer-Encoding field in MIME body parts per RFC 7578, section 4.7. |
| Contributed by Oleg Kalnichevski <olegk@apache.org> |
| |
| * [HTTPCLIENT-293] Implemented the percent encoding of the filename parameter of the Content-Disposition header. |
| Contributed by Ioannis Sermetziadis <sermojohn@gmail.com> |
| |
| * [HTTPCLIENT-1845]: Extract InputStreamFactory classes out of GzipDecompressingEntity and |
| DeflateDecompressingEntity for reuse and to create less garbage. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * [HTTPCLIENT-1858] Alleviate GC pressure due to wire logging. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Avoid fetching the cached entity twice on cache hit. |
| Contributed by Leandro Nunes <a-lnunes@hotels.com> |
| |
| * [HTTPASYNC-124] Add doPrivileged blocks to async client and connection manager builders |
| Contributed by Jay Modi <jay at elastic dot co> |
| |
| |
| |
| Release 5.0-ALPHA2 |
| ------------------- |
| |
| This is a major release that introduces support for the HTTP/2 protocol and event driven |
| messaging APIs consistent for all supported HTTP protocol versions. |
| |
| HttpClient ships with two client implementations: |
| |
| * HttpClient Classic is based on the classic (blocking) I/O model; largely compatible |
| with the 4.x APIs; supports HTTP/1.1 only. |
| |
| * HttpClient Async is based on NIO model; new event driven APIs consistent for all supported |
| HTTP protocol versions; supports both HTTP/1.1 and HTTP/2. |
| |
| |
| Notable changes and features included in the 5.0 series are: |
| |
| * Partial support for the HTTP/2 protocol and conformance to requirements and |
| recommendations of the latest HTTP/2 protocol specification documents |
| (RFC 7540, RFC 7541.) |
| |
| Supported features: |
| |
| ** HPACK header compression |
| ** Stream multiplexing (client and server) |
| ** Flow control |
| ** Response push |
| ** Message trailers |
| ** Expect-continue handshake |
| ** Connection validation (ping) |
| ** Application-layer protocol negotiation (ALPN) on Java 1.9+ |
| ** TLS 1.2 security features |
| |
| * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol |
| specification documents (RFC 7230, RFC 7231.) |
| |
| * Redesigned connection pool implementation with reduced pool lock contention. |
| |
| * Package name space changed to 'org.apache.hc.client5'. |
| |
| * Maven group id changed to 'org.apache.httpcomponents.client5'. |
| |
| * Apache Log4j2 logging APIs used for internal logging instead of Commons Logging APIs. |
| |
| |
| Features that are presently NOT supported: |
| |
| * HTTP/2 transport (classic) |
| |
| * HTTP tunneling (async) |
| |
| * Automatic response content decompression (async) |
| |
| * Caching (async) |
| |
| |
| HttpClient 5.0 releases can be co-located with earlier major versions on the same classpath |
| due to the change in package names and Maven module coordinates. |
| |
| Please note that as of 5.0, HttpClient requires Java 1.7 or newer. |
| |
| Please note that at this point 5.0 APIs are considered experimental and unstable and are |
| expected to change in the coming releases without providing a migration path. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1714] Add HttpClientBuilder.setDnsResolver(DnsResolver). |
| Contributed by Alexis Thaveau <alexis.thaveau at gmail.com> |
| |
| * [HTTPCLIENT-1715] NTLMEngineImpl.Type1Message not thread safe but declared as a constant. |
| Contributed by Olivier Lafontaine <olafontaine at gmail.com>, Gary Gregory <ggregory at apache.org> |
| |
| * [HTTPCLIENT-1716] redirect handling of unsafe methods defined by RFC 7231. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1717] Make fluent API .Content.Content(byte[], ContentType) public. |
| Contributed by Cash Costello <cash.costello at gmail.com> |
| |
| * [HTTPCLIENT-1730] added #setValidateAfterInactivity to HttpClientBuilder. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1752] Allow to configure the OSGI clients with relaxed SSL checks. |
| Contributed by Simone Tripodi <simonetripodi at apache.org> |
| |
| * [HTTPCLIENT-1748] Improved compatibility with system authentication API in applets. |
| Contributed by Sebastien Caille <sebastien.caille at gmail.com> |
| |
| * [HTTPCLIENT-1786] Port from Apache Commons Logging to Apache Log4j 2. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * [HTTPCLIENT-1817] Add a "Trust All" TrustStrategy implementation. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * [HTTPCLIENT-1836] DefaultHostnameVerifier#getSubjectAltNames(X509Certificate) throws |
| java.lang.ClassCastException. |
| Contributed by Gary Gregory <ggregory at apache.org>, Ilian Iliev <ilian_iliev at yahoo.com> |
| |
| * [HTTPCLIENT-1691] HttpClient instance used internally by HC Fluent to take system properties into |
| account by default. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 5.0-ALPHA1 |
| ------------------- |
| |
| This major release renders HttpClient API incompatible with the stable 4.x branch |
| and upgrades HTTP/1.1 protocol conformance to the requirements and recommendations of the latest |
| protocol specification. This release lays the foundation for transition to HTTP/2 as the primary |
| transport protocol in the future releases. |
| |
| Notable changes and features included in the 5.0 series are: |
| |
| * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol |
| specification (RFC 7230, RFC 7231, RFC 7235) |
| |
| * Package name space changed to 'org.apache.hc.client5' |
| |
| * Maven group id changed to 'org.apache.httpcomponents.client5' |
| |
| * By default the maximum connections per route limit is set to 5 |
| |
| * By default connection request timeout and connect timeout are set to 3 minutes. |
| |
| HttpClient 5.0 releases can be co-located with earlier versions, meaning you can have both 5.x and |
| 4.x on the classpath without experiencing jar hell. |
| |
| Please note that as of 5.0 HttpClient requires Java 1.7 or newer. |
| |
| Please note that at this point we consider 5.0 APIs experimental and unstable and expect them to |
| change in the coming releases without providing a migration path. |
| |
| |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1575] route target port must be non negative |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1106] Use character arrays for passwords in Credentials objects |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7235: redesign of HTTP authenticator and related classes |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7231: parse capable of parsing multiple auth challenges |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7231: DefaultServiceUnavailableRetryStrategy to take Retry-After header value into account if specified |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7231: removed restriction on the use of relative URIs in Location header |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7231: revised redirect handling |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7231: do not generate header fields in TRACE requests containing sensitive data such as cookie and user |
| credentials |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7231: automatic retrial of idempotent methods |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * RFC 7230: increased the default max number of concurrent connection for the same route from 2 to 5 |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Cache request line in HttpRequestWrapper |
| Contributed by Dmitry Potapov <dpotapov at yandex-team.ru> |
| |
| * [HTTPCLIENT-1651] Add ability to disable content compression on a request basis |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1696]: Add convenience methods to fluent API class Request. |
| Contributed by Gary Gregory <ggregory @ apache.org> |
| |
| |
| |
| Release 4.5.1 |
| ------------------- |
| |
| HttpClient 4.5.1 (GA) is a maintenance release that fixes a number of minor defects found since 4.5. |
| |
| Please note that as of 4.4 HttpClient requires Java 1.6 or newer. |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1680] redirect of a POST request causes ClientProtocolException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1673] org.apache.http.entity.mime.content.* missing from OSGi exports. |
| Contributed by Benson Margulies <benson at basistech.com> |
| |
| * [HTTPCLIENT-1668] Fluent request incorrectly handles connect timeout setting. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1667] RequestBuilder does not take charset into account when creating |
| UrlEncodedFormEntity. |
| Contributed by Sergey Smith <smithsv at bk.ru> |
| |
| * [HTTPCLIENT-1655] HttpClient sends RST instead of FIN ACK sequence when using non-persistant |
| connections. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 4.5 |
| ------------------- |
| |
| HttpClient 4.5 (GA) is a minor feature release that includes several incremental enhancements |
| to the exisitng functionality such as support for private domains in the Mozilla Public Suffix List. |
| |
| Changelog: |
| ------------------- |
| |
| * Reduced default validate after inactivity setting from 5 sec to 2 sec. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1649] Fixed serialization of auth schemes. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1645]: Fluent requests to inherit config parameters of the executor. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1640]: RFC6265 lax cookie policy fails to parse 'max-age' attribute. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1633]: RFC6265CookieSpecProvider compatibility level setting has no effect. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1613]: Support for private domains in Mozilla Public Suffix List. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1651]: Add ability to disable content compression on a request basis. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * [HTTPCLIENT-1654]: Deprecate/remove RequestConfig#decompressionEnabled in favor of #contentCompressionEnabled. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| |
| Release 4.4.1 |
| ------------------- |
| |
| HttpClient 4.4.1 (GA) is a maintenance release that fixes a number of defects in new functionality |
| introduced in version 4.4. |
| |
| Users of HttpClient 4.4 are encouraged to upgrade. |
| |
| Please note that as of 4.4 HttpClient requires Java 1.6 or newer. |
| |
| Changelog: |
| ------------------- |
| |
| * Marked RFC 2109, RFC 2965, Netscape draft cookie specs as obsolete. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1633] RFC6265CookieSpecProvider compatibility level setting has no effect. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1628]: Auth cache can fail when domain name contains uppercase characters. |
| Contributed by Dennis Ju <dejuknow at gmail.com> |
| |
| * [HTTPCLIENT-1609] Stale connection check in PoolingHttpClientConnectionManager has no effect. |
| Internal connection pool does not correctly implement connection validation. |
| Contributed by Charles Lip <rene1 at singnet.com.sg> |
| |
| |
| |
| Release 4.4 Final |
| ------------------- |
| |
| This is the first stable (GA) release of HttpClient 4.4. Notable features and enhancements included |
| in 4.4 series are: |
| |
| * Support for the latest HTTP state management specification (RFC 6265). Please note that the old |
| cookie policy is still used by default for compatibility reasons. RFC 6265 compliant cookie |
| policies need to be explicitly configured by the user. Please also note that as of next feature |
| release support for Netscape draft, RFC 2109 and RFC 2965 cookie policies will be deprecated |
| and disabled by default. It is recommended to use RFC 6265 compliant policies for new applications |
