diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt index 8cc758928..e0fdcfc8a 100644 --- a/RELEASE_NOTES.txt +++ b/RELEASE_NOTES.txt @@ -25,6 +25,8 @@ Changelog: * [HTTPCLIENT-1613]: Support for private domains in Mozilla Public Suffix List. Contributed by Oleg Kalnichevski +* [HTTPCLIENT-1651]: Add ability to disable content compression on a request basis + Contributed by Michael Osipov Release 4.4.1 @@ -61,18 +63,18 @@ Release 4.4 Final This is the first stable (GA) release of HttpClient 4.4. Notable features and enhancements included in 4.4 series are: -* Support for the latest HTTP state management specification (RFC 6265). Please note that the old -cookie policy is still used by default for compatibility reasons. RFC 6265 compliant cookie -policies need to be explicitly configured by the user. Please also note that as of next feature -release support for Netscape draft, RFC 2109 and RFC 2965 cookie policies will be deprecated -and disabled by default. It is recommended to use RFC 6265 compliant policies for new applications -unless compatibility with RFC 2109 and RFC 2965 is required and to migrate existing applications +* Support for the latest HTTP state management specification (RFC 6265). Please note that the old +cookie policy is still used by default for compatibility reasons. RFC 6265 compliant cookie +policies need to be explicitly configured by the user. Please also note that as of next feature +release support for Netscape draft, RFC 2109 and RFC 2965 cookie policies will be deprecated +and disabled by default. It is recommended to use RFC 6265 compliant policies for new applications +unless compatibility with RFC 2109 and RFC 2965 is required and to migrate existing applications to the default cookie policy. * Enhanced, redesigned and rewritten default SSL hostname verifier with improved RFC 2818 compliance -* Default SSL hostname verifier and default cookie policy now validate certificate identity +* Default SSL hostname verifier and default cookie policy now validate certificate identity and cookie domain of origin against the public suffix list maintained by Mozilla.org @@ -103,28 +105,28 @@ Changelog: Contributed by Oleg Kalnichevski * [HTTPCLIENT-1515] Caching of responses to HEAD requests - Contributed by Tyrone Cutajar and - Francois-Xavier Bonnet + Contributed by Tyrone Cutajar and + Francois-Xavier Bonnet * [HTTPCLIENT-1560] Native Windows auth improvements Contributed by Michael Osipov -* Update Apache Commons Logging version from 1.1.3 to 1.2. +* Update Apache Commons Logging version from 1.1.3 to 1.2. Contributed by Gary Gregory -* Update Apache Commons Codec version from 1.6 to 1.9. +* Update Apache Commons Codec version from 1.6 to 1.9. Contributed by Gary Gregory -* Update Ehcache version from 2.2.0 to 2.6.9. +* Update Ehcache version from 2.2.0 to 2.6.9. Contributed by Gary Gregory -* Update Ehcache version from 2.2.0 to 2.6.9. +* Update Ehcache version from 2.2.0 to 2.6.9. Contributed by Gary Gregory -* Update Spymemcached version from 2.6 to 2.11.4. +* Update Spymemcached version from 2.6 to 2.11.4. Contributed by Gary Gregory -* Update SLF4J version from 1.5.11 to 1.7.7. +* Update SLF4J version from 1.5.11 to 1.7.7. Contributed by Gary Gregory @@ -140,7 +142,7 @@ in 4.4 series are: * Enhanced redesigned and rewritten default SSL hostname verifier with improved RFC 2818 compliance -* Default SSL hostname verifier and default cookie policy now validate certificate identity +* Default SSL hostname verifier and default cookie policy now validate certificate identity and cookie domain of origin against the public suffix list maintained by Mozilla.org @@ -245,7 +247,7 @@ Changelog: * [HTTPCLIENT-1454] Make connection operator APIs public. Contributed by Tamas Cservenak -* Update JUnit to version 4.11 from 4.9 +* Update JUnit to version 4.11 from 4.9 Contributed by Gary Gregory @@ -253,9 +255,9 @@ Changelog: Release 4.3.4 ------------------- -HttpClient 4.3.4 (GA) is a maintenance release that improves performance in high concurrency -scenarios. This version replaces dynamic proxies with custom proxy classes and eliminates thread -contention in java.reflect.Proxy.newInstance() when leasing connections from the connection pool +HttpClient 4.3.4 (GA) is a maintenance release that improves performance in high concurrency +scenarios. This version replaces dynamic proxies with custom proxy classes and eliminates thread +contention in java.reflect.Proxy.newInstance() when leasing connections from the connection pool and processing response messages. @@ -272,7 +274,7 @@ Changelog: * [HTTPCLIENT-1474] Fixed broken entity enclosing requests in HC Fluent. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1470] CachingExec(ClientExecChain, HttpCache, CacheConfig, AsynchronousValidator) +* [HTTPCLIENT-1470] CachingExec(ClientExecChain, HttpCache, CacheConfig, AsynchronousValidator) throws NPE if config is null @@ -293,7 +295,7 @@ Changelog: Contributed by Oleg Kalnichevski * [HTTPCLIENT-1453] Thread safety regression in PoolingHttpClientConnectionManager - #closeExpiredConnections that can lead to ConcurrentModificationException. + #closeExpiredConnections that can lead to ConcurrentModificationException. