« Changelog History


okhttp v3.11.0 Release Notes

  • 2018-07-12

    • OkHttp's new okhttp-tls submodule tames HTTPS and TLS.

      HeldCertificate is a TLS certificate and its private key. Generate a certificate with its builder then use it to sign another certificate or perform a TLS handshake. The certificatePem() method encodes the certificate in the familiar PEM format (--- BEGIN CERTIFICATE ---); the privateKeyPkcs8Pem() does likewise for the private key.

      HandshakeCertificates holds the TLS certificates required for a TLS handshake. On the server it keeps your HeldCertificate and its chain. On the client it keeps the root certificates that are trusted to sign a server's certificate chain. HandshakeCertificates also works with mutual TLS where these roles are reversed.

      These classes make it possible to enable HTTPS in MockWebServer in [just a few lines of code][https_server_sample].

    • OkHttp now supports prior knowledge cleartext HTTP/2. Enable this by setting Protocol.H2_PRIOR_KNOWLEDGE as the lone protocol on an OkHttpClient.Builder. This mode only supports http: URLs and is best suited in closed environments where HTTPS is inappropriate.

    • New: HttpUrl.get(String) is an alternative to HttpUrl.parse(String) that throws an exception when the URL is malformed instead of returning null. Use this to avoid checking for null in situations where the input is known to be well-formed. We've also added MediaType.get(String) which is an exception-throwing alternative to MediaType.parse(String).

    • New: The EventListener API previewed in OkHttp 3.9 has graduated to a stable API. Use this interface to track metrics and monitor HTTP requests' size and duration.

    • New: okhttp-dnsoverhttps is an experimental API for doing DNS queries over HTTPS. Using HTTPS for DNS offers better security and potentially better performance. This feature is a preview: the API is subject to change.

    • New: okhttp-sse is an early preview of Server-Sent Events (SSE). This feature is incomplete and is only suitable for experimental use.

    • New: MockWebServer now supports client authentication (mutual TLS). Call requestClientAuth() to permit an optional client certificate or requireClientAuth() to require one.

    • New: RecordedRequest.getHandshake() returns the HTTPS handshake of a request sent to MockWebServer.

    • Fix: Honor the MockResponse header delay in MockWebServer.

    • Fix: Don't release HTTP/2 connections that have multiple canceled calls. We had a bug where canceling calls would cause the shared HTTP/2 connection to be unnecessarily released. This harmed connection reuse.

    • Fix: Ensure canceled and discarded HTTP/2 data is not permanently counted against the limited flow control window. We had a few bugs where window size accounting was broken when streams were canceled or reset.

    • Fix: Recover gracefully if the TLS session returns an unexpected version (NONE) or cipher suite (SSL_NULL_WITH_NULL_NULL).

    • Fix: Don't change Conscrypt configuration globally. We migrated from a process-wide setting to configuring only OkHttp's TLS sockets.

    • Fix: Prefer TLSv1.2 where it is available. On certain older platforms it is necessary to opt-in to TLSv1.2.

    • New: Request.tag() permits multiple tags. Use a Class<?> as a key to identify tags. Note that tag() now returns null if the request has no tag. Previously this would return the request itself.

    • New: Headers.Builder.addAll(Headers).

    • New: ResponseBody.create(MediaType, ByteString).

    • New: Embed R8/ProGuard rules in the jar. These will be applied automatically by R8.

    • Fix: Release the connection if Authenticator throws an exception.

    • Fix: Change the declaration of OkHttpClient.cache() to return a @Nullable Cache. The return value has always been nullable but it wasn't declared properly.

    • Fix: Reverse suppression of connect exceptions. When both a call and its retry fail, we now throw the initial exception which is most likely to be actionable.

    • Fix: Retain interrupted state when throwing InterruptedIOException. A single interrupt should now be sufficient to break out an in-flight OkHttp call.

    • Fix: Don't drop a call to EventListener.callEnd() when the response body is consumed inside an interceptor.