Changes:
2.5.2 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
upgrade that was emitted by ``initiate_upgrade_connection`` included the
*entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
than have those settings applied appropriately.
2.4.3 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
upgrade that was emitted by ``initiate_upgrade_connection`` included the
*entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
than have those settings applied appropriately.
2.3.4 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
upgrade that was emitted by ``initiate_upgrade_connection`` included the
*entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
than have those settings applied appropriately.
2.5.1 (2016-12-17)
------------------
Bugfixes
~~~~~~~~
- Remote peers are now allowed to send zero or any positive number as a value
for ``SETTINGS_MAX_HEADER_LIST_SIZE``, where previously sending zero would
raise a ``InvalidSettingsValueError``.
2.5.0 (2016-10-25)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new ``H2Configuration`` object that allows rich configuration of
a ``H2Connection``. This object supersedes the prior keyword arguments to the
``H2Connection`` object, which are now deprecated and will be removed in 3.0.
- Added support for automated window management via the
``acknowledge_received_data`` method. See the documentation for more details.
- Added a ``DenialOfServiceError`` that is raised whenever a behaviour that
looks like a DoS attempt is encountered: for example, an overly large
decompressed header list. This is a subclass of ``ProtocolError``.
- Added support for setting and managing ``SETTINGS_MAX_HEADER_LIST_SIZE``.
This setting is now defaulted to 64kB.
- Added ``h2.errors.ErrorCodes``, an enum that is used to store all the HTTP/2
error codes. This allows us to use a better printed representation of the
error code in most places that it is used.
- The ``error_code`` fields on ``ConnectionTerminated`` and ``StreamReset``
events have been updated to be instances of ``ErrorCodes`` whenever they
correspond to a known error code. When they are an unknown error code, they
are instead ``int``. As ``ErrorCodes`` is a subclass of ``int``, this is
non-breaking.
- Deprecated the other fields in ``h2.errors``. These will be removed in 3.0.0.
Bugfixes
~~~~~~~~
- Correctly reject request header blocks with neither :authority nor Host
headers, or header blocks which contain mismatched :authority and Host
headers, per RFC 7540 Section 8.1.2.3.
- Correctly expect that responses to HEAD requests will have no body regardless
of the value of the Content-Length header, and reject those that do.
- Correctly refuse to send header blocks that contain neither :authority nor
Host headers, or header blocks which contain mismatched :authority and Host
headers, per RFC 7540 Section 8.1.2.3.
- Hyper-h2 will now reject header field names and values that contain leading
or trailing whitespace.
- Correctly strip leading/trailing whitespace from header field names and
values.
- Correctly refuse to send header blocks with a TE header whose value is not
``trailers``, per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks with connection-specific headers,
per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks that contain duplicate pseudo-header
fields, or with pseudo-header fields that appear after ordinary header fields,
per RFC 7540 Section 8.1.2.1.
This may cause passing a dictionary as the header block to ``send_headers``
to throw a ``ProtocolError``, because dictionaries are unordered and so they
may trip this check. Passing dictionaries here is deprecated, and callers
should change to using a sequence of 2-tuples as their header blocks.
- Correctly reject trailers that contain HTTP/2 pseudo-header fields, per RFC
7540 Section 8.1.2.1.
- Correctly refuse to send trailers that contain HTTP/2 pseudo-header fields,
per RFC 7540 Section 8.1.2.1.
- Correctly reject responses that do not contain the ``:status`` header field,
per RFC 7540 Section 8.1.2.4.
- Correctly refuse to send responses that do not contain the ``:status`` header
field, per RFC 7540 Section 8.1.2.4.
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.4.2 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.3.3 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.2.7 (2016-10-25)
------------------
*Final 2.2.X release*
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.4.1 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
of the value of the Content-Length header, and reject those that do.
2.3.2 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
of the value of the Content-Length header, and reject those that do.
2.4.0 (2016-07-01)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Adds ``additional_data`` to ``H2Connection.close_connection``, allowing the
user to send additional debug data on the GOAWAY frame.
- Adds ``last_stream_id`` to ``H2Connection.close_connection``, allowing the
user to manually control what the reported last stream ID is.
- Add new method: ``prioritize``.
- Add support for emitting stream priority information when sending headers
frames using three new keyword arguments: ``priority_weight``,
``priority_depends_on``, and ``priority_exclusive``.
- Add support for "related events": events that fire simultaneously on a single
frame.
2.3.1 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
of CONTINUATION frames on a given connection.
2.2.5 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
of CONTINUATION frames on a given connection.
2.3.0 (2016-04-26)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new flag to the ``H2Connection`` constructor: ``header_encoding``,
that controls what encoding is used (if any) to decode the headers from bytes
to unicode. This defaults to UTF-8 for backward compatibility. To disable the
decode and use bytes exclusively, set the field to False, None, or the empty
string. This affects all headers, including those pushed by servers.
