Compare commits

...

2 Commits

Author SHA1 Message Date
HoneyryderChuck
5feba82ffb fixing docs typos & syntax 2023-12-14 18:16:56 +00:00
HoneyryderChuck
1be8fdd1f0 bumped version to 1.2.0 2023-12-14 18:01:35 +00:00
3 changed files with 52 additions and 3 deletions

View File

@ -2,13 +2,13 @@
## improvements
* (Re-)enabling default retries in DNS name queries; this had been disabled as a result of revamping timouts, and resulted in queries only being sent once, which is very little for UDP-related traffic, and breaks if using DNs rate-limiting software. Retries the query just once, for now.
* (Re-)enabling default retries in DNS name queries; this had been disabled as a result of revamping timeouts, and resulted in queries only being sent once, which is very little for UDP-related traffic, and breaks if using DNs rate-limiting software. Retries the query just once, for now.
## bugfixes
* reset timers when adding new intervals, as these may be added as a result on after-select connection handling, and must wait for the next tick cycle (before the patch, they were triggering too soon).
* fixed "on close" callback leak on connection reuse, which caused linear performance regression in benchmarks performing one request per connection.
* fixed hanging connection whan an HTTP/1.1 emitted a "connection: close" header but the server would not emit one (it closes the connection now).
* fixed hanging connection when an HTTP/1.1 emitted a "connection: close" header but the server would not emit one (it closes the connection now).
* fixed recursive dns cached lookups which may have already expired, and created nil entries in the returned address list.
* dns system resolver is now able to retry on failure.

View File

@ -0,0 +1,49 @@
# 1.2.0
## Features
### `:ssrf_filter` plugin
The `:ssrf_filter` plugin prevents server-side request forgery attacks, by blocking requests to the internal network. This is useful when the URLs used to perform requests arent under the developer control (such as when they are inserted via a web application form).
```ruby
http = HTTPX.plugin(:ssrf_filter)
# this works
response = http.get("https://example.com")
# this doesn't
response = http.get("http://localhost:3002")
response = http.get("http://[::1]:3002")
response = http.get("http://169.254.169.254/latest/meta-data/")
```
More info under https://honeyryderchuck.gitlab.io/httpx/wiki/SSRF-Filter
### `:callbacks` plugin
The session callbacks introduced in v0.24.0 are in its own plugin. Older code will still work and emit a deprecation warning.
More info under https://honeyryderchuck.gitlab.io/httpx/wiki/Callbacks
### `:redirect_on` option for `:follow_redirects` plugin
This option allows passing a callback which, when returning `false`, can interrupt the redirect loop.
```ruby
http = HTTPX.plugin(:follow_redirects).with(redirect_on: ->(location_uri) { BLACKLIST_HOSTS.include?(location_uri.host) })
```
### `:close_on_handshake_timeout` timeout
A new `:timeout` option, `:close_handshake_timeout`, is added, which monitors connection readiness when performing HTTP/2 connection termination handshake.
## Improvements
* Internal "eden connections" concept was removed, and connection objects are now kept-and-reused during the lifetime of a session, even when closed. This simplified connectio pool implementation and improved performance.
* request using `:proxy` and `:retries` plugin enabled sessions will now retry on proxy connection establishment related errors.
## Bugfixes
* webmock adapter: mocked responses storing decoded payloads won't try to decode them again (fixes vcr/webmock integrations).
* webmock adapter: fix issue related with making real requests over webmock-enabled connection.

View File

@ -1,5 +1,5 @@
# frozen_string_literal: true
module HTTPX
VERSION = "1.1.5"
VERSION = "1.2.0"
end