Changelog History
Page 1
-
v4.10.0-RC1
2020-10-06
๐ This release candidate adds support for [GraalVM][graalvm].
GraalVM is an exciting new platform and we're eager to adopt it. The startup time improvements over the JVM are particularly impressive. Try it with okcurl:
$ ./gradlew okcurl:nativeImage $ ./okcurl/build/graal/okcurl https://cash.app/robots.txt
๐ This is our first release that supports GraalVM. Our code on this platform is less mature than JVM and Android! Please report any issues you encounter: we'll fix them urgently.
- Fix: Attempt to read the response body even if the server canceled the request. This will cause
some calls to return nice error codes like
HTTP/1.1 429 Too Many Requests
instead of transport errors likeSocketException: Connection reset
andStreamResetException: stream was reset: CANCEL
. - New: Support OSGi metadata.
Upgrade: [Okio 2.9.0][okio_2_9_0].
implementation("com.squareup.okio:okio:2.9.0")
- Fix: Attempt to read the response body even if the server canceled the request. This will cause
some calls to return nice error codes like
-
v4.9.0
2020-09-11
๐ With this release,
okhttp-tls
no longer depends on Bouncy Castle and doesn't install the ๐ Bouncy Castle security provider. If you still need it, you can do it yourself:Security.addProvider(BouncyCastleProvider())
๐ง You will also need to configure this dependency:
dependencies { implementation "org.bouncycastle:bcprov-jdk15on:1.65" }
- Upgrade: [Kotlin 1.4.10][kotlin_1_4_10]. We now use Kotlin 1.4.x [functional
interfaces][fun_interface] for
Authenticator
,Interceptor
, and others. - Upgrade: Build with Conscrypt 2.5.1.
- Upgrade: [Kotlin 1.4.10][kotlin_1_4_10]. We now use Kotlin 1.4.x [functional
interfaces][fun_interface] for
-
v4.8.1
2020-08-06
- Fix: Don't crash in
HeldCertificate.Builder
when creating certificates on older versions of Android, including Android 6. We were using a feature ofSimpleDateFormat
that wasn't available in those versions!
- Fix: Don't crash in
-
v4.8.0
2020-07-11
New: Change
HeldCertificate.Builder
to use its own ASN.1 certificate encoder. This is part of our effort to remove the okhttp-tls module's dependency on Bouncy Castle. We think Bouncy Castle is great! But it's a large dependency (6.5 MiB) and its security provider feature impacts VM-wide behavior.New: Reduce contention for applications that make a very high number of concurrent requests. Previously OkHttp used its connection pool as a lock when making changes to connections and calls. With this change each connection is locked independently.
Upgrade: [Okio 2.7.0][okio_2_7_0].
implementation("com.squareup.okio:okio:2.7.0")
Fix: Avoid log messages like "Didn't find class org.conscrypt.ConscryptHostnameVerifier" when detecting the TLS capabilities of the host platform.
Fix: Don't crash in
HttpUrl.topPrivateDomain()
when the hostname is malformed.Fix: Don't attempt Brotli decompression if the response body is empty.
-
v4.7.2
May 20, 20202020-05-20
- Fix: Don't crash inspecting whether the host platform is JVM or Android. With 4.7.0 and 4.7.1 we
had a crash
IllegalArgumentException: Not a Conscrypt trust manager
because we depended on initialization order of companion objects.
- Fix: Don't crash inspecting whether the host platform is JVM or Android. With 4.7.0 and 4.7.1 we
had a crash
-
v4.7.1
May 18, 20202020-05-18
- Fix: Pass the right arguments in the trust manager created for
addInsecureHost()
. Without the fix insecure hosts crash with anIllegalArgumentException
on Android.
- Fix: Pass the right arguments in the trust manager created for
-
v4.7.0
May 17, 20202020-05-17
New:
HandshakeCertificates.Builder.addInsecureHost()
makes it easy to turn off security in private development environments that only carry test data. Prefer this over creating an all-trustingTrustManager
because only hosts on the allowlist are insecure. From [our DevServer sample][dev_server]:val clientCertificates = HandshakeCertificates.Builder() .addPlatformTrustedCertificates() .addInsecureHost("localhost") .build() val client = OkHttpClient.Builder() .sslSocketFactory(clientCertificates.sslSocketFactory(), clientCertificates.trustManager) .build()
New: Add
cacheHit
,cacheMiss
, andcacheConditionalHit()
events toEventListener
. Use these in logs, metrics, and even test cases to confirm your cache headers are configured as expected.New: Constant string
okhttp3.VERSION
. This is a string like "4.5.0-RC1", "4.5.0", or "4.6.0-SNAPSHOT" indicating the version of OkHttp in the current runtime. Use this to include the OkHttp version in customUser-Agent
headers.Fix: Don't crash when running as a plugin in Android Studio Canary 4.1. To enable platform-specific TLS features OkHttp must detect whether it's running in a JVM or in Android. The upcoming Android Studio runs in a JVM but has classes from Android and that confused OkHttp!
