"Fossies" - the Fresh Open Source Software Archive

Member "httpcomponents-client-5.0.3/RELEASE_NOTES.txt" (3 Oct 2020, 118290 Bytes) of package /linux/www/httpcomponents-client-5.0.3-src.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "RELEASE_NOTES.txt" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 5.0.2_vs_5.0.3.

    1 Release 5.0.3
    2 -------------------
    3 
    4 This is a maintenance release that fixes incorrect handling of malformed authority component
    5 in request URIs.
    6 
    7 Changelog:
    8 -------------------
    9 
   10 * Incorrect handling of malformed authority component by URIUtils#extractHost.
   11   Contributed by Oleg Kalnichevski <olegk at apache.org>
   12 
   13 
   14 
   15 Release 5.0.2
   16 -----------------
   17 
   18 This release upgrades HttpCore to the latest version, improves conformance to RFC 7235
   19 (Hypertext Transfer Protocol (HTTP/1.1): Authentication) and addresses a number of
   20 issues found since 5.0.1 release.
   21 
   22 Changelog:
   23 -------------------
   24 
   25 * HTTPCLIENT-2116: Incorrect request message composition when routing requests
   26   via a proxy.
   27   Contributed by Oleg Kalnichevski <olegk at apache.org>
   28 
   29 * PoolingAsyncClientConnectionManager incorrectly emits Ping commands to HTTP/1.1
   30   endpoints (#255).
   31   Contributed by 滕杰1 <tengjie1 at xdf.cn>
   32 
   33 * HTTPCLIENT-2115: HttpAsyncClientBuilder and H2AsyncClientBuilder fail to take
   34   `replaceExecInterceptor()` into account.
   35   Contributed by Oleg Kalnichevski <olegk at apache.org>
   36 
   37 * HTTPCLIENT-2112: AbstractMultipartFormat respects ByteBuffer.arrayOffset (#253).
   38   Contributed by Carter Kozak <ckozak at apache.org>
   39 
   40 * Avoid updating Content-Length header in a 304 response.
   41   Contributed by Dirk Henselin <dirk.henselin at vwgis.de>
   42 
   43 * HTTPCLIENT-2105: Async clients incorrectly handle redirects of requests with enclosed
   44   entity.
   45   Contributed by Oleg Kalnichevski <olegk at apache.org>
   46 
   47 * HTTPCLIENT-2100: Incorrect handling of EXTENDED mode by MultipartEntityBuilder
   48   Contributed by Oleg Kalnichevski <olegk at apache.org>
   49 
   50 * HTTPCLIENT-2099, HTTPCLIENT-2091: SSLConnectionSocketFactory connect timeout fix (#241).
   51   Contributed by Carter Kozak <ckozak at apache.org>
   52 
   53 * Bug fix: BasicExpiresHandler is annotated as immutable but is not (#240).
   54   Contributed by Gary Gregory <ggregory at apache.org>
   55 
   56 * HTTPCLIENT-2096: Migrate instance loggers to static fields
   57   Contributed by Carter Kozak <ckozak at apache.org>
   58 
   59 * Added Automatic-Module-Name to the artefact manifests.
   60   Contributed by Niels Basjes <niels at basjes.nl>
   61 
   62 * MultipartEntityBuilder#generateBoundary optimization (#233)
   63   Contributed by slisaasquatch <slisaasquatch at users.noreply.github.com>
   64 
   65 * HTTPCLIENT-2094: ConnectionManager validateAfterInactivity zero duration agreement
   66   Contributed by Carter Kozak <ckozak at apache.org>
   67 
   68 * RFC 7235 compliance, HTTPCLIENT-2086: Fixed parsing of token68 based (base64-encoded)
   69   auth schemes.
   70   Contributed by Oleg Kalnichevski <olegk at apache.org>
   71 
   72 * HTTPCLIENT-2091: Connect timeout is used instead of socket timeout after a tls upgrade
   73   Contributed by Oleg Kalnichevski <olegk at apache.org>
   74 
   75 * HTTPCLIENT-2084: Client builders incorrectly add message interceptors with LAST position
   76   to the head of the list.
   77   Contributed by Oleg Kalnichevski <olegk at apache.org>
   78 
   79 * HTTPCLIENT-2083: Fix NPE when classic client interceptors are added.
   80   Contributed by Carter Kozak <ckozak at apache.org>
   81 
   82 
   83 Release 5.0.1
   84 -----------------
   85 
   86 This release upgrades HttpCore to the latest version and addresses a number of issues found
   87 since 5.0 release.
   88 
   89 Changelog:
   90 -------------------
   91 
   92 * Bug fix: Classic connection managers fail to take #isConsistent() flag into account when
   93   re-using persistent connections.
   94   Contributed by Oleg Kalnichevski <olegk at apache.org>
   95 
   96 * HTTPCLIENT-2077: Authentication failure due to incorrect NTLM auth value check.
   97   Contributed by vonahok <64310078+vonahok at users.noreply.github.com>
   98 
   99 * HTTPCLIENT-2051: Corrected handling of 303 redirects.
  100   Contributed by Oleg Kalnichevski <olegk at apache.org>
  101 
  102 * HTTPASYNC-160: HttpAsyncClient in INACTIVE or STOPPED state throws a IllegalStateException
  103   causing the current thread to terminate.
  104   Contributed by Oleg Kalnichevski <olegk at apache.org>
  105 
  106 * HTTPCLIENT-2076: Fixed NPE in LaxExpiresHandler.
  107   Contributed by heejeongkim <aprilhjk at gmail.com>
  108 
  109 * HTTPCLIENT-2074: Disallow direct execution of CONNECT methods by standard client implementations.
  110   Contributed by Oleg Kalnichevski <olegk at apache.org>
  111 
  112 * HTTPCLIENT-2075: New method Request.responseTimeout(Timeout) in Fluent HC.
  113   Contributed by Ralph <ralph.geerkens at rwth-aachen.de>
  114 
  115 * HTTPCLIENT-2073: (regression) WindowsNegotiateScheme incorrectly rejects empty NTLM challenge.
  116   Contributed by Oleg Kalnichevski <olegk at apache.org>
  117 
  118 * HTTPCLIENT-2069: RequestConfig#copy does not copy #responseTimeout.
  119   Contributed by Oleg Kalnichevski <olegk at apache.org>
  120 
  121 * HTTPCLIENT-2061: Corrected sequence of request execution interceptors in classic HttpClient.
  122   Contributed by Oleg Kalnichevski <olegk at apache.org>
  123 
  124 * Fixed NPE for null HttpContext in minimal async clients.
  125   Contributed by slisaasquatch <sli at saasquat.ch>
  126 
  127 
  128 
  129 Release 5.0
  130 -----------------
  131 
  132 This is the first stable (GA) release of HttpClient 5.0.
  133 
  134 Notable changes and features included in the 5.0 series are:
  135 
  136 * Support for the HTTP/2 protocol and conformance to requirements and
  137   recommendations of the latest HTTP/2 protocol specification documents
  138   (RFC 7540, RFC 7541.)
  139 
  140   Supported features:
  141 
  142     ** HPACK header compression
  143     ** Stream multiplexing (client and server)
  144     ** Flow control
  145     ** Response push
  146     ** Message trailers
  147     ** Expect-continue handshake
  148     ** Connection validation (ping)
  149     ** Application-layer protocol negotiation (ALPN)
  150     ** TLS 1.2 security features
  151 
  152 * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol
  153   specification documents (RFC 7230, RFC 7231.)
  154 
  155 * New connection pool implementation with lax connection limit guarantees and better
  156   performance under higher concurrency due to absence of a global pool lock.
  157 
  158 * Support for Reactive Streams API [http://www.reactive-streams.org/]
  159 
  160 * Package name space changed to 'org.apache.hc.client5'.
  161 
  162 * Maven group id changed to 'org.apache.httpcomponents.client5'.
  163 
  164 HttpClient 5.0 releases can be co-located with earlier major versions on the same classpath
  165 due to the change in package names and Maven module coordinates.
  166 
  167 
  168 Changelog:
  169 -------------------
  170 
  171 * Removed work-around for resumed TLS sessions given that JDK-8212885 fix has been ported to Java 11
  172   and released in Oracle JDK 11.0.3.
  173   Contributed by Oleg Kalnichevski <olegk at apache.org>
  174 
  175 * Upgraded HttpCore dependency to version 5.0
  176   Contributed by Oleg Kalnichevski <olegk at apache.org>
  177 
  178 * DefaultHttpRequestRetryStrategy: Allow zero retry interval
  179   Contributed by Ryan Schmitt <rschmitt at apache.org>
  180 
  181 * HTTPCLIENT-2047: fixed regression in DefaultHostnameVerifier causing rejection of certs with non-standard domains.
  182   Contributed by Oleg Kalnichevski <olegk at apache.org>
  183 
  184 * GitHub #204: Build requests from method names in ClassicHttpRequests:
  185   ClassicHttpRequests.create(String, String)
  186   ClassicHttpRequests.create(String, URI)
  187   Contributed by Gary Gregory <ggregory at apache.org>
  188 
  189 * GitHub #205: Update request factory classes with matching APIs for Method and String method name inputs:
  190   BasicHttpRequests.create(String, URI)
  191   BasicHttpRequests.create(String, String)
  192   ClassicHttpRequests.create(Method, String)
  193   ClassicHttpRequests.create(Method, URI)
  194   SimpleHttpRequests.create(String, URI)
  195   SimpleHttpRequests.create(String, String)
  196   Contributed by Gary Gregory <ggregory at apache.org>
  197 
  198 * GitHub #208: Do not use input type names in method names: 
  199   SimpleHttpRequest: Delete setBodyBytes(byte[], ContentType) in favor of setBody(byte[], ContentType)
  200   SimpleHttpRequest: Delete setBodyText(String, ContentType) in favor of setBody(String, ContentType)
  201   SimpleHttpResponse: Delete setBodyBytes(byte[], ContentType) in favor of setBody(byte[], ContentType)
  202   SimpleHttpResponse: Delete setBodyText(String, ContentType) in favor of setBody(String, ContentType)
  203   Contributed by Gary Gregory <ggregory at apache.org>
  204 
  205 
  206 Release 5.0-BETA7
  207 -----------------
  208 
  209 This BETA release upgrades HttpCore to the latest version  and addresses a number of issues found
  210 since the previous BETA release.
  211 
  212 IMPORTANT: This release is expected to be the last BETA version. If no major
  213 design flaws are found the actual 5.0 API will be frozen and the next version will be
  214 promoted to GA.
  215 
  216 Changelog:
  217 -------------------
  218 
  219 * Improved domain name normalization by DefaultHostnameVerifier.
  220   Contributed by Oleg Kalnichevski <olegk at apache.org>
  221 
  222 * DefaultHostnameVerifier: Match DNS and CN names against ICANN domains.
  223   Contributed by Ryan Schmitt <rschmitt at apache.org>
  224 
  225 * HTTPCORE-615: Implement HTTP-based cache serializer-deserializer.
  226   Contributed by Scott Gifford <sgifford at suspectclass.com>
  227 
  228 * HTTPCLIENT-2040: Copy headers from the original request to the redirect request.
  229   Contributed by Oleg Kalnichevski <olegk at apache.org>
  230 
  231 * Removed RFC 2965 specific requirements deprecated and superseded by RFC 6265.
  232   Contributed by Oleg Kalnichevski <olegk at apache.org>
  233 
  234 * HTTPCLIENT-2035: Remove HttpRequestRetryHandler in favor of HttpRequestRetryStrategy.
  235   Contributed by Michael Osipov <michaelo at apache.org>
  236 
  237 * HTTPCLIENT-2019: Remove ServiceUnavailableRetryStrategy in favor of HttpRequestRetryStrategy.
  238   Contributed by Michael Osipov <michaelo at apache.org>
  239 
  240 * HTTPCLIENT-2034: Introduce HttpRequestRetryStrategy.
  241   Contributed by Michael Osipov <michaelo at apache.org>
  242 
  243 * CloseableHttpAsyncClient to support explicit HttpHost execution parameter.