| unless compatibility with RFC 2109 and RFC 2965 is required and to migrate existing applications |
| to the default cookie policy. |
| |
| * Enhanced, redesigned and rewritten default SSL hostname verifier with improved RFC 2818 |
| compliance. |
| |
| * Default SSL hostname verifier and default cookie policy now validate certificate identity |
| and cookie domain of origin against the public suffix list maintained by Mozilla.org |
| <https://publicsuffix.org/list> |
| |
| * More efficient stale connection checking: indiscriminate connection checking which results |
| in approximately 20 to 50 ms overhead per request has been deprecated in favor of conditional |
| connection state validation (persistent connections are to be re-validated only if a specified |
| period inactivity has elapsed.) |
| |
| * Authentication cache thread-safety: authentication cache used by HttpClient is now thread-safe |
| and can be shared by multiple threads in order to re-use authentication state for subsequent |
| requests. |
| |
| * Native Windows Negotiate and NTLM via SSPI through JNA: when running on Windows OS HttpClient |
| configured to use native NTLM or SPNEGO authentication schemes can make use of platform specific |
| functionality via JNA and current user credentials. This functionality is still considered |
| experimental, known to have compatibility issues and subject to change without prior notice. |
| Use at your discretion. |
| |
| This release also includes all fixes from the stable 4.3.x release branch. |
| |
| Please note that as of 4.4 HttpClient requires Java 1.6 or newer. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * Support for the latest HTTP state management specification (RFC 6265). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1515] Caching of responses to HEAD requests |
| Contributed by Tyrone Cutajar <tj.cutajar at gmail.com> and |
| Francois-Xavier Bonnet <fx at apache.org> |
| |
| * [HTTPCLIENT-1560] Native Windows auth improvements. |
| Contributed by Michael Osipov <michaelo at apache.org> |
| |
| * Update Apache Commons Logging version from 1.1.3 to 1.2. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update Apache Commons Codec version from 1.6 to 1.9. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update Ehcache version from 2.2.0 to 2.6.9. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update Ehcache version from 2.2.0 to 2.6.9. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update Spymemcached version from 2.6 to 2.11.4. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * Update SLF4J version from 1.5.11 to 1.7.7. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| |
| |
| |
| |
| Release 4.4 BETA1 |
| ------------------- |
| |
| This is the first BETA release of HttpClient 4.4. Notable features and enhancements included |
| in 4.4 series are: |
| |
| * Enhanced redesigned and rewritten default SSL hostname verifier with improved RFC 2818 |
| compliance |
| |
| * Default SSL hostname verifier and default cookie policy now validate certificate identity |
| and cookie domain of origin against the public suffix list maintained by Mozilla.org |
| <https://publicsuffix.org/list> |
| |
| * Native windows Negotiate/NTLM via JNA: when running on Windows OS HttpClient configured to use |
| native NTLM or SPNEGO authentication schemes can make use of platform specific functionality |
| via JNA and current user system credentials |
| |
| * More efficient stale connection checking: indiscriminate connection checking which results |
| in approximately 20 to 50 ms overhead per request has been deprecated in favor of conditional |
| connection state validation (persistent connections are to be re-validated only if a specified |
| period inactivity has elapsed) |
| |
| * Authentication cache thread-safety: authentication caches used by HttpClient is now thread-safe |
| and can be shared by multiple threads in order to re-use authentication state for subsequent |
| requests |
| |
| This release also includes all fixes from the stable 4.3.x release branch. |
| |
| Please note that as of 4.4 HttpClient requires Java 1.6 or newer. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1547] HttpClient OSGi bundle doesn't import the package "javax.naming". |
| Contributed by Willem Jiang <ningjiang at apache.org> |
| |
| * [HTTPCLIENT-1541] Use correct (HTTP/hostname) service principal name for Windows native |
| Negotiate/NTLM auth schemes. |
| Contributed by Ka-Lok Fung <ka-lok.fung at sap.com> |
| |
| * Improved compliance with RFC 2818: default hostname verifier to ignore the common name of the |
| certificate subject if alternative subject names (dNSName or iPAddress) are present. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1540] Support delegated credentials (ISC_REQ_DELEGATE) by Native windows |
| native Negotiate/NTLM auth schemes. |
| Contributed by Ka-Lok Fung <ka-lok.fung at sap.com> |
| |
| |
| |
| Release 4.4 ALPHA1 |
| ------------------- |
| |
| This is the first ALPHA release of HttpClient 4.4. Notable features and enhancements included |
| in the 4.4 branch are: |
| |
| * More efficient stale connection checking: indiscriminate connection checking which results |
| in approximately 20 to 50 ms overhead per request has been deprecated in favor of conditional |
| connection state validation (persistent connections are to be re-validated only if a specified |
| period inactivity has elapsed) |
| |
| * Native windows Negotiate/NTLM via JNA: when running on Windows OS HttpClient configured to use |
| native NTLM or SPNEGO authentication schemes can make use of platform specific functionality |
| via JNA and current user system credentials |
| |
| * Authentication cache thread-safety: authentication caches used by HttpClient is now thread-safe |
| and can be shared by multiple threads in order to re-use authentication state for subsequent |
| requests |
| |
| This release also includes all fixes from the stable 4.3.x release branch. |
| |
| Please note that as of 4.4 HttpClient requires Java 1.6 or newer. |
| |
| Please note that new features included in this release are still considered experimental and |
| their API may change in the future 4.4 alpha and beta releases. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1493] Indiscriminate connection checking has been deprecated in favor of conditional |
| connection state validation. Persistent connections are to be re-validated only after a defined |
| period inactivity prior to being leased to the consumer. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1519] Use the original HttpHost instance passed as a parameter to |
| HttpClient#execute when generating 'Host' request header. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1491] Enable provision of Service Principal Name in Windows native |
| auth scheme. |
| Contributed by Malcolm Smith <malcolmfsmith at gmail.com> |
| |
| * [HTTPCLIENT-1403] Pluggable content decoders. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1466] FileBodyPart#generateContentType() ignores custom ContentType values. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1461] fixed performance degradation in gzip encoded content processing |
| introduced by HTTPCLIENT-1432. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1457] Incorrect handling of Windows (NT) credentials by |
| SystemDefaultCredentialsProvider. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1456] Request retrial after status 503 causes ClientProtocolException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1454] Make connection operator APIs public. |
| Contributed by Tamas Cservenak <tamas at cservenak.net> |
| |
| * Update JUnit to version 4.11 from 4.9 |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| |
| |
| Release 4.3.4 |
| ------------------- |
| |
| HttpClient 4.3.4 (GA) is a maintenance release that improves performance in high concurrency |
| scenarios. This version replaces dynamic proxies with custom proxy classes and eliminates thread |
| contention in java.reflect.Proxy.newInstance() when leasing connections from the connection pool |
| and processing response messages. |
| |
| |
| Changelog: |
| ------------------- |
| |
| * Replaced dynamic proxies with custom proxy classes to reduce thread contention. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1484] GzipCompressingEntity should not close the underlying output stream |
| if the entity has not been fully written out due to an exception. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1474] Fixed broken entity enclosing requests in HC Fluent. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1470] CachingExec(ClientExecChain, HttpCache, CacheConfig, AsynchronousValidator) |
| throws NPE if config is null |
| |
| |
| |
| |
| Release 4.3.3 |
| ------------------- |
| |
| HttpClient 4.3.3 (GA) is a bug fix release that fixes a regression introduced by the previous |
| release causing a significant performance degradation in compressed content processing. |
| |
| Users of HttpClient 4.3 are encouraged to upgrade. |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1466] FileBodyPart#generateContentType() ignores custom ContentType values. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1453] Thread safety regression in PoolingHttpClientConnectionManager |
| #closeExpiredConnections that can lead to ConcurrentModificationException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1461] fixed performance degradation in compressed content processing |
| introduced by HTTPCLIENT-1432. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1457] Incorrect handling of Windows (NT) credentials by |
| SystemDefaultCredentialsProvider. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1456] Request retrial after status 503 causes ClientProtocolException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 4.3.2 |
| ------------------- |
| |
| HttpClient 4.3.2 (GA) is a maintenance release that delivers a number of improvements |
| as well as bug fixes for issues reported since 4.3.1 release. SNI support for |
| Oracle JRE 1.7+ is being among the most notable improvements. |
| |
| Users of HttpClient 4.3 are encouraged to upgrade. |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-1447] Clients created with HttpClients.createMinimal do not work with absolute URIs |
| Contributed by Joseph Walton <joe at kafsemo dot org> |
| |
| * [HTTPCLIENT-1446] NTLM proxy + BASIC target auth fails with 'Unexpected state: |
| MSG_TYPE3_GENERATED'. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1443] HttpCache uses the physical host instead of the virtual host as a cache key. |
| Contributed by Francois-Xavier Bonnet <fx at apache.org> |
| |
| * [HTTPCLIENT-1442] Authentication header set by the user gets removed in case |
| of proxy authentication (affects plan HTTP requests only). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1441] Caching AsynchronousValidationRequest leaks connections. |
| Contributed by Dominic Tootell <dominic.tootell at gmail.com> |
| |
| * [HTTPCLIENT-1440] 'file' scheme in redirect location URI causes NPE. |
| Contributed by James Leigh <james at 3roundstones dot com> |
| |
| * [HTTPCLIENT-1437] Made Executor#execute thread safe. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1119] SNI support (Oracle Java 1.7+ only). |
| Contributed by Bruno Harbulot <bruno at distributedmatter.net> |
| |
| * [HTTPCLIENT-1435] Fluent Executor ignores custom request properties. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1432] Lazy decompressing of HttpEntity#getContent() to avoid EOFException |
| in case of an empty response with 'Content-Encoding: gzip' header. |
| Contributed by Yihua Huang <code4crafter at gmail.com> |
