1.25.9:
* Added ``InvalidProxyConfigurationWarning`` which is raised when
erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently
support connecting to HTTPS proxies but will soon be able to
and we would like users to migrate properly without much breakage.
* Drain connection after ``PoolManager`` redirect
* Ensure ``load_verify_locations`` raises ``SSLError`` for all backends
* Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection``
* Allow the CA certificate data to be passed as a string
* Raise ``ValueError`` if method contains control characters
* Add ``__repr__`` to ``Timeout``
1.25.7:
* Preserve ``chunked`` parameter on retries
* Allow unset ``SERVER_SOFTWARE`` in App Engine
* Fix issue where URL fragment was sent within the request target.
* Fix issue where an empty query section in a URL would fail to parse.
* Remove TLS 1.3 support in SecureTransport due to Apple removing support
1.25.6:
* Fix issue where tilde (``~``) characters were incorrectly
percent-encoded in the path.
1.25.5:
* Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which
caused certificate verification to be enabled when using ``cert_reqs=CERT_NONE``.
1.25.4:
* Propagate Retry-After header settings to subsequent retries.
* Fix edge case where Retry-After header was still respected even when
explicitly opted out of.
* Remove dependency on ``rfc3986`` for URL parsing.
* Fix issue where URLs containing invalid characters within ``Url.auth`` would
raise an exception instead of percent-encoding those characters.
* Add support for ``HTTPResponse.auto_close = False`` which makes HTTP responses
work well with BufferedReaders and other ``io`` module features.
* Percent-encode invalid characters in URL for ``HTTPConnectionPool.request()``
1.25.3:
* Change HTTPSConnection to load system CA certificates
when ca_certs, ca_cert_dir, and ssl_context are
unspecified.
* Upgrade bundled rfc3986 to v1.3.2.
1.25.2:
* Change is_ipaddress to not detect IPvFuture addresses.
* Change parse_url to percent-encode invalid characters within the
path, query, and target components.
1.25:
* Require and validate certificates by default when using HTTPS.
* Upgraded urllib3.utils.parse_url() to be RFC 3986 compliant.
* Added support for key_password for HTTPSConnectionPool to use
encrypted key_file without creating your own SSLContext object.
* Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport SSLContext
implementations.
* Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft.
* Fixed issue where OpenSSL would block if an encrypted client private key was
given and no password was given. Instead an SSLError is raised.
* Added support for Brotli content encoding. It is enabled automatically if
brotlipy package is installed which can be requested with
urllib3[brotli] extra.
* Drop ciphers using DSS key exchange from default TLS cipher suites.
Improve default ciphers when using SecureTransport.
* Implemented a more efficient HTTPResponse.__iter__() method.
1.24.2:
* Don't load system certificates by default when any other ca_certs, ca_certs_dir or
ssl_context parameters are specified.
* Remove Authorization header regardless of case when redirecting to cross-site.
* Add support for IPv6 addresses in subjectAltName section of certificates.
1.24:
Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden.
Test against Python 3.7 on AppVeyor.
Early-out ipv6 checks when running on App Engine.
Change ambiguous description of backoff_factor
Add ability to handle multiple Content-Encodings
Skip DNS names that can't be idna-decoded when using pyOpenSSL
Add a server_hostname parameter to HTTPSConnection which allows for overriding the SNI hostname sent in the handshake.
Drop support for EOL Python 2.6
Fixed bug where responses with header Content-Type: message/* erroneously raised HeaderParsingError, resulting in a warning being logged.
Move urllib3 to src/urllib3
1.23:
* Allow providing a list of headers to strip from requests when redirecting
to a different host. Defaults to the Authorization header. Different
headers can be set via Retry.remove_headers_on_redirect.
* Fix util.selectors._fileobj_to_fd to accept long
* Dropped Python 3.3 support.
* Put the connection back in the pool when calling stream() or read_chunked() on
a chunked HEAD response.
* Fixed pyOpenSSL-specific ssl client authentication issue when clients
attempted to auth via certificate + chain
* Add the port to the connectionpool connect print
* Don't use the uuid module to create multipart data boundaries.
* read_chunked() on a closed response returns no chunks.
* Add Python 2.6 support to contrib.securetransport
* Added support for auth info in url for SOCKS proxy
Fixed missing brackets in HTTP CONNECT when connecting to IPv6 address via IPv6 proxy.
Made the connection pool retry on SSLError. The original SSLError is available on MaxRetryError.reason.
Drain and release connection before recursing on retry/redirect. Fixes deadlocks with a blocking connectionpool.
Fixed compatibility for cookiejar.
pyopenssl: Use vendored version of six
Fixed SecureTransport issue that would cause long delays in response body delivery.
Fixed regression in 1.21 that threw exceptions when users passed the socket_options flag to the PoolManager.
Fixed regression in 1.21 that threw exceptions when users passed the assert_hostname or assert_fingerprint flag to the PoolManager.