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1461] fixed performance degradation in compressed content processing @@ -311,9 +313,9 @@ Changelog: Release 4.3.2 ------------------- -HttpClient 4.3.2 (GA) is a maintenance release that delivers a number of improvements -as well as bug fixes for issues reported since 4.3.1 release. SNI support for -Oracle JRE 1.7+ is being among the most notable improvements. +HttpClient 4.3.2 (GA) is a maintenance release that delivers a number of improvements +as well as bug fixes for issues reported since 4.3.1 release. SNI support for +Oracle JRE 1.7+ is being among the most notable improvements. Users of HttpClient 4.3 are encouraged to upgrade. @@ -322,7 +324,7 @@ Changelog: * [HTTPCLIENT-1447] Clients created with HttpClients.createMinimal do not work with absolute URIs Contributed by Joseph Walton - + * [HTTPCLIENT-1446] NTLM proxy + BASIC target auth fails with 'Unexpected state: MSG_TYPE3_GENERATED'. Contributed by Oleg Kalnichevski @@ -344,7 +346,7 @@ Changelog: Contributed by Oleg Kalnichevski * [HTTPCLIENT-1119] SNI support (Oracle Java 1.7+ only). - Contributed by Bruno Harbulot + Contributed by Bruno Harbulot * [HTTPCLIENT-1435] Fluent Executor ignores custom request properties. Contributed by Oleg Kalnichevski @@ -357,7 +359,7 @@ Changelog: a custom LayeredSchemeSocketFactory. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1425] Fixed socket closed exception thrown by caching HttpClient when the origin +* [HTTPCLIENT-1425] Fixed socket closed exception thrown by caching HttpClient when the origin server sends a long chunked response. Contributed by James Leigh @@ -373,8 +375,8 @@ Changelog: Release 4.3.1 ------------------- -HttpClient 4.3.1 (GA) is a bug fix release that addresses a number of issues reported since -release 4.3. +HttpClient 4.3.1 (GA) is a bug fix release that addresses a number of issues reported since +release 4.3. Users of HttpClient 4.3 are strongly encouraged to upgrade. @@ -392,7 +394,7 @@ Changelog Contributed by Oleg Kalnichevski * [HTTPCLIENT-1402] Cache default User-Agent value. - Contributed by yuexiaojun + Contributed by yuexiaojun * [HTTPCLIENT-1398] Fixed invalid OSGi metadata caused by corrupted Maven bundle plugin metadata. Contributed by Oleg Kalnichevski @@ -406,32 +408,32 @@ Changelog Release 4.3 Final ------------------- -This is the first stable (GA) release of HttpClient 4.3. The most notable enhancements included +This is the first stable (GA) release of HttpClient 4.3. The most notable enhancements included in this release are: * Support for Java 7 try-with-resources for resource management (connection release.) -* Added fluent Builder classes for HttpEntity, HttpRequest, HttpClient and SSLContext instances. +* Added fluent Builder classes for HttpEntity, HttpRequest, HttpClient and SSLContext instances. * Deprecation of preference and configuration API based on HttpParams interface in favor of constructor injection and plain configuration objects. -* Reliance on object immutability instead of access synchronization for thread safety. +* Reliance on object immutability instead of access synchronization for thread safety. Several old classes whose instances can be shared by multiple request exchanges have -been replaced by immutable equivalents. +been replaced by immutable equivalents. -* DefaultHttpClient, DecompressingHttpClient, CachingHttpClient and similar classes are -deprecated in favor of builder classes that produce immutable HttpClient instances. +* DefaultHttpClient, DecompressingHttpClient, CachingHttpClient and similar classes are +deprecated in favor of builder classes that produce immutable HttpClient instances. -* HttpClient builders now dynamically construct a request execution pipeline tailored +* HttpClient builders now dynamically construct a request execution pipeline tailored specifically to the user configuration by physically excluding unnecessary protocol components. -* There is now an option to construct a minimal HttpClient implementation that can only execute +* There is now an option to construct a minimal HttpClient implementation that can only execute basic HTTP message exchanges without redirects, authentication, state management or proxy support. -This feature might be of particular use in web crawler development. +This feature might be of particular use in web crawler development. -* There is now option to avoid strict URI syntax for request URIs by executing HTTP requests -with an explicitly specified target host. HttpClient will no longer attempt to parse the request +* There is now option to avoid strict URI syntax for request URIs by executing HTTP requests +with an explicitly specified target host. HttpClient will no longer attempt to parse the request URI if it does not need to extract the target host from it. This release also includes all fixes from the stable 4.2.x release branch. @@ -443,11 +445,11 @@ Changelog Contributed by James Leigh * [HTTPCLIENT-1394] Support for Native windows Negotiate/NTLM via JNA - Contributed by Ryan McKinley + Contributed by Ryan McKinley * [HTTPCLIENT-1384] Expose CacheInvalidator interface. Contributed by Nicolas Richeton - + * [HTTPCLIENT-1385] Fixed path normalization in CacheKeyGenerator Contributed by James Leigh @@ -458,8 +460,8 @@ Changelog * [HTTPCLIENT-1373] OPTIONS and TRACE should not invalidate cache Contributed by James Leigh -* [HTTPCLIENT-1383] HttpClient enters an infinite loop during NTLM authentication if the opposite - endpoint keeps responding with a type 2 NTLM response after type 3 MTLM message has already been +* [HTTPCLIENT-1383] HttpClient enters an infinite loop during NTLM authentication if the opposite + endpoint keeps responding with a type 2 NTLM response after type 3 MTLM message has already been sent by the client. Contributed by Oleg Kalnichevski @@ -467,7 +469,7 @@ Changelog are no longer constrained to ASCII values. Contributed by Karl Wright -* [HTTPCLIENT-1377] User principal for non-NTLM authentication is incorrectly generated when using +* [HTTPCLIENT-1377] User principal for non-NTLM authentication is incorrectly generated when using user credentials are specified as NTCredentials Contributed by Gary Gregory @@ -476,12 +478,12 @@ Changelog Release 4.3 BETA2 ------------------- -This is the second BETA release of HttpClient 4.3. The most notable features and improvements -in the 4.3 branch are: Support for Java 7 try-with-resources for resource management (connection -release); fluent Builder classes for HttpEntity, HttpRequest and HttpClient instances, deprecation -of preference and configuration API based on HttpParams interface in favor of constructor injection -and plain configuration objects, reliance on object immutability instead of access synchronization -for thread safety. +This is the second BETA release of HttpClient 4.3. The most notable features and improvements +in the 4.3 branch are: Support for Java 7 try-with-resources for resource management (connection +release); fluent Builder classes for HttpEntity, HttpRequest and HttpClient instances, deprecation +of preference and configuration API based on HttpParams interface in favor of constructor injection +and plain configuration objects, reliance on object immutability instead of access synchronization +for thread safety. This release also includes all fixes from the stable 4.2.x release branch. @@ -495,7 +497,7 @@ Changelog * [HTTPCLIENT-1365] NPE when ManagedHttpClientConnectionFactory.create(ConnectionConfig) is called with null. Contributed by Gary Gregory -* [HTTPCLIENT-1362] Better error messages for connect timed out and connection refused +* [HTTPCLIENT-1362] Better error messages for connect timed out and connection refused exceptions. Contributed by Oleg Kalnichevski @@ -511,17 +513,17 @@ Changelog * [HTTPCLIENT-1351] Added utility method to resolve final location from original request, target host and a list of redirects. - Contributed by James Leigh + Contributed by James Leigh -* [HTTPCLIENT-1344] Userinfo credentials in URI should not default to preemptive BASIC - authentication. +* [HTTPCLIENT-1344] Userinfo credentials in URI should not default to preemptive BASIC + authentication. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1345] Useinfo credentials ignored in redirect location header. +* [HTTPCLIENT-1345] Useinfo credentials ignored in redirect location header. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1294] HttpClient to rewrite host name of the redirect location URI in order - to avoid circular redirect exception due to host name case mismatch. +* [HTTPCLIENT-1294] HttpClient to rewrite host name of the redirect location URI in order + to avoid circular redirect exception due to host name case mismatch. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1264] Add support for multiple levels of browser compatibility @@ -529,26 +531,26 @@ Changelog argument for IE medium-security compatibility. Contributed by Karl Wright (kwright at apache.org) -* [HTTPCLIENT-1349] SSLSocketFactory incorrectly identifies key passed with keystore as +* [HTTPCLIENT-1349] SSLSocketFactory incorrectly identifies key passed with keystore as the keystore password. Contributed by David Graff * [HTTPCLIENT-1346] Ensure propagation of SSL handshake exceptions. Contributed by Pasi Eronen -* [HTTPCLIENT-1343] SSLSocketFactory optional parameters for supported SSL protocols and cipher - suites. +* [HTTPCLIENT-1343] SSLSocketFactory optional parameters for supported SSL protocols and cipher + suites. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1238] Contribute Bundle Activator And Central Proxy Configuration. - Contributed by Simone Tripodi + Contributed by Simone Tripodi -* [HTTPCLIENT-1299] (regression) cache incorrectly disposes of the underlying cache resource +* [HTTPCLIENT-1299] (regression) cache incorrectly disposes of the underlying cache resource when storing variant entry. - Contributed by James Leigh + Contributed by James Leigh * [HTTPCLIENT-1342] Redirects with underscore character in the location hostname cause - "java.lang.IllegalArgumentException: Host name may not be null". + "java.lang.IllegalArgumentException: Host name may not be null". Contributed by Oleg Kalnichevski @@ -557,10 +559,10 @@ Release 4.3 BETA1 ------------------- This is the first BETA release of HttpClient 4.3. The 4.3 branch enhances HttpClient in several -key areas and includes several notable features and improvements: Support for Java 7 -try-with-resources for resource management (connection release); fluent