mirror of
https://github.com/HoneyryderChuck/httpx.git
synced 2025-07-26 00:00:49 -04:00
Compare commits
2 Commits
4848e5be14
...
5feba82ffb
Author | SHA1 | Date | |
---|---|---|---|
|
5feba82ffb | ||
|
1be8fdd1f0 |
@ -2,13 +2,13 @@
|
||||
|
||||
## improvements
|
||||
|
||||
* (Re-)enabling default retries in DNS name queries; this had been disabled as a result of revamping timouts, and resulted in queries only being sent once, which is very little for UDP-related traffic, and breaks if using DNs rate-limiting software. Retries the query just once, for now.
|
||||
* (Re-)enabling default retries in DNS name queries; this had been disabled as a result of revamping timeouts, and resulted in queries only being sent once, which is very little for UDP-related traffic, and breaks if using DNs rate-limiting software. Retries the query just once, for now.
|
||||
|
||||
## bugfixes
|
||||
|
||||
* reset timers when adding new intervals, as these may be added as a result on after-select connection handling, and must wait for the next tick cycle (before the patch, they were triggering too soon).
|
||||
* fixed "on close" callback leak on connection reuse, which caused linear performance regression in benchmarks performing one request per connection.
|
||||
* fixed hanging connection whan an HTTP/1.1 emitted a "connection: close" header but the server would not emit one (it closes the connection now).
|
||||
* fixed hanging connection when an HTTP/1.1 emitted a "connection: close" header but the server would not emit one (it closes the connection now).
|
||||
* fixed recursive dns cached lookups which may have already expired, and created nil entries in the returned address list.
|
||||
* dns system resolver is now able to retry on failure.
|
||||
|
||||
|
49
doc/release_notes/1_2_0.md
Normal file
49
doc/release_notes/1_2_0.md
Normal file
@ -0,0 +1,49 @@
|
||||
# 1.2.0
|
||||
|
||||
## Features
|
||||
|
||||
### `:ssrf_filter` plugin
|
||||
|
||||
The `:ssrf_filter` plugin prevents server-side request forgery attacks, by blocking requests to the internal network. This is useful when the URLs used to perform requests aren’t under the developer control (such as when they are inserted via a web application form).
|
||||
|
||||
```ruby
|
||||
http = HTTPX.plugin(:ssrf_filter)
|
||||
|
||||
# this works
|
||||
response = http.get("https://example.com")
|
||||
|
||||
# this doesn't
|
||||
response = http.get("http://localhost:3002")
|
||||
response = http.get("http://[::1]:3002")
|
||||
response = http.get("http://169.254.169.254/latest/meta-data/")
|
||||
```
|
||||
|
||||
More info under https://honeyryderchuck.gitlab.io/httpx/wiki/SSRF-Filter
|
||||
|
||||
### `:callbacks` plugin
|
||||
|
||||
The session callbacks introduced in v0.24.0 are in its own plugin. Older code will still work and emit a deprecation warning.
|
||||
|
||||
More info under https://honeyryderchuck.gitlab.io/httpx/wiki/Callbacks
|
||||
|
||||
### `:redirect_on` option for `:follow_redirects` plugin
|
||||
|
||||
This option allows passing a callback which, when returning `false`, can interrupt the redirect loop.
|
||||
|
||||
```ruby
|
||||
http = HTTPX.plugin(:follow_redirects).with(redirect_on: ->(location_uri) { BLACKLIST_HOSTS.include?(location_uri.host) })
|
||||
```
|
||||
|
||||
### `:close_on_handshake_timeout` timeout
|
||||
|
||||
A new `:timeout` option, `:close_handshake_timeout`, is added, which monitors connection readiness when performing HTTP/2 connection termination handshake.
|
||||
|
||||
## Improvements
|
||||
|
||||
* Internal "eden connections" concept was removed, and connection objects are now kept-and-reused during the lifetime of a session, even when closed. This simplified connectio pool implementation and improved performance.
|
||||
* request using `:proxy` and `:retries` plugin enabled sessions will now retry on proxy connection establishment related errors.
|
||||
|
||||
## Bugfixes
|
||||
|
||||
* webmock adapter: mocked responses storing decoded payloads won't try to decode them again (fixes vcr/webmock integrations).
|
||||
* webmock adapter: fix issue related with making real requests over webmock-enabled connection.
|
@ -1,5 +1,5 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
module HTTPX
|
||||
VERSION = "1.1.5"
|
||||
VERSION = "1.2.0"
|
||||
end
|
||||
|
Loading…
x
Reference in New Issue
Block a user