1 |
Revision history for AnyEvent::HTTP |
2 |
|
3 |
TODO: provide lwp_request function that takes an lwp http requets and returns a http response. |
4 |
TODO: set_proxy hook |
5 |
TODO: use proxy hook |
6 |
TODO: on_upgrade, for 101 responses? |
7 |
TODO: document session vs. sessionid correctly. |
8 |
TODO: support proxy username:password in both proxy switch and set_proxy string (dzagashev@gmail.com) |
9 |
TODO: remove "unexpectedly got a destructed handle" |
10 |
|
11 |
TODO: maybe read big chunks in smaller portions for chunked-encoding + on_body. |
12 |
TODO: callback as body (Kostirya) |
13 |
TODO: infinite recursion(?) (Kostirya) |
14 |
TODO: default rbuf_max value maybe? how about reading large chunks in small parts? |
15 |
TODO: servers send empty reason, which then gets mangled with linear whitespace CRLF - maybe workaround? |
16 |
|
17 |
TODO: look into http 0.9 support (Kostirya <kostirya@gmail.com>) |
18 |
TODO: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&%23038;d=PG01&%23038;p=1&%23038;u=/netahtml/PTO/srchnum.html&%23038;r=1&%23038;f=G&%23038;l=50&%23038;s1="20110298798".PGNR.&%23038;OS=DN/20110298798&%23038;RS=DN/20110298798 |
19 |
TODO: cookie_jar_extract should refuse when host is an ip literal |
20 |
TODO: cookie_jar_et_cookie should reject cookies not matching their down server domain |
21 |
TODO: cookie prefixes? https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00 |
22 |
TODO: default rbuf_max limit for header-reading, chunk header reading etc. |
23 |
|
24 |
TODO: Max Skorobogatov reported invalid but real example "HTTP/1.1 200\r\n", can it be supported? |
25 |
|
26 |
- mark QUERY as an idempotent method. |
27 |
|
28 |
2.25 Mon Apr 27 14:11:40 CEST 2020 |
29 |
- fix incorrectly sending proxy requests to origin servers |
30 |
when reusing proxy connections (analyzed and testcase by Ivan Robert). |
31 |
- the sessionid parameter was documented as session in random |
32 |
places - fix docs and keep using sessionid in the code as before. |
33 |
- fix cookie format documentation. |
34 |
|
35 |
2.24 Thu Aug 30 03:23:03 CEST 2018 |
36 |
- bring cookie management more in line with RFC 6265; implement idn |
37 |
matching for cookie domains. |
38 |
- update cookie_jar version to 2, invalidate existing cookie jars. |
39 |
- preserve original cookie domain attribute. |
40 |
- also expire old cookie jars in cookie parser, just in case. |
41 |
- further improve relative redirection code. |
42 |
- comment out code that tried to detect possible bugs with persistent |
43 |
connection caching, but since it never triggered, it's probably |
44 |
working fine :) |
45 |
- do not call on_body callback on a response that AE::HTTP will recurse |
46 |
on internally (reported by Антон Онуфриев and Ruslan Zakirov). |
47 |
|
48 |
2.23 Sun Aug 28 11:30:33 CEST 2016 |
49 |
- relative redirects used the proxy schema instead of the request |
50 |
url schema to generate the new url, which is wrong (analyzed by Felix |
51 |
Ostmann). |
52 |
- fix download example (reported by Felix Ostmann). |
53 |
|
54 |
2.22 Thu May 14 04:04:03 CEST 2015 |
55 |
- ipv6 literals were not correctly parsed (analyzed by Raphael Geissert). |
56 |
- delete the body when mutating request to GET request when |
57 |
redirecting (reported by joe trader). |
58 |
- send proxy-authorization header to proxy when using CONNECT |
59 |
(reported by dzagashev@gmail.com). |
60 |
- do not send Proxy-Authroization header when not using a proxy. |
61 |
- when retrying a persistent request, switch persistency off. |
62 |
- added t/02_ip_literals.t. |
63 |
|
64 |
2.21 Mon Jun 9 01:35:54 CEST 2014 |
65 |
- correctly keep body when redirecting POSTs, instead of |
66 |
deleting them. |
67 |
|
68 |
2.2 Mon Jun 9 01:31:46 CEST 2014 |
69 |
- connection header was malformed (patch by Raphael Geissert). |
70 |
- add lots of known idempotent methods from httpbis. |
71 |
- implement relative location headers (rfc 7231), with fallback on URI. |
72 |
- add support for status code 308 from rfc 7238. |
73 |
- recommend URI. |
74 |
|
75 |
2.15 Wed Nov 14 23:22:07 CET 2012 |
76 |
- use the recurse parameter to also limit the number of retries to be |
77 |
done, avodiing endless loops with broken servers, as reported |
78 |
by Carl Chambers. |
79 |
|
80 |
2.14 Sun Apr 22 14:57:51 CEST 2012 |
81 |
- Time::Local::timegm croaks on out-of-range values. Don't let |
82 |
this disturb AnyEvent::HTTP (reported by: tell me, I forgot...). |
83 |
|
84 |
2.13 Wed Jul 27 17:53:58 CEST 2011 |