Builder classes for -HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API -based on HttpParams interface in favor of constructor injection and plain configuration objects, +key areas and includes several notable features and improvements: Support for Java 7 +try-with-resources for resource management (connection release); fluent Builder classes for +HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API +based on HttpParams interface in favor of constructor injection and plain configuration objects, reliance on object immutability instead of access synchronization for thread safety. This release also includes all fixes from the stable 4.2.x release branch. @@ -569,10 +571,10 @@ This release also includes all fixes from the stable 4.2.x release branch. Changelog ------------------- -* [HTTPCLIENT-1317] InetAddressUtils should handle IPv6 Addresses with Embedded IPv4 Addresses +* [HTTPCLIENT-1317] InetAddressUtils should handle IPv6 Addresses with Embedded IPv4 Addresses Contributed Sebastian Bazley . -* [HTTPCLIENT-1320] Leverage javax.net.ssl.SSLSocketFactory#getDefault() to initialize SSL context +* [HTTPCLIENT-1320] Leverage javax.net.ssl.SSLSocketFactory#getDefault() to initialize SSL context based on system defaults instead of using an internal custom routine. Contributed by Abe Backus and Oleg Kalnichevski @@ -580,7 +582,7 @@ Changelog Contributed Sebastian Bazley . * [HTTPCLIENT-1307] Future based asynchronous request execution. - Contributed by Jilles van Gurp + Contributed by Jilles van Gurp * [HTTPCLIENT-1313] Fixed IllegalStateException in deprecated ThreadSafeClientConnManager. Contributed by Oleg Kalnichevski @@ -594,14 +596,14 @@ Release 4.3 ALPHA1 ------------------- This is the first ALPHA release of HttpClient 4.3. The 4.3 branch enhances HttpClient in several -key areas and includes several notable features and improvements: Support for Java 7 -try-with-resources for resource management (connection release); fluent Builder classes for -HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API -based on HttpParams interface in favor of constructor injection and plain configuration objects, -reliance on object immutability instead of access synchronization for thread safety. +key areas and includes several notable features and improvements: Support for Java 7 +try-with-resources for resource management (connection release); fluent Builder classes for +HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API +based on HttpParams interface in favor of constructor injection and plain configuration objects, +reliance on object immutability instead of access synchronization for thread safety. -We are kindly asking all upstream projects to review API changes and help us improve -the APIs by providing feedback and sharing ideas on dev@hc.apache.org. +We are kindly asking all upstream projects to review API changes and help us improve +the APIs by providing feedback and sharing ideas on dev@hc.apache.org. This release also includes all fixes from the stable 4.2.x release branch. @@ -612,24 +614,24 @@ their API may change in the future 4.3 alpha and beta releases. Changelog ------------------- -* [HTTPCLIENT-1250] Allow query string to be ignored when determining cacheability for +* [HTTPCLIENT-1250] Allow query string to be ignored when determining cacheability for HTTP 1.0 responses. - Contributed by Don Brown + Contributed by Don Brown * [HTTPCLIENT-1261] Make SystemDefaultHttpClient honor http.agent system property. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-900] Don't enforce URI syntax for messages with an explicit target host. +* [HTTPCLIENT-900] Don't enforce URI syntax for messages with an explicit target host. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1190] HttpClient cache does not support "Vary: Cookie" Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1259] Calling #abort() on requests executed with DecompressingHttpClient has no +* [HTTPCLIENT-1259] Calling #abort() on requests executed with DecompressingHttpClient has no effect. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1253] URIBuilder setParameter() method could exceed the HTTP header size. +* [HTTPCLIENT-1253] URIBuilder setParameter() method could exceed the HTTP header size. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1216] Added method to force clean thread-local used by DateUtils. @@ -639,9 +641,9 @@ Changelog Release 4.2.3 ------------------- -HttpClient 4.2.3 (GA) is a bug fix release that addresses a number of issues reported since -release 4.2.2. This release also includes a thoroughly reworked NTLM authentication engine -which should result in a better compatibility with the newest Microsoft products. +HttpClient 4.2.3 (GA) is a bug fix release that addresses a number of issues reported since +release 4.2.2. This release also includes a thoroughly reworked NTLM authentication engine +which should result in a better compatibility with the newest Microsoft products. Users of HttpClient 4.x are advised to upgrade. @@ -652,70 +654,70 @@ Changelog that has a -1 value for the port. Contributed by Karl Wright -* [HTTPCLIENT-1290] 304 cached response never reused with If-modified-since conditional - requests. +* [HTTPCLIENT-1290] 304 cached response never reused with If-modified-since conditional + requests. Contributed by Francois-Xavier Bonnet -* [HTTPCLIENT-1291] Absolute request URIs without an explicitly specified path are rewritten - to have "/" path). +* [HTTPCLIENT-1291] Absolute request URIs without an explicitly specified path are rewritten + to have "/" path). Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1286] Request URI rewriting is inconsistent - URI fragments are not removed - from absolute request URIs. +* [HTTPCLIENT-1286] Request URI rewriting is inconsistent - URI fragments are not removed + from absolute request URIs. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1284] HttpClient incorrectly generates Host header when physical connection - route differs from the host name specified in the request URI. + route differs from the host name specified in the request URI. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1293] Kerberos and SPNego auth schemes use incorrect authorization header name +* [HTTPCLIENT-1293] Kerberos and SPNego auth schemes use incorrect authorization header name when authenticating with a proxy. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1283] NTLM needs to use Locale-independent form of toUpperCase(). - Contributed by Karl Wright + Contributed by Karl Wright -* [HTTPCLIENT-1279] Target host responding with status 407 (proxy authentication required) - causes an NPE. +* [HTTPCLIENT-1279] Target host responding with status 407 (proxy authentication required) + causes an NPE. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1281] GzipDecompressingEntity does not release InputStream when an IOException - occurs while reading the Gzip header - Contributed by Francois-Xavier Bonnet +* [HTTPCLIENT-1281] GzipDecompressingEntity does not release InputStream when an IOException + occurs while reading the Gzip header + Contributed by Francois-Xavier Bonnet * [HTTPCLIENT-1277] Caching client sends a 304 to an unconditional request. Contributed by Francois-Xavier Bonnet * [HTTPCLIENT-1278] Update NTLM documentation. - Contributed by Karl Wright + Contributed by Karl Wright * SystemDefaultHttpClient misinterprets 'http.keepAlive' default value and disables connection persistence if the system property is not set. This causes connection based authentication schemes such as NTLM to fail. -* [HTTPCLIENT-1276] cache update on a 304 response causes NPE. - Contributed by Francois-Xavier Bonnet +* [HTTPCLIENT-1276] cache update on a 304 response causes NPE. + Contributed by Francois-Xavier Bonnet -* [HTTPCLIENT-1273] DecompressingHttpClient does not automatically consume response - content in case of an i/o, HTTP or runtime exception thrown by the decompressing - protocol interceptor leading to a potential connection leak. +* [HTTPCLIENT-1273] DecompressingHttpClient does not automatically consume response + content in case of an i/o, HTTP or runtime exception thrown by the decompressing + protocol interceptor leading to a potential connection leak. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1268] NTLM engine refactor fix, to correct a buffer overrun, and get NTLMv2 flags right. - Contributed by Karl Wright + Contributed by Karl Wright * [HTTPCLIENT-1266] NTLM engine refactoring and compatibility improvements. - Contributed by Karl Wright + Contributed by Karl Wright -* [HTTPCLIENT-1263] BrowserCompatSpec: attribute values containing spaces or special characters +* [HTTPCLIENT-1263] BrowserCompatSpec: attribute values containing spaces or special characters should be enclosed with quotes marks for version 1 cookies. - Contributed by Francois-Xavier Bonnet + Contributed by Francois-Xavier Bonnet * [HTTPCLIENT-1263] CachingHttpClient fails to release connections back to the connection - manager for some type of HTTP response messages when used together with DecompressingHttpClient. - Contributed by Francois-Xavier Bonnet + manager for some type of HTTP response messages when used together with DecompressingHttpClient. + Contributed by Francois-Xavier Bonnet * [HTTPCLIENT-1258] Fixed NullPointerException in NTLMEngineImpl caused by null NT domain attribute. @@ -729,10 +731,10 @@ Changelog -Release 4.2.2 +Release 4.2.2 ------------------- -HttpClient 4.2.2 (GA) is a bug fix release that addresses a number of issues reported since +HttpClient 4.2.2 (GA) is a bug fix release that addresses a number of issues reported since release 4.2.1. Users of HttpClient 4.2 are advised to upgrade. @@ -741,25 +743,25 @@ Changelog ------------------- * [HTTPCLIENT-1248] Default and lax redirect strategies should not convert requests redirected - with 307 status to GET method. + with 307 status to GET method. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1215] BasicAuthCache does not take default ports into consideration when looking up cached authentication details by HttpHost key. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1241] (regression) Preemptive BASIC authentication failure should be considered - final and no further attempts to re-authenticate using the same credentials should be made. +* [HTTPCLIENT-1241] (regression) Preemptive BASIC authentication failure should be considered + final and no further attempts to re-authenticate using the same credentials should be made. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1229] Fixed NPE in BasicClientConnectionManager that can be triggered by releasing - connection after the connection manager has already been shut down. + connection after the connection manager has already been shut down. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1227] Date parsing in DateUtils made more efficient. Contributed by Patrick Linskey -* [HTTPCLIENT-1224] (regression) NTLM auth not retried after a redirect over a non-persistent +* [HTTPCLIENT-1224] (regression) NTLM auth not retried after a redirect over a non-persistent connection. Contributed by Oleg Kalnichevski @@ -767,16 +769,16 @@ Changelog from Content-Location. Contributed by Jon Moore . Contributed by Jon Moore -* [HTTPCLIENT-1217] AutoRetryHttpClient does not release connection used by the previous response +* [HTTPCLIENT-1217] AutoRetryHttpClient does not release connection used by the previous response when request is retried Contributed by Oleg Kalnichevski -Release 4.2.1 +Release 4.2.1 ------------------- -HttpClient 4.2.1 (GA) is a bug fix release that addresses a number of issues reported since +HttpClient 4.2.1 (GA) is a bug fix release that addresses a number of issues reported since release 4.2. Users of HttpClient 4.2 are advised to upgrade. @@ -798,7 +800,7 @@ Changelog Contributed by Jon Moore * [HTTPCLIENT-1200] DecompressingHttpClient fails to generate correct HttpHost context attribute. - Contributed by Guillaume Castagnino + Contributed by Guillaume Castagnino * [HTTPCLIENT-1192] URIBuilder encodes query parameters twice. Contributed by Oleg Kalnichevski and Sebastian Bazley . @@ -806,14 +808,14 @@ Changelog * [HTTPCLIENT-1196] Fixed NPE in UrlEncodedFormEntity constructor thrown if charset is null. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1193] Fixed regression in the route tracking logic of the default connection manager +* [HTTPCLIENT-1193] Fixed regression in the route tracking logic of the default connection manager causing cross-site redirect failures. Contributed by Oleg Kalnichevski Release 4.2 ------------------- -This is the first stable (GA) release of HttpClient 4.2. The most notable enhancements included +This is the first stable (GA) release of HttpClient 4.2. The most notable enhancements included in this release are: * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes @@ -821,7 +823,7 @@ in this release are: that do not require the full flexibility of HttpClient. However, the fluent API almost fully relieves the users from having to deal with connection management and resource deallocation. -* Redesigned and rewritten connection management code. +* Redesigned and rewritten connection management code. * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges @@ -833,14 +835,14 @@ in this release are: Changelog ------------------- -* [HTTPCLIENT-1187] If a revalidation response is deemed too old CachingHttpClient fails to +* [HTTPCLIENT-1187] If a revalidation response is deemed too old CachingHttpClient fails to consume its content resulting in a connection leak. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1186] State of newly created connections in the connection pool is not always - correctly updated potentially allowing those connections to be leased to users with a different - security context. - Contributed by Ralf Poehlmann +* [HTTPCLIENT-1186] State of newly created connections in the connection pool is not always + correctly updated potentially allowing those connections to be leased to users with a different + security context. + Contributed by Ralf Poehlmann * [HTTPCLIENT-1179] Upgraded Commons Codec dependency to version 1.6 Contributed by Oleg Kalnichevski @@ -904,23 +906,23 @@ Changelog * [HTTPCLIENT-1154] MemcachedHttpCacheStorage should allow client to specify custom prefix string for keys. Contributed by Jon Moore . - + * [HTTPCLIENT-1153] MemcachedHttpCacheStorage uses URL as cache key; shouldn't due to fixed maximum-length memcached keys. Contributed by Jon Moore . - + * [HTTPCLIENT-1157] MemcachedHttpCacheStroage should throw IOExceptions instead of RuntimeExceptions. Contributed by James Miller . - + * [HTTPCLIENT-1152] MemcachedHttpCacheStorage should verify class of returned object before casting. Contributed by Rajika Kumarasiri . -* [HTTPCLIENT-1155] CachingHttpClient fails to ensure that the response content gets fully consumed +* [HTTPCLIENT-1155] CachingHttpClient fails to ensure that the response content gets fully consumed when using a ResponseHandler, which can potentially lead to connection leaks. Contributed by James Miller - + * [HTTPCLIENT-1147] When HttpClient-Cache cannot open cache file, should act like miss. Contributed by Joe Campbell @@ -929,7 +931,7 @@ Changelog * [HTTPCLIENT-1142] Infinite loop on NTLM authentication failure. Contributed by Oleg Kalnichevski - + * [HTTPCLIENT-1143] CachingHttpClient leaks connections with stale-if-error. Contributed by James Miller @@ -1027,20 +1029,20 @@ Changelog Release 4.1.2 ------------------- -The HttpClient 4.1.2 is a bug fix release that addresses a number of non-critical issues reported +The HttpClient 4.1.2 is a bug fix release that addresses a number of non-critical issues reported