- Bumped the minimum version of HPACK allowed from 2.0 to 2.2.
- Added support for advertising RFC 7838 Alternative services.
- Allowed users to provide ``hpack.HeaderTuple`` and
``hpack.NeverIndexedHeaderTuple`` objects to all methods that send headers.
- Changed all events that carry headers to emit ``hpack.HeaderTuple`` and
``hpack.NeverIndexedHeaderTuple`` instead of plain tuples. This allows users
to maintain header indexing state.
- Added support for plaintext upgrade with the ``initiate_upgrade_connection``
method.
Bugfixes
~~~~~~~~
- Automatically ensure that all ``Authorization`` and ``Proxy-Authorization``
headers, as well as short ``Cookie`` headers, are prevented from being added
to encoding contexts.
2.2.4 (2016-04-25)
------------------
Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.
2.1.5 (2016-04-25)
------------------
*Final 2.1.X release*
Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.
Changes:
2.2.3 (2016-04-13)
------------------
Bugfixes
~~~~~~~~
- Allowed the 4.X series of hyperframe releases as dependencies.
2.1.4 (2016-04-13)
------------------
Bugfixes
~~~~~~~~
- Allowed the 4.X series of hyperframe releases as dependencies.
2.2.2 (2016-04-05)
------------------
Bugfixes
~~~~~~~~
- Fixed issue where informational responses were erroneously not allowed to be
sent in the ``HALF_CLOSED_REMOTE`` state.
- Fixed issue where informational responses were erroneously not allowed to be
received in the ``HALF_CLOSED_LOCAL`` state.
- Fixed issue where we allowed information responses to be sent or received
after final responses.
2.2.1 (2016-03-23)
------------------
Bugfixes
~~~~~~~~
- Fixed issue where users using locales that did not default to UTF-8 were
unable to install source distributions of the package.
2.2.0 (2016-03-23)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added support for sending informational responses (responses with 1XX status)
codes as part of the standard flow. HTTP/2 allows zero or more informational
responses with no upper limit: hyper-h2 does too.
- Added support for receiving informational responses (responses with 1XX
status) codes as part of the standard flow. HTTP/2 allows zero or more
informational responses with no upper limit: hyper-h2 does too.
- Added a new event: ``ReceivedInformationalResponse``. This response is fired
when informational responses (those with 1XX status codes).
- Added an ``additional_data`` field to the ``ConnectionTerminated`` event that
carries any additional data sent on the GOAWAY frame. May be ``None`` if no
such data was sent.
- Added the ``initial_values`` optional argument to the ``Settings`` object.
Bugfixes
~~~~~~~~
- Correctly reject all of the connection-specific headers mentioned in RFC 7540
§ 8.1.2.2, not just the ``Connection:`` header.
- Defaulted the value of ``SETTINGS_MAX_CONCURRENT_STREAMS`` to 100, unless
explicitly overridden. This is a safe defensive initial value for this
setting.
2.1.3 (2016-03-16)
------------------
Deprecations
~~~~~~~~~~~~
- Passing dictionaries to ``send_headers`` as the header block is deprecated,
and will be removed in 3.0.
2.1.2 (2016-02-17)
------------------
Bugfixes
~~~~~~~~
- Reject attempts to push streams on streams that were themselves pushed:
streams can only be pushed on streams that were initiated by the client.
- Correctly allow CONTINUATION frames to extend the header block started by a
PUSH_PROMISE frame.
- Changed our handling of frames received on streams that were reset by the
user.
Previously these would, at best, cause ProtocolErrors to be raised and the
connection to be torn down (rather defeating the point of resetting streams
at all) and, at worst, would cause subtle inconsistencies in state between
hyper-h2 and the remote peer that could lead to header block decoding errors
or flow control blockages.
Now when the user resets a stream all further frames received on that stream
are ignored except where they affect some form of connection-level state,
where they have their effect and are then ignored.
- Fixed a bug whereby receiving a PUSH_PROMISE frame on a stream that was
closed would cause a RST_STREAM frame to be emitted on the closed-stream,
but not the newly-pushed one. Now this causes a ``ProtocolError``.
Hyper-h2 is a HTTP/2 protocol stack, written entirely in Python. The goal
of Hyper-h2 is to be a common HTTP/2 stack for the Python ecosystem, usable
in all programs regardless of concurrency model or environment.
To achieve this, Hyper-h2 is entirely self-contained: it does no I/O of any
kind, leaving that up to a wrapper library to control. This ensures that it
can seamlessly work in all kinds of environments, from single-threaded code
to Twisted.
Its goal is to be 100% compatible with RFC 7540, implementing a complete
HTTP/2 protocol stack build on a set of finite state machines. Its
secondary goals are to be fast, clear, and efficient.
leot
wiz