2.25 Mon Apr 27 14:11:40 CEST 2020
- fix incorrectly sending proxy requests to origin servers
when reusing proxy connections (analyzed and testcase by Ivan Robert).
- the sessionid parameter was documented as session in random
places - fix docs and keep using sessionid in the code as before.
- fix cookie format documentation.
2.24 Thu Aug 30 03:23:03 CEST 2018
- bring cookie management more in line with RFC 6265; implement idn
matching for cookie domains.
- update cookie_jar version to 2, invalidate existing cookie jars.
- preserve original cookie domain attribute.
- also expire old cookie jars in cookie parser, just in case.
- further improve relative redirection code.
- comment out code that tried to detect possible bugs with persistent
connection caching, but since it never triggered, it's probably
working fine :)
- do not call on_body callback on a response that AE::HTTP will recurse
on internally (reported by Антон Онуфриев and Ruslan Zakirov).
------------------------------------
2.23 Sun Aug 28 11:30:33 CEST 2016
- relative redirects used the proxy schema instead of the request
url schema to generate the new url, which is wrong (analyzed by Felix
Ostmann).
- fix download example (reported by Felix Ostmann).
--------------
2.22 Thu May 14 04:04:03 CEST 2015
- ipv6 literals were not correctly parsed (analyzed by Raphael Geissert).
- delete the body when mutating request to GET request when
redirecting (reported by joe trader).
- send proxy-authorization header to proxy when using CONNECT
(reported by dzagashev@gmail.com).
- do not send Proxy-Authroization header when not using a proxy.
- when retrying a persistent request, switch persistency off.
- added t/02_ip_literals.t.
Upstream changes:
2.21 Mon Jun 9 01:35:54 CEST 2014
- correctly keep body when redirecting POSTs, instead of
deleting them.
2.2 Mon Jun 9 01:31:46 CEST 2014
- connection header was malformed (patch by Raphael Geissert).
- add lots of known idempotent methods from httpbis.
- implement relative location headers (rfc 7231), with fallback on URI.
- add support for status code 308 from rfc 7238.
- recommend URI.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
Upstream changes:
2.15 Wed Nov 14 23:22:07 CET 2012
- use the recurse parameter to also limit the number of retries to be
done, avodiing endless loops with broken servers, as reported
by Carl Chambers.
2.14 Sun Apr 22 14:57:51 CEST 2012
- Time::Local::timegm croaks on out-of-range values. Don't let
this disturb AnyEvent::HTTP (reported by: tell me, I forgot...).
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
Changes from previous:
2.13 Wed Jul 27 17:53:58 CEST 2011
- garbled chunked responses caused AnyEvent::HTTP to malfunction
(patch by Dmitri Melikyan).
- fix GET => HEAD in one case in the documentation (James Bromberger).
2.12 Tue Jun 14 07:22:54 CEST 2011
- fix a possible 'Can't call method "destroyed"' error (which would
have been reported by Carl Chambers).
2.11 Tue May 10 14:33:28 CEST 2011
- the keepalive session cache wouldn't take port and scheme into account
when reusing connection - potentially causing information leaks
(reported by Nick Kostirya).
- bump AnyEvent dependency version (reported by Richard Harris).
2.1 Thu Feb 24 13:11:51 CET 2011
- the keepalive and persistent parameters were actually named
differently in the code - they now work as documented.
- fix a bug where callbacks would sometimes never be called when
the request timeout is near or below the persistent connection
timeout (testcase by Cindy Wang).
- destroying the guard would have no effect when a request was
recursing or being retired.
2.04 Sat Feb 19 07:45:24 CET 2011
- "proxy => undef" now overrides any global proxy when specified.
- require scheme in urls, also use a stricter match to match urls,
leading or trailing garbage is no longer tolerated.
- EXPERIMENTAL: allow '=' in cookie values.
2.03 Tue Jan 18 18:49:35 CET 2011
- dummy reupload, file gone from cpan somehow.
2.02 Wed Jan 12 04:29:37 CET 2011
- do not lowercase cookie names, only parameter names.
2.01 Tue Jan 11 07:38:15 CET 2011
- add missing dependency on common::sense.
- add a resume download example.
2.0 Tue Jan 4 09:16:56 CET 2011
- hopefully fully upgraded to HTTP/1.1.
- support HTTP/1.1 persistent and HTTP/1.0 keep-alive connections.
- drop https-proxy-connection support. seems unused and ill-specified.
- use more differentiated 59x status codes.
- properly use url (not proxy) hostname to verify server certificate.
- much improved cookie implementation:
- properly implement cookie expiry (for new cookies).
- new function to expire cookies and sessions: cookie_jar_expire.
- add special exception to parse broken expires= keys in
set-cookie headers.
- do not quote cookie values when not strictly necessary, to
improve compatibility with broken servers.
- accept and send lots of invalid cookie values exactly as
they were received - this should not impact valid values.
- lowercase cookie parameter names for improved compatibility.
- support the max-age cookie parameter, overrides expires.
- support cookie dates (and a few others) in parse_date.
- properly support value-less parameters (e.g. secure, httponly).
- do not send Host: header in a proxy CONNECT request.
- use common::sense.
- lowercase hostnames and schemes.
- ignore leading zeroes in http version.
- handle spaces in content-length headers more gracefully.
1.5 Fri Dec 31 04:47:08 CET 2010
- bugfix: after headers were received, if any error occured the wrong
(server-sent) Status and Reason fields would be passed to the callback.
- when an error occurs during transfer, preserve status/reason.
- add socks4a connect example.
- new "tcp_connect" parameter.
- new format_date and parse_date functions.
- diagnose unexpected eof as such when the length is known.
- add 205 to the responses without body.
1.46 Mon Sep 6 08:29:34 CEST 2010
- some (broken) servers differentiate between empty search parts
and nonexistant search parts, work around this (problem
analyzed by Sergey Zasenko).
- possibly increase robustness by always setting an on_error
callback on the AnyEvent::Handle object (especially in case
of user errors, such as nehative timeouts).
- we now always follow 301/302/303 redirects and mutate POST to GET.
- we now always follow 307 redirects, even for POST.
- header-less responses are not parsed correctly (at a negative
speed penatly :).
1.45 Wed Jun 16 21:15:26 CEST 2010
- fix a bug where the handle would go away directly after a successful
connect (analyzed and patch by Maxim Dounin).
- due to popular demand, introduce the Redirect pseudo response header.
- document URL pseudo-header better.
- explain how to implement DNS caching.
to trigger/signal a rebuild for the transition 5.10.1 -> 5.12.1.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=..."), minus the packages updated after
the perl package update.
sno@ was right after all, obache@ kindly asked and he@ led the
way. Thanks!
Upstream changes:
1.45 Wed Jun 16 21:15:26 CEST 2010
- fix a bug where the handle woudl go away directly after a successful
connect (analyzed and patch by Maxim Dounin).
- due to popular demand, introduce the Redirect pseudo response header.
- document URL pseudo-header better.
- explain how to implement DNS caching.
Packages Collection.
The Perl 5 module AnyEvent::HTTP is an AnyEvent user, you need to
make sure that you use and run a supported event loop. It implements
a simple, stateless and non-blocking HTTP client. It supports GET,
POST and other request methods, cookies and more, all on a very low
level. It can follow redirects supports proxies and automatically
limits the number of connections to the values specified in the
RFC.