  244   Contributed by Oleg Kalnichevski <olegk at apache.org>
  245 
  246 * HTTPCLIENT-2020: DefaultBackoffStrategy to support TOO_MANY_REQUESTS (429).
  247   Contributed by Michael Osipov <michaelo at apache.org>
  248 
  249 * HTTPCLIENT-2030: Fixed PublicSuffixMatcher#getDomainRoot behavior with invalid hostnames.
  250   Contributed by Niels Basjes <niels at basjes.nl>
  251 
  252 * HTTPCLIENT-2028: Connection managers to allow 0 for `validateAfterInactivity` time value.
  253   Contributed by Peter Frank <pfrank at fandango.com>
  254 
  255 * HTTPCLIENT-2023: Allow nested arrays and all primitive types in DefaultHttpCacheEntrySerializer.
  256   Contributed by Olof Larsson <olof at sylt.nu>
  257 
  258 
  259 
  260 Release 5.0-BETA6
  261 -------------------
  262 
  263 This BETA release picks up the latest fixes and performance improvements from HttpCore
  264 and addresses a number of issues found since the previous BETA release.
  265 
  266 Changelog:
  267 -------------------
  268 
  269 * Fixed fallback PublicSuffixMatcher.
  270   Contributed by Ryan Schmitt <rschmitt at apache.org>
  271 
  272 * Enforce h2 TLS rules after negotiating TLS, not before.
  273   Contributed by Ryan Schmitt <rschmitt at apache.org>
  274 
  275 * HTTPCLIENT-2013: Revised handling of connect exceptions; improved consistency in behavior
  276   of the classic and async clients; ConnectTimeoutException now extends SocketTimeoutException.
  277   Contributed by Oleg Kalnichevski <olegk at apache.org>
  278 
  279 * Improved handling of request cancellation (classic API).
  280   Contributed by Oleg Kalnichevski <olegk at apache.org>
  281 
  282 * Fixed concurrent use of threading unsafe ClassicHttpRequest messages.
  283   Contributed by Oleg Kalnichevski <olegk at apache.org>
  284 
  285 * Execute Socket#connect under doPrivileged.
  286   Contributed by Simon Willnauer <simonw at apache.org>
  287 
  288 * HTTPCLIENT-2009: Fixed StringIndexOutOfBoundsException in AuthSupport#extractFromAuthority.
  289   Contributed by itonyli <429284840 at qq.com>
  290 
  291 * Make Accept-Encoding header handling thread-safe.
  292   Contributed by Linton Miller <linton.miller at coxautoinc.com>
  293 
  294 
  295 
  296 Release 5.0-BETA5
  297 -------------------
  298 
  299 This BETA release picks up the latest fixes and performance improvements from HttpCore
  300 and addresses a number of issues found since the previous BETA release.
  301 
  302 IMPORTANT: This release is expected to be the last BETA version. If no major
  303 design flaws are found the actual 5.0 API will be frozen and the next version will be
  304 promoted to GA.
  305 
  306 Changelog:
  307 -------------------
  308 
  309 * Information response (1xx) processing support.
  310   Contributed by Kirill Usov <kirill.usov at gmail.com>
  311 
  312 * HTTPCLIENT-1968: Preserve escaped PATHSAFE characters when normalizing URI path segments.
  313   Contributed by Oleg Kalnichevski <olegk at apache.org>
  314 
  315 * HTTPCLIENT-1992: Impossible to access trailer-headers available in chunked transfer-encoding
  316   with classic API.
  317   Contributed by Serkan Turgut <sturgut at amazon.com>
  318 
  319 * HTTPCLIENT-1991: incorrect handling of non-standard DNS entries by PublicSuffixMatcher.
  320   Contributed by Oleg Kalnichevski <olegk at apache.org>
  321 
  322 * Refactor to enable support for non-form based multipart requests
  323   Contributed by Adam Retter <adam.retter at googlemail.com>
  324 
  325 * HTTPCLIENT-1981: disallow TRACE requests with an enclosed entity
  326   Contributed by Jay Modi <jay at elastic dot com>
  327 
  328 
  329 
  330 Release 5.0-BETA4
  331 -------------------
  332 
  333 This BETA release picks up the latest fixes and performance improvements from HttpCore
  334 and addresses a number of issues found since the previous BETA release.
  335 
  336 Notable features in this release:
  337 
  338 * Security improvements.
  339 
  340 * URI handling improvements.
  341 
  342 
  343 Changelog:
  344 -------------------
  345 
  346 * HTTPCLIENT-1976: Unsafe deserialization in DefaultHttpCacheEntrySerializer.
  347   Contributed by Artem Smotrakov <artem.smotrakov at gmail.com>
  348 
  349 * HTTPCLIENT-1969: Filter out weak cipher suites.
  350   Contributed by Artem Smotrakov <artem.smotrakov at gmail.com>
  351 
  352 * HttpClient should not retry requests in case of ConnectionClosedException
  353   Contributed by Oleg Kalnichevski <olegk at apache.org>
  354 
  355 * Bug fix: Simple response consumer to discard stored content when releasing resources.
  356   Contributed by Oleg Kalnichevski <olegk at apache.org>
  357 
  358 * Bug fix: main async request execution handlers to release the associated response consumer
  359   upon exception.
  360   Contributed by Oleg Kalnichevski <olegk at apache.org>
  361 
  362 * Update Apache Commons Codec from 1.11 to 1.12.
  363   Contributed by Gary Gregory <ggregory at apache.org>
  364 
  365 * Update RxJava from 2.2.2 to 2.2.7.
  366   Contributed by Gary Gregory <ggregory at apache.org>
  367 
  368 * Update JNA from 5.0.0 to 5.2.0.
  369   Contributed by Gary Gregory <ggregory at apache.org>
  370 
  371 * Some well known proxies respond with Content-Length=0, when returning 304. For robustness,
  372   always use the cached entity's content length, as modern browsers do.
  373   Contributed by Jayson Raymond <Jayson.Raymond15 at T-Mobile.com>
  374 
  375 * HTTPCLIENT-1960: URIBuilder incorrect handling of multiple leading slashes in path component.
  376   Contributed by Oleg Kalnichevski <olegk at apache.org>
  377 
  378 * HTTPCLIENT-1958: PoolingHttpClientConnectionManager to throw ExecutionException
  379   in case of a lease operation cancellation instead of InterruptedException.
  380   Contributed by Oleg Kalnichevski <olegk at apache.org>
  381 
  382 * Shutdown executorService on AbstractHttpAsyncClientBase shutdown.
  383   Contributed by 吴雪山 <xueshan.wu at ndkey.com.cn>
  384 
  385 * [HTTPCLIENT-1952: Allow default User Agent to be disabled
  386   Contributed by Michael Osipov <michaelo at apache.org>
  387 
  388 * Improve HttpResponseException#getMessage.
  389   Contributed by Michael Osipov <michaelo at apache.org>
  390 
  391 * Better handling of http(s).proxyUser and http(s).proxyPassword
  392   Contributed by Jens Borgland <jborglan at tibco.com>
  393 
  394 * Wrong argument name in PoolingAsyncClientConnectionManagerBuilder#setConnPoolPolicy results
  395   with self assignment of variable.
  396   Contributed by Eryk Szymanski <eszymanski at collab.net>
  397 
  398 
  399 
  400 Release 5.0-BETA3
  401 -------------------
  402 
  403 This BETA release adds support for advanced TLS functions (such as ALPN protocol negotiation)
  404 on Java 1.7 and Java 1.8 through Conscrypt TLS library and picks up the latest fixes
  405 and performance improvements from HttpCore.
  406 
  407 Notable features in this release:
  408 
  409 * TLS ALPN protocol negotiation support on older JREs through Conscrypt TLS library.
  410 
  411 
  412 Changelog:
  413 -------------------
  414 
  415 * Added optional dependency on conscrypt-openjdk-uber 1.4.1; support for advanced TLS functions
  416   (such as ALPN extension) on Java 1.7 and Java 1.8 through Conscrypt TLS library
  417   Contributed by Oleg Kalnichevski <olegk at apache.org>
  418 
  419 * Removed OSGi module
  420   Contributed by Oleg Kalnichevski <olegk at apache.org>
  421 
  422 * Removed experimental CredSsp auth scheme
  423   Contributed by Oleg Kalnichevski <olegk at apache.org>
  424 
  425 * HTTPCLIENT-1949: DigestScheme to use HttpRequest#getRequestUri instead of HttpRequest#getPath
  426   Contributed by Oleg Kalnichevski <olegk at apache.org>
  427 
  428 
  429 
  430 Release 5.0-BETA2
  431 -------------------
  432 
  433 This BETA release resolves compatibility issues with Java 11 new TLS engine as well as
  434 a number of defects found since the previous release.
  435 
  436 Notable new features in this release:
  437 
  438 * JDK 11 compatibility
  439 
  440 * Support for request specific push consumers
  441 
  442 * Support for Reactive Streams API [http://www.reactive-streams.org/]
  443 
  444 
  445 Changelog:
  446 -------------------
  447 
  448 * Hack to make hostname verification work with TLSv1.3 resumed sessions.
  449   For details see https://markmail.org/message/mxf5v2d2gh6ws2j3
  450   Contributed by Oleg Kalnichevski <olegk at apache.org>
  451 
  452 * Added builders for SSLConnectionSocketFactory and client TlsStrategy.
  453   Contributed by Oleg Kalnichevski <olegk at apache.org>
  454 
  455 * Added enum for supported TLS versions & TLS version parser.
  456   Contributed by Oleg Kalnichevski <olegk at apache.org>
  457 
  458 * HTTPCLIENT-1946: handling of 308 status as per RFC 7538.
  459   Contributed by Oleg Kalnichevski <olegk at apache.org>
  460 
  461 * Upgraded HttpCore to version 5.0-beta5.
  462   Contributed by Oleg Kalnichevski <olegk at apache.org>
  463 
  464 * Async clients to support request specific push consumers.
  465   Contributed by Oleg Kalnichevski <olegk at apache.org>
  466 
  467 * HTTPCLIENT-1944: Add hardCancellationEnabled option to RequestConfig.
  468   Contributed by Ryan Schmitt <ryansch at amazon.com>
  469 
  470 * Overload Request's execute method to allow custom CloseableHttpClient.
  471   Contributed by Nicolas Gomez <nicolas at imogene.fr>
  472 
  473 * Fix HttpClient 4.5.4 regression in BasicCookieStore serialization.
  474   Contributed by Mark Mielke <mmielke at ciena.com>
  475 
  476 * HTTPCLIENT-1934: Default client TLS strategy passes wrong hostname to the hostname verifier.
  477   Contributed by Oleg Kalnichevski <olegk at apache.org>
  478 
  479 * HTTPCLIENT-1882: reset authentication state on I/O or runtime error for connection based
  480   authentication schemes (such as NTLM).
  481   Contributed by Oleg Kalnichevski <olegk at apache.org>
  482 
  483 * HTTPCLIENT-1924: HttpClient to shut down the connection manager if a fatal error occurs
  484   in the course of a request execution.
  485   Contributed by Oleg Kalnichevski <olegk at apache.org>
  486 
  487 * Pooling connection managers to implement graceful and immediate shut down.
  488   Contributed by Oleg Kalnichevski <olegk at apache.org>
  489 
  490 * HTTPCLIENT-1906: certificates containing alternative subject names other than DNS and IP
  491   (such as RFC822) get rejected as invalid.
  492   Contributed by Oleg Kalnichevski <olegk at apache.org>
  493 
  494 * HTTPCLIENT-1904: check cookie domain for null
  495   Contributed by Hans-Peter Keck <hans-peter.keck at haufe-lexware.com>
  496 
  497 * HTTPCLIENT-1900: proxy protocol processor in the CONNECT exec interceptor does not
  498   post-process CONNECT response messages.