| |
| * [HTTPCLIENT-1431] (Regression) deprecated connection manager cannot be used with |
| a custom LayeredSchemeSocketFactory. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1425] Fixed socket closed exception thrown by caching HttpClient when the origin |
| server sends a long chunked response. |
| Contributed by James Leigh <james at 3roundstones dot com> |
| |
| * [HTTPCLIENT-1417] Fixed NPE in BrowserCompatSpec#formatCookies caused by version 1 |
| cookies with null cookie value. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1416] Fixed NPE in CachingHttpClientBuilder#build(). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 4.3.1 |
| ------------------- |
| |
| HttpClient 4.3.1 (GA) is a bug fix release that addresses a number of issues reported since |
| release 4.3. |
| |
| Users of HttpClient 4.3 are strongly encouraged to upgrade. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1410] Browser compatible hostname verifier no longer rejects |
| *.co.<countrycode>, *.gov.<countrycode>, *.info.<countrycode>, etc as invalid. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Ensure X509HostnameVerifier is never null. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1405] CONNECT HTTP/1.1 requests lack mandatory 'Host' header. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1402] Cache default User-Agent value. |
| Contributed by yuexiaojun <junedo at qq.com> |
| |
| * [HTTPCLIENT-1398] Fixed invalid OSGi metadata caused by corrupted Maven bundle plugin metadata. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1399] Fixed NPE in RequestBuilder. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| |
| Release 4.3 Final |
| ------------------- |
| |
| This is the first stable (GA) release of HttpClient 4.3. The most notable enhancements included |
| in this release are: |
| |
| * Support for Java 7 try-with-resources for resource management (connection release.) |
| |
| * Added fluent Builder classes for HttpEntity, HttpRequest, HttpClient and SSLContext instances. |
| |
| * Deprecation of preference and configuration API based on HttpParams interface in favor of |
| constructor injection and plain configuration objects. |
| |
| * Reliance on object immutability instead of access synchronization for thread safety. |
| Several old classes whose instances can be shared by multiple request exchanges have |
| been replaced by immutable equivalents. |
| |
| * DefaultHttpClient, DecompressingHttpClient, CachingHttpClient and similar classes are |
| deprecated in favor of builder classes that produce immutable HttpClient instances. |
| |
| * HttpClient builders now dynamically construct a request execution pipeline tailored |
| specifically to the user configuration by physically excluding unnecessary protocol components. |
| |
| * There is now an option to construct a minimal HttpClient implementation that can only execute |
| basic HTTP message exchanges without redirects, authentication, state management or proxy support. |
| This feature might be of particular use in web crawler development. |
| |
| * There is now option to avoid strict URI syntax for request URIs by executing HTTP requests |
| with an explicitly specified target host. HttpClient will no longer attempt to parse the request |
| URI if it does not need to extract the target host from it. |
| |
| This release also includes all fixes from the stable 4.2.x release branch. |
| |
| |
| Changelog |
| ------------------- |
| * [HTTPCLIENT-1371] Weak ETag Validation is Useful On PUT With If-Match |
| Contributed by James Leigh <james at 3roundstones dot com> |
| |
| * [HTTPCLIENT-1394] Support for Native windows Negotiate/NTLM via JNA |
| Contributed by Ryan McKinley <ryan at apache.org> |
| |
| * [HTTPCLIENT-1384] Expose CacheInvalidator interface. |
| Contributed by Nicolas Richeton <nicolas.richeton at free.fr> |
| |
| * [HTTPCLIENT-1385] Fixed path normalization in CacheKeyGenerator |
| Contributed by James Leigh <james at 3roundstones dot com> |
| |
| * [HTTPCLIENT-1370] Response to non-GET requests should never be cached with the default |
| ResponseCachingPolicy |
| Contributed by James Leigh <james at 3roundstones dot com> |
| |
| * [HTTPCLIENT-1373] OPTIONS and TRACE should not invalidate cache |
| Contributed by James Leigh <james at 3roundstones dot com> |
| |
| * [HTTPCLIENT-1383] HttpClient enters an infinite loop during NTLM authentication if the opposite |
| endpoint keeps responding with a type 2 NTLM response after type 3 MTLM message has already been |
| sent by the client. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1372] Refactor HttpMultipart, and add RFC6532 mode, so that headers in post |
| are no longer constrained to ASCII values. |
| Contributed by Karl Wright <kwright at apache.org> |
| |
| * [HTTPCLIENT-1377] User principal for non-NTLM authentication is incorrectly generated when using |
| user credentials are specified as NTCredentials |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| |
| |
| Release 4.3 BETA2 |
| ------------------- |
| |
| This is the second BETA release of HttpClient 4.3. The most notable features and improvements |
| in the 4.3 branch are: Support for Java 7 try-with-resources for resource management (connection |
| release); fluent Builder classes for HttpEntity, HttpRequest and HttpClient instances, deprecation |
| of preference and configuration API based on HttpParams interface in favor of constructor injection |
| and plain configuration objects, reliance on object immutability instead of access synchronization |
| for thread safety. |
| |
| This release also includes all fixes from the stable 4.2.x release branch. |
| |
| Changelog |
| ------------------- |
| |
| |
| * [HTTPCLIENT-1366] org.apache.http.client.utils.URLEncodedUtils should parse the semicolon as a query parameter separator. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * [HTTPCLIENT-1365] NPE when ManagedHttpClientConnectionFactory.create(ConnectionConfig) is called with null. |
| Contributed by Gary Gregory <ggregory at apache.org> |
| |
| * [HTTPCLIENT-1362] Better error messages for connect timed out and connection refused |
| exceptions. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1360] separate out DeflateInputStream as an independent class, |
| so it can be used by others. |
| Contributed by Karl Wright <kwright at apache.org> |
| |
| * [HTTPCLIENT-1359] repeated requests using the same context fail if they redirect. |
| Contributed by James Leigh <james at 3roundstones.com> |
| |
| * [HTTPCLIENT-1354] do not quote algorithm parameter in DIGEST auth response. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1351] Added utility method to resolve final location from original request, |
| target host and a list of redirects. |
| Contributed by James Leigh <james at 3roundstones.com> |
| |
| * [HTTPCLIENT-1344] Userinfo credentials in URI should not default to preemptive BASIC |
| authentication. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1345] Useinfo credentials ignored in redirect location header. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1294] HttpClient to rewrite host name of the redirect location URI in order |
| to avoid circular redirect exception due to host name case mismatch. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1264] Add support for multiple levels of browser compatibility |
| to BrowserCompatSpec and BrowserCompatSpecFactory. Include constructor |
| argument for IE medium-security compatibility. |
| Contributed by Karl Wright (kwright at apache.org) |
| |
| * [HTTPCLIENT-1349] SSLSocketFactory incorrectly identifies key passed with keystore as |
| the keystore password. |
| Contributed by David Graff <djgraff209 at gmail.com> |
| |
| * [HTTPCLIENT-1346] Ensure propagation of SSL handshake exceptions. |
| Contributed by Pasi Eronen <pe at iki.fi> |
| |
| * [HTTPCLIENT-1343] SSLSocketFactory optional parameters for supported SSL protocols and cipher |
| suites. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1238] Contribute Bundle Activator And Central Proxy Configuration. |
| Contributed by Simone Tripodi <simonetripodi at apache.org> |
| |
| * [HTTPCLIENT-1299] (regression) cache incorrectly disposes of the underlying cache resource |
| when storing variant entry. |
| Contributed by James Leigh <james at 3roundstones.com> |
| |
| * [HTTPCLIENT-1342] Redirects with underscore character in the location hostname cause |
| "java.lang.IllegalArgumentException: Host name may not be null". |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 4.3 BETA1 |
| ------------------- |
| |
| This is the first BETA release of HttpClient 4.3. The 4.3 branch enhances HttpClient in several |
| key areas and includes several notable features and improvements: Support for Java 7 |
| try-with-resources for resource management (connection release); fluent Builder classes for |
| HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API |
| based on HttpParams interface in favor of constructor injection and plain configuration objects, |
| reliance on object immutability instead of access synchronization for thread safety. |
| |
| This release also includes all fixes from the stable 4.2.x release branch. |
| |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1317] InetAddressUtils should handle IPv6 Addresses with Embedded IPv4 Addresses |
| Contributed Sebastian Bazley <sebb at apache.org>. |
| |
| * [HTTPCLIENT-1320] Leverage javax.net.ssl.SSLSocketFactory#getDefault() to initialize SSL context |
| based on system defaults instead of using an internal custom routine. |
| Contributed by Abe Backus <abraham at backus.com> and Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1316] Certificate verification rejects IPv6 addresses which are not String-equal. |
| Contributed Sebastian Bazley <sebb at apache.org>. |
| |
| * [HTTPCLIENT-1307] Future based asynchronous request execution. |
| Contributed by Jilles van Gurp <jilles at jillesvangurp.com> |
| |
| * [HTTPCLIENT-1313] Fixed IllegalStateException in deprecated ThreadSafeClientConnManager. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1298] Add AsynchronousValidator in HttpClientBuilder's list of closeable objects. |
| Contributed by Martin Meinhold <mmeinhold at atlassian.com> |
| |
| |
| |
| Release 4.3 ALPHA1 |
| ------------------- |
| |
| This is the first ALPHA release of HttpClient 4.3. The 4.3 branch enhances HttpClient in several |
| key areas and includes several notable features and improvements: Support for Java 7 |
| try-with-resources for resource management (connection release); fluent Builder classes for |
| HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API |
| based on HttpParams interface in favor of constructor injection and plain configuration objects, |
| reliance on object immutability instead of access synchronization for thread safety. |
| |
| We are kindly asking all upstream projects to review API changes and help us improve |
| the APIs by providing feedback and sharing ideas on dev@hc.apache.org. |
| |
| This release also includes all fixes from the stable 4.2.x release branch. |
| |
| Please note that new features included in this release are still considered experimental and |
| their API may change in the future 4.3 alpha and beta releases. |
| |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1250] Allow query string to be ignored when determining cacheability for |
| HTTP 1.0 responses. |
| Contributed by Don Brown <mrdon at twdata.org> |
| |