Added support for waiting for I/O using selectors other than select, improving urllib3’s behaviour with large numbers of concurrent connections. (Pull 1001)
Updated the date for the system clock check. (Issue 1005)
ConnectionPools now correctly consider hostnames to be case-insensitive. (Issue 1032)
Outdated versions of PyOpenSSL now cause the PyOpenSSL contrib module to fail when it is injected, rather than at first use. (Pull 1063)
Outdated versions of cryptography now cause the PyOpenSSL contrib module to fail when it is injected, rather than at first use. (Issue 1044)
Automatically attempt to rewind a file-like body object when a request is retried or redirected. (Pull 1039)
Fix some bugs that occur when modules incautiously patch the queue module. (Pull 1061)
Prevent retries from occuring on read timeouts for which the request method was not in the method whitelist. (Issue 1059)
Changed the PyOpenSSL contrib module to lazily load idna to avoid unnecessarily bloating the memory of programs that don’t need it. (Pull 1076)
Add support for IPv6 literals with zone identifiers. (Pull 1013)
Added support for socks5h:// and socks4a:// schemes when working with SOCKS proxies, and controlled remote DNS appropriately. (Issue 1035)
1.14 (2015-12-29)
+++++++++++++++++
* contrib: SOCKS proxy support! (Issue #762)
* Fixed AppEngine handling of transfer-encoding header and bug
in Timeout defaults checking. (Issue #763)
1.13.1 (2015-12-18)
+++++++++++++++++++
* Fixed regression in IPv6 + SSL for match_hostname. (Issue #761)
1.13 (2015-12-14)
+++++++++++++++++
* Fixed ``pip install urllib3[secure]`` on modern pip. (Issue #706)
* pyopenssl: Fixed SSL3_WRITE_PENDING error. (Issue #717)
* pyopenssl: Support for TLSv1.1 and TLSv1.2. (Issue #696)
* Close connections more defensively on exception. (Issue #734)
* Adjusted ``read_chunked`` to handle gzipped, chunk-encoded bodies without
repeatedly flushing the decoder, to function better on Jython. (Issue #743)
* Accept ``ca_cert_dir`` for SSL-related PoolManager configuration. (Issue #758)
1.12 (2015-09-03)
+++++++++++++++++
* Rely on ``six`` for importing ``httplib`` to work around
conflicts with other Python 3 shims. (Issue #688)
* Add support for directories of certificate authorities, as supported by
OpenSSL. (Issue #701)
* New exception: ``NewConnectionError``, raised when we fail to establish
a new connection, usually ``ECONNREFUSED`` socket error.
1.11 (2015-07-21)
+++++++++++++++++
* When ``ca_certs`` is given, ``cert_reqs`` defaults to
``'CERT_REQUIRED'``. (Issue #650)
* ``pip install urllib3[secure]`` will install Certifi and
PyOpenSSL as dependencies. (Issue #678)
* Made ``HTTPHeaderDict`` usable as a ``headers`` input value
(Issues #632, #679)
* Added `urllib3.contrib.appengine <https://urllib3.readthedocs.org/en/latest/contrib.html#google-app-engine>`_
which has an ``AppEngineManager`` for using ``URLFetch`` in a
Google AppEngine environment. (Issue #664)
* Dev: Added test suite for AppEngine. (Issue #631)
* Fix performance regression when using PyOpenSSL. (Issue #626)
* Passing incorrect scheme (e.g. ``foo://``) will raise
``ValueError`` instead of ``AssertionError`` (backwards
compatible for now, but please migrate). (Issue #640)
* Fix pools not getting replenished when an error occurs during a
request using ``release_conn=False``. (Issue #644)
* Fix pool-default headers not applying for url-encoded requests
like GET. (Issue #657)
* log.warning in Python 3 when headers are skipped due to parsing
errors. (Issue #642)
* Close and discard connections if an error occurs during read.
(Issue #660)
* Fix host parsing for IPv6 proxies. (Issue #668)
* Separate warning type SubjectAltNameWarning, now issued once
per host. (Issue #671)
* Fix ``httplib.IncompleteRead`` not getting converted to
``ProtocolError`` when using ``HTTPResponse.stream()``
(Issue #674)
1.10.4 (2015-05-03)
+++++++++++++++++++
* Migrate tests to Tornado 4. (Issue #594)
* Append default warning configuration rather than overwrite.
(Issue #603)
* Fix streaming decoding regression. (Issue #595)
* Fix chunked requests losing state across keep-alive connections.
(Issue #599)
* Fix hanging when chunked HEAD response has no body. (Issue #605)
1.10.3 (2015-04-21)
+++++++++++++++++++
* Emit ``InsecurePlatformWarning`` when SSLContext object is missing.
(Issue #558)
* Fix regression of duplicate header keys being discarded.
(Issue #563)
* ``Response.stream()`` returns a generator for chunked responses.
(Issue #560)
* Set upper-bound timeout when waiting for a socket in PyOpenSSL.
(Issue #585)
* Work on platforms without `ssl` module for plain HTTP requests.