  499   Contributed by Oleg Kalnichevski <olegk at apache.org>
  500 
  501 * HTTPCLIENT-1898: Incorrect comment in example class ClientMultiThreadedExecution.java
  502   Contributed by Ulrich Romahn <ulrich at ulrichromahn dot net>
  503    
  504 * HTTPCLIENT-1931: Add factory enum org.apache.hc.client5.http.classic.methods.ClassicHttpRequests
  505   Contributed by Gary Gregory <ggregory at apache.org>
  506   
  507 * HTTPCLIENT-1932: Add factory enum org.apache.hc.client5.http.async.methods.HttpRequests
  508   Contributed by Gary Gregory <ggregory at apache.org>
  509   
  510 * HTTPCLIENT-1939: Update Apache Commons Codec from 1.10 to 1.11
  511   Contributed by Gary Gregory <ggregory at apache.org>
  512 
  513 * HTTPCLIENT-1947: Update JNA from 4.5.2 to 5.0.0
  514   Contributed by Gary Gregory <ggregory at apache.org>
  515   
  516 Release 5.0-BETA1
  517 -------------------
  518 
  519 This is the first BETA release of HttpClient 5.0. The 5.0 release serices introduces
  520 support for the HTTP/2 protocol and event driven messaging APIs consistent for all
  521 supported HTTP protocol versions.
  522 
  523 Changelog:
  524 -------------------
  525 
  526 * DefaultHostnameVerifier to use a custom distinguished name (DN) parser instead of LdapName.
  527   Removed dependency on Java Naming extensions.
  528   Contributed by Oleg Kalnichevski <olegk at apache.org>
  529 
  530 * HTTP/2 client implementations to support cancellation of ongoing message exchanges without
  531   terminating the underlying connections.
  532   Contributed by Oleg Kalnichevski <olegk at apache.org>
  533 
  534 * HTTPCLIENT-1395: added config parameter to skip an extra cache entry freshness check upon
  535   cache update in case of a cache miss.
  536   Contributed by Oleg Kalnichevski <olegk at apache.org>
  537 
  538 * HTTPCLIENT-1824, HTTPCLIENT-1384: asynchronous HTTP cache invalidator.
  539   Contributed by Oleg Kalnichevski <olegk at apache.org>
  540 
  541 * Redesign of CacheKeyGenerator and HttpCacheInvalidator APIs.
  542   Contributed by Oleg Kalnichevski <olegk at apache.org>
  543 
  544 * New APIs for cache entry bulk retrieval; bulk retrieval support by Memcached storage
  545   implementation.
  546   Contributed by Oleg Kalnichevski <olegk at apache.org>
  547 
  548 * HTTPCLIENT-1824, HTTPCLIENT-1868: Asynchronous HTTP cache storage API. Memcached backend
  549   implementation of async HTTP cache storage.
  550   Contributed by Oleg Kalnichevski <olegk at apache.org>
  551 
  552 * HTTPCLIENT-1885: Content compression exec interceptor generates incorrect
  553   'Accept-Encoding' header value.
  554   Contributed by Oleg Kalnichevski <olegk at apache.org>
  555 
  556 
  557 
  558 Release 5.0-ALPHA3
  559 -------------------
  560 
  561 This is a major release that introduces support for the HTTP/2 protocol and event driven
  562 messaging APIs consistent for all supported HTTP protocol versions.
  563 
  564 HttpClient ships with two client implementations:
  565 
  566 * HttpClient Classic is based on the classic (blocking) I/O model; largely compatible
  567   with the 4.x APIs; supports HTTP/1.1 only.
  568 
  569 * HttpClient Async is based on NIO model; new event driven APIs consistent for all supported
  570   HTTP protocol versions; supports both HTTP/1.1 and HTTP/2.
  571 
  572 
  573 Notable new features in this release:
  574 
  575 * Asynchronous HttpClient implementations optimized for HTTP/2 multiplexed request execution.
  576 
  577 * Full support for HTTP caching by asynchronous HttpClient implementations including
  578   streaming message exchanages.
  579 
  580 
  581 Notable changes and features included in the 5.0 series are:
  582 
  583 * Support for the HTTP/2 protocol and conformance to requirements and
  584   recommendations of the latest HTTP/2 protocol specification documents
  585   (RFC 7540, RFC 7541.)
  586 
  587   Supported features:
  588 
  589     ** HPACK header compression
  590     ** Stream multiplexing (client and server)
  591     ** Flow control
  592     ** Response push
  593     ** Message trailers
  594     ** Expect-continue handshake
  595     ** Connection validation (ping)
  596     ** Application-layer protocol negotiation (ALPN) on Java 9.0.1+
  597     ** TLS 1.2 security features
  598 
  599 * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol
  600   specification documents (RFC 7230, RFC 7231.)
  601 
  602 * Redesigned connection pool implementation with reduced pool lock contention.
  603 
  604 * Package name space changed to 'org.apache.hc.client5'.
  605 
  606 * Maven group id changed to 'org.apache.httpcomponents.client5'.
  607 
  608 * Apache Log4j2 logging APIs used for internal logging instead of Commons Logging APIs.
  609 
  610 HttpClient 5.0 releases can be co-located with earlier major versions on the same classpath
  611 due to the change in package names and Maven module coordinates.
  612 
  613 Please note that as of 5.0, HttpClient requires Java 1.7 or newer.
  614 
  615 
  616 Changelog:
  617 -------------------
  618 
  619 * HttpAsyncClient implementations optimized for HTTP/2 multiplexed
  620   request execution.
  621   Contributed by Oleg Kalnichevski <olegk@apache.org>
  622 
  623 * Improved Ehcache and Memcached storage backends.
  624   Contributed by Oleg Kalnichevski <olegk@apache.org>
  625 
  626 * [HTTPCLIENT-1827] Full support for HTTP caching by asynchronous HTTP clients.
  627   Contributed by Oleg Kalnichevski <olegk@apache.org>
  628 
  629 * Redesign of HTTP cache resource APIs.
  630   Contributed by Oleg Kalnichevski <olegk@apache.org>
  631 
  632 * Deprecated Content-Transfer-Encoding field in MIME body parts per RFC 7578, section 4.7.
  633   Contributed by Oleg Kalnichevski <olegk@apache.org>
  634 
  635 * [HTTPCLIENT-293] Implemented the percent encoding of the filename parameter of the Content-Disposition header.
  636   Contributed by Ioannis Sermetziadis <sermojohn@gmail.com>
  637 
  638 * [HTTPCLIENT-1845]: Extract InputStreamFactory classes out of GzipDecompressingEntity and
  639   DeflateDecompressingEntity for reuse and to create less garbage.
  640   Contributed by Gary Gregory <ggregory at apache.org>
  641 
  642 * [HTTPCLIENT-1858] Alleviate GC pressure due to wire logging.
  643   Contributed by Gary Gregory <ggregory at apache.org>
  644 
  645 * Avoid fetching the cached entity twice on cache hit.
  646   Contributed by Leandro Nunes <a-lnunes@hotels.com>
  647 
  648 * [HTTPASYNC-124] Add doPrivileged blocks to async client and connection manager builders
  649   Contributed by Jay Modi <jay at elastic dot co>
  650 
  651 
  652 
  653 Release 5.0-ALPHA2
  654 -------------------
  655 
  656 This is a major release that introduces support for the HTTP/2 protocol and event driven
  657 messaging APIs consistent for all supported HTTP protocol versions.
  658 
  659 HttpClient ships with two client implementations:
  660 
  661 * HttpClient Classic is based on the classic (blocking) I/O model; largely compatible
  662   with the 4.x APIs; supports HTTP/1.1 only.
  663 
  664 * HttpClient Async is based on NIO model; new event driven APIs consistent for all supported
  665   HTTP protocol versions; supports both HTTP/1.1 and HTTP/2.
  666 
  667 
  668 Notable changes and features included in the 5.0 series are:
  669 
  670 * Partial support for the HTTP/2 protocol and conformance to requirements and
  671   recommendations of the latest HTTP/2 protocol specification documents 
  672   (RFC 7540, RFC 7541.)
  673 
  674   Supported features:
  675 
  676     ** HPACK header compression
  677     ** Stream multiplexing (client and server)
  678     ** Flow control
  679     ** Response push
  680     ** Message trailers
  681     ** Expect-continue handshake
  682     ** Connection validation (ping)
  683     ** Application-layer protocol negotiation (ALPN) on Java 1.9+
  684     ** TLS 1.2 security features
  685 
  686 * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol
  687   specification documents (RFC 7230, RFC 7231.)
  688 
  689 * Redesigned connection pool implementation with reduced pool lock contention.
  690 
  691 * Package name space changed to 'org.apache.hc.client5'.
  692 
  693 * Maven group id changed to 'org.apache.httpcomponents.client5'.
  694 
  695 * Apache Log4j2 logging APIs used for internal logging instead of Commons Logging APIs.
  696 
  697 
  698 Features that are presently NOT supported:
  699 
  700 * HTTP/2 transport (classic)
  701 
  702 * HTTP tunneling (async)
  703 
  704 * Automatic response content decompression (async)
  705 
  706 * Caching (async)
  707 
  708 
  709 HttpClient 5.0 releases can be co-located with earlier major versions on the same classpath
  710 due to the change in package names and Maven module coordinates.
  711 
  712 Please note that as of 5.0, HttpClient requires Java 1.7 or newer.
  713 
  714 Please note that at this point 5.0 APIs are considered experimental and unstable and are
  715 expected to change in the coming releases without providing a migration path.
  716 
  717 
  718 Changelog:
  719 -------------------
  720 
  721 * [HTTPCLIENT-1714] Add HttpClientBuilder.setDnsResolver(DnsResolver).
  722   Contributed by Alexis Thaveau <alexis.thaveau at gmail.com>
  723 
  724 * [HTTPCLIENT-1715] NTLMEngineImpl.Type1Message not thread safe but declared as a constant.
  725   Contributed by Olivier Lafontaine <olafontaine at gmail.com>, Gary Gregory <ggregory at apache.org>
  726 
  727 * [HTTPCLIENT-1716] redirect handling of unsafe methods defined by RFC 7231.
  728   Contributed by Oleg Kalnichevski <olegk at apache.org>
  729 
  730 * [HTTPCLIENT-1717] Make fluent API .Content.Content(byte[], ContentType) public.
  731   Contributed by Cash Costello <cash.costello at gmail.com>
  732 
  733 * [HTTPCLIENT-1730] added #setValidateAfterInactivity to HttpClientBuilder.
  734   Contributed by Oleg Kalnichevski <olegk at apache.org>
  735 
  736 * [HTTPCLIENT-1752] Allow to configure the OSGI clients with relaxed SSL checks.
  737   Contributed by Simone Tripodi <simonetripodi at apache.org>
  738 
  739 * [HTTPCLIENT-1748] Improved compatibility with system authentication API in applets.
  740   Contributed by Sebastien Caille <sebastien.caille at gmail.com>
  741 
  742 * [HTTPCLIENT-1786] Port from Apache Commons Logging to Apache Log4j 2.
  743   Contributed by Gary Gregory <ggregory at apache.org>
  744 
  745 * [HTTPCLIENT-1817] Add a "Trust All" TrustStrategy implementation.
  746   Contributed by Gary Gregory <ggregory at apache.org>
  747 
  748 * [HTTPCLIENT-1836] DefaultHostnameVerifier#getSubjectAltNames(X509Certificate) throws
  749   java.lang.ClassCastException.
  750   Contributed by Gary Gregory <ggregory at apache.org>, Ilian Iliev <ilian_iliev at yahoo.com>
  751 
  752 * [HTTPCLIENT-1691] HttpClient instance used internally by HC Fluent to take system properties into
  753   account by default.
  754   Contributed by Oleg Kalnichevski <olegk at apache.org>
  755 
  756 
  757 
  758 Release 5.0-ALPHA1
  759 -------------------
  760 
  761 This major release renders HttpClient API incompatible with the stable 4.x branch
  762 and upgrades HTTP/1.1 protocol conformance to the requirements and recommendations of the latest
  763 protocol specification. This release lays the foundation for transition to HTTP/2 as the primary
  764 transport protocol in the future releases.