| * [HTTPCLIENT-1261] Make SystemDefaultHttpClient honor http.agent system property. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-900] Don't enforce URI syntax for messages with an explicit target host. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1190] HttpClient cache does not support "Vary: Cookie" |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1259] Calling #abort() on requests executed with DecompressingHttpClient has no |
| effect. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1253] URIBuilder setParameter() method could exceed the HTTP header size. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1216] Added method to force clean thread-local used by DateUtils. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 4.2.3 |
| ------------------- |
| |
| HttpClient 4.2.3 (GA) is a bug fix release that addresses a number of issues reported since |
| release 4.2.2. This release also includes a thoroughly reworked NTLM authentication engine |
| which should result in a better compatibility with the newest Microsoft products. |
| |
| Users of HttpClient 4.x are advised to upgrade. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1296] NPE gets thrown if you combine a default host with a virtual host |
| that has a -1 value for the port. |
| Contributed by Karl Wright <daddywri at gmail.com> |
| |
| * [HTTPCLIENT-1290] 304 cached response never reused with If-modified-since conditional |
| requests. |
| Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net> |
| |
| * [HTTPCLIENT-1291] Absolute request URIs without an explicitly specified path are rewritten |
| to have "/" path). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1286] Request URI rewriting is inconsistent - URI fragments are not removed |
| from absolute request URIs. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1284] HttpClient incorrectly generates Host header when physical connection |
| route differs from the host name specified in the request URI. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1293] Kerberos and SPNego auth schemes use incorrect authorization header name |
| when authenticating with a proxy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1283] NTLM needs to use Locale-independent form of |
| toUpperCase(). |
| Contributed by Karl Wright <DaddyWri at gmail.com> |
| |
| * [HTTPCLIENT-1279] Target host responding with status 407 (proxy authentication required) |
| causes an NPE. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1281] GzipDecompressingEntity does not release InputStream when an IOException |
| occurs while reading the Gzip header |
| Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net> |
| |
| * [HTTPCLIENT-1277] Caching client sends a 304 to an unconditional request. |
| Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net> |
| |
| * [HTTPCLIENT-1278] Update NTLM documentation. |
| Contributed by Karl Wright <DaddyWri at gmail.com> |
| |
| * SystemDefaultHttpClient misinterprets 'http.keepAlive' default value and disables |
| connection persistence if the system property is not set. This causes connection |
| based authentication schemes such as NTLM to fail. |
| |
| * [HTTPCLIENT-1276] cache update on a 304 response causes NPE. |
| Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net> |
| |
| * [HTTPCLIENT-1273] DecompressingHttpClient does not automatically consume response |
| content in case of an i/o, HTTP or runtime exception thrown by the decompressing |
| protocol interceptor leading to a potential connection leak. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1268] NTLM engine refactor fix, to correct a buffer overrun, and get NTLMv2 |
| flags right. |
| Contributed by Karl Wright <DaddyWri at gmail.com> |
| |
| * [HTTPCLIENT-1266] NTLM engine refactoring and compatibility improvements. |
| Contributed by Karl Wright <DaddyWri at gmail.com> |
| |
| * [HTTPCLIENT-1263] BrowserCompatSpec: attribute values containing spaces or special characters |
| should be enclosed with quotes marks for version 1 cookies. |
| Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net> |
| |
| * [HTTPCLIENT-1263] CachingHttpClient fails to release connections back to the connection |
| manager for some type of HTTP response messages when used together with DecompressingHttpClient. |
| Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net> |
| |
| * [HTTPCLIENT-1258] Fixed NullPointerException in NTLMEngineImpl caused by null NT domain |
| attribute. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1254] Redirect with underscore in hostname causes ProtocolException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1255] AbstractVerifier incorrectly parses certificate CN containing wildcard. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 4.2.2 |
| ------------------- |
| |
| HttpClient 4.2.2 (GA) is a bug fix release that addresses a number of issues reported since |
| release 4.2.1. |
| |
| Users of HttpClient 4.2 are advised to upgrade. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1248] Default and lax redirect strategies should not convert requests redirected |
| with 307 status to GET method. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1215] BasicAuthCache does not take default ports into consideration when |
| looking up cached authentication details by HttpHost key. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1241] (regression) Preemptive BASIC authentication failure should be considered |
| final and no further attempts to re-authenticate using the same credentials should be made. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1229] Fixed NPE in BasicClientConnectionManager that can be triggered by releasing |
| connection after the connection manager has already been shut down. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1227] Date parsing in DateUtils made more efficient. |
| Contributed by Patrick Linskey <pcl at apache.org> |
| |
| * [HTTPCLIENT-1224] (regression) NTLM auth not retried after a redirect over a non-persistent |
| connection. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1223] Cache could be more aggressive on cache invalidations |
| from Content-Location. Contributed by Jon Moore <jonm at apache.org>. |
| Contributed by Jon Moore <jonm at apache.org> |
| |
| * [HTTPCLIENT-1217] AutoRetryHttpClient does not release connection used by the previous response |
| when request is retried |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| |
| Release 4.2.1 |
| ------------------- |
| |
| HttpClient 4.2.1 (GA) is a bug fix release that addresses a number of issues reported since |
| release 4.2. |
| |
| Users of HttpClient 4.2 are advised to upgrade. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1209] Redirect URIs are now normalized. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1202] ResponseCachingPolicy should honor explicit cache-control |
| directives for other status codes |
| Contributed by Jon Moore <jonm at apache.org> |
| |
| * [HTTPCLIENT-1199] DecompressingHttpClient strips content from entity enclosing requests |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1198] HttpHost is not set in HttpContext in CachingHttpClient. |
| Contributed by Jon Moore <jonm at apache.org> |
| |
| * [HTTPCLIENT-1200] DecompressingHttpClient fails to generate correct HttpHost context attribute. |
| Contributed by Guillaume Castagnino <casta+jira at xwing.info> |
| |
| * [HTTPCLIENT-1192] URIBuilder encodes query parameters twice. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> and Sebastian Bazley <sebb at apache.org>. |
| |
| * [HTTPCLIENT-1196] Fixed NPE in UrlEncodedFormEntity constructor thrown if charset is null. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1193] Fixed regression in the route tracking logic of the default connection manager |
| causing cross-site redirect failures. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| Release 4.2 |
| ------------------- |
| |
| This is the first stable (GA) release of HttpClient 4.2. The most notable enhancements included |
| in this release are: |
| |
| * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes |
| only the most fundamental functions of HttpClient and is intended for relatively simple use cases |
| that do not require the full flexibility of HttpClient. However, the fluent API almost fully |
| relieves the users from having to deal with connection management and resource deallocation. |
| |
| * Redesigned and rewritten connection management code. |
| |
| * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication |
| scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges |
| and retry authentication with a fall-back scheme in case the primary one fails. This can be |
| important for compatibility with Microsoft products that are often configured to use |
| SPNEGO/Kerberos as the preferred authentication scheme. |
| |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1187] If a revalidation response is deemed too old CachingHttpClient fails to |
| consume its content resulting in a connection leak. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1186] State of newly created connections in the connection pool is not always |
| correctly updated potentially allowing those connections to be leased to users with a different |
| security context. |
| Contributed by Ralf Poehlmann <rpn at methodpark.de> |
| |
| * [HTTPCLIENT-1179] Upgraded Commons Codec dependency to version 1.6 |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1177] always remove fragments from request URIs |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| Incompatible changes |
| -------------------- |
| [Compared to release version 4.1.3] |
| |
| The following fields have been deprecated for some time now and have been deleted: |
| |
| org.apache.http.client.params.ClientPNames#CONNECTION_MANAGER_FACTORY |
| org.apache.http.impl.cookie.BrowserCompatSpec#DATE_PATTERNS |
| |
| The following methods have been deprecated for some time now and have been deleted: |
| |
| org.apache.http.client.params.ClientParamBean#setConnectionManagerFactory(org.apache.http.conn.ClientConnectionManagerFactory) |
| org.apache.http.client.protocol.ClientContextConfigurer#setAuthSchemePref(java.util.List) |
| org.apache.http.entity.mime.content.FileBody#writeTo(java.io.OutputStream, int) |
| org.apache.http.entity.mime.content.InputStreamBody#writeTo(java.io.OutputStream, int) |
| org.apache.http.entity.mime.content.StringBody#writeTo(java.io.OutputStream, int) |
| |
| The following classes have been deprecated for some while now and have been deleted: |
| |
| org.apache.http.impl.conn.tsccm.RefQueueHandler |
| org.apache.http.impl.conn.tsccm.AbstractConnPool no longer implements interface org.apache.http.impl.conn.tsccm.RefQueueHandler |
| org.apache.http.impl.conn.tsccm.ConnPoolByRoute no longer implements interface org.apache.http.impl.conn.tsccm.RefQueueHandler |
| org.apache.http.impl.conn.tsccm.RefQueueWorker |
| |
| |
| |
| Release 4.2 BETA1 |
| ------------------- |
| |
| This is the first BETA release of HttpClient 4.2. This release completes development of several |
| notable enhancements in HttpClient: |
| |
| * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes |
| only the most fundamental functions of HttpClient and is intended for relatively simple use cases |
| that do not require the full flexibility of HttpClient. However, the fluent API almost fully |
| relieves the users from having to deal with connection management and resource deallocation. |
| |
| * Redesigned and rewritten connection management code. As of release 4.2 HttpClient will be using |
| pooling connection manager per default. |
| |
| * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication |
| scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges |
| and retry authentication with a fall-back scheme in case the primary one fails. This can be |