85 |
- garbled chunked responses caused AnyEvent::HTTP to malfunction |
86 |
(patch by Dmitri Melikyan). |
87 |
- fix GET => HEAD in one case in the documentation (James Bromberger). |
88 |
|
89 |
2.12 Tue Jun 14 07:22:54 CEST 2011 |
90 |
- fix a possible 'Can't call method "destroyed"' error (which would |
91 |
have been reported by Carl Chambers). |
92 |
|
93 |
2.11 Tue May 10 14:33:28 CEST 2011 |
94 |
- the keepalive session cache wouldn't take port and scheme into account |
95 |
when reusing connection - potentially causing information leaks |
96 |
(reported by Nick Kostirya). |
97 |
- bump AnyEvent dependency version (reported by Richard Harris). |
98 |
|
99 |
2.1 Thu Feb 24 13:11:51 CET 2011 |
100 |
- the keepalive and persistent parameters were actually named |
101 |
differently in the code - they now work as documented. |
102 |
- fix a bug where callbacks would sometimes never be called when |
103 |
the request timeout is near or below the persistent connection |
104 |
timeout (testcase by Cindy Wang). |
105 |
- destroying the guard would have no effect when a request was |
106 |
recursing or being retired. |
107 |
|
108 |
2.04 Sat Feb 19 07:45:24 CET 2011 |
109 |
- "proxy => undef" now overrides any global proxy when specified. |
110 |
- require scheme in urls, also use a stricter match to match urls, |
111 |
leading or trailing garbage is no longer tolerated. |
112 |
- EXPERIMENTAL: allow '=' in cookie values. |
113 |
|
114 |
2.03 Tue Jan 18 18:49:35 CET 2011 |
115 |
- dummy reupload, file gone from cpan somehow. |
116 |
|
117 |
2.02 Wed Jan 12 04:29:37 CET 2011 |
118 |
- do not lowercase cookie names, only parameter names. |
119 |
|
120 |
2.01 Tue Jan 11 07:38:15 CET 2011 |
121 |
- add missing dependency on common::sense. |
122 |
- add a resume download example. |
123 |
|
124 |
2.0 Tue Jan 4 09:16:56 CET 2011 |
125 |
- hopefully fully upgraded to HTTP/1.1. |
126 |
- support HTTP/1.1 persistent and HTTP/1.0 keep-alive connections. |
127 |
- drop https-proxy-connection support. seems unused and ill-specified. |
128 |
- use more differentiated 59x status codes. |
129 |
- properly use url (not proxy) hostname to verify server certificate. |
130 |
- much improved cookie implementation: |
131 |
- properly implement cookie expiry (for new cookies). |
132 |
- new function to expire cookies and sessions: cookie_jar_expire. |
133 |
- add special exception to parse broken expires= keys in |
134 |
set-cookie headers. |
135 |
- do not quote cookie values when not strictly necessary, to |
136 |
improve compatibility with broken servers. |
137 |
- accept and send lots of invalid cookie values exactly as |
138 |
they were received - this should not impact valid values. |
139 |
- lowercase cookie parameter names for improved compatibility. |
140 |
- support the max-age cookie parameter, overrides expires. |
141 |
- support cookie dates (and a few others) in parse_date. |
142 |
- properly support value-less parameters (e.g. secure, httponly). |
143 |
- do not send Host: header in a proxy CONNECT request. |
144 |
- use common::sense. |
145 |
- lowercase hostnames and schemes. |
146 |
- ignore leading zeroes in http version. |
147 |
- handle spaces in content-length headers more gracefully. |
148 |
|
149 |
1.5 Fri Dec 31 04:47:08 CET 2010 |
150 |
- bugfix: after headers were received, if any error occured the wrong |
151 |
(server-sent) Status and Reason fields would be passed to the callback. |
152 |
- when an error occurs during transfer, preserve status/reason. |
153 |
- add socks4a connect example. |
154 |
- new "tcp_connect" parameter. |
155 |
- new format_date and parse_date functions. |
156 |
- diagnose unexpected eof as such when the length is known. |
157 |
- add 205 to the responses without body. |
158 |
|
159 |
1.46 Mon Sep 6 08:29:34 CEST 2010 |
160 |
- some (broken) servers differentiate between empty search parts |
161 |
and nonexistant search parts, work around this (problem |
162 |
analyzed by Sergey Zasenko). |
163 |
- possibly increase robustness by always setting an on_error |
164 |
callback on the AnyEvent::Handle object (especially in case |
165 |
of user errors, such as nehative timeouts). |
166 |
- we now always follow 301/302/303 redirects and mutate POST to GET. |
167 |
- we now always follow 307 redirects, even for POST. |
168 |
- header-less responses are not parsed correctly (at a negative |
169 |
speed penatly :). |
170 |
|
171 |
1.45 Wed Jun 16 21:15:26 CEST 2010 |
172 |