  765 
  766 Notable changes and features included in the 5.0 series are:
  767 
  768 * Improved conformance to requirements and recommendations of the latest HTTP/1.1 protocol
  769   specification (RFC 7230, RFC 7231, RFC 7235)
  770 
  771 * Package name space changed to 'org.apache.hc.client5'
  772 
  773 * Maven group id changed to 'org.apache.httpcomponents.client5'
  774 
  775 * By default the maximum connections per route limit is set to 5
  776 
  777 * By default connection request timeout and connect timeout are set to 3 minutes.
  778 
  779 HttpClient 5.0 releases can be co-located with earlier versions, meaning you can have both 5.x and 
  780 4.x on the classpath without experiencing jar hell.
  781 
  782 Please note that as of 5.0 HttpClient requires Java 1.7 or newer.
  783 
  784 Please note that at this point we consider 5.0 APIs experimental and unstable and expect them to 
  785 change in the coming releases without providing a migration path.
  786 
  787 
  788 
  789 Changelog:
  790 -------------------
  791 
  792 * [HTTPCLIENT-1575] route target port must be non negative
  793   Contributed by Oleg Kalnichevski <olegk at apache.org>
  794 
  795 * [HTTPCLIENT-1106] Use character arrays for passwords in Credentials objects
  796   Contributed by Oleg Kalnichevski <olegk at apache.org>
  797 
  798 * RFC 7235: redesign of HTTP authenticator and related classes
  799   Contributed by Oleg Kalnichevski <olegk at apache.org>
  800 
  801 * RFC 7231: parse capable of parsing multiple auth challenges
  802   Contributed by Oleg Kalnichevski <olegk at apache.org>
  803 
  804 * RFC 7231: DefaultServiceUnavailableRetryStrategy to take Retry-After header value into account if specified
  805   Contributed by Oleg Kalnichevski <olegk at apache.org>
  806 
  807 * RFC 7231: removed restriction on the use of relative URIs in Location header
  808   Contributed by Oleg Kalnichevski <olegk at apache.org>
  809 
  810 * RFC 7231: revised redirect handling
  811   Contributed by Oleg Kalnichevski <olegk at apache.org>
  812 
  813 * RFC 7231: do not generate header fields in TRACE requests containing sensitive data such as cookie and user
  814   credentials
  815   Contributed by Oleg Kalnichevski <olegk at apache.org>
  816 
  817 * RFC 7231: automatic retrial of idempotent methods
  818   Contributed by Oleg Kalnichevski <olegk at apache.org>
  819 
  820 * RFC 7230: increased the default max number of concurrent connection for the same route from 2 to 5
  821   Contributed by Oleg Kalnichevski <olegk at apache.org>
  822 
  823 * Cache request line in HttpRequestWrapper
  824   Contributed by Dmitry Potapov <dpotapov at yandex-team.ru>
  825 
  826 * [HTTPCLIENT-1651] Add ability to disable content compression on a request basis
  827   Contributed by Oleg Kalnichevski <olegk at apache.org>
  828 
  829 * [HTTPCLIENT-1696]: Add convenience methods to fluent API class Request.
  830   Contributed by Gary Gregory <ggregory @ apache.org>
  831 
  832 
  833 
  834 Release 4.5.1
  835 -------------------
  836 
  837 HttpClient 4.5.1 (GA) is a maintenance release that fixes a number of minor defects found since 4.5.
  838 
  839 Please note that as of 4.4 HttpClient requires Java 1.6 or newer.
  840 
  841 Changelog:
  842 -------------------
  843 
  844 * [HTTPCLIENT-1680] redirect of a POST request causes ClientProtocolException.
  845   Contributed by Oleg Kalnichevski <olegk at apache.org>
  846 
  847 * [HTTPCLIENT-1673] org.apache.http.entity.mime.content.* missing from OSGi exports.
  848   Contributed by Benson Margulies <benson at basistech.com>
  849 
  850 * [HTTPCLIENT-1668] Fluent request incorrectly handles connect timeout setting.
  851   Contributed by Oleg Kalnichevski <olegk at apache.org>
  852 
  853 * [HTTPCLIENT-1667] RequestBuilder does not take charset into account when creating
  854   UrlEncodedFormEntity.
  855   Contributed by Sergey Smith <smithsv at bk.ru>
  856 
  857 * [HTTPCLIENT-1655] HttpClient sends RST instead of FIN ACK sequence when using non-persistant
  858   connections.
  859   Contributed by Oleg Kalnichevski <olegk at apache.org>
  860 
  861 
  862 Release 4.5
  863 -------------------
  864 
  865 HttpClient 4.5 (GA) is a minor feature release that includes several incremental enhancements
  866 to the exisitng functionality such as support for private domains in the Mozilla Public Suffix List.
  867 
  868 Changelog:
  869 -------------------
  870 
  871 * Reduced default validate after inactivity setting from 5 sec to 2 sec.
  872   Contributed by Oleg Kalnichevski <olegk at apache.org>
  873 
  874 * [HTTPCLIENT-1649] Fixed serialization of auth schemes.
  875   Contributed by Oleg Kalnichevski <olegk at apache.org>
  876 
  877 * [HTTPCLIENT-1645]: Fluent requests to inherit config parameters of the executor.
  878   Contributed by Oleg Kalnichevski <olegk at apache.org>
  879 
  880 * [HTTPCLIENT-1640]: RFC6265 lax cookie policy fails to parse 'max-age' attribute.
  881   Contributed by Oleg Kalnichevski <olegk at apache.org>
  882 
  883 * [HTTPCLIENT-1633]: RFC6265CookieSpecProvider compatibility level setting has no effect.
  884   Contributed by Oleg Kalnichevski <olegk at apache.org>
  885 
  886 * [HTTPCLIENT-1613]: Support for private domains in Mozilla Public Suffix List.
  887   Contributed by Oleg Kalnichevski <olegk at apache.org>
  888 
  889 * [HTTPCLIENT-1651]: Add ability to disable content compression on a request basis.
  890   Contributed by Michael Osipov <michaelo at apache.org>
  891 
  892 * [HTTPCLIENT-1654]: Deprecate/remove RequestConfig#decompressionEnabled in favor of #contentCompressionEnabled.
  893   Contributed by Michael Osipov <michaelo at apache.org>
  894 
  895 
  896 Release 4.4.1
  897 -------------------
  898 
  899 HttpClient 4.4.1 (GA) is a maintenance release that fixes a number of defects in new functionality
  900 introduced in version 4.4.
  901 
  902 Users of HttpClient 4.4 are encouraged to upgrade.
  903 
  904 Please note that as of 4.4 HttpClient requires Java 1.6 or newer.
  905 
  906 Changelog:
  907 -------------------
  908 
  909 * Marked RFC 2109, RFC 2965, Netscape draft cookie specs as obsolete.
  910   Contributed by Oleg Kalnichevski <olegk at apache.org>
  911 
  912 * [HTTPCLIENT-1633] RFC6265CookieSpecProvider compatibility level setting has no effect.
  913   Contributed by Oleg Kalnichevski <olegk at apache.org>
  914 
  915 * [HTTPCLIENT-1628]: Auth cache can fail when domain name contains uppercase characters.
  916   Contributed by Dennis Ju <dejuknow at gmail.com>
  917 
  918 * [HTTPCLIENT-1609] Stale connection check in PoolingHttpClientConnectionManager has no effect.
  919   Internal connection pool does not correctly implement connection validation.
  920   Contributed by Charles Lip <rene1 at singnet.com.sg>
  921 
  922 
  923 
  924 Release 4.4 Final
  925 -------------------
  926 
  927 This is the first stable (GA) release of HttpClient 4.4. Notable features and enhancements included
  928 in 4.4 series are:
  929 
  930 * Support for the latest HTTP state management specification (RFC 6265). Please note that the old
  931 cookie policy is still used by default for compatibility reasons. RFC 6265 compliant cookie
  932 policies need to be explicitly configured by the user. Please also note that as of next feature
  933 release support for Netscape draft, RFC 2109 and RFC 2965 cookie policies will be deprecated
  934 and disabled by default. It is recommended to use RFC 6265 compliant policies for new applications
  935 unless compatibility with RFC 2109 and RFC 2965 is required and to migrate existing applications
  936 to the default cookie policy.
  937 
  938 * Enhanced, redesigned and rewritten default SSL hostname verifier with improved RFC 2818
  939 compliance.
  940 
  941 * Default SSL hostname verifier and default cookie policy now validate certificate identity
  942 and cookie domain of origin against the public suffix list maintained by Mozilla.org
  943 <https://publicsuffix.org/list>
  944 
  945 * More efficient stale connection checking: indiscriminate connection checking which results
  946 in approximately 20 to 50 ms overhead per request has been deprecated in favor of conditional
  947 connection state validation (persistent connections are to be re-validated only if a specified
  948 period inactivity has elapsed.)
  949 
  950 * Authentication cache thread-safety: authentication cache used by HttpClient is now thread-safe
  951 and can be shared by multiple threads in order to re-use authentication state for subsequent
  952 requests.
  953 
  954 * Native Windows Negotiate and NTLM via SSPI through JNA: when running on Windows OS HttpClient
  955 configured to use native NTLM or SPNEGO authentication schemes can make use of platform specific
  956 functionality via JNA and current user credentials. This functionality is still considered
  957 experimental, known to have compatibility issues and subject to change without prior notice.
  958 Use at your discretion.
  959 
  960 This release also includes all fixes from the stable 4.3.x release branch.
  961 
  962 Please note that as of 4.4 HttpClient requires Java 1.6 or newer.
  963 
  964 
  965 Changelog:
  966 -------------------
  967 
  968 * Support for the latest HTTP state management specification (RFC 6265).
  969   Contributed by Oleg Kalnichevski <olegk at apache.org>
  970 
  971 * [HTTPCLIENT-1515] Caching of responses to HEAD requests
  972   Contributed by Tyrone Cutajar <tj.cutajar at gmail.com> and
  973   Francois-Xavier Bonnet <fx at apache.org>
  974 
  975 * [HTTPCLIENT-1560] Native Windows auth improvements.
  976   Contributed by Michael Osipov <michaelo at apache.org>
  977 
  978 * Update Apache Commons Logging version from 1.1.3 to 1.2.
  979   Contributed by Gary Gregory <ggregory at apache.org>
  980 
  981 * Update Apache Commons Codec version from 1.6 to 1.9.
  982   Contributed by Gary Gregory <ggregory at apache.org>
  983 
  984 * Update Ehcache version from 2.2.0 to 2.6.9.
  985   Contributed by Gary Gregory <ggregory at apache.org>
  986 
  987 * Update Ehcache version from 2.2.0 to 2.6.9.
  988   Contributed by Gary Gregory <ggregory at apache.org>
  989 
  990 * Update Spymemcached version from 2.6 to 2.11.4.
  991   Contributed by Gary Gregory <ggregory at apache.org>
  992 
  993 * Update SLF4J version from 1.5.11 to 1.7.7.
  994   Contributed by Gary Gregory <ggregory at apache.org>
  995 
  996 
  997 
  998 
  999 
 1000 Release 4.4 BETA1
 1001 -------------------
 1002 
 1003 This is the first BETA release of HttpClient 4.4. Notable features and enhancements included
 1004 in 4.4 series are:
 1005 
 1006 * Enhanced redesigned and rewritten default SSL hostname verifier with improved RFC 2818
 1007 compliance
 1008 
 1009 * Default SSL hostname verifier and default cookie policy now validate certificate identity
 1010 and cookie domain of origin against the public suffix list maintained by Mozilla.org
 1011 <https://publicsuffix.org/list>
 1012 
 1013 * Native windows Negotiate/NTLM via JNA: when running on Windows OS HttpClient configured to use
 1014 native NTLM or SPNEGO authentication schemes can make use of platform specific functionality
 1015 via JNA and current user system credentials
 1016 
 1017 * More efficient stale connection checking: indiscriminate connection checking which results
 1018 in approximately 20 to 50 ms overhead per request has been deprecated in favor of conditional
 1019 connection state validation (persistent connections are to be re-validated only if a specified
 1020 period inactivity has elapsed)
 1021 
 1022 * Authentication cache thread-safety: authentication caches used by HttpClient is now thread-safe
 1023 and can be shared by multiple threads in order to re-use authentication state for subsequent
 1024 requests
 1025 
 1026 This release also includes all fixes from the stable 4.3.x release branch.
 1027 
 1028 Please note that as of 4.4 HttpClient requires Java 1.6 or newer.
 1029 
 1030 
 1031 Changelog:
 1032 -------------------
 1033 
 1034 * [HTTPCLIENT-1547] HttpClient OSGi bundle doesn't import the package "javax.naming".