since release 4.1.1. * [HTTPCLIENT-1100] Missing Content-Length header makes cached entry invalid Contributed by Bart Robeyns -* [HTTPCLIENT-1098] Avoid expensive reverse DNS lookup on connect timeout exception. +* [HTTPCLIENT-1098] Avoid expensive reverse DNS lookup on connect timeout exception. Contributed by Thomas Boettcher -* [HTTPCLIENT-1097] BrowserCompatHostnameVerifier and StrictHostnameVerifier should handle +* [HTTPCLIENT-1097] BrowserCompatHostnameVerifier and StrictHostnameVerifier should handle wildcards in SSL certificates better. Contributed by Sebastian Bazley -* [HTTPCLIENT-1092] If ClientPNames.VIRTUAL_HOST does not provide the port, derive it from the +* [HTTPCLIENT-1092] If ClientPNames.VIRTUAL_HOST does not provide the port, derive it from the current request. Contributed by Sebastian Bazley @@ -1049,15 +1051,15 @@ since release 4.1.1. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1079] Fixed Kerberos cross-realm support - Contributed by Michael Osipov <1983-01-06 at gmx.net> + Contributed by Michael Osipov <1983-01-06 at gmx.net> -* [HTTPCLIENT-1078] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) +* [HTTPCLIENT-1078] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) do not close content stream in #writeTo() method. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1075] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) +* [HTTPCLIENT-1075] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity) do not correctly handle content streaming. - Contributed by James Abley + Contributed by James Abley * [HTTPCLIENT-1051] Avoid reverse DNS lookups when opening SSL connections by IP address. Contributed by Oleg Kalnichevski @@ -1066,18 +1068,18 @@ since release 4.1.1. Release 4.1.1 ------------------- -HttpClient v4.1.1 is a bug fix release that addresses a number of issues reported since -release 4.1, including one critical security issue (HTTPCLIENT-1061). All users of HttpClient 4.0.x +HttpClient v4.1.1 is a bug fix release that addresses a number of issues reported since +release 4.1, including one critical security issue (HTTPCLIENT-1061). All users of HttpClient 4.0.x and 4.1 are strongly encouraged to upgrade. -* [HTTPCLIENT-1069] HttpHostConnectException not correctly retried for direct and non-tunnelled - proxy connections. +* [HTTPCLIENT-1069] HttpHostConnectException not correctly retried for direct and non-tunnelled + proxy connections. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1066] Changed the way URIUtils#rewriteURI handles multiple consecutive slashes in the URI path component: multiple leading slashes will be replaced by one slash in order to avoid - confusion with the authority component. The remaining content of the path will not be modified. - (also see HTTPCLIENT-929). + confusion with the authority component. The remaining content of the path will not be modified. + (also see HTTPCLIENT-929). Contributed by Oleg Kalnichevski * [HTTPCLIENT-1061] Fixed critical bug causing Proxy-Authorization header to be sent to the target @@ -1085,10 +1087,10 @@ and 4.1 are strongly encouraged to upgrade. Contributed by Oleg Kalnichevski * [HTTPCLIENT-1056] Fixed bug causing the RequestAuthCache protocol interceptor to generate - an invalid AuthScope instance when looking up user credentials for preemptive authentication. + an invalid AuthScope instance when looking up user credentials for preemptive authentication. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1053] Fixed the way DigestScheme generates nonce-count values. +* [HTTPCLIENT-1053] Fixed the way DigestScheme generates nonce-count values. Contributed by Oleg Kalnichevski @@ -1101,7 +1103,7 @@ functional improvements and popular features. * Response caching conditionally compliant with HTTP/1.1 specification (full compliance with MUST requirements, partial compliance with SHOULD requirements) -* Full support for NTLMv1, NTLMv2, and NTLM2 Session authentication. The NTLM protocol code +* Full support for NTLMv1, NTLMv2, and NTLM2 Session authentication. The NTLM protocol code was kindly contributed by the Lucene Connector Framework project. * Support for SPNEGO/Kerberos authentication. @@ -1109,12 +1111,12 @@ functional improvements and popular features. * Persistence of authentication data between request executions within the same execution context. * Support for preemptive authentication for BASIC and DIGEST schemes. - -* Support for transparent content encoding. Please note transparent content encoding is not - enabled per default in order to avoid conflicts with already existing custom content encoding + +* Support for transparent content encoding. Please note transparent content encoding is not + enabled per default in order to avoid conflicts with already existing custom content encoding solutions. -* Mechanism to bypass the standard certificate trust verification (useful when dealing with +* Mechanism to bypass the standard certificate trust verification (useful when dealing with self-signed certificates). * Simplified configuration for connection managers. @@ -1127,7 +1129,7 @@ maintained and supported by the Apache HttpComponents project. Changelog ------------------- * The public API for the caching module had a minor change between 4.1-beta and 