- fix a bug where the handle would go away directly after a successful |
173 |
connect (analyzed and patch by Maxim Dounin). |
174 |
- due to popular demand, introduce the Redirect pseudo response header. |
175 |
- document URL pseudo-header better. |
176 |
- explain how to implement DNS caching. |
177 |
|
178 |
1.44 Sat Dec 5 16:36:20 CET 2009 |
179 |
- do not generate content-length on get requests (if the body is empty), |
180 |
as there are even more broken servers out there. |
181 |
- allow set_proxy to clear the proxy again. |
182 |
- set_proxy will now croak on invalid urls. |
183 |
- support overriding the Host-header (requested by Tatsuhiko Miyagawa). |
184 |
|
185 |
1.43 Fri Aug 14 17:02:02 CEST 2009 |
186 |
- provide on_prepare callback on common request. |
187 |
|
188 |
1.42 Wed Aug 5 18:43:01 CEST 2009 |
189 |
- allow suppression of auto-supplied header fields by specifying undef |
190 |
(requested by Mr Guest). |
191 |
- allow proxy scheme to be missing, as documented |
192 |
(reported by Mr Guest). |
193 |
- do not follow redirects if we do not have a location header |
194 |
(requested by Mr Guest). |
195 |
|
196 |
1.41 Sat Jul 25 03:27:05 CEST 2009 |
197 |
- correctly parse completely headerless responses (e.g. by gatling). |
198 |
(analysed by Robin Redeker). |
199 |
|
200 |
1.4 Tue Jul 7 02:14:53 CEST 2009 |
201 |
- http_request would not instantly clear the connection slot on |
202 |
tcp_connect failures, potentially leading to deadlocks. |
203 |
- fix a bug where a connection error is wrongly reported |
204 |
as EINPROGRESS. |
205 |
- new parameters: on_header, on_body, want_body_handle. |
206 |
- redirects will be followed when recurse is enabled whether or not |
207 |
the body dowload was successful or not. |
208 |
- include :port in Host header when given in the url (many sites break |
209 |
when it's always there, and many break if it's missing...). |
210 |
- pass the empty string, not undef, when there is no body but |
211 |
no error occured. |
212 |
- allow passing of tls_ctx, predefine two https security profiles. |
213 |
- ucfirst all error messages generated internally. |
214 |
- include "U" token in User-Agent. |
215 |
- document $AnyEvent::HTTP::MAX_PER_HOST. |
216 |
- allow empty field names in response headers (microsoft hits. microsoft |
217 |
hits. microsoft hits. you die). |
218 |
|
219 |
1.12 Thu Jun 11 14:45:18 CEST 2009 |
220 |
- $scheme wasn't optional in the proxy specification (reported by |
221 |
Felix Antonius Wilhelm Ostmann). |
222 |
|
223 |
1.11 Fri Nov 21 09:18:11 CET 2008 |
224 |
- work around a perl core bug not properly refcounting function arguments, |
225 |
causing "200 OK" with random body results (reported by Дмитрий Шалашов). |
226 |
|
227 |
1.1 Thu Oct 30 04:46:27 CET 2008 |
228 |
- work around different behaviour of AnyEvent::Handle in TLS mode. |
229 |
- cleanup cookie implementation, many examples and comments were |
230 |
provided by Дмитрий Шалашов. |
231 |
- document the return values of http_* functions better. |
232 |
- separate multiple header values by "," not "\x00" (this does not |
233 |
break correctly written users of the old API). |
234 |
- improve Set-Cookie: parsing. |
235 |
- add experimental https-over-http-proxy support. |
236 |
- downgrade https-over-https proxy to https-over-http. |
237 |
- ignore spurious CR characters in headers, they show up |
238 |
in the weirdest of places. |
239 |
- ucfirst the request headers, for a slightly less weird look. |
240 |
- work around (some) memleaks in perl regarding qr. |
241 |
|
242 |
1.05 Mon Sep 29 15:49:58 CEST 2008 |
243 |
- fix a regex when parsing cookie domains |
244 |
(patch by Дмитрий Шалашов). |
245 |
|
246 |
1.04 Thu Jul 24 08:00:46 CEST 2008 |
247 |
- parse reason-less http status responses. |
248 |
- parse more forms of broken location headers. |
249 |
|
250 |
1.03 Thu Jul 3 03:47:58 CEST 2008 |
251 |
- fix http_post, which was totally broken (patch by Pedro Melo). |
252 |
- do not recurse on POST requests, as per HTTP/1.[01] (this might |
253 |
change as the recommendation isn't followed by anybody else). |
254 |
- implement preliminary support for 303/307 redirects. |
255 |
|
256 |
1.02 Thu Jun 12 13:50:08 CEST 2008 |
257 |
- make the request URL available in the callback of http_request. |
258 |
- export http_post, http_head. |
259 |
|
260 |
1.01 Fri Jun 6 14:56:37 CEST 2008 |
261 |
- fixed prototypes for http_* functions |
262 |
|
263 |
1.0 Thu Jun 5 20:41:43 CEST 2008 |
264 |
- original version, an AnyEvent::AIO clone. |