okhttp v3.10.0 Release Notes
-
2018-02-24
The pingInterval() feature now aggressively checks connectivity for web sockets and HTTP/2 connections.
Previously if you configured a ping interval that would cause OkHttp to send pings, but it did not track whether the reply pongs were received. With this update OkHttp requires that every ping receive a response: if it does not the connection will be closed and the listener's
onFailure()method will be called.Web sockets have always been had pings, but pings on HTTP/2 connections is new in this release. Pings are used for connections that are busy carrying calls and for idle connections in the connection pool. (Pings do not impact when pooled connections are evicted).
If you have a configured ping interval, you should confirm that it is long enough for a roundtrip from client to server. If your ping interval is too short, slow connections may be misinterpreted as failed connections. A ping interval of 30 seconds is reasonable for most use cases.
OkHttp now supports [Conscrypt][conscrypt]. Conscrypt is a Java Security Provider that integrates BoringSSL into the Java platform. Conscrypt supports more cipher suites than the JVM’s default provider and may also execute more efficiently.
To use it, first register a [Conscrypt dependency][conscrypt_dependency] in your build system.
OkHttp will use Conscrypt if you set the
okhttp.platformsystem property toconscrypt.Alternatively, OkHttp will also use Conscrypt if you install it as your preferred security provider. To do so, add the following code to execute before you create your
OkHttpClient.Security.insertProviderAt( new org.conscrypt.OpenSSLProvider(), 1);Conscrypt is the bundled security provider on Android so it is not necessary to configure it on that platform.
New:
HttpUrl.addQueryParameter()percent-escapes more characters. Previously several ASCII punctuation characters were not percent-escaped when used with this method. This does not impact already-encoded query parameters in APIs likeHttpUrl.parse()andHttpUrl.Builder.addEncodedQueryParameter().New: CBC-mode ECDSA cipher suites have been removed from OkHttp's default configuration:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAandTLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA. This tracks a [Chromium change][remove_cbc_ecdsa] to remove these cipher suites because they are fragile and rarely-used.New: Don't fall back to common name (CN) verification for hostnames. This behavior was deprecated with RFC 2818 in May 2000 and was recently dropped from major web browsers.
New: Honor the
Retry-Afterresponse header. HTTP 503 (Unavailable) responses are retried automatically if this header is present and its delay is 0 seconds. HTTP 408 (Client Timeout) responses are retried automatically if the header is absent or its delay is 0 seconds.New: Allow request bodies for all HTTP methods except GET and HEAD.
New: Automatic module name of
okhttp3for use with the Java Platform Module System.New: Log gzipped bodies when
HttpLoggingInterceptoris used as a network interceptor.New:
Protocol.QUICconstant. This protocol is not supported but this constant is included for completeness.New: Upgrade to Okio 1.14.0.
<dependency> <groupId>com.squareup.okio</groupId> <artifactId>okio</artifactId> <version>1.14.0</version> </dependency> com.squareup.okio:okio:1.14.0Fix: Handle
HTTP/1.1 100 Continuestatus lines, even on requests that did not send theExpect: continuerequest header.Fix: Do not count web sockets toward the dispatcher's per-host connection limit.
Fix: Avoid using invalid HTTPS sessions. This prevents OkHttp from crashing with the error,
Unexpected TLS version: NONE.Fix: Don't corrupt the response cache when a 304 (Not Modified) response overrides the stored "Content-Encoding" header.
Fix: Gracefully shut down the HTTP/2 connection before it exhausts the namespace of stream IDs (~536 million streams).
Fix: Never pass a null
RoutetoAuthenticator. There was a bug where routes were omitted for eagerly-closed connections.