 1035   Contributed by Willem Jiang <ningjiang at apache.org>
 1036 
 1037 * [HTTPCLIENT-1541] Use correct (HTTP/hostname) service principal name for Windows native
 1038   Negotiate/NTLM auth schemes.
 1039   Contributed by Ka-Lok Fung <ka-lok.fung at sap.com>
 1040 
 1041 * Improved compliance with RFC 2818: default hostname verifier to ignore the common name of the
 1042   certificate subject if alternative subject names (dNSName or iPAddress) are present.
 1043   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1044 
 1045 * [HTTPCLIENT-1540] Support delegated credentials (ISC_REQ_DELEGATE) by Native windows
 1046   native Negotiate/NTLM auth schemes.
 1047   Contributed by Ka-Lok Fung <ka-lok.fung at sap.com>
 1048 
 1049 
 1050 
 1051 Release 4.4 ALPHA1
 1052 -------------------
 1053 
 1054 This is the first ALPHA release of HttpClient 4.4. Notable features and enhancements included
 1055 in the 4.4 branch are:
 1056 
 1057 * More efficient stale connection checking: indiscriminate connection checking which results
 1058 in approximately 20 to 50 ms overhead per request has been deprecated in favor of conditional
 1059 connection state validation (persistent connections are to be re-validated only if a specified
 1060 period inactivity has elapsed)
 1061 
 1062 * Native windows Negotiate/NTLM via JNA: when running on Windows OS HttpClient configured to use
 1063 native NTLM or SPNEGO authentication schemes can make use of platform specific functionality
 1064 via JNA and current user system credentials
 1065 
 1066 * Authentication cache thread-safety: authentication caches used by HttpClient is now thread-safe
 1067 and can be shared by multiple threads in order to re-use authentication state for subsequent
 1068 requests
 1069 
 1070 This release also includes all fixes from the stable 4.3.x release branch.
 1071 
 1072 Please note that as of 4.4 HttpClient requires Java 1.6 or newer.
 1073 
 1074 Please note that new features included in this release are still considered experimental and
 1075 their API may change in the future 4.4 alpha and beta releases.
 1076 
 1077 
 1078 Changelog:
 1079 -------------------
 1080 
 1081 * [HTTPCLIENT-1493] Indiscriminate connection checking has been deprecated in favor of conditional
 1082   connection state validation. Persistent connections are to be re-validated only after a defined
 1083   period inactivity prior to being leased to the consumer.
 1084   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1085 
 1086 * [HTTPCLIENT-1519] Use the original HttpHost instance passed as a parameter to
 1087   HttpClient#execute when generating 'Host' request header.
 1088   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1089 
 1090 * [HTTPCLIENT-1491] Enable provision of Service Principal Name in Windows native
 1091   auth scheme.
 1092   Contributed by Malcolm Smith <malcolmfsmith at gmail.com>
 1093 
 1094 * [HTTPCLIENT-1403] Pluggable content decoders.
 1095   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1096 
 1097 * [HTTPCLIENT-1466] FileBodyPart#generateContentType() ignores custom ContentType values.
 1098   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1099 
 1100 * [HTTPCLIENT-1461] fixed performance degradation in gzip encoded content processing
 1101   introduced by HTTPCLIENT-1432.
 1102   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1103 
 1104 * [HTTPCLIENT-1457] Incorrect handling of Windows (NT) credentials by
 1105   SystemDefaultCredentialsProvider.
 1106   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1107 
 1108 * [HTTPCLIENT-1456] Request retrial after status 503 causes ClientProtocolException.
 1109   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1110 
 1111 * [HTTPCLIENT-1454] Make connection operator APIs public.
 1112   Contributed by Tamas Cservenak <tamas at cservenak.net>
 1113 
 1114 * Update JUnit to version 4.11 from 4.9
 1115   Contributed by Gary Gregory <ggregory at apache.org>
 1116 
 1117 
 1118 
 1119 Release 4.3.4
 1120 -------------------
 1121 
 1122 HttpClient 4.3.4 (GA) is a maintenance release that improves performance in high concurrency
 1123 scenarios. This version replaces dynamic proxies with custom proxy classes and eliminates thread
 1124 contention in java.reflect.Proxy.newInstance() when leasing connections from the connection pool
 1125 and processing response messages.
 1126 
 1127 
 1128 Changelog:
 1129 -------------------
 1130 
 1131 * Replaced dynamic proxies with custom proxy classes to reduce thread contention.
 1132   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1133 
 1134 * [HTTPCLIENT-1484] GzipCompressingEntity should not close the underlying output stream
 1135   if the entity has not been fully written out due to an exception.
 1136   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1137 
 1138 * [HTTPCLIENT-1474] Fixed broken entity enclosing requests in HC Fluent.
 1139   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1140 
 1141 * [HTTPCLIENT-1470] CachingExec(ClientExecChain, HttpCache, CacheConfig, AsynchronousValidator)
 1142   throws NPE if config is null
 1143 
 1144 
 1145 
 1146 
 1147 Release 4.3.3
 1148 -------------------
 1149 
 1150 HttpClient 4.3.3 (GA) is a bug fix release that fixes a regression introduced by the previous
 1151 release causing a significant performance degradation in compressed content processing.
 1152 
 1153 Users of HttpClient 4.3 are encouraged to upgrade.
 1154 
 1155 Changelog:
 1156 -------------------
 1157 
 1158 * [HTTPCLIENT-1466] FileBodyPart#generateContentType() ignores custom ContentType values.
 1159   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1160 
 1161 * [HTTPCLIENT-1453] Thread safety regression in PoolingHttpClientConnectionManager
 1162   #closeExpiredConnections that can lead to ConcurrentModificationException.
 1163   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1164 
 1165 * [HTTPCLIENT-1461] fixed performance degradation in compressed content processing
 1166   introduced by HTTPCLIENT-1432.
 1167   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1168 
 1169 * [HTTPCLIENT-1457] Incorrect handling of Windows (NT) credentials by
 1170   SystemDefaultCredentialsProvider.
 1171   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1172 
 1173 * [HTTPCLIENT-1456] Request retrial after status 503 causes ClientProtocolException.
 1174   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1175 
 1176 
 1177 Release 4.3.2
 1178 -------------------
 1179 
 1180 HttpClient 4.3.2 (GA) is a maintenance release that delivers a number of improvements
 1181 as well as bug fixes for issues reported since 4.3.1 release. SNI support for
 1182 Oracle JRE 1.7+ is being among the most notable improvements.
 1183 
 1184 Users of HttpClient 4.3 are encouraged to upgrade.
 1185 
 1186 Changelog:
 1187 -------------------
 1188 
 1189 * [HTTPCLIENT-1447] Clients created with HttpClients.createMinimal do not work with absolute URIs
 1190   Contributed by Joseph Walton <joe at kafsemo dot org>
 1191 
 1192 * [HTTPCLIENT-1446] NTLM proxy + BASIC target auth fails with 'Unexpected state:
 1193   MSG_TYPE3_GENERATED'.
 1194   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1195 
 1196 * [HTTPCLIENT-1443] HttpCache uses the physical host instead of the virtual host as a cache key.
 1197   Contributed by Francois-Xavier Bonnet <fx at apache.org>
 1198 
 1199 * [HTTPCLIENT-1442] Authentication header set by the user gets removed in case
 1200   of proxy authentication (affects plan HTTP requests only).
 1201   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1202 
 1203 * [HTTPCLIENT-1441] Caching AsynchronousValidationRequest leaks connections.
 1204   Contributed by Dominic Tootell <dominic.tootell at gmail.com>
 1205 
 1206 * [HTTPCLIENT-1440] 'file' scheme in redirect location URI causes NPE.
 1207   Contributed by James Leigh <james at 3roundstones dot com>
 1208 
 1209 * [HTTPCLIENT-1437] Made Executor#execute thread safe.
 1210   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1211 
 1212 * [HTTPCLIENT-1119] SNI support (Oracle Java 1.7+ only).
 1213   Contributed by Bruno Harbulot <bruno at distributedmatter.net>
 1214 
 1215 * [HTTPCLIENT-1435] Fluent Executor ignores custom request properties.
 1216   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1217 
 1218 * [HTTPCLIENT-1432] Lazy decompressing of HttpEntity#getContent() to avoid EOFException
 1219   in case of an empty response with 'Content-Encoding: gzip' header.
 1220   Contributed by Yihua Huang <code4crafter at gmail.com>
 1221 
 1222 * [HTTPCLIENT-1431] (Regression) deprecated connection manager cannot be used with
 1223   a custom LayeredSchemeSocketFactory.
 1224   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1225 
 1226 * [HTTPCLIENT-1425] Fixed socket closed exception thrown by caching HttpClient when the origin
 1227   server sends a long chunked response.
 1228   Contributed by James Leigh <james at 3roundstones dot com>
 1229 
 1230 * [HTTPCLIENT-1417] Fixed NPE in BrowserCompatSpec#formatCookies caused by version 1
 1231   cookies with null cookie value.
 1232   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1233 
 1234 * [HTTPCLIENT-1416] Fixed NPE in CachingHttpClientBuilder#build().
 1235   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1236 
 1237 
 1238 
 1239 Release 4.3.1
 1240 -------------------
 1241 
 1242 HttpClient 4.3.1 (GA) is a bug fix release that addresses a number of issues reported since
 1243 release 4.3.
 1244 
 1245 Users of HttpClient 4.3 are strongly encouraged to upgrade.
 1246 
 1247 Changelog
 1248 -------------------
 1249 
 1250 * [HTTPCLIENT-1410] Browser compatible hostname verifier no longer rejects
 1251   *.co.<countrycode>, *.gov.<countrycode>, *.info.<countrycode>, etc as invalid.
 1252   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1253 
 1254 * Ensure X509HostnameVerifier is never null.
 1255   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1256 
 1257 * [HTTPCLIENT-1405] CONNECT HTTP/1.1 requests lack mandatory 'Host' header.
 1258   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1259 
 1260 * [HTTPCLIENT-1402] Cache default User-Agent value.
 1261   Contributed by yuexiaojun <junedo at qq.com>
 1262 
 1263 * [HTTPCLIENT-1398] Fixed invalid OSGi metadata caused by corrupted Maven bundle plugin metadata.
 1264   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1265 
 1266 * [HTTPCLIENT-1399] Fixed NPE in RequestBuilder.
 1267   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1268 
 1269 
 1270 
 1271 
 1272 Release 4.3 Final
 1273 -------------------
 1274 
 1275 This is the first stable (GA) release of HttpClient 4.3. The most notable enhancements included
 1276 in this release are:
 1277 
 1278 * Support for Java 7 try-with-resources for resource management (connection release.)
 1279 
 1280 * Added fluent Builder classes for HttpEntity, HttpRequest, HttpClient and SSLContext instances.
 1281 
 1282 * Deprecation of preference and configuration API based on HttpParams interface in favor of
 1283 constructor injection and plain configuration objects.
 1284 
 1285 * Reliance on object immutability instead of access synchronization for thread safety.
 1286 Several old classes whose instances can be shared by multiple request exchanges have
 1287 been replaced by immutable equivalents.
 1288 
 1289 * DefaultHttpClient,  DecompressingHttpClient, CachingHttpClient and similar classes are
 1290 deprecated in favor of builder classes that produce immutable HttpClient instances.
 1291 
 1292 * HttpClient builders now dynamically construct a request execution pipeline tailored
 1293 specifically to the user configuration by physically excluding unnecessary protocol components.
 1294 
 1295 * There is now an option to construct a minimal HttpClient implementation that can only execute
 1296 basic HTTP message exchanges without redirects, authentication, state management or proxy support.