4.1-GA to the - HttpCacheEntry class - the deprecated public Set getVariantURIs() method and constructor + HttpCacheEntry class - the deprecated public Set getVariantURIs() method and constructor public HttpCacheEntry(Date requestDate, Date responseDate, StatusLine statusLine, Header[] responseHeaders, Resource resource, Set variants) @@ -1136,11 +1138,11 @@ Changelog * Changed Browser-Compatibility and Best-Match cookie policies to emulate the behaviour of FireFox more closely when parsing Netscape style cookies. Comma will no longer be treated as a header - element separator if Set-Cookie does not contain a Version attribute mandated by the + element separator if Set-Cookie does not contain a Version attribute mandated by the RFC2109 / RFC 2965 cookie specifications. Contributed by Oleg Kalnichevski -* [HTTPCLIENT-1036] StringBody has incorrect default for characterset. (Default changed +* [HTTPCLIENT-1036] StringBody has incorrect default for characterset. (Default changed to US-ASCII) Contributed by Sebastian Bazley @@ -1149,7 +1151,7 @@ Changelog Michajlo Matijkiw , and Matthew Hawthorne . -* [HTTPCLIENT-1033] HttpRoute.equals(Object o) is quite inefficient, as it does not take full +* [HTTPCLIENT-1033] HttpRoute.equals(Object o) is quite inefficient, as it does not take full advantage of shortcut logic. Contributed by Sebastian Bazley @@ -1160,8 +1162,8 @@ Release 4.1 BETA1 ------------------- HttpClient 4.1 BETA1 finalizes the 4.1 API and brings a number of major improvements to the HTTP -caching module. This release also adds full support for NTLMv1, NTLMv2, and NTLM2 Session -authentication. The NTLM protocol code was kindly contributed by the Lucene Connector Framework +caching module. This release also adds full support for NTLMv1, NTLMv2, and NTLM2 Session +authentication. The NTLM protocol code was kindly contributed by the Lucene Connector Framework project. Changelog @@ -1176,14 +1178,14 @@ Changelog Contributed by Karl Wright * [HTTPCLIENT-1008] Send all variants' ETags on "variant miss". - Contributed by Michajlo Matijkiw and + Contributed by Michajlo Matijkiw and Mohammed Azeem Uddin * [HTTPCLIENT-1011] Handling of IOExceptions thrown by cache components. Contributed by Jonathan Moore * [HTTPCLIENT-1003] Handle conditional requests in cache. - Contributed by Michajlo Matijkiw and + Contributed by Michajlo Matijkiw and Mohammed Azeem Uddin * [HTTPCLIENT-1002] Stale connection check fails if wire logging is on. @@ -1197,28 +1199,28 @@ Changelog Contributed by Oleg Kalnichevski * [HTTPCLIENT-998] Cache should use both Last-Modified and ETag for validations when available. - Contributed by Jonathan Moore + Contributed by Jonathan Moore -* [HTTPCLIENT-997] Cache module should handle out-of-order validations properly and unconditionally +* [HTTPCLIENT-997] Cache module should handle out-of-order validations properly and unconditionally refresh. - Contributed by Jonathan Moore + Contributed by Jonathan Moore -* [HTTPCLIENT-994] Cache does not allow client to override origin-specified freshness using +* [HTTPCLIENT-994] Cache does not allow client to override origin-specified freshness using max-stale. Contributed by Jonathan Moore -* [HTTPCLIENT-995] Cache returns cached responses even if validators not consistent with all +* [HTTPCLIENT-995] Cache returns cached responses even if validators not consistent with all conditional headers. Contributed by Jonathan Moore * [HTTPCLIENT-977] Memcached implementation for HttpCache. Contributed by Mohammed Azeem Uddin -* [HTTPCLIENT-992] cache should not generate stale responses to requests explicitly requesting +* [HTTPCLIENT-992] cache should not generate stale responses to requests explicitly requesting first-hand or fresh ones. Contributed by Jonathan Moore -* [HTTPCLIENT-991] cache module produces improperly formatted Warning header when revalidation +* [HTTPCLIENT-991] cache module produces improperly formatted Warning header when revalidation fails. Contributed by Jonathan Moore @@ -1238,18 +1240,18 @@ Changelog * [HTTPCLIENT-985] cache module should populate Via header to capture upstream and downstream protocols Contributed by Jonathan Moore -* [HTTPCLIENT-984] Additional conditional compliance tests for the caching module for +* [HTTPCLIENT-984] Additional conditional compliance tests for the caching module for Content-Encoding, Content-Location, Date, Expires, Server, Transfer-Encoding, and Vary headers. Contributed by Jonathan Moore * [HTTPCLIENT-978] HTTP cache update exception handling Contributed by Michajlo Matijkiw -* [HTTPCLIENT-981] CachingHttpClient returns a 411 respones when executing a POST (HttpPost) +* [HTTPCLIENT-981] CachingHttpClient returns a 411 respones when executing a POST (HttpPost) request. Contributed by Joe Campbell -* [HTTPCLIENT-980] CachingHttpClient returns a 503 response when the backend HttpClient produces +* [HTTPCLIENT-980] CachingHttpClient returns a 503 response when the backend HttpClient produces an IOException. Contributed by Jonathan Moore @@ -1258,7 +1260,7 @@ Changelog * [HTTPCLIENT-967] support for non-shared (private) caches Contributed by Jonathan Moore - + * [HTTPCLIENT-969] BasicCookieStore#getCookies() to return a copy of Cookie list Contributed by David Smiley