| important for compatibility with Microsoft products that are often configured to use |
| SPNEGO/Kerberos as the preferred authentication scheme. |
| |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1164] Compressed entities are not being cached properly. |
| Contributed by Jon Moore <jonm at apache dot org>. |
| |
| * [HTTPCLIENT-1154] MemcachedHttpCacheStorage should allow client to |
| specify custom prefix string for keys. |
| Contributed by Jon Moore <jonm at apache dot org>. |
| |
| * [HTTPCLIENT-1153] MemcachedHttpCacheStorage uses URL as cache key; |
| shouldn't due to fixed maximum-length memcached keys. |
| Contributed by Jon Moore <jonm at apache dot org>. |
| |
| * [HTTPCLIENT-1157] MemcachedHttpCacheStroage should throw IOExceptions |
| instead of RuntimeExceptions. |
| Contributed by James Miller <jamesmiller01 at gmail dot com>. |
| |
| * [HTTPCLIENT-1152] MemcachedHttpCacheStorage should verify class of |
| returned object before casting. |
| Contributed by Rajika Kumarasiri <rajika at wso2 dot com>. |
| |
| * [HTTPCLIENT-1155] CachingHttpClient fails to ensure that the response content gets fully consumed |
| when using a ResponseHandler, which can potentially lead to connection leaks. |
| Contributed by James Miller <jamesmiller01 at gmail dot com> |
| |
| * [HTTPCLIENT-1147] When HttpClient-Cache cannot open cache file, should act like miss. |
| Contributed by Joe Campbell <joseph.r.campbell at gmail.com> |
| |
| * [HTTPCLIENT-1137] Values for the Via header are cached and reused by httpclient-cache. |
| Contributed by Alin Vasile <alinachegalati at yahoo dot com> |
| |
| * [HTTPCLIENT-1142] Infinite loop on NTLM authentication failure. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1143] CachingHttpClient leaks connections with stale-if-error. |
| Contributed by James Miller <jamesmiller01 at gmail dot com> |
| |
| Release 4.2 ALPHA1 |
| ------------------- |
| |
| This is the first ALPHA release of HttpClient 4.2. The 4.2 branch enhances HttpClient in several |
| key areas and includes several notable features and improvements: |
| |
| * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes |
| only the most fundamental functions of HttpClient and is intended for relatively simple use cases |
| that do not require the full flexibility of HttpClient. However, the fluent API almost fully |
| relieves the users from having to deal with connection management and resource deallocation. |
| |
| * Redesigned and rewritten connection management code. As of release 4.2 HttpClient will be using |
| pooling connection manager per default. |
| |
| * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication |
| scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges |
| and retry authentication with a fall-back scheme in case the primary one fails. This can be |
| important for compatibility with Microsoft products that are often configured to use |
| SPNEGO/Kerberos as the preferred authentication scheme. |
| |
| Please note that new features included in this release are still considered experimental and |
| their API may change in the future ALPHA releases. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-1128] SystemDefaultHttpClient (HttpClient implementation initialized using system |
| properties). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1135] RandomAccessFile mode 'w' used by HttpClientCache is not valid. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1131] HttpClient to authenticate preemptively using BASIC scheme if a userinfo |
| attribute is specified in the request URI. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1134] make BasicResponseHandler consume response content in case of an unsuccessful |
| result (status code >= 300). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1132] ProxyClient implementation. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1127] fixed dead-lock between SingleClientConnManager and AbstractPooledConnAdapter. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1107] Auth framework redesign. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1116] ResponseCachingPolicy uses integers for sizes |
| Contributed by Greg Bowyer <gbowyer at fastmail.co.uk > |
| |
| * [HTTPCLIENT-1123] Support for pluggable DNS resolvers. |
| Contributed by Alin Vasile <alinachegalati at yahoo dot com> |
| |
| * [HTTPCLIENT-1120] DefaultHttpRequestRetryHandler#retryRequest should not retry aborted requests. |
| Contributed by Alin Vasile <alinachegalati at yahoo dot com> |
| |
| * Support for auth-int qop (quality of protection) option in Digest auth scheme. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1076] Fluent facade API (Google summer of code 2011 project). |
| Contributed by Xu Lilu <cookieme at gmail.com> |
| |
| * UriBuilder implementation. |
| Contributed by Xu Lilu <cookieme at gmail.com> |
| |
| * Redesign of connection management classes based on new pooling components from HttpCore. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1111] Added #prepareSocket method to SSLSocketFactory. |
| Contributed by Pasi Eronen <pe at iki.fi> |
| |
| * Added #reset() and #releaseConnection() methods to HttpRequestBase. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1105] AutoRetryHttpClient: built-in way to do auto-retry for certain status codes. |
| Contributed by Dan Checkoway <dcheckoway at gmail.com> |
| |
| * [HTTPCLIENT-1094] Digest auth scheme refactoring. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Lax implementation of RedirectStrategy. |
| Contributed by Bartosz Firyn <songo.bercik at interia.pl> |
| |
| * [HTTPCLIENT-1044] HttpRequestRetryHandler implementation compliant with the definition of |
| idempotent methods given in the RFC 2616. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 4.1.2 |
| ------------------- |
| |
| The HttpClient 4.1.2 is a bug fix release that addresses a number of non-critical issues reported |
| since release 4.1.1. |
| |
| * [HTTPCLIENT-1100] Missing Content-Length header makes cached entry invalid |
| Contributed by Bart Robeyns <bart dot robeyns at gmail dot com> |
| |
| * [HTTPCLIENT-1098] Avoid expensive reverse DNS lookup on connect timeout exception. |
| Contributed by Thomas Boettcher <tboett at gmail.com> |
| |
| * [HTTPCLIENT-1097] BrowserCompatHostnameVerifier and StrictHostnameVerifier should handle |
| wildcards in SSL certificates better. |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| * [HTTPCLIENT-1092] If ClientPNames.VIRTUAL_HOST does not provide the port, derive it from the |
| current request. |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| * [HTTPCLIENT-1087] NTLM proxy authentication fails on retry if the underlying connection is closed |
| as a result of a target authentication failure. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1079] Fixed Kerberos cross-realm support |
| Contributed by Michael Osipov <1983-01-06 at gmx.net> |
| |
| * [HTTPCLIENT-1078] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) |
| do not close content stream in #writeTo() method. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1075] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) |
| do not correctly handle content streaming. |
| Contributed by James Abley <james.abley at gmail.com> |
| |
| * [HTTPCLIENT-1051] Avoid reverse DNS lookups when opening SSL connections by IP address. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 4.1.1 |
| ------------------- |
| |
| HttpClient v4.1.1 is a bug fix release that addresses a number of issues reported since |
| release 4.1, including one critical security issue (HTTPCLIENT-1061). All users of HttpClient 4.0.x |
| and 4.1 are strongly encouraged to upgrade. |
| |
| * [HTTPCLIENT-1069] HttpHostConnectException not correctly retried for direct and non-tunnelled |
| proxy connections. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1066] Changed the way URIUtils#rewriteURI handles multiple consecutive slashes in the |
| URI path component: multiple leading slashes will be replaced by one slash in order to avoid |
| confusion with the authority component. The remaining content of the path will not be modified. |
| (also see HTTPCLIENT-929). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1061] Fixed critical bug causing Proxy-Authorization header to be sent to the target |
| host when tunneling requests through a proxy server that requires authentication. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1056] Fixed bug causing the RequestAuthCache protocol interceptor to generate |
| an invalid AuthScope instance when looking up user credentials for preemptive authentication. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1053] Fixed the way DigestScheme generates nonce-count values. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| Release 4.1 |
| ------------------- |
| |
| The HttpClient 4.1 release builds upon the stable foundation laid by HttpClient 4.0 and adds several |
| functional improvements and popular features. |
| |
| * Response caching conditionally compliant with HTTP/1.1 specification (full compliance with |
| MUST requirements, partial compliance with SHOULD requirements) |
| |
| * Full support for NTLMv1, NTLMv2, and NTLM2 Session authentication. The NTLM protocol code |
| was kindly contributed by the Lucene Connector Framework project. |
| |
| * Support for SPNEGO/Kerberos authentication. |
| |
| * Persistence of authentication data between request executions within the same execution context. |
| |
| * Support for preemptive authentication for BASIC and DIGEST schemes. |
| |
| * Support for transparent content encoding. Please note transparent content encoding is not |
| enabled per default in order to avoid conflicts with already existing custom content encoding |
| solutions. |
| |
| * Mechanism to bypass the standard certificate trust verification (useful when dealing with |
| self-signed certificates). |
| |
| * Simplified configuration for connection managers. |
| |
| * Transparent support for host multihoming. |
| |
| IMPORTANT: please note that the HttpClient 3.x branch is now officially END OF LIFE and is no longer |
| maintained and supported by the Apache HttpComponents project. |
| |
| Changelog |
| ------------------- |
| * The public API for the caching module had a minor change between 4.1-beta and 4.1-GA to the |
| HttpCacheEntry class - the deprecated public Set<String> getVariantURIs() method and constructor |
| public HttpCacheEntry(Date requestDate, Date responseDate, |
| StatusLine statusLine, Header[] responseHeaders, |
| Resource resource, Set<String> variants) |
| were both removed. This will not affect you unless you are implementing new storage backends |
| that use the deprecated code and/or are implementing custom serializers for cache entries. |
| |
| * Changed Browser-Compatibility and Best-Match cookie policies to emulate the behaviour of FireFox |
| more closely when parsing Netscape style cookies. Comma will no longer be treated as a header |
| element separator if Set-Cookie does not contain a Version attribute mandated by the |
| RFC2109 / RFC 2965 cookie specifications. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1036] StringBody has incorrect default for characterset. (Default changed |
| to US-ASCII) |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| * [HTTPCLIENT-975] Support stale-if-error and stale-while-revalidate extension directive (RFC5861). |
| Contributed by Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com>, |
| Michajlo Matijkiw <michajlo_matijkiw at comcast.com>, and |
| Matthew Hawthorne <matthew_hawthorne at comcast.com>. |
| |
| * [HTTPCLIENT-1033] HttpRoute.equals(Object o) is quite inefficient, as it does not take full |