Fix: Include the header
Accept: text/event-stream
for SSE calls. This header is not added if the request already contains anAccept
header.Fix: Don't crash with a
NullPointerException
if a server sends a close while we're sending a ping. OkHttp had a race condition bug.
-
v4.6.0
April 29, 20202020-04-28
Fix: Follow HTTP 307 and 308 redirects on methods other than GET and POST. We're reluctant to change OkHttp's behavior in handling common HTTP status codes, but this fix is overdue! The new behavior is now consistent with [RFC 7231][rfc_7231_647], which is newer than OkHttp itself. If you want this update with the old behavior use [this interceptor][legacy_interceptor].
Fix: Don't crash decompressing web sockets messages. We had a bug where we assumed deflated bytes in would always yield deflated bytes out and this isn't always the case!
Fix: Reliably update and invalidate the disk cache on windows. As originally designed our internal
DiskLruCache
assumes an inode-like file system, where it's fine to delete files that are currently being read or written. On Windows the file system forbids this so we must be more careful when deleting and renaming files.Fix: Don't crash on Java 8u252 which introduces an API previously found only on Java 9 and above. See [Jetty's overview][jetty_8_252] of the API change and its consequences.
New:
MultipartReader
is a streaming decoder for [MIME multipart (RFC 2045)][rfc_2045] messages. It complementsMultipartBody
which is our streaming encoder.val response: Response = call.execute() val multipartReader = MultipartReader(response.body!!) multipartReader.use { while (true) { val part = multipartReader.nextPart() ?: break process(part.headers, part.body) } }
New:
MediaType.parameter()
gets a parameter likeboundary
from a media type likemultipart/mixed; boundary="abc"
.New:
Authenticator.JAVA_NET_AUTHENTICATOR
forwards authentication requests tojava.net.Authenticator
. This obsoletesJavaNetAuthenticator
in theokhttp-urlconnection
module.New:
CertificatePinner
now offers an API for inspecting the configured pins.Upgrade: [Okio 2.6.0][okio_2_6_0].
implementation("com.squareup.okio:okio:2.6.0")
Upgrade: [publicsuffix.org data][public_suffix]. This powers
HttpUrl.topPrivateDomain()
. It's also how OkHttp knows which domains can share cookies with one another.Upgrade: [Bouncy Castle 1.65][bouncy_castle_releases]. This dependency is required by the
okhttp-tls
module.Upgrade: [Kotlin 1.3.71][kotlin_1_3_71].
-
v4.5.0
April 06, 20202020-04-06
๐ This release fixes a severe bug where OkHttp incorrectly detected and recovered from unhealthy connections. Stale or canceled connections were incorrectly attempted when they shouldn't have ๐ been, leading to rare cases of infinite retries. Please upgrade to this release!
- Fix: don't return stale DNS entries in
DnsOverHttps
. We were caching DNS results indefinitely rather than the duration specified in the response's cache-control header. - Fix: Verify certificate IP addresses in canonical form. When a server presents a TLS certificate
containing an IP address we must match that address against the URL's IP address, even when the
two addresses are encoded differently, such as
192.168.1.1
and0::0:0:FFFF:C0A8:101
. Note that OkHttp incorrectly rejected valid certificates resulting in a failure to connect; at no point were invalid certificates accepted. - New:
OkHttpClient.Builder.minWebSocketMessageToCompress()
configures a threshold for compressing outbound web socket messages. Configure this with 0L to always compress outbound messages andLong.MAX_VALUE
to never compress outbound messages. The default is 1024L which compresses messages of size 1 KiB and larger. (Inbound messages are compressed or not based on the web socket server's configuration.) - New: Defer constructing
Inflater
andDeflater
instances until they are needed. This saves memory if web socket compression is negotiated but not used.
- Fix: don't return stale DNS entries in
-
v4.5.0-RC1
March 18, 20202020-03-17
๐ This release candidate turns on web socket compression.
The [spec][rfc_7692] includes a sophisticated mechanism for client and server to negotiate ๐ compression features. We strive to offer great performance in our default configuration and so we're ๐ making compression the default for everyone starting with this release candidate.
๐ Please be considerate of your servers and their operators as you roll out this release. Compression ๐พ saves bandwidth but it costs CPU and memory! If you run into a problem you may need to adjust or disable the
permessage-deflate
compression settings on your server.Note that OkHttp won't use compression when sending messages smaller than 1 KiB.
- Fix: Don't crash when the URL hostname contains an underscore on Android.
- Fix: Change HTTP/2 to use a daemon thread for its socket reader. If you've ever seen a command line application hang after all of the work is done, it may be due to a non-daemon thread like this one.
- New: Include suppressed exceptions when all routes to a target service fail.