From 2c54131e0f383b837a0dada78833cb180a037972 Mon Sep 17 00:00:00 2001 From: Oleg Kalnichevski Date: Sun, 30 Oct 2011 14:09:02 +0000 Subject: [PATCH] Release notes for HttpClient 4.2-alpha1 release git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1195163 13f79535-47bb-0310-9956-ffa450edef68 --- RELEASE_NOTES.txt | 83 +++- RELEASE_NOTES.txt~ | 1121 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1200 insertions(+), 4 deletions(-) create mode 100644 RELEASE_NOTES.txt~ diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt index dd2fea882..adc0d33a0 100644 --- a/RELEASE_NOTES.txt +++ b/RELEASE_NOTES.txt @@ -1,18 +1,93 @@ -Changes since 4.1.2 +Release 4.2 ALPHA1 +------------------- -* [HTTPCLIENT-1131] HttpClient to authenticate preemptively using BASIC scheme if a userinfo +This is the first ALPHA release of HttpClient 4.2. The 4.2 branch enhances HttpClient in several +key areas and includes several notable features and improvements: + +* New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes + only the most fundamental functions of HttpClient and is intended for relatively simple use cases + that do not require the full flexibility of HttpClient. However, the fluent API almost fully + relieves the users from having to deal with connection management and resource deallocation. + +* Redesigned and rewritten connection management code. As of release 4.2 HttpClient will be using + pooling connection manager per default. + +* Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication + scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges + and retry authentication with a fall-back scheme in case the primary one fails. This can be + important for compatibility with Microsoft products that are often configured to use + SPNEGO/Kerberos as the preferred authentication scheme. + +Please note that new features included in this release are still considered experimental and +their API may change in the future ALPHA releases. + +Changelog +------------------- + +* [HTTPCLIENT-1128] SystemDefaultHttpClient (HttpClient implementation initialized using system + properties). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1135] RandomAccessFile mode 'w' used by HttpClientCache is not valid. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1131] HttpClient to authenticate preemptively using BASIC scheme if a userinfo attribute is specified in the request URI. Contributed by Oleg Kalnichevski +* [HTTPCLIENT-1134] make BasicResponseHandler consume response content in case of an unsuccessful + result (status code >= 300). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1132] ProxyClient implementation. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1127] fixed dead-lock between SingleClientConnManager and AbstractPooledConnAdapter. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1107] Auth framework redesign. + Contributed by Oleg Kalnichevski + * [HTTPCLIENT-1116] ResponseCachingPolicy uses integers for sizes Contributed by Greg Bowyer -* [HTTPCLIENT-1123] Support for pluggable DNS resolvers. +* [HTTPCLIENT-1123] Support for pluggable DNS resolvers. Contributed by Alin Vasile -* [HTTPCLIENT-1120] DefaultHttpRequestRetryHandler#retryRequest should not retry aborted requests +* [HTTPCLIENT-1120] DefaultHttpRequestRetryHandler#retryRequest should not retry aborted requests. Contributed by Alin Vasile +* Support for auth-int qop (quality of protection) option in Digest auth scheme. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1076] Fluent facade API (Google summer of code 2011 project). + Contributed by Xu Lilu + +* UriBuilder implementation. + Contributed by Xu Lilu + +* Redesign of connection management classes based on new pooling components from HttpCore. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1111] Added #prepareSocket method to SSLSocketFactory. + Contributed by Pasi Eronen + +* Added #reset() and #releaseConnection() methods to HttpRequestBase. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1105] AutoRetryHttpClient: built-in way to do auto-retry for certain status codes. + Contributed by Dan Checkoway + +* [HTTPCLIENT-1094] Digest auth scheme refactoring. + Contributed by Oleg Kalnichevski + +* Lax implementation of RedirectStrategy. + Contributed by Bartosz Firyn + +* [HTTPCLIENT-1044] HttpRequestRetryHandler implementation compliant with the definition of + idempotent methods given in the RFC 2616. + Contributed by Oleg Kalnichevski + Release 4.1.2 ------------------- diff --git a/RELEASE_NOTES.txt~ b/RELEASE_NOTES.txt~ new file mode 100644 index 000000000..0fa362405 --- /dev/null +++ b/RELEASE_NOTES.txt~ @@ -0,0 +1,1121 @@ +Release 4.2 ALPHA1 +------------------- + +This is the first ALPHA release of HttpClient 4.2. The 4.2 branch enhances HttpClient in several +key areas and includes several notable features and improvements: + +* New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes + only the most fundamental functions of HttpClient and is intended for relatively simple use cases + that do not require the full flexibility of HttpClient. However, the fluent API almost fully + relieves the users from having to deal with connection management and resource deallocation. + +* Redesigned and rewritten connection management code. As of release 4.2 HttpClient will be using + pooling connection manager per default. + +* Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication + scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges + and retry authentication with a fall-back scheme in case the primary one fails. This can be + important for compatibility with Microsoft products that are often configured to use + SPNEGO/Kerberos as the preferred authentication scheme. + +Please note that new features included in this release are still considered experimental and +their API may change in the future ALPHA releases. + +Changelog +------------------- + +* [HTTPCLIENT-1128] SystemDefaultHttpClient (HttpClient implementation initialized using system + properties). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1135] RandomAccessFile mode 'w' used by HttpClientCache is not valid. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1131] HttpClient to authenticate preemptively using BASIC scheme if a userinfo + attribute is specified in the request URI. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1134] make BasicResponseHandler consume response content in case of an unsuccessful + result (status code >= 300). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1132] ProxyClient implementation. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1127] fixed dead-lock between SingleClientConnManager and AbstractPooledConnAdapter. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1107] Auth framework redesign. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1116] ResponseCachingPolicy uses integers for sizes + Contributed by Greg Bowyer + +* [HTTPCLIENT-1123] Support for pluggable DNS resolvers. + Contributed by Alin Vasile + +* [HTTPCLIENT-1120] DefaultHttpRequestRetryHandler#retryRequest should not retry aborted requests. + Contributed by Alin Vasile + +* Support for auth-int qop (quality of protection) option in Digest auth scheme. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1076] Fluent facade API (Google summer of code 2011 project). + Contributed by Xu Lilu + +* UriBuilder implementation. + Contributed by Xu Lilu + +* Redesign of connection management classes based on new pooling components from HttpCore. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1111] Added #prepareSocket method to SSLSocketFactory. + Contributed by Pasi Eronen + +* Added #reset() and #releaseConnection() methods to HttpRequestBase. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1105] AutoRetryHttpClient: built-in way to do auto-retry for certain status codes. + Contributed by Dan Checkoway + +* [HTTPCLIENT-1094] Digest auth scheme refactoring. + Contributed by Oleg Kalnichevski + +* Lax implementation of RedirectStrategy. + Contributed by Bartosz Firyn + +* [HTTPCLIENT-1044] HttpRequestRetryHandler implementation compliant with the definition of + idempotent methods given in the RFC 2616. + Contributed by Oleg Kalnichevski + +Release 4.1.2 +------------------- + +The HttpClient 4.1.2 is a bug fix release that addresses a number of non-critical issues reported +since release 4.1.1. + +* [HTTPCLIENT-1100] Missing Content-Length header makes cached entry invalid + Contributed by Bart Robeyns + +* [HTTPCLIENT-1098] Avoid expensive reverse DNS lookup on connect timeout exception. + Contributed by Thomas Boettcher + +* [HTTPCLIENT-1097] BrowserCompatHostnameVerifier and StrictHostnameVerifier should handle + wildcards in SSL certificates better. + Contributed by Sebastian Bazley + +* [HTTPCLIENT-1092] If ClientPNames.VIRTUAL_HOST does not provide the port, derive it from the + current request. + Contributed by Sebastian Bazley + +* [HTTPCLIENT-1087] NTLM proxy authentication fails on retry if the underlying connection is closed + as a result of a target authentication failure. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1079] Fixed Kerberos cross-realm support + Contributed by Michael Osipov <1983-01-06 at gmx.net> + +* [HTTPCLIENT-1078] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) + do not close content stream in #writeTo() method. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1075] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) + do not correctly handle content streaming. + Contributed by James Abley + +* [HTTPCLIENT-1051] Avoid reverse DNS lookups when opening SSL connections by IP address. + Contributed by Oleg Kalnichevski + + +Release 4.1.1 +------------------- + +HttpClient v4.1.1 is a bug fix release that addresses a number of issues reported since +release 4.1, including one critical security issue (HTTPCLIENT-1061). All users of HttpClient 4.0.x +and 4.1 are strongly encouraged to upgrade. + +* [HTTPCLIENT-1069] HttpHostConnectException not correctly retried for direct and non-tunnelled + proxy connections. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1066] Changed the way URIUtils#rewriteURI handles multiple consecutive slashes in the + URI path component: multiple leading slashes will be replaced by one slash in order to avoid + confusion with the authority component. The remaining content of the path will not be modified. + (also see HTTPCLIENT-929). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1061] Fixed critical bug causing Proxy-Authorization header to be sent to the target + host when tunneling requests through a proxy server that requires authentication. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1056] Fixed bug causing the RequestAuthCache protocol interceptor to generate + an invalid AuthScope instance when looking up user credentials for preemptive authentication. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1053] Fixed the way DigestScheme generates nonce-count values. + Contributed by Oleg Kalnichevski + + +Release 4.1 +------------------- + +The HttpClient 4.1 release builds upon the stable foundation laid by HttpClient 4.0 and adds several +functional improvements and popular features. + +* Response caching conditionally compliant with HTTP/1.1 specification (full compliance with + MUST requirements, partial compliance with SHOULD requirements) + +* Full support for NTLMv1, NTLMv2, and NTLM2 Session authentication. The NTLM protocol code + was kindly contributed by the Lucene Connector Framework project. + +* Support for SPNEGO/Kerberos authentication. + +* Persistence of authentication data between request executions within the same execution context. + +* Support for preemptive authentication for BASIC and DIGEST schemes. + +* Support for transparent content encoding. Please note transparent content encoding is not + enabled per default in order to avoid conflicts with already existing custom content encoding + solutions. + +* Mechanism to bypass the standard certificate trust verification (useful when dealing with + self-signed certificates). + +* Simplified configuration for connection managers. + +* Transparent support for host multihoming. + +IMPORTANT: please note that the HttpClient 3.x branch is now officially END OF LIFE and is no longer +maintained and supported by the Apache HttpComponents project. + +Changelog +------------------- +* The public API for the caching module had a minor change between 4.1-beta and 4.1-GA to the + HttpCacheEntry class - the deprecated public Set getVariantURIs() method and constructor + public HttpCacheEntry(Date requestDate, Date responseDate, + StatusLine statusLine, Header[] responseHeaders, + Resource resource, Set variants) + were both removed. This will not affect you unless you are implementing new storage backends + that use the deprecated code and/or are implementing custom serializers for cache entries. + +* Changed Browser-Compatibility and Best-Match cookie policies to emulate the behaviour of FireFox + more closely when parsing Netscape style cookies. Comma will no longer be treated as a header + element separator if Set-Cookie does not contain a Version attribute mandated by the + RFC2109 / RFC 2965 cookie specifications. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1036] StringBody has incorrect default for characterset. (Default changed + to US-ASCII) + Contributed by Sebastian Bazley + +* [HTTPCLIENT-975] Support stale-if-error and stale-while-revalidate extension directive (RFC5861). + Contributed by Mohammed Azeem Uddin , + Michajlo Matijkiw , and + Matthew Hawthorne . + +* [HTTPCLIENT-1033] HttpRoute.equals(Object o) is quite inefficient, as it does not take full + advantage of shortcut logic. + Contributed by Sebastian Bazley + +* [HTTPCLIENT-1030] Implement "ignoreCookies" CookieSpec + Contributed by Sebastian Bazley + +Release 4.1 BETA1 +------------------- + +HttpClient 4.1 BETA1 finalizes the 4.1 API and brings a number of major improvements to the HTTP +caching module. This release also adds full support for NTLMv1, NTLMv2, and NTLM2 Session +authentication. The NTLM protocol code was kindly contributed by the Lucene Connector Framework +project. + +Changelog +------------------- +* [HTTPCLIENT-1015] Support only-if-cached directive. + Contributed by Michajlo Matijkiw + +* [HTTPCLIENT-990] Allow heuristic freshness caching. + Contributed by Michajlo Matijkiw + +* [HTTPCLIENT-919] Support for NTLMv1, NTLMv2, and NTLM2 Session authentication. + Contributed by Karl Wright + +* [HTTPCLIENT-1008] Send all variants' ETags on "variant miss". + Contributed by Michajlo Matijkiw and + Mohammed Azeem Uddin + +* [HTTPCLIENT-1011] Handling of IOExceptions thrown by cache components. + Contributed by Jonathan Moore + +* [HTTPCLIENT-1003] Handle conditional requests in cache. + Contributed by Michajlo Matijkiw and + Mohammed Azeem Uddin + +* [HTTPCLIENT-1002] Stale connection check fails if wire logging is on. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-1000] Maximum connection lifetimes settings for ThreadSafeClientConnManager. + Contributed by Michajlo Matijkiw + +* [HTTPCLIENT-960] HttpMultipart doesn't generate Content-Type header for binary parts in + BROWSER_COMPATIBLE mode. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-998] Cache should use both Last-Modified and ETag for validations when available. + Contributed by Jonathan Moore + +* [HTTPCLIENT-997] Cache module should handle out-of-order validations properly and unconditionally + refresh. + Contributed by Jonathan Moore + +* [HTTPCLIENT-994] Cache does not allow client to override origin-specified freshness using + max-stale. + Contributed by Jonathan Moore + +* [HTTPCLIENT-995] Cache returns cached responses even if validators not consistent with all + conditional headers. + Contributed by Jonathan Moore + +* [HTTPCLIENT-977] Memcached implementation for HttpCache. + Contributed by Mohammed Azeem Uddin + +* [HTTPCLIENT-992] cache should not generate stale responses to requests explicitly requesting + first-hand or fresh ones. + Contributed by Jonathan Moore + +* [HTTPCLIENT-991] cache module produces improperly formatted Warning header when revalidation + fails. + Contributed by Jonathan Moore + +* [HTTPCLIENT-989] DefaultHttpRequestRetryHandler no longer retries non-idempotent http methods + if NoHttpResponseException is thrown. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-988] Cache module should strip 'Content-Encoding: identity' from responses + Contributed by Jonathan Moore + +* [HTTPCLIENT-987] cache module does not recognize equivalent URIs. + Contributed by Jonathan Moore + +* [HTTPCLIENT-986] cache module does not completely handle upstream Warning headers correctly + Contributed by Jonathan Moore + +* [HTTPCLIENT-985] cache module should populate Via header to capture upstream and downstream protocols + Contributed by Jonathan Moore + +* [HTTPCLIENT-984] Additional conditional compliance tests for the caching module for + Content-Encoding, Content-Location, Date, Expires, Server, Transfer-Encoding, and Vary headers. + Contributed by Jonathan Moore + +* [HTTPCLIENT-978] HTTP cache update exception handling + Contributed by Michajlo Matijkiw + +* [HTTPCLIENT-981] CachingHttpClient returns a 411 respones when executing a POST (HttpPost) + request. + Contributed by Joe Campbell + +* [HTTPCLIENT-980] CachingHttpClient returns a 503 response when the backend HttpClient produces + an IOException. + Contributed by Jonathan Moore + +* [HTTPCLIENT-978] Ehcache based HTTP cache implementation + Contributed by Michajlo Matijkiw + +* [HTTPCLIENT-967] support for non-shared (private) caches + Contributed by Jonathan Moore + +* [HTTPCLIENT-969] BasicCookieStore#getCookies() to return a copy of Cookie list + Contributed by David Smiley + +* [HTTPCLIENT-965] Fixed problem with cache not honoring must-revalidate or + proxy-revalidate Cache-Control directives. + Contributed by Jonathan Moore + +* [HTTPCLIENT-964] 'no-cache' directives with field names are no longer transmitted + downstream. + Contributed by Jonathan Moore + +* [HTTPCLIENT-963] Fixed handling of 'Cache-Control: no-store' on requests. + Contributed by Jonathan Moore + +* [HTTPCLIENT-962] Fixed handling of Authorization headers in shared cache mode. + Contributed by Jonathan Moore + +* [HTTPCLIENT-961] Not all applicable URIs are invalidated on PUT/POST/DELETEs + that pass through client cache. + Contributed by Jonathan Moore + +* [HTTPCLIENT-958] Client cache no longer allows incomplete responses to be + passed on to the client. + Contributed by Jonathan Moore + +* [HTTPCLIENT-951] Non-repeatable entity enclosing requests are not correctly + retried when 'expect-continue' handshake is active. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-948] In rare circumstances the idle connection handling code + can leave closed connections in a inconsistent state. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-953] IllegalStateException thrown by RouteSpecificPool. + Contributed by Guillaume + +* [HTTPCLIENT-952] Trust store parameter is ignored by SSLSocketFactory + (affects version 4.1-alpha2 only) + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-937] CacheEntry made immutable; now uses immutable HttpEntity + to store cached content. + Contributed by David Mays and + Oleg Kalnichevski + +Release 4.1 ALPHA2 +------------------- + +HttpClient 4.1 ALPHA2 fixes a number of non-severe bugs discovered since +the last release and introduces support for two frequently requested features: + +* HTTP/1.1 response caching + +* transparent support for host multihoming + +* a mechanism to bypass the standard certificate trust verification +(useful when dealing with self-signed certificates) + +Compatibility notes +------------------- +(1) Please note the HTTP caching module is still considered experimental and +its API may change significantly in the future releases. + +(2) This release eliminates Mime4J as a dependency for the HttpMime module. +HttpMime is no longer binary compatible with the previous releases. +Full API and binary compatibility between minor versions of HttpMime will be +maintained as of 4.1 GA release. + +Changelog +------------------- + +* [HTTPCLIENT-936] Fixed bug causing NPE or an infinite loop in + the authentication code in case of a SPNEGO authentication failure. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-427] HTTP caching support + Contributed by Joe Campbell, David Cleaver, David Mays, Jon Moore, Brad Spenla + +* Dropped dependency on Mime4j for HttpMime. + Contributed by Oleg Kalnichevski + +* Extended SSLSocketFactory with a mechanism to bypass the standard certificate + trust verification (primarily to simplify dealing with self-signed + certificates) + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-898] Improved support for host multihoming + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-916] UsernamePasswordCredentials, NTUserPrincipal, + BasicClientCookie, BasicClientCookie2 and BasicCookieStore made Serializable. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-914] Upgraded Commons Codec dependency to version 1.4 + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-903] Use ConcurrentHashMap instead of [Linked]HashMap for + thread-safety. Improve performance of AuthSchemeRegistry, CookieSpecRegistry + and SchemeRegistry classes. + Contributed by Sebastian Bazley + +* [HTTPCLIENT-902] HttpRequestRetryHandler not called on I/O exceptions + thrown when opening a new connection. + Contributed by Olivier Lamy and + Oleg Kalnichevski + +Release 4.1 ALPHA1 +------------------- + +HttpClient 4.1 ALPHA1 builds on the stable 4.0 release and adds several +functionality improvements and new features. + +* Simplified configuration of connection managers. + +* Persistence of authentication data between request executions within + the same execution context. + +* Support for SPNEGO/Kerberos authentication scheme + +* Support for transparent content encoding. Please note transparent content + encoding is not enabled per default in order to avoid conflicts with + already existing custom content encoding solutions. + +* 5 to 10% performance increase due to elimination of unnecessary Log object + lookups by short-lived components. + +Please note all methods and classes added in this release and marked as +4.1 are API unstable and can change in the future 4.1 ALPHA releases. + +Changelog +------------------- + +* [HTTPCLIENT-889] 'expect: continue' handshake disabled per default. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-862] Extended client's redirect handling interface to allow + control of the content of the redirect. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-872] HttpClient can now persist authentication data between request + executions as long as they share the same execution context. It has also become + much easier to make HttpClient authenticate preemptively by pre-populating + authentication data cache. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-883] SO_TIMEOUT is not reset on persistent (re-used) connections. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-832] Distinguish cookie format errors from violations of + restrictions imposed by a cookie specification. In the latter case + CookieRestrictionViolationException will be thrown. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-523] Support for SPNEGO authentication scheme. + Contributed by Matthew Stevenson + +* Simplified configuration of connection managers. Total connection maximum + and maximum connection per route limits can be set using methods of + the class instead of HTTP parameters. + Contributed by Oleg Kalnichevski + +* Added parameters to define the order of preference for supported auth + schemes for target host and proxy authentication. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-875] DefaultClientConnectionOperator#openConnection doesn't + update the connection state if the connection socket changed after + the call to SocketFactory#connectSocket(). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-834] Transparent content encoding support. + Contributed by James Abley + +Release 4.0.1 +------------------- + +This is a bug fix release that addresses a number of issues discovered since +the previous stable release. None of the fixed bugs is considered critical. +Most notably this release eliminates eliminates dependency on JCIP annotations. + +This release is also expected to improve performance by 5 to 10% due to +elimination of unnecessary Log object lookups by short-lived components. + +Changelog +------------------- + +* [HTTPCLIENT-895] Eliminated Log lookups in short lived objects impairing + performance. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-885] URLEncodedUtils now correctly parses form-url-encoded + entities that specify a charset. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-884] UrlEncodedFormEntity now sets charset on the Content-Type + header. + Contributed by Jared Jacobs + +* [HTTPCLIENT-883] SO_TIMEOUT is not reset on persistent (re-used) connections. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-882] Auth state is now correctly updated if a successful NTLM + authentication results in a redirect. This is a minor bug as HttpClient + manages to recover from the problem automatically. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-881] Fixed race condition in AbstractClientConnAdapter that makes + it possible for an aborted connection to be returned to the pool. + Contributed by Tim Boemker and + Oleg Kalnichevski + +* [HTTPCLIENT-866] Removed dependency on jcip-annotations.jar. + Contributed by Oleg Kalnichevski + and Sebastian Bazley + + +Release 4.0 +------------------- + +HttpClient 4.0 represents a complete, ground-up redesign and almost a complete +rewrite of the HttpClient 3.x codeline. This release finally addresses several +design flaws that existed since the 1.0 release and could not be fixed without +a major code overhaul and breaking API compatibility. + + +Architectural changes +--------------------- + +* Redesign of the HttpClient internals addressing all known major + architectural shortcomings of the 3.x codeline. + +* Cleaner, more flexible and expressive API. + +* More modular structure. + +* Better performance and smaller memory footprint due to a more efficient HTTP + transport based on HttpCore. + +* Implementation of cross-cutting HTTP protocol aspects through protocol + interceptors. + +* Improved connection management, better handling of persistent connections, + support for stateful connections + +* Pluggable redirect and authentication handlers. + +* Improved support for sending requests via a proxy or a chain of proxies + +* More flexible SSL context customization + +* Reduced intermediate garbage in the process of generating HTTP requests + and parsing HTTP responses + + +Important notes +------------------- + +* Future releases of HttpMime module may be binary incompatible with this + release due to possible API changes in Apache Mime4J. Apache Mime4J is + still being actively developed and its API is considered unstable. + +* HttpClient 4.0 is not fully binary compatible with 4.0 BETA1 release. + Some protected variables in connection management class have been + made final in order to help ensure their thread safety: + + org.apache.http.conn.BasicEofSensorWatcher#attemptReuse + org.apache.http.conn.BasicEofSensorWatcher#managedConn + org.apache.http.impl.conn.DefaultClientConnectionOperator#schemeRegistry + org.apache.http.impl.conn.DefaultHttpRoutePlanner#schemeRegistry + org.apache.http.impl.conn.ProxySelectorRoutePlanner#schemeRegistry + org.apache.http.impl.conn.SingleClientConnManager#alwaysShutDown + org.apache.http.impl.conn.SingleClientConnManager#connOperator + org.apache.http.impl.conn.SingleClientConnManager#schemeRegistry + org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager#connOperator + org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager#schemeRegistry + + +Bug fixes since 4.0 BETA2 release +------------------- + +* [HTTPCLIENT-861] URIUtils#resolve is now compatible with all examples given + in RFC 3986. + Contributed by Johannes Koch + +* [HTTPCLIENT-860] HttpClient no longer converts redirects of PUT/POST to GET + for status codes 301, 302, 307, as required by the HTTP spec. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-859] CookieIdentityComparator now takes path attribute into + consideration when comparing cookies. + Contributed by Oleg Kalnichevski + +* HttpClient will no longer send expired cookies back to the origin server. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-856] Proxy NTLM authentication no longer fails on a redirect to + a different host. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-841] Removed automatic connection release using garbage collection + due to a memory leak. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-853] Fixed bug causing invalid cookie origin port to be selected + when the target is accessed on the default port and the connection is + established via a proxy. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-852] Fixed bug causing automatically retried redirects fail with + CircularRedirectException. + Contributed by Oleg Kalnichevski + +* Fixed problem with the default HTTP response parser failing to handle garbage + preceding a valid HTTP response. + Contributed by Oleg Kalnichevski + +* NonRepeatableRequestExceptions now include the cause that the original + request failed. + Contributed by Sam Berlin + +* [HTTPCLIENT-837] Fixed problem with the wire log skipping zero byte values + if read one byte at a time. + Contributed by Kirill Safonov + +* [HTTPCLIENT-823] 'http.conn-manager.max-total' parameter can be adjusted + dynamically. However, the size of existing connection pools per route, + once allocated, will not be adjusted. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-822] Default socket factories to rethrow SocketTimeoutException + as ConnectTimeoutException in case of connect failure due to a time out. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-813] Fixed default port resolution. Invalid ports no longer + get replaced with the default port value. + Contributed by Oleg Kalnichevski + +Release 4.0 beta 2 +------------------- + +BETA2 is a maintenance release, which addresses a number of issues +discovered since the previous release. + +The only significant new feature is an addition of an OSGi compliant +bundle combining HttpClient and HttpMime jars. + +All upstream projects are strongly encouraged to upgrade. + +* Fixed NPE in DefaultRequestDirector thrown when retrying a failed + request over a proxied connection. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-803] Fixed bug in SSL host verifier implementations + causing the SSL certificate to be rejected as invalid if the connection + is established using an IP address. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-806] DefaultHttpMethodRetryHandler will no longer retry + on ConnectExceptions. + Contributed by Oleg Kalnichevski + +* DigestScheme can use an arbitrary digest algorithm requested by the + target server (such as SHA) as long as this algorithm is supported by + the Java runtime. + Contributed by Oleg Kalnichevski + +* Fixed parsing and validation of RFC2109 compliant Set-Cookie headers + by the Best-Match cookie spec. + Contributed by Oleg Kalnichevski + +* Fixed bug that can cause a managed connection to be returned from the + pool in an inconsistent state. + Contributed by Oleg Kalnichevski + + +4.0 Beta 1 +------------------- + +BETA1 release brings yet another round of API enhancements and +improvements in the area of connection management. Among the most notable +ones is the capability to handle stateful connections such as persistent +NTLM connections and private key authenticated SSL connections. + +This is the first API stable release of HttpClient 4.0. All further +releases in the 4.0 code line will maintain API compatibility with this +release. + +There has been a number of important bug fixes since ALPHA4. All upstream +projects are encouraged to upgrade to the latest release. + +Please note HttpClient currently provides only limited support for NTLM +authentication. For details please see NTLM_SUPPORT.txt. + +------------------- + +Changelog: +------------------- + +* [HTTPCLIENT-790] Protocol interceptors are now correctly invoked when + executing CONNECT methods. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-668] Do not use static loggers. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-781] Respect Keep-Alive header's timeout value. + Contributed by Sam Berlin + +* [HTTPCLIENT-779] Top-level classes (HttpClient, and HttpGet, HttpPut + and similar HttpMethods) throw fewer checked exceptions. + Contributed by Sam Berlin + +* HttpClient will throw an exception if an attempt is made to retry + a request with a non-repeatable request entity. + Contributed by Oleg Kalnichevski + +* Fixed request re-generation logic when retrying a failed request. + Auto-generated headers will no accumulate. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-424] Preemptive authentication no longer limited to BASIC + scheme only. HttpClient can be customized to authenticate preemptively + with DIGEST scheme. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-670] Pluggable hostname resolver. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-719] Clone support for HTTP request and cookie objects. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-776] Fixed concurrency issues with AbstractPoolEntry. + Contributed by Sam Berlin + +* Resolved a long standing problem with HttpClient not taking into account + the user context when pooling / re-using connections. HttpClient now + correctly handles stateful / user specific connections such as persistent + NTLM connections and SSL connections with client side authentication. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-773] Improved handling of the 'expires' attribute by the + 'Best Match' cookie spec. + Contributed by Oleg Kalnichevski + +* Partial NTLM support (requires an external NTLM engine). For details see + NTLM_SUPPORT.txt + Contributed by Oleg Kalnichevski + +* Redesigned local execution context management. + Contributed by Oleg Kalnichevski + +-------------------------------------- + +Release 4.0 Alpha 4 +------------------- + +ALPHA4 marks the completion of the overhaul of the connection management +code in HttpClient. All known shortcomings of the old HttpClient 3.x +connection management API have been addressed. + +NTLM authentication remains the only missing major feature in the new +codeline that prevents us from moving awards the API freeze. + +There has been a number of important bug fixes since ALPHA3. All upstream +projects are encouraged to upgrade to the latest release. + +------------------- + +HttpClient 3.x features that have NOT yet been ported: +------------------- + +* NTLM authentication scheme + +------------------- + +Changelog: +------------------- + +* [HTTPCLIENT-765] String.toLowerCase() / toUpperCase() should specify + Locale.ENGLISH + Contributed by Sebastian Bazley + +* [HTTPCLIENT-769] Do not pool connection marked non-reusable. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-763] Fixed problem with AbstractClientConnAdapter#abortConnection() + not releasing the connection if called from the main execution thread while + there is no blocking I/O operation. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-652] Added optional state attribute to managed client connections. + This enables connection managers to correctly handle stateful connections. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-673] Revised max connections per route configuration + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-753] Class Scheme and related classes moved to a separate package + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-757] Improved request wrapping in the DefaultClientRequestDirector. + This also fixed the problem with the default proxy set at the client level + having no effect. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-734] Request abort will unblock the thread waiting for a connection + Contributed by Sam Berlin + +* [HTTPCLIENT-759] Ensure release of connections back to the connection manager + on exceptions. + Contributed by Sam Berlin + +* [HTTPCLIENT-758] Fixed the use of generics in AbstractHttpClient + #removeRequestInterceptorByClass and #removeResponseInterceptorByClass + Contributed by Johannes Koch + +* [HTTPCLIENT-749] HttpParams beans + Contributed by Stojce Dimski + +* [HTTPCLIENT-755] Workaround for known bugs in java.net.URI.resolve() + Bug ID: 4708535 + Contributed by Johannes Koch + +-------------------------------------- + +Release 4.0 Alpha 3 +------------------- + +ALPHA3 release brings another round of API refinements and improvements in +functionality. As of this release HttpClient requires Java 5 compatible +runtime environment and takes full advantage of generics and new concurrency +primitives. + +This release also introduces new default cookie policy that selects a cookie +specification depending on the format of cookies sent by the target host. +It is no longer necessary to know beforehand what kind of HTTP cookie support +the target host provides. HttpClient is now able to pick up either a lenient +or a strict cookie policy depending on the compliance level of the target host. + +Another notable improvement is a completely reworked support for multipart +entities based on Apache mime4j library. + +------------------- + +HttpClient 3.x features that have NOT yet been ported: +------------------- + +* NTLM authentication scheme + +------------------- + +Changelog: +------------------- + +* [HTTPCLIENT-742] common interface for HttpRoute and RouteTracker + Contributed by Roland Weber + +* [HTTPCLIENT-741] Fixed concurrency issues in AbstractClientConnAdapter. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-726] testcase for spurious wakeups in ThreadSafeClientConnManager + Contributed by Roland Weber + +* [HTTPCLIENT-643] Automatic connect fail-over for multi-home remote servers. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-735] unsetting of DEFAULT_PROXY and FORCED_ROUTE in hierarchies + Contributed by Roland Weber + +* [HTTPCLIENT-723] route planner based on java.net.ProxySelector + Contributed by Roland Weber + +* [HTTPCLIENT-740] don't start connection GC thread in pool constructor + Contributed by Roland Weber + +* [HTTPCLIENT-736] route planners use SchemeRegistry instead of ConnManager + Contributed by Roland Weber + +* [HTTPCLIENT-730] Fixed rewriting of URIs containing escaped characters + Contributed by Sam Berlin and + Oleg Kalnichevski + +* [HTTPCLIENT-667] Added 'Meta' cookie policy that selects a cookie + specification depending on the format of the cookie(s). + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-729] Move HttpRoute and related classes to routing package. + Contributed by Roland Weber + +* [HTTPCLIENT-725] Use TimeUnit arguments for timeouts in connection manager. + Contributed by Roland Weber + +* [HTTPCLIENT-677] Connection manager no longer uses Thread.interrupt(). + Contributed by Roland Weber + +* [HTTPCLIENT-716] Allow application-defined routes. + Contributed by Roland Weber + +* [HTTPCLIENT-712] Improve HttpRoute API + Contributed by Roland Weber + +* [HTTPCLIENT-711] Bad route computed for redirected requests + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-715] Remove RoutedRequest from API + Contributed by Roland Weber + +* [HTTPCLIENT-705] Fixed incorrect handling of URIs with null path component. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-688] HttpOptions#getAllowedMethods can now handle multiple + Allow headers. + Contributed by Andrea Selva + +-------------------------------------- + +Release 4.0 Alpha 2 +------------------- + +ALPHA2 release is another milestone in the redesign of HttpClient. It includes +a number of improvements since ALPHA1, among which are improved connection +pooling, support for proxy chains, redesigned HTTP state and authentication +credentials management API, improved RFC 2965 cookie specification. + +------------------- + +HttpClient 3.x features that have NOT yet been ported +------------------- +* NTLM authentication scheme + +* Support for multipart MIME coded entities + +------------------- + +Changelog +------------------- + +* [HTTPCLIENT-698] Resolve non-absolute redirect URIs relative to + the request URI + Contributed by Johannes Koch + +* [HTTPCLIENT-697] Throw a more intelligible exception when connection + to a remote host cannot be established. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-689] Caching of SimpleDateFormat in DateUtils + Contributed by Daniel Müller + +* [HTTPCLIENT-689] stackable parameters in AbstractHttpClient + Contributed by Roland Weber + +* [HTTPCLIENT-477] Use distinct instances of the authentication handler + interface for authentication with target and proxy hosts + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-690] ManagedClientConnection provides access to SSLSession + Contributed by Roland Weber + +* [HTTPCLIENT-692] ClientConnectionManager throws InterruptedException + Contributed by Roland Weber + +* [HTTPCORE-116] moved parameter names to interfaces + Contributed by Roland Weber + +* [HTTPCLIENT-649] support for proxy chains in HttpConn + Contributed by Roland Weber + +* [HTTPCLIENT-636] refactor ThreadSafeClientConnManager in separate package + Contributed by Roland Weber + +* [HTTPCLIENT-669] new HttpRoutePlanner interface and implementation + Contributed by Andrea Selva + +* [HTTPCLIENT-653] detached connection wrapper no longer prevents + garbage collection of ThreadSafeClientConnManager + Contributed by Roland Weber + +* [HTTPCLIENT-674] use org.apache.http.util.VersionInfo instead of a local one + Contributed by Roland Weber + +* [HTTPCLIENT-666] Replaced HttpState with CredentialsProvier and CookieStore interfaces + Contributed by Oleg Kalnichevski + +* [HTTPCORE-100] revised HttpContext hierarchy + Contributed by Roland Weber + +* [HTTPCLIENT-618] eliminate class HostConfiguration + Contributed by Roland Weber + +* [HTTPCLIENT-672] re-sync with API changes in core alpha6-SNAPSHOT + Contributed by Roland Weber + +-------------------------------------- + +Release 4.0 Alpha 1 +------------------- + +HttpClient 4.0 represents a complete, ground-up redesign and almost a complete +rewrite of the HttpClient 3.x codeline. This release finally addresses several +design flaws that existed since the 1.0 release and could not be fixed without +a major code overhaul and breaking API compatibility. + +The HttpClient 4.0 API is still very experimental and is bound to change +during the course of the ALPHA development phase. Several important features +have not yet been ported to the new API. + +Architectural changes +--------------------- + +* Redesign of the HttpClient internals addressing all known + major architectural shortcomings of the 3.x codeline + +* Cleaner, more flexible and expressive API + +* Better performance and smaller memory footprint due to a more + efficient HTTP transport based on HttpCore. HttpClient 4.0 is + expected to be 10% to 25% faster than HttpClient 3.x codeline + +* More modular structure + +* Pluggable redirect and authentication handlers + +* Support for protocol incerceptors + +* Improved connection management + +* Improved support for sending requests via a proxy or a chain of + proxies + +* Improved handling redirects of entity enclosing requests + +* More flexible SSL context customization + +* Reduced intermediate garbage in the process of + generating HTTP requests and parsing HTTP responses + +------------------- + +HttpClient 3.x features that have NOT yet been ported +------------------- +* NTLM authentication scheme + +* RFC2965 cookie policy (Cookie2) + +* Support for multipart MIME coded entities + +------------------- + +Changelog +------------------- + +The following is a list of contributions tracked in JIRA. +Note that this is not a complete list of contributions or changes. +Since the API was redesigned completely, tracking everything outside +of the source code repository would have been too burdensome. + +* [HTTPCLIENT-655] User-Agent string no longer violates RFC + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-541] Virtual host API redesign + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-614] Allow for different strategies when checking + CN of x509 certificates + Contributed by Julius Davies + +* [HTTPCLIENT-136] Fixed inadequate proxy support + Long standing architectural problem. Issue opened on 19/Dec/2002. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-63] Support for pluggable redirect and authentication handlers + Long standing architectural problem. Issue opened on 15/Jul/2002. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-245] Fixed redirect handling. HttpClient can now automatically + handle redirects of entity enclosing requests. + Long standing architectural problem. Issue opened on 14/Jul/2003. + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-613] HTTPS connections now verify CN of x509 certificates + Contributed by Julius Davies + +* [HTTPCLIENT-497] Wire/header logger names consistent with class loggers + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-484] AuthSSLProtocolSocketFactory in the main distribution + Contributed by Oleg Kalnichevski + +* [HTTPCLIENT-589] Do not consume the remaining response content if + the connection is to be closed + Contributed by Roland Weber + +* [HTTPCLIENT-475] Support for unconnected sockets. HTTP requests can now be + aborted while network socket is still being connected. + Contributed by Roland Weber +