| advantage of shortcut logic. |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| * [HTTPCLIENT-1030] Implement "ignoreCookies" CookieSpec |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| Release 4.1 BETA1 |
| ------------------- |
| |
| HttpClient 4.1 BETA1 finalizes the 4.1 API and brings a number of major improvements to the HTTP |
| caching module. This release also adds full support for NTLMv1, NTLMv2, and NTLM2 Session |
| authentication. The NTLM protocol code was kindly contributed by the Lucene Connector Framework |
| project. |
| |
| Changelog |
| ------------------- |
| * [HTTPCLIENT-1015] Support only-if-cached directive. |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> |
| |
| * [HTTPCLIENT-990] Allow heuristic freshness caching. |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> |
| |
| * [HTTPCLIENT-919] Support for NTLMv1, NTLMv2, and NTLM2 Session authentication. |
| Contributed by Karl Wright <karl.wright at nokia.com> |
| |
| * [HTTPCLIENT-1008] Send all variants' ETags on "variant miss". |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> and |
| Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com> |
| |
| * [HTTPCLIENT-1011] Handling of IOExceptions thrown by cache components. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-1003] Handle conditional requests in cache. |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> and |
| Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com> |
| |
| * [HTTPCLIENT-1002] Stale connection check fails if wire logging is on. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-1000] Maximum connection lifetimes settings for ThreadSafeClientConnManager. |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> |
| |
| * [HTTPCLIENT-960] HttpMultipart doesn't generate Content-Type header for binary parts in |
| BROWSER_COMPATIBLE mode. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-998] Cache should use both Last-Modified and ETag for validations when available. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-997] Cache module should handle out-of-order validations properly and unconditionally |
| refresh. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-994] Cache does not allow client to override origin-specified freshness using |
| max-stale. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-995] Cache returns cached responses even if validators not consistent with all |
| conditional headers. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-977] Memcached implementation for HttpCache. |
| Contributed by Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com> |
| |
| * [HTTPCLIENT-992] cache should not generate stale responses to requests explicitly requesting |
| first-hand or fresh ones. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-991] cache module produces improperly formatted Warning header when revalidation |
| fails. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-989] DefaultHttpRequestRetryHandler no longer retries non-idempotent http methods |
| if NoHttpResponseException is thrown. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-988] Cache module should strip 'Content-Encoding: identity' from responses |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-987] cache module does not recognize equivalent URIs. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-986] cache module does not completely handle upstream Warning headers correctly |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-985] cache module should populate Via header to capture upstream and downstream protocols |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-984] Additional conditional compliance tests for the caching module for |
| Content-Encoding, Content-Location, Date, Expires, Server, Transfer-Encoding, and Vary headers. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-978] HTTP cache update exception handling |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> |
| |
| * [HTTPCLIENT-981] CachingHttpClient returns a 411 respones when executing a POST (HttpPost) |
| request. |
| Contributed by Joe Campbell <joseph.r.campbell at gmail.com> |
| |
| * [HTTPCLIENT-980] CachingHttpClient returns a 503 response when the backend HttpClient produces |
| an IOException. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-978] Ehcache based HTTP cache implementation |
| Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> |
| |
| * [HTTPCLIENT-967] support for non-shared (private) caches |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-969] BasicCookieStore#getCookies() to return a copy of Cookie list |
| Contributed by David Smiley <dsmiley at mitre.org> |
| |
| * [HTTPCLIENT-965] Fixed problem with cache not honoring must-revalidate or |
| proxy-revalidate Cache-Control directives. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-964] 'no-cache' directives with field names are no longer transmitted |
| downstream. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-963] Fixed handling of 'Cache-Control: no-store' on requests. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-962] Fixed handling of Authorization headers in shared cache mode. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-961] Not all applicable URIs are invalidated on PUT/POST/DELETEs |
| that pass through client cache. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-958] Client cache no longer allows incomplete responses to be |
| passed on to the client. |
| Contributed by Jonathan Moore <jonathan_moore at comcast.com> |
| |
| * [HTTPCLIENT-951] Non-repeatable entity enclosing requests are not correctly |
| retried when 'expect-continue' handshake is active. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-948] In rare circumstances the idle connection handling code |
| can leave closed connections in a inconsistent state. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-953] IllegalStateException thrown by RouteSpecificPool. |
| Contributed by Guillaume <gueugaie at gmail.com> |
| |
| * [HTTPCLIENT-952] Trust store parameter is ignored by SSLSocketFactory |
| (affects version 4.1-alpha2 only) |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-937] CacheEntry made immutable; now uses immutable HttpEntity |
| to store cached content. |
| Contributed by David Mays <david_mays at comcast.com> and |
| Oleg Kalnichevski <olegk at apache.org> |
| |
| Release 4.1 ALPHA2 |
| ------------------- |
| |
| HttpClient 4.1 ALPHA2 fixes a number of non-severe bugs discovered since |
| the last release and introduces support for two frequently requested features: |
| |
| * HTTP/1.1 response caching |
| |
| * transparent support for host multihoming |
| |
| * a mechanism to bypass the standard certificate trust verification |
| (useful when dealing with self-signed certificates) |
| |
| Compatibility notes |
| ------------------- |
| (1) Please note the HTTP caching module is still considered experimental and |
| its API may change significantly in the future releases. |
| |
| (2) This release eliminates Mime4J as a dependency for the HttpMime module. |
| HttpMime is no longer binary compatible with the previous releases. |
| Full API and binary compatibility between minor versions of HttpMime will be |
| maintained as of 4.1 GA release. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-936] Fixed bug causing NPE or an infinite loop in |
| the authentication code in case of a SPNEGO authentication failure. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-427] HTTP caching support |
| Contributed by Joe Campbell, David Cleaver, David Mays, Jon Moore, Brad Spenla |
| |
| * Dropped dependency on Mime4j for HttpMime. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Extended SSLSocketFactory with a mechanism to bypass the standard certificate |
| trust verification (primarily to simplify dealing with self-signed |
| certificates) |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-898] Improved support for host multihoming |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-916] UsernamePasswordCredentials, NTUserPrincipal, |
| BasicClientCookie, BasicClientCookie2 and BasicCookieStore made Serializable. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-914] Upgraded Commons Codec dependency to version 1.4 |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-903] Use ConcurrentHashMap instead of [Linked]HashMap for |
| thread-safety. Improve performance of AuthSchemeRegistry, CookieSpecRegistry |
| and SchemeRegistry classes. |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| * [HTTPCLIENT-902] HttpRequestRetryHandler not called on I/O exceptions |
| thrown when opening a new connection. |
| Contributed by Olivier Lamy <olamy at apache.org> and |
| Oleg Kalnichevski <olegk at apache.org> |
| |
| Release 4.1 ALPHA1 |
| ------------------- |
| |
| HttpClient 4.1 ALPHA1 builds on the stable 4.0 release and adds several |
| functionality improvements and new features. |
| |
| * Simplified configuration of connection managers. |
| |
| * Persistence of authentication data between request executions within |
| the same execution context. |
| |
| * Support for SPNEGO/Kerberos authentication scheme |
| |
| * Support for transparent content encoding. Please note transparent content |
| encoding is not enabled per default in order to avoid conflicts with |
| already existing custom content encoding solutions. |
| |
| * 5 to 10% performance increase due to elimination of unnecessary Log object |
| lookups by short-lived components. |
| |
| Please note all methods and classes added in this release and marked as |
| 4.1 are API unstable and can change in the future 4.1 ALPHA releases. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-889] 'expect: continue' handshake disabled per default. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-862] Extended client's redirect handling interface to allow |
| control of the content of the redirect. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-872] HttpClient can now persist authentication data between request |
| executions as long as they share the same execution context. It has also become |
| much easier to make HttpClient authenticate preemptively by pre-populating |
| authentication data cache. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-883] SO_TIMEOUT is not reset on persistent (re-used) connections. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-832] Distinguish cookie format errors from violations of |
| restrictions imposed by a cookie specification. In the latter case |
| CookieRestrictionViolationException will be thrown. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-523] Support for SPNEGO authentication scheme. |
| Contributed by Matthew Stevenson <mavricknzwork at yahoo.com> |
| |
| * Simplified configuration of connection managers. Total connection maximum |
| and maximum connection per route limits can be set using methods of |
| the class instead of HTTP parameters. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Added parameters to define the order of preference for supported auth |
| schemes for target host and proxy authentication. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-875] DefaultClientConnectionOperator#openConnection doesn't |
| update the connection state if the connection socket changed after |
| the call to SocketFactory#connectSocket(). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-834] Transparent content encoding support. |
| Contributed by James Abley <james.abley at gmail.com> |
| |
| Release 4.0.1 |
| ------------------- |
| |
| This is a bug fix release that addresses a number of issues discovered since |
| the previous stable release. None of the fixed bugs is considered critical. |