 1297 This feature might be of particular use in web crawler development.
 1298 
 1299 * There is now option to avoid strict URI syntax for request URIs by executing HTTP requests
 1300 with an explicitly specified target host. HttpClient will no longer attempt to parse the request
 1301 URI if it does not need to extract the target host from it.
 1302 
 1303 This release also includes all fixes from the stable 4.2.x release branch.
 1304 
 1305 
 1306 Changelog
 1307 -------------------
 1308 * [HTTPCLIENT-1371] Weak ETag Validation is Useful On PUT With If-Match
 1309   Contributed by James Leigh <james at 3roundstones dot com>
 1310 
 1311 * [HTTPCLIENT-1394] Support for Native windows Negotiate/NTLM via JNA
 1312   Contributed by Ryan McKinley <ryan at apache.org>
 1313 
 1314 * [HTTPCLIENT-1384] Expose CacheInvalidator interface.
 1315   Contributed by Nicolas Richeton <nicolas.richeton at free.fr>
 1316 
 1317 * [HTTPCLIENT-1385] Fixed path normalization in CacheKeyGenerator
 1318   Contributed by James Leigh <james at 3roundstones dot com>
 1319 
 1320 * [HTTPCLIENT-1370] Response to non-GET requests should never be cached with the default
 1321   ResponseCachingPolicy
 1322   Contributed by James Leigh <james at 3roundstones dot com>
 1323 
 1324 * [HTTPCLIENT-1373] OPTIONS and TRACE should not invalidate cache
 1325   Contributed by James Leigh <james at 3roundstones dot com>
 1326 
 1327 * [HTTPCLIENT-1383] HttpClient enters an infinite loop during NTLM authentication if the opposite
 1328   endpoint keeps responding with a type 2 NTLM response after type 3 MTLM message has already been
 1329   sent by the client.
 1330   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1331 
 1332 * [HTTPCLIENT-1372] Refactor HttpMultipart, and add RFC6532 mode, so that headers in post
 1333   are no longer constrained to ASCII values.
 1334   Contributed by Karl Wright <kwright at apache.org>
 1335 
 1336 * [HTTPCLIENT-1377] User principal for non-NTLM authentication is incorrectly generated when using
 1337   user credentials are specified as NTCredentials
 1338   Contributed by Gary Gregory <ggregory at apache.org>
 1339 
 1340 
 1341 
 1342 Release 4.3 BETA2
 1343 -------------------
 1344 
 1345 This is the second BETA release of HttpClient 4.3. The most notable features and improvements
 1346 in the 4.3 branch are: Support for Java 7  try-with-resources for resource management (connection
 1347 release); fluent Builder classes for HttpEntity, HttpRequest and HttpClient instances, deprecation
 1348 of preference and configuration API based on HttpParams interface in favor of constructor injection
 1349 and plain configuration objects, reliance on object immutability instead of access synchronization
 1350 for thread safety.
 1351 
 1352 This release also includes all fixes from the stable 4.2.x release branch.
 1353 
 1354 Changelog
 1355 -------------------
 1356 
 1357 
 1358 * [HTTPCLIENT-1366] org.apache.http.client.utils.URLEncodedUtils should parse the semicolon as a query parameter separator.
 1359   Contributed by Gary Gregory <ggregory at apache.org>
 1360 
 1361 * [HTTPCLIENT-1365] NPE when ManagedHttpClientConnectionFactory.create(ConnectionConfig) is called with null.
 1362   Contributed by Gary Gregory <ggregory at apache.org>
 1363 
 1364 * [HTTPCLIENT-1362] Better error messages for connect timed out and connection refused
 1365   exceptions.
 1366   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1367 
 1368 * [HTTPCLIENT-1360] separate out DeflateInputStream as an independent class,
 1369   so it can be used by others.
 1370   Contributed by Karl Wright <kwright at apache.org>
 1371 
 1372 * [HTTPCLIENT-1359] repeated requests using the same context fail if they redirect.
 1373   Contributed by James Leigh <james at 3roundstones.com>
 1374 
 1375 * [HTTPCLIENT-1354] do not quote algorithm parameter in DIGEST auth response.
 1376   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1377 
 1378 * [HTTPCLIENT-1351] Added utility method to resolve final location from original request,
 1379   target host and a list of redirects.
 1380   Contributed by James Leigh <james at 3roundstones.com>
 1381 
 1382 * [HTTPCLIENT-1344] Userinfo credentials in URI should not default to preemptive BASIC
 1383   authentication.
 1384   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1385 
 1386 * [HTTPCLIENT-1345] Useinfo credentials ignored in redirect location header.
 1387   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1388 
 1389 * [HTTPCLIENT-1294] HttpClient to rewrite host name of the redirect location URI in order
 1390   to avoid circular redirect exception due to host name case mismatch.
 1391   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1392 
 1393 * [HTTPCLIENT-1264] Add support for multiple levels of browser compatibility
 1394   to BrowserCompatSpec and BrowserCompatSpecFactory.  Include constructor
 1395   argument for IE medium-security compatibility.
 1396   Contributed by Karl Wright (kwright at apache.org)
 1397 
 1398 * [HTTPCLIENT-1349] SSLSocketFactory incorrectly identifies key passed with keystore as
 1399   the keystore password.
 1400   Contributed by David Graff <djgraff209 at gmail.com>
 1401 
 1402 * [HTTPCLIENT-1346] Ensure propagation of SSL handshake exceptions.
 1403   Contributed by Pasi Eronen <pe at iki.fi>
 1404 
 1405 * [HTTPCLIENT-1343] SSLSocketFactory optional parameters for supported SSL protocols and cipher
 1406   suites.
 1407   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1408 
 1409 * [HTTPCLIENT-1238] Contribute Bundle Activator And Central Proxy Configuration.
 1410   Contributed by Simone Tripodi <simonetripodi at apache.org>
 1411 
 1412 * [HTTPCLIENT-1299] (regression) cache incorrectly disposes of the underlying cache resource
 1413   when storing variant entry.
 1414   Contributed by James Leigh <james at 3roundstones.com>
 1415 
 1416 * [HTTPCLIENT-1342] Redirects with underscore character in the location hostname cause
 1417   "java.lang.IllegalArgumentException: Host name may not be null".
 1418   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1419 
 1420 
 1421 
 1422 Release 4.3 BETA1
 1423 -------------------
 1424 
 1425 This is the first BETA release of HttpClient 4.3. The 4.3 branch enhances HttpClient in several
 1426 key areas and includes several notable features and improvements: Support for Java 7
 1427 try-with-resources for resource management (connection release); fluent Builder classes for
 1428 HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API
 1429 based on HttpParams interface in favor of constructor injection and plain configuration objects,
 1430 reliance on object immutability instead of access synchronization for thread safety.
 1431 
 1432 This release also includes all fixes from the stable 4.2.x release branch.
 1433 
 1434 
 1435 Changelog
 1436 -------------------
 1437 
 1438 * [HTTPCLIENT-1317] InetAddressUtils should handle IPv6 Addresses with Embedded IPv4 Addresses
 1439   Contributed Sebastian Bazley <sebb at apache.org>.
 1440 
 1441 * [HTTPCLIENT-1320] Leverage javax.net.ssl.SSLSocketFactory#getDefault() to initialize SSL context
 1442   based on system defaults instead of using an internal custom routine.
 1443   Contributed by Abe Backus <abraham at backus.com> and Oleg Kalnichevski <olegk at apache.org>
 1444 
 1445 * [HTTPCLIENT-1316] Certificate verification rejects IPv6 addresses which are not String-equal.
 1446   Contributed Sebastian Bazley <sebb at apache.org>.
 1447 
 1448 * [HTTPCLIENT-1307] Future based asynchronous request execution.
 1449   Contributed by Jilles van Gurp <jilles at jillesvangurp.com>
 1450 
 1451 * [HTTPCLIENT-1313] Fixed IllegalStateException in deprecated ThreadSafeClientConnManager.
 1452   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1453 
 1454 * [HTTPCLIENT-1298] Add AsynchronousValidator in HttpClientBuilder's list of closeable objects.
 1455   Contributed by Martin Meinhold <mmeinhold at atlassian.com>
 1456 
 1457 
 1458 
 1459 Release 4.3 ALPHA1
 1460 -------------------
 1461 
 1462 This is the first ALPHA release of HttpClient 4.3. The 4.3 branch enhances HttpClient in several
 1463 key areas and includes several notable features and improvements: Support for Java 7
 1464 try-with-resources for resource management (connection release); fluent Builder classes for
 1465 HttpEntity, HttpRequest and HttpClient instances, deprecation of preference and configuration API
 1466 based on HttpParams interface in favor of constructor injection and plain configuration objects,
 1467 reliance on object immutability instead of access synchronization for thread safety.
 1468 
 1469 We are kindly asking all upstream projects to review API changes and help us improve
 1470 the APIs by providing feedback and sharing ideas on dev@hc.apache.org.
 1471 
 1472 This release also includes all fixes from the stable 4.2.x release branch.
 1473 
 1474 Please note that new features included in this release are still considered experimental and
 1475 their API may change in the future 4.3 alpha and beta releases.
 1476 
 1477 
 1478 Changelog
 1479 -------------------
 1480 
 1481 * [HTTPCLIENT-1250] Allow query string to be ignored when determining cacheability for
 1482   HTTP 1.0 responses.
 1483   Contributed by Don Brown <mrdon at twdata.org>
 1484 
 1485 * [HTTPCLIENT-1261] Make SystemDefaultHttpClient honor http.agent system property.
 1486   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1487 
 1488 * [HTTPCLIENT-900] Don't enforce URI syntax for messages with an explicit target host.
 1489   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1490 
 1491 * [HTTPCLIENT-1190] HttpClient cache does not support "Vary: Cookie"
 1492   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1493 
 1494 * [HTTPCLIENT-1259] Calling #abort() on requests executed with DecompressingHttpClient has no
 1495   effect.
 1496   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1497 
 1498 * [HTTPCLIENT-1253] URIBuilder setParameter() method could exceed the HTTP header size.
 1499   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1500 
 1501 * [HTTPCLIENT-1216] Added method to force clean thread-local used by DateUtils.
 1502   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1503 
 1504 
 1505 Release 4.2.3
 1506 -------------------
 1507 
 1508 HttpClient 4.2.3 (GA) is a bug fix release that addresses a number of issues reported since
 1509 release 4.2.2. This release also includes a thoroughly reworked NTLM authentication engine
 1510 which should result in a better compatibility with the newest Microsoft products.
 1511 
 1512 Users of HttpClient 4.x are advised to upgrade.
 1513 
 1514 Changelog
 1515 -------------------
 1516 
 1517 * [HTTPCLIENT-1296] NPE gets thrown if you combine a default host with a virtual host
 1518   that has a -1 value for the port.
 1519   Contributed by Karl Wright <daddywri at gmail.com>
 1520 
 1521 * [HTTPCLIENT-1290] 304 cached response never reused with If-modified-since conditional
 1522   requests.
 1523   Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net>
 1524 
 1525 * [HTTPCLIENT-1291] Absolute request URIs without an explicitly specified path are rewritten
 1526   to have "/" path).
 1527   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1528 
 1529 * [HTTPCLIENT-1286] Request URI rewriting is inconsistent - URI fragments are not removed
 1530   from absolute request URIs.
 1531   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1532 
 1533 * [HTTPCLIENT-1284] HttpClient incorrectly generates Host header when physical connection
 1534   route differs from the host name specified in the request URI.
 1535   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1536 
 1537 * [HTTPCLIENT-1293] Kerberos and SPNego auth schemes use incorrect authorization header name
 1538   when authenticating with a proxy.
 1539   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1540 
 1541 * [HTTPCLIENT-1283] NTLM needs to use Locale-independent form of
 1542   toUpperCase().
 1543   Contributed by Karl Wright <DaddyWri at gmail.com>
 1544 
 1545 * [HTTPCLIENT-1279] Target host responding with status 407 (proxy authentication required)
 1546   causes an NPE.
 1547   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1548 
 1549 * [HTTPCLIENT-1281] GzipDecompressingEntity does not release InputStream when an IOException
 1550   occurs while reading the Gzip header
 1551   Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net>
 1552 
 1553 * [HTTPCLIENT-1277] Caching client sends a 304 to an unconditional request.