(Issue #587)
* Stop relying on the stdlib's default cipher list. (Issue #588)
1.10.2 (2015-02-25)
+++++++++++++++++++
* Fix file descriptor leakage on retries. (Issue #548)
* Removed RC4 from default cipher list. (Issue #551)
* Header performance improvements. (Issue #544)
* Fix PoolManager not obeying redirect retry settings. (Issue #553)
1.10.1 (2015-02-10)
+++++++++++++++++++
* Pools can be used as context managers. (Issue #545)
* Don't re-use connections which experienced an SSLError. (Issue #529)
* Don't fail when gzip decoding an empty stream. (Issue #535)
* Add sha256 support for fingerprint verification. (Issue #540)
* Fixed handling of header values containing commas. (Issue #533)
Changes
1.10.1 (2015-02-10)
Pools can be used as context managers. (Issue #545)
Don’t re-use connections which experienced an SSLError. (Issue #529)
Don’t fail when gzip decoding an empty stream. (Issue #535)
Add sha256 support for fingerprint verification. (Issue #540)
Fixed handling of header values containing commas. (Issue #533)
1.10 (2014-12-14)
Disabled SSLv3. (Issue #473)
Add Url.url property to return the composed url string. (Issue #394)
Fixed PyOpenSSL + gevent WantWriteError. (Issue #412)
MaxRetryError.reason will always be an exception, not string. (Issue #481)
Fixed SSL-related timeouts not being detected as timeouts. (Issue #492)
Py3: Use ssl.create_default_context() when available. (Issue #473)
Emit InsecureRequestWarning for every insecure HTTPS request. (Issue #496)
Emit SecurityWarning when certificate has no subjectAltName. (Issue #499)
Close and discard sockets which experienced SSL-related errors. (Issue #501)
Handle body param in .request(...). (Issue #513)
Respect timeout with HTTPS proxy. (Issue #505)
PyOpenSSL: Handle ZeroReturnError exception. (Issue #520)
1.9.1 (2014-09-13)
Apply socket arguments before binding. (Issue #427)
More careful checks if fp-like object is closed. (Issue #435)
Fixed packaging issues of some development-related files not getting included. (Issue #440)
Allow performing only fingerprint verification. (Issue #444)
Emit SecurityWarning if system clock is waaay off. (Issue #445)
Fixed PyOpenSSL compatibility with PyPy. (Issue #450)
Fixed BrokenPipeError and ConnectionError handling in Py3. (Issue #443)
1.9 (2014-07-04)
Shuffled around development-related files. If you’re maintaining a distro package of urllib3, you may need to tweak things. (Issue #415)
Unverified HTTPS requests will trigger a warning on the first request. See our new security documentation for details. (Issue #426)
New retry logic and urllib3.util.retry.Retry configuration object. (Issue #326)
All raised exceptions should now wrapped in a urllib3.exceptions.HTTPException-extending exception. (Issue #326)
All errors during a retry-enabled request should be wrapped in urllib3.exceptions.MaxRetryError, including timeout-related exceptions which were previously exempt. Underlying error is accessible from the .reason propery. (Issue #326)
urllib3.exceptions.ConnectionError renamed to urllib3.exceptions.ProtocolError. (Issue #326)
Errors during response read (such as IncompleteRead) are now wrapped in urllib3.exceptions.ProtocolError. (Issue #418)
Requesting an empty host will raise urllib3.exceptions.LocationValueError. (Issue #417)
Catch read timeouts over SSL connections as urllib3.exceptions.ReadTimeoutError. (Issue #419)
Apply socket arguments before connecting. (Issue #427)
1.8.3 (2014-06-23)
Fix TLS verification when using a proxy in Python 3.4.1. (Issue #385)
Add disable_cache option to urllib3.util.make_headers. (Issue #393)
Wrap socket.timeout exception with urllib3.exceptions.ReadTimeoutError. (Issue #399)
Fixed proxy-related bug where connections were being reused incorrectly. (Issues #366, #369)
Added socket_options keyword parameter which allows to define setsockopt configuration of new sockets. (Issue #397)
Removed HTTPConnection.tcp_nodelay in favor of HTTPConnection.default_socket_options. (Issue #397)
Fixed TypeError bug in Python 2.6.4. (Issue #411)
Collection.
HTTP library with thread-safe connection pooling, file post, and more.
Highlights
* Re-use the same socket connection for multiple requests (HTTPConnectionPool
and HTTPSConnectionPool) (with optional client-side certificate
verification).
* File posting (encode_multipart_formdata).
* Built-in redirection and retries (optional).
* Supports gzip and deflate decoding.
* Thread-safe and sanity-safe.
* Works with AppEngine, gevent, and eventlib.
* Tested on Python 2.6+ and Python 3.2+, 100% unit test coverage.
* Small and easy to understand codebase perfect for extending and building
upon. For a more comprehensive solution, have a look at Requests which is
also powered by urllib3.