| Most notably this release eliminates eliminates dependency on JCIP annotations. |
| |
| This release is also expected to improve performance by 5 to 10% due to |
| elimination of unnecessary Log object lookups by short-lived components. |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-895] Eliminated Log lookups in short lived objects impairing |
| performance. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-885] URLEncodedUtils now correctly parses form-url-encoded |
| entities that specify a charset. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-884] UrlEncodedFormEntity now sets charset on the Content-Type |
| header. |
| Contributed by Jared Jacobs <jmjacobs at cs.stanford.edu> |
| |
| * [HTTPCLIENT-883] SO_TIMEOUT is not reset on persistent (re-used) connections. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-882] Auth state is now correctly updated if a successful NTLM |
| authentication results in a redirect. This is a minor bug as HttpClient |
| manages to recover from the problem automatically. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-881] Fixed race condition in AbstractClientConnAdapter that makes |
| it possible for an aborted connection to be returned to the pool. |
| Contributed by Tim Boemker <tboemker at elynx.com> and |
| Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-866] Removed dependency on jcip-annotations.jar. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| and Sebastian Bazley <sebb at apache.org> |
| |
| |
| Release 4.0 |
| ------------------- |
| |
| HttpClient 4.0 represents a complete, ground-up redesign and almost a complete |
| rewrite of the HttpClient 3.x codeline. This release finally addresses several |
| design flaws that existed since the 1.0 release and could not be fixed without |
| a major code overhaul and breaking API compatibility. |
| |
| |
| Architectural changes |
| --------------------- |
| |
| * Redesign of the HttpClient internals addressing all known major |
| architectural shortcomings of the 3.x codeline. |
| |
| * Cleaner, more flexible and expressive API. |
| |
| * More modular structure. |
| |
| * Better performance and smaller memory footprint due to a more efficient HTTP |
| transport based on HttpCore. |
| |
| * Implementation of cross-cutting HTTP protocol aspects through protocol |
| interceptors. |
| |
| * Improved connection management, better handling of persistent connections, |
| support for stateful connections |
| |
| * Pluggable redirect and authentication handlers. |
| |
| * Improved support for sending requests via a proxy or a chain of proxies |
| |
| * More flexible SSL context customization |
| |
| * Reduced intermediate garbage in the process of generating HTTP requests |
| and parsing HTTP responses |
| |
| |
| Important notes |
| ------------------- |
| |
| * Future releases of HttpMime module may be binary incompatible with this |
| release due to possible API changes in Apache Mime4J. Apache Mime4J is |
| still being actively developed and its API is considered unstable. |
| |
| * HttpClient 4.0 is not fully binary compatible with 4.0 BETA1 release. |
| Some protected variables in connection management class have been |
| made final in order to help ensure their thread safety: |
| |
| org.apache.http.conn.BasicEofSensorWatcher#attemptReuse |
| org.apache.http.conn.BasicEofSensorWatcher#managedConn |
| org.apache.http.impl.conn.DefaultClientConnectionOperator#schemeRegistry |
| org.apache.http.impl.conn.DefaultHttpRoutePlanner#schemeRegistry |
| org.apache.http.impl.conn.ProxySelectorRoutePlanner#schemeRegistry |
| org.apache.http.impl.conn.SingleClientConnManager#alwaysShutDown |
| org.apache.http.impl.conn.SingleClientConnManager#connOperator |
| org.apache.http.impl.conn.SingleClientConnManager#schemeRegistry |
| org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager#connOperator |
| org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager#schemeRegistry |
| |
| |
| Bug fixes since 4.0 BETA2 release |
| ------------------- |
| |
| * [HTTPCLIENT-861] URIUtils#resolve is now compatible with all examples given |
| in RFC 3986. |
| Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de> |
| |
| * [HTTPCLIENT-860] HttpClient no longer converts redirects of PUT/POST to GET |
| for status codes 301, 302, 307, as required by the HTTP spec. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-859] CookieIdentityComparator now takes path attribute into |
| consideration when comparing cookies. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * HttpClient will no longer send expired cookies back to the origin server. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-856] Proxy NTLM authentication no longer fails on a redirect to |
| a different host. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-841] Removed automatic connection release using garbage collection |
| due to a memory leak. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-853] Fixed bug causing invalid cookie origin port to be selected |
| when the target is accessed on the default port and the connection is |
| established via a proxy. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-852] Fixed bug causing automatically retried redirects fail with |
| CircularRedirectException. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed problem with the default HTTP response parser failing to handle garbage |
| preceding a valid HTTP response. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * NonRepeatableRequestExceptions now include the cause that the original |
| request failed. |
| Contributed by Sam Berlin <sberlin at apache.org> |
| |
| * [HTTPCLIENT-837] Fixed problem with the wire log skipping zero byte values |
| if read one byte at a time. |
| Contributed by Kirill Safonov <ksafonov at swiftteams.com> |
| |
| * [HTTPCLIENT-823] 'http.conn-manager.max-total' parameter can be adjusted |
| dynamically. However, the size of existing connection pools per route, |
| once allocated, will not be adjusted. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-822] Default socket factories to rethrow SocketTimeoutException |
| as ConnectTimeoutException in case of connect failure due to a time out. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-813] Fixed default port resolution. Invalid ports no longer |
| get replaced with the default port value. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| Release 4.0 beta 2 |
| ------------------- |
| |
| BETA2 is a maintenance release, which addresses a number of issues |
| discovered since the previous release. |
| |
| The only significant new feature is an addition of an OSGi compliant |
| bundle combining HttpClient and HttpMime jars. |
| |
| All upstream projects are strongly encouraged to upgrade. |
| |
| * Fixed NPE in DefaultRequestDirector thrown when retrying a failed |
| request over a proxied connection. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-803] Fixed bug in SSL host verifier implementations |
| causing the SSL certificate to be rejected as invalid if the connection |
| is established using an IP address. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-806] DefaultHttpMethodRetryHandler will no longer retry |
| on ConnectExceptions. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * DigestScheme can use an arbitrary digest algorithm requested by the |
| target server (such as SHA) as long as this algorithm is supported by |
| the Java runtime. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed parsing and validation of RFC2109 compliant Set-Cookie headers |
| by the Best-Match cookie spec. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed bug that can cause a managed connection to be returned from the |
| pool in an inconsistent state. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| |
| 4.0 Beta 1 |
| ------------------- |
| |
| BETA1 release brings yet another round of API enhancements and |
| improvements in the area of connection management. Among the most notable |
| ones is the capability to handle stateful connections such as persistent |
| NTLM connections and private key authenticated SSL connections. |
| |
| This is the first API stable release of HttpClient 4.0. All further |
| releases in the 4.0 code line will maintain API compatibility with this |
| release. |
| |
| There has been a number of important bug fixes since ALPHA4. All upstream |
| projects are encouraged to upgrade to the latest release. |
| |
| Please note HttpClient currently provides only limited support for NTLM |
| authentication. For details please see NTLM_SUPPORT.txt. |
| |
| ------------------- |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-790] Protocol interceptors are now correctly invoked when |
| executing CONNECT methods. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-668] Do not use static loggers. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-781] Respect Keep-Alive header's timeout value. |
| Contributed by Sam Berlin <sberlin at apache.org> |
| |
| * [HTTPCLIENT-779] Top-level classes (HttpClient, and HttpGet, HttpPut |
| and similar HttpMethods) throw fewer checked exceptions. |
| Contributed by Sam Berlin <sberlin at apache.org> |
| |
| * HttpClient will throw an exception if an attempt is made to retry |
| a request with a non-repeatable request entity. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Fixed request re-generation logic when retrying a failed request. |
| Auto-generated headers will no accumulate. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-424] Preemptive authentication no longer limited to BASIC |
| scheme only. HttpClient can be customized to authenticate preemptively |
| with DIGEST scheme. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-670] Pluggable hostname resolver. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-719] Clone support for HTTP request and cookie objects. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-776] Fixed concurrency issues with AbstractPoolEntry. |
| Contributed by Sam Berlin <sberlin at gmail.com> |
| |
| * Resolved a long standing problem with HttpClient not taking into account |
| the user context when pooling / re-using connections. HttpClient now |
| correctly handles stateful / user specific connections such as persistent |
| NTLM connections and SSL connections with client side authentication. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-773] Improved handling of the 'expires' attribute by the |
| 'Best Match' cookie spec. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Partial NTLM support (requires an external NTLM engine). For details see |
| NTLM_SUPPORT.txt |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * Redesigned local execution context management. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| -------------------------------------- |
| |
| Release 4.0 Alpha 4 |
| ------------------- |
| |
| ALPHA4 marks the completion of the overhaul of the connection management |
| code in HttpClient. All known shortcomings of the old HttpClient 3.x |
| connection management API have been addressed. |
| |
| NTLM authentication remains the only missing major feature in the new |
| codeline that prevents us from moving awards the API freeze. |
| |
| There has been a number of important bug fixes since ALPHA3. All upstream |
| projects are encouraged to upgrade to the latest release. |
| |
| ------------------- |
| |
| HttpClient 3.x features that have NOT yet been ported: |
| ------------------- |
| |
| * NTLM authentication scheme |
| |
| ------------------- |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-765] String.toLowerCase() / toUpperCase() should specify |
| Locale.ENGLISH |
| Contributed by Sebastian Bazley <sebb at apache.org> |