 1554   Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net>
 1555 
 1556 * [HTTPCLIENT-1278] Update NTLM documentation.
 1557   Contributed by Karl Wright <DaddyWri at gmail.com>
 1558 
 1559 * SystemDefaultHttpClient misinterprets 'http.keepAlive' default value and disables
 1560   connection persistence if the system property is not set. This causes connection
 1561   based authentication schemes such as NTLM to fail.
 1562 
 1563 * [HTTPCLIENT-1276] cache update on a 304 response causes NPE.
 1564   Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net>
 1565 
 1566 * [HTTPCLIENT-1273] DecompressingHttpClient does not automatically consume response
 1567   content in case of an i/o, HTTP or runtime exception thrown by the decompressing
 1568   protocol interceptor leading to a potential connection leak.
 1569   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1570 
 1571 * [HTTPCLIENT-1268] NTLM engine refactor fix, to correct a buffer overrun, and get NTLMv2
 1572   flags right.
 1573   Contributed by Karl Wright <DaddyWri at gmail.com>
 1574 
 1575 * [HTTPCLIENT-1266] NTLM engine refactoring and compatibility improvements.
 1576   Contributed by Karl Wright <DaddyWri at gmail.com>
 1577 
 1578 * [HTTPCLIENT-1263] BrowserCompatSpec: attribute values containing spaces or special characters
 1579   should be enclosed with quotes marks for version 1 cookies.
 1580   Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net>
 1581 
 1582 * [HTTPCLIENT-1263] CachingHttpClient fails to release connections back to the connection
 1583   manager for some type of HTTP response messages when used together with DecompressingHttpClient.
 1584   Contributed by Francois-Xavier Bonnet <francois-xavier.bonnet at centraliens.net>
 1585 
 1586 * [HTTPCLIENT-1258] Fixed NullPointerException in NTLMEngineImpl caused by null NT domain
 1587   attribute.
 1588   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1589 
 1590 * [HTTPCLIENT-1254] Redirect with underscore in hostname causes ProtocolException.
 1591   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1592 
 1593 * [HTTPCLIENT-1255] AbstractVerifier incorrectly parses certificate CN containing wildcard.
 1594   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1595 
 1596 
 1597 
 1598 Release 4.2.2
 1599 -------------------
 1600 
 1601 HttpClient 4.2.2 (GA) is a bug fix release that addresses a number of issues reported since
 1602 release 4.2.1.
 1603 
 1604 Users of HttpClient 4.2 are advised to upgrade.
 1605 
 1606 Changelog
 1607 -------------------
 1608 
 1609 * [HTTPCLIENT-1248] Default and lax redirect strategies should not convert requests redirected
 1610   with 307 status to GET method.
 1611   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1612 
 1613 * [HTTPCLIENT-1215] BasicAuthCache does not take default ports into consideration when
 1614   looking up cached authentication details by HttpHost key.
 1615   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1616 
 1617 * [HTTPCLIENT-1241] (regression) Preemptive BASIC authentication failure should be considered
 1618   final and no further attempts to re-authenticate using the same credentials should be made.
 1619   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1620 
 1621 * [HTTPCLIENT-1229] Fixed NPE in BasicClientConnectionManager that can be triggered by releasing
 1622   connection after the connection manager has already been shut down.
 1623   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1624 
 1625 * [HTTPCLIENT-1227] Date parsing in DateUtils made more efficient.
 1626   Contributed by Patrick Linskey <pcl at apache.org>
 1627 
 1628 * [HTTPCLIENT-1224] (regression) NTLM auth not retried after a redirect over a non-persistent
 1629   connection.
 1630   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1631 
 1632 * [HTTPCLIENT-1223] Cache could be more aggressive on cache invalidations
 1633   from Content-Location. Contributed by Jon Moore <jonm at apache.org>.
 1634   Contributed by Jon Moore <jonm at apache.org>
 1635 
 1636 * [HTTPCLIENT-1217] AutoRetryHttpClient does not release connection used by the previous response
 1637   when request is retried
 1638   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1639 
 1640 
 1641 
 1642 Release 4.2.1
 1643 -------------------
 1644 
 1645 HttpClient 4.2.1 (GA) is a bug fix release that addresses a number of issues reported since
 1646 release 4.2.
 1647 
 1648 Users of HttpClient 4.2 are advised to upgrade.
 1649 
 1650 Changelog
 1651 -------------------
 1652 
 1653 * [HTTPCLIENT-1209] Redirect URIs are now normalized.
 1654   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1655 
 1656 * [HTTPCLIENT-1202] ResponseCachingPolicy should honor explicit cache-control
 1657   directives for other status codes
 1658   Contributed by Jon Moore <jonm at apache.org>
 1659 
 1660 * [HTTPCLIENT-1199] DecompressingHttpClient strips content from entity enclosing requests
 1661   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1662 
 1663 * [HTTPCLIENT-1198] HttpHost is not set in HttpContext in CachingHttpClient.
 1664   Contributed by Jon Moore <jonm at apache.org>
 1665 
 1666 * [HTTPCLIENT-1200] DecompressingHttpClient fails to generate correct HttpHost context attribute.
 1667   Contributed by Guillaume Castagnino <casta+jira at xwing.info>
 1668 
 1669 * [HTTPCLIENT-1192] URIBuilder encodes query parameters twice.
 1670   Contributed by Oleg Kalnichevski <olegk at apache.org> and Sebastian Bazley <sebb at apache.org>.
 1671 
 1672 * [HTTPCLIENT-1196] Fixed NPE in UrlEncodedFormEntity constructor thrown if charset is null.
 1673   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1674 
 1675 * [HTTPCLIENT-1193] Fixed regression in the route tracking logic of the default connection manager
 1676   causing cross-site redirect failures.
 1677   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1678 
 1679 Release 4.2
 1680 -------------------
 1681 
 1682 This is the first stable (GA) release of HttpClient 4.2. The most notable enhancements included
 1683 in this release are:
 1684 
 1685 * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes
 1686   only the most fundamental functions of HttpClient and is intended for relatively simple use cases
 1687   that do not require the full flexibility of HttpClient. However, the fluent API almost fully
 1688   relieves the users from having to deal with connection management and resource deallocation.
 1689 
 1690 * Redesigned and rewritten connection management code.
 1691 
 1692 * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication
 1693   scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges
 1694   and retry authentication with a fall-back scheme in case the primary one fails. This can be
 1695   important for compatibility with Microsoft products that are often configured to use
 1696   SPNEGO/Kerberos as the preferred authentication scheme.
 1697 
 1698 
 1699 Changelog
 1700 -------------------
 1701 
 1702 * [HTTPCLIENT-1187] If a revalidation response is deemed too old CachingHttpClient fails to
 1703   consume its content resulting in a connection leak.
 1704   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1705 
 1706 * [HTTPCLIENT-1186] State of newly created connections in the connection pool is not always
 1707   correctly updated potentially allowing those connections to be leased to users with a different
 1708   security context.
 1709   Contributed by Ralf Poehlmann <rpn at methodpark.de>
 1710 
 1711 * [HTTPCLIENT-1179] Upgraded Commons Codec dependency to version 1.6
 1712   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1713 
 1714 * [HTTPCLIENT-1177] always remove fragments from request URIs
 1715   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1716 
 1717 Incompatible changes
 1718 --------------------
 1719 [Compared to release version 4.1.3]
 1720 
 1721 The following fields have been deprecated for some time now and have been deleted:
 1722 
 1723 org.apache.http.client.params.ClientPNames#CONNECTION_MANAGER_FACTORY
 1724 org.apache.http.impl.cookie.BrowserCompatSpec#DATE_PATTERNS
 1725 
 1726 The following methods have been deprecated for some time now and have been deleted:
 1727 
 1728 org.apache.http.client.params.ClientParamBean#setConnectionManagerFactory(org.apache.http.conn.ClientConnectionManagerFactory)
 1729 org.apache.http.client.protocol.ClientContextConfigurer#setAuthSchemePref(java.util.List)
 1730 org.apache.http.entity.mime.content.FileBody#writeTo(java.io.OutputStream, int)
 1731 org.apache.http.entity.mime.content.InputStreamBody#writeTo(java.io.OutputStream, int)
 1732 org.apache.http.entity.mime.content.StringBody#writeTo(java.io.OutputStream, int)
 1733 
 1734 The following classes have been deprecated for some while now and have been deleted:
 1735 
 1736 org.apache.http.impl.conn.tsccm.RefQueueHandler
 1737 org.apache.http.impl.conn.tsccm.AbstractConnPool no longer implements interface org.apache.http.impl.conn.tsccm.RefQueueHandler
 1738 org.apache.http.impl.conn.tsccm.ConnPoolByRoute no longer implements interface org.apache.http.impl.conn.tsccm.RefQueueHandler
 1739 org.apache.http.impl.conn.tsccm.RefQueueWorker
 1740 
 1741 
 1742 
 1743 Release 4.2 BETA1
 1744 -------------------
 1745 
 1746 This is the first BETA release of HttpClient 4.2. This release completes development of several
 1747 notable enhancements in HttpClient:
 1748 
 1749 * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes
 1750   only the most fundamental functions of HttpClient and is intended for relatively simple use cases
 1751   that do not require the full flexibility of HttpClient. However, the fluent API almost fully
 1752   relieves the users from having to deal with connection management and resource deallocation.
 1753 
 1754 * Redesigned and rewritten connection management code. As of release 4.2 HttpClient will be using
 1755   pooling connection manager per default.
 1756 
 1757 * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication
 1758   scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges
 1759   and retry authentication with a fall-back scheme in case the primary one fails. This can be
 1760   important for compatibility with Microsoft products that are often configured to use
 1761   SPNEGO/Kerberos as the preferred authentication scheme.
 1762 
 1763 
 1764 Changelog
 1765 -------------------
 1766 
 1767 * [HTTPCLIENT-1164] Compressed entities are not being cached properly.
 1768   Contributed by Jon Moore <jonm at apache dot org>.
 1769 
 1770 * [HTTPCLIENT-1154] MemcachedHttpCacheStorage should allow client to
 1771   specify custom prefix string for keys.
 1772   Contributed by Jon Moore <jonm at apache dot org>.
 1773 
 1774 * [HTTPCLIENT-1153] MemcachedHttpCacheStorage uses URL as cache key;
 1775   shouldn't due to fixed maximum-length memcached keys.
 1776   Contributed by Jon Moore <jonm at apache dot org>.
 1777 
 1778 * [HTTPCLIENT-1157] MemcachedHttpCacheStroage should throw IOExceptions
 1779   instead of RuntimeExceptions.
 1780   Contributed by James Miller <jamesmiller01 at gmail dot com>.
 1781 
 1782 * [HTTPCLIENT-1152] MemcachedHttpCacheStorage should verify class of
 1783   returned object before casting.
 1784   Contributed by Rajika Kumarasiri <rajika at wso2 dot com>.
 1785 
 1786 * [HTTPCLIENT-1155] CachingHttpClient fails to ensure that the response content gets fully consumed
 1787   when using a ResponseHandler, which can potentially lead to connection leaks.
 1788   Contributed by James Miller <jamesmiller01 at gmail dot com>
 1789 
 1790 * [HTTPCLIENT-1147] When HttpClient-Cache cannot open cache file, should act like miss.
 1791   Contributed by Joe Campbell <joseph.r.campbell at gmail.com>
 1792 
 1793 * [HTTPCLIENT-1137] Values for the Via header are cached and reused by httpclient-cache.
 1794   Contributed by Alin Vasile <alinachegalati at yahoo dot com>
 1795 
 1796 * [HTTPCLIENT-1142] Infinite loop on NTLM authentication failure.
 1797   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1798 
 1799 * [HTTPCLIENT-1143] CachingHttpClient leaks connections with stale-if-error.