| |
| * [HTTPCLIENT-769] Do not pool connection marked non-reusable. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-763] Fixed problem with AbstractClientConnAdapter#abortConnection() |
| not releasing the connection if called from the main execution thread while |
| there is no blocking I/O operation. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-652] Added optional state attribute to managed client connections. |
| This enables connection managers to correctly handle stateful connections. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-673] Revised max connections per route configuration |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-753] Class Scheme and related classes moved to a separate package |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-757] Improved request wrapping in the DefaultClientRequestDirector. |
| This also fixed the problem with the default proxy set at the client level |
| having no effect. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-734] Request abort will unblock the thread waiting for a connection |
| Contributed by Sam Berlin <sberlin at gmail.com> |
| |
| * [HTTPCLIENT-759] Ensure release of connections back to the connection manager |
| on exceptions. |
| Contributed by Sam Berlin <sberlin at gmail.com> |
| |
| * [HTTPCLIENT-758] Fixed the use of generics in AbstractHttpClient |
| #removeRequestInterceptorByClass and #removeResponseInterceptorByClass |
| Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de> |
| |
| * [HTTPCLIENT-749] HttpParams beans |
| Contributed by Stojce Dimski <sdmiski at yahoo.it> |
| |
| * [HTTPCLIENT-755] Workaround for known bugs in java.net.URI.resolve() |
| Bug ID: 4708535 |
| Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de> |
| |
| -------------------------------------- |
| |
| Release 4.0 Alpha 3 |
| ------------------- |
| |
| ALPHA3 release brings another round of API refinements and improvements in |
| functionality. As of this release HttpClient requires Java 5 compatible |
| runtime environment and takes full advantage of generics and new concurrency |
| primitives. |
| |
| This release also introduces new default cookie policy that selects a cookie |
| specification depending on the format of cookies sent by the target host. |
| It is no longer necessary to know beforehand what kind of HTTP cookie support |
| the target host provides. HttpClient is now able to pick up either a lenient |
| or a strict cookie policy depending on the compliance level of the target host. |
| |
| Another notable improvement is a completely reworked support for multipart |
| entities based on Apache mime4j library. |
| |
| ------------------- |
| |
| HttpClient 3.x features that have NOT yet been ported: |
| ------------------- |
| |
| * NTLM authentication scheme |
| |
| ------------------- |
| |
| Changelog: |
| ------------------- |
| |
| * [HTTPCLIENT-742] common interface for HttpRoute and RouteTracker |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-741] Fixed concurrency issues in AbstractClientConnAdapter. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-726] testcase for spurious wakeups in ThreadSafeClientConnManager |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-643] Automatic connect fail-over for multi-home remote servers. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-735] unsetting of DEFAULT_PROXY and FORCED_ROUTE in hierarchies |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-723] route planner based on java.net.ProxySelector |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-740] don't start connection GC thread in pool constructor |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-736] route planners use SchemeRegistry instead of ConnManager |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-730] Fixed rewriting of URIs containing escaped characters |
| Contributed by Sam Berlin <sberlin at gmail.com> and |
| Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-667] Added 'Meta' cookie policy that selects a cookie |
| specification depending on the format of the cookie(s). |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-729] Move HttpRoute and related classes to routing package. |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-725] Use TimeUnit arguments for timeouts in connection manager. |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-677] Connection manager no longer uses Thread.interrupt(). |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-716] Allow application-defined routes. |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-712] Improve HttpRoute API |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-711] Bad route computed for redirected requests |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-715] Remove RoutedRequest from API |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-705] Fixed incorrect handling of URIs with null path component. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-688] HttpOptions#getAllowedMethods can now handle multiple |
| Allow headers. |
| Contributed by Andrea Selva <selva.andre at gmail.com> |
| |
| -------------------------------------- |
| |
| Release 4.0 Alpha 2 |
| ------------------- |
| |
| ALPHA2 release is another milestone in the redesign of HttpClient. It includes |
| a number of improvements since ALPHA1, among which are improved connection |
| pooling, support for proxy chains, redesigned HTTP state and authentication |
| credentials management API, improved RFC 2965 cookie specification. |
| |
| ------------------- |
| |
| HttpClient 3.x features that have NOT yet been ported |
| ------------------- |
| * NTLM authentication scheme |
| |
| * Support for multipart MIME coded entities |
| |
| ------------------- |
| |
| Changelog |
| ------------------- |
| |
| * [HTTPCLIENT-698] Resolve non-absolute redirect URIs relative to |
| the request URI |
| Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de> |
| |
| * [HTTPCLIENT-697] Throw a more intelligible exception when connection |
| to a remote host cannot be established. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-689] Caching of SimpleDateFormat in DateUtils |
| Contributed by Daniel Müller <strider at digitalstrider.com> |
| |
| * [HTTPCLIENT-689] stackable parameters in AbstractHttpClient |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-477] Use distinct instances of the authentication handler |
| interface for authentication with target and proxy hosts |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-690] ManagedClientConnection provides access to SSLSession |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-692] ClientConnectionManager throws InterruptedException |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCORE-116] moved parameter names to interfaces |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-649] support for proxy chains in HttpConn |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-636] refactor ThreadSafeClientConnManager in separate package |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-669] new HttpRoutePlanner interface and implementation |
| Contributed by Andrea Selva <selva.andre at gmail.com> |
| |
| * [HTTPCLIENT-653] detached connection wrapper no longer prevents |
| garbage collection of ThreadSafeClientConnManager |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-674] use org.apache.http.util.VersionInfo instead of a local one |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-666] Replaced HttpState with CredentialsProvier and CookieStore interfaces |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCORE-100] revised HttpContext hierarchy |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-618] eliminate class HostConfiguration |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-672] re-sync with API changes in core alpha6-SNAPSHOT |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| -------------------------------------- |
| |
| Release 4.0 Alpha 1 |
| ------------------- |
| |
| HttpClient 4.0 represents a complete, ground-up redesign and almost a complete |
| rewrite of the HttpClient 3.x codeline. This release finally addresses several |
| design flaws that existed since the 1.0 release and could not be fixed without |
| a major code overhaul and breaking API compatibility. |
| |
| The HttpClient 4.0 API is still very experimental and is bound to change |
| during the course of the ALPHA development phase. Several important features |
| have not yet been ported to the new API. |
| |
| Architectural changes |
| --------------------- |
| |
| * Redesign of the HttpClient internals addressing all known |
| major architectural shortcomings of the 3.x codeline |
| |
| * Cleaner, more flexible and expressive API |
| |
| * Better performance and smaller memory footprint due to a more |
| efficient HTTP transport based on HttpCore. HttpClient 4.0 is |
| expected to be 10% to 25% faster than HttpClient 3.x codeline |
| |
| * More modular structure |
| |
| * Pluggable redirect and authentication handlers |
| |
| * Support for protocol incerceptors |
| |
| * Improved connection management |
| |
| * Improved support for sending requests via a proxy or a chain of |
| proxies |
| |
| * Improved handling redirects of entity enclosing requests |
| |
| * More flexible SSL context customization |
| |
| * Reduced intermediate garbage in the process of |
| generating HTTP requests and parsing HTTP responses |
| |
| ------------------- |
| |
| HttpClient 3.x features that have NOT yet been ported |
| ------------------- |
| * NTLM authentication scheme |
| |
| * RFC2965 cookie policy (Cookie2) |
| |
| * Support for multipart MIME coded entities |
| |
| ------------------- |
| |
| Changelog |
| ------------------- |
| |
| The following is a list of contributions tracked in JIRA. |
| Note that this is not a complete list of contributions or changes. |
| Since the API was redesigned completely, tracking everything outside |
| of the source code repository would have been too burdensome. |
| |
| * [HTTPCLIENT-655] User-Agent string no longer violates RFC |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-541] Virtual host API redesign |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-614] Allow for different strategies when checking |
| CN of x509 certificates |
| Contributed by Julius Davies <juliusdavies at gmail.com> |
| |
| * [HTTPCLIENT-136] Fixed inadequate proxy support |
| Long standing architectural problem. Issue opened on 19/Dec/2002. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-63] Support for pluggable redirect and authentication handlers |
| Long standing architectural problem. Issue opened on 15/Jul/2002. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-245] Fixed redirect handling. HttpClient can now automatically |
| handle redirects of entity enclosing requests. |
| Long standing architectural problem. Issue opened on 14/Jul/2003. |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-613] HTTPS connections now verify CN of x509 certificates |
| Contributed by Julius Davies <juliusdavies at gmail.com> |
| |
| * [HTTPCLIENT-497] Wire/header logger names consistent with class loggers |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-484] AuthSSLProtocolSocketFactory in the main distribution |
| Contributed by Oleg Kalnichevski <olegk at apache.org> |
| |
| * [HTTPCLIENT-589] Do not consume the remaining response content if |
| the connection is to be closed |
| Contributed by Roland Weber <rolandw at apache.org> |
| |
| * [HTTPCLIENT-475] Support for unconnected sockets. HTTP requests can now be |
| aborted while network socket is still being connected. |
| Contributed by Roland Weber <rolandw at apache.org> |
| |