 1800   Contributed by James Miller <jamesmiller01 at gmail dot com>
 1801 
 1802 Release 4.2 ALPHA1
 1803 -------------------
 1804 
 1805 This is the first ALPHA release of HttpClient 4.2. The 4.2 branch enhances HttpClient in several
 1806 key areas and includes several notable features and improvements:
 1807 
 1808 * New facade API for HttpClient based on the concept of a fluent interface. The fluent API exposes
 1809   only the most fundamental functions of HttpClient and is intended for relatively simple use cases
 1810   that do not require the full flexibility of HttpClient. However, the fluent API almost fully
 1811   relieves the users from having to deal with connection management and resource deallocation.
 1812 
 1813 * Redesigned and rewritten connection management code. As of release 4.2 HttpClient will be using
 1814   pooling connection manager per default.
 1815 
 1816 * Enhanced HTTP authentication API that enables HttpClient to handle more complex authentication
 1817   scenarios. HttpClient 4.2 is now capable of making use of multiple authentication challenges
 1818   and retry authentication with a fall-back scheme in case the primary one fails. This can be
 1819   important for compatibility with Microsoft products that are often configured to use
 1820   SPNEGO/Kerberos as the preferred authentication scheme.
 1821 
 1822 Please note that new features included in this release are still considered experimental and
 1823 their API may change in the future ALPHA releases.
 1824 
 1825 Changelog
 1826 -------------------
 1827 
 1828 * [HTTPCLIENT-1128] SystemDefaultHttpClient (HttpClient implementation initialized using system
 1829   properties).
 1830   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1831 
 1832 * [HTTPCLIENT-1135] RandomAccessFile mode 'w' used by HttpClientCache is not valid.
 1833   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1834 
 1835 * [HTTPCLIENT-1131] HttpClient to authenticate preemptively using BASIC scheme if a userinfo
 1836   attribute is specified in the request URI.
 1837   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1838 
 1839 * [HTTPCLIENT-1134] make BasicResponseHandler consume response content in case of an unsuccessful
 1840   result (status code >= 300).
 1841   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1842 
 1843 * [HTTPCLIENT-1132] ProxyClient implementation.
 1844   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1845 
 1846 * [HTTPCLIENT-1127] fixed dead-lock between SingleClientConnManager and AbstractPooledConnAdapter.
 1847   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1848 
 1849 * [HTTPCLIENT-1107] Auth framework redesign.
 1850   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1851 
 1852 * [HTTPCLIENT-1116] ResponseCachingPolicy uses integers for sizes
 1853   Contributed by Greg Bowyer <gbowyer at fastmail.co.uk >
 1854 
 1855 * [HTTPCLIENT-1123] Support for pluggable DNS resolvers.
 1856   Contributed by Alin Vasile <alinachegalati at yahoo dot com>
 1857 
 1858 * [HTTPCLIENT-1120] DefaultHttpRequestRetryHandler#retryRequest should not retry aborted requests.
 1859   Contributed by Alin Vasile <alinachegalati at yahoo dot com>
 1860 
 1861 * Support for auth-int qop (quality of protection) option in Digest auth scheme.
 1862   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1863 
 1864 * [HTTPCLIENT-1076] Fluent facade API (Google summer of code 2011 project).
 1865   Contributed by Xu Lilu <cookieme at gmail.com>
 1866 
 1867 * UriBuilder implementation.
 1868   Contributed by Xu Lilu <cookieme at gmail.com>
 1869 
 1870 * Redesign of connection management classes based on new pooling components from HttpCore.
 1871   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1872 
 1873 * [HTTPCLIENT-1111] Added #prepareSocket method to SSLSocketFactory.
 1874   Contributed by Pasi Eronen <pe at iki.fi>
 1875 
 1876 * Added #reset() and #releaseConnection() methods to HttpRequestBase.
 1877   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1878 
 1879 * [HTTPCLIENT-1105] AutoRetryHttpClient: built-in way to do auto-retry for certain status codes.
 1880   Contributed by Dan Checkoway <dcheckoway at gmail.com>
 1881 
 1882 * [HTTPCLIENT-1094] Digest auth scheme refactoring.
 1883   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1884 
 1885 * Lax implementation of RedirectStrategy.
 1886   Contributed by Bartosz Firyn <songo.bercik at interia.pl>
 1887 
 1888 * [HTTPCLIENT-1044] HttpRequestRetryHandler implementation compliant with the definition of
 1889   idempotent methods given in the RFC 2616.
 1890   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1891 
 1892 
 1893 Release 4.1.2
 1894 -------------------
 1895 
 1896 The HttpClient 4.1.2 is a bug fix release that addresses a number of non-critical issues reported
 1897 since release 4.1.1.
 1898 
 1899 * [HTTPCLIENT-1100] Missing Content-Length header makes cached entry invalid
 1900   Contributed by Bart Robeyns <bart dot robeyns at gmail dot com>
 1901 
 1902 * [HTTPCLIENT-1098] Avoid expensive reverse DNS lookup on connect timeout exception.
 1903   Contributed by Thomas Boettcher <tboett at gmail.com>
 1904 
 1905 * [HTTPCLIENT-1097] BrowserCompatHostnameVerifier and StrictHostnameVerifier should handle
 1906   wildcards in SSL certificates better.
 1907   Contributed by Sebastian Bazley <sebb at apache.org>
 1908 
 1909 * [HTTPCLIENT-1092] If ClientPNames.VIRTUAL_HOST does not provide the port, derive it from the
 1910   current request.
 1911   Contributed by Sebastian Bazley <sebb at apache.org>
 1912 
 1913 * [HTTPCLIENT-1087] NTLM proxy authentication fails on retry if the underlying connection is closed
 1914   as a result of a target authentication failure.
 1915   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1916 
 1917 * [HTTPCLIENT-1079] Fixed Kerberos cross-realm support
 1918   Contributed by Michael Osipov <1983-01-06 at gmx.net>
 1919 
 1920 * [HTTPCLIENT-1078] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity)
 1921   do not close content stream in #writeTo() method.
 1922   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1923 
 1924 * [HTTPCLIENT-1075] Decompressing entities (DeflateDecompressingEntity, GzipDecompressingEntity)
 1925   do not correctly handle content streaming.
 1926   Contributed by James Abley <james.abley at gmail.com>
 1927 
 1928 * [HTTPCLIENT-1051] Avoid reverse DNS lookups when opening SSL connections by IP address.
 1929   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1930 
 1931 
 1932 Release 4.1.1
 1933 -------------------
 1934 
 1935 HttpClient v4.1.1 is a bug fix release that addresses a number of issues reported since
 1936 release 4.1, including one critical security issue (HTTPCLIENT-1061). All users of HttpClient 4.0.x
 1937 and 4.1 are strongly encouraged to upgrade.
 1938 
 1939 * [HTTPCLIENT-1069] HttpHostConnectException not correctly retried for direct and non-tunnelled
 1940   proxy connections.
 1941   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1942 
 1943 * [HTTPCLIENT-1066] Changed the way URIUtils#rewriteURI handles multiple consecutive slashes in the
 1944   URI path component: multiple leading slashes will be replaced by one slash in order to avoid
 1945   confusion with the authority component. The remaining content of the path will not be modified.
 1946   (also see HTTPCLIENT-929).
 1947   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1948 
 1949 * [HTTPCLIENT-1061] Fixed critical bug causing Proxy-Authorization header to be sent to the target
 1950   host when tunneling requests through a proxy server that requires authentication.
 1951   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1952 
 1953 * [HTTPCLIENT-1056] Fixed bug causing the RequestAuthCache protocol interceptor to generate
 1954   an invalid AuthScope instance when looking up user credentials for preemptive authentication.
 1955   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1956 
 1957 * [HTTPCLIENT-1053] Fixed the way DigestScheme generates nonce-count values.
 1958   Contributed by Oleg Kalnichevski <olegk at apache.org>
 1959 
 1960 
 1961 Release 4.1
 1962 -------------------
 1963 
 1964 The HttpClient 4.1 release builds upon the stable foundation laid by HttpClient 4.0 and adds several
 1965 functional improvements and popular features.
 1966 
 1967 * Response caching conditionally compliant with HTTP/1.1 specification (full compliance with
 1968   MUST requirements, partial compliance with SHOULD requirements)
 1969 
 1970 * Full support for NTLMv1, NTLMv2, and NTLM2 Session authentication. The NTLM protocol code
 1971   was kindly contributed by the Lucene Connector Framework project.
 1972 
 1973 * Support for SPNEGO/Kerberos authentication.
 1974 
 1975 * Persistence of authentication data between request executions within the same execution context.
 1976 
 1977 * Support for preemptive authentication for BASIC and DIGEST schemes.
 1978 
 1979 * Support for transparent content encoding. Please note transparent content encoding is not
 1980   enabled per default in order to avoid conflicts with already existing custom content encoding
 1981   solutions.
 1982 
 1983 * Mechanism to bypass the standard certificate trust verification (useful when dealing with
 1984   self-signed certificates).
 1985 
 1986 * Simplified configuration for connection managers.
 1987 
 1988 * Transparent support for host multihoming.
 1989 
 1990 IMPORTANT: please note that the HttpClient 3.x branch is now officially END OF LIFE and is no longer
 1991 maintained and supported by the Apache HttpComponents project.
 1992 
 1993 Changelog
 1994 -------------------
 1995 * The public API for the caching module had a minor change between 4.1-beta and 4.1-GA to the
 1996   HttpCacheEntry class - the deprecated public Set<String> getVariantURIs() method and constructor
 1997   public HttpCacheEntry(Date requestDate, Date responseDate,
 1998             StatusLine statusLine, Header[] responseHeaders,
 1999             Resource resource, Set<String> variants)
 2000   were both removed.  This will not affect you unless you are implementing new storage backends
 2001   that use the deprecated code and/or are implementing custom serializers for cache entries.
 2002 
 2003 * Changed Browser-Compatibility and Best-Match cookie policies to emulate the behaviour of FireFox
 2004   more closely when parsing Netscape style cookies. Comma will no longer be treated as a header
 2005   element separator if Set-Cookie does not contain a Version attribute mandated by the
 2006   RFC2109 / RFC 2965 cookie specifications.
 2007   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2008 
 2009 * [HTTPCLIENT-1036] StringBody has incorrect default for characterset. (Default changed
 2010   to US-ASCII)
 2011   Contributed by Sebastian Bazley <sebb at apache.org>
 2012 
 2013 * [HTTPCLIENT-975] Support stale-if-error and stale-while-revalidate extension directive (RFC5861).
 2014   Contributed by Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com>,
 2015   Michajlo Matijkiw <michajlo_matijkiw at comcast.com>, and
 2016   Matthew Hawthorne <matthew_hawthorne at comcast.com>.
 2017 
 2018 * [HTTPCLIENT-1033] HttpRoute.equals(Object o) is quite inefficient, as it does not take full
 2019   advantage of shortcut logic.
 2020   Contributed by Sebastian Bazley <sebb at apache.org>
 2021 
 2022 * [HTTPCLIENT-1030] Implement "ignoreCookies" CookieSpec
 2023   Contributed by Sebastian Bazley <sebb at apache.org>
 2024 
 2025 Release 4.1 BETA1
 2026 -------------------
 2027 
 2028 HttpClient 4.1 BETA1 finalizes the 4.1 API and brings a number of major improvements to the HTTP
 2029 caching module. This release also adds full support for NTLMv1, NTLMv2, and NTLM2 Session
 2030 authentication. The NTLM protocol code was kindly contributed by the Lucene Connector Framework
 2031 project.
 2032 
 2033 Changelog
 2034 -------------------
 2035 * [HTTPCLIENT-1015] Support only-if-cached directive.
 2036   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com>
 2037 
 2038 * [HTTPCLIENT-990] Allow heuristic freshness caching.
 2039   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com>
 2040 
 2041 * [HTTPCLIENT-919] Support for NTLMv1, NTLMv2, and NTLM2 Session authentication.
 2042   Contributed by Karl Wright <karl.wright at nokia.com>
 2043 
 2044 * [HTTPCLIENT-1008] Send all variants' ETags on "variant miss".
 2045   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> and
 2046   Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com>
 2047 
 2048 * [HTTPCLIENT-1011] Handling of IOExceptions thrown by cache components.
 2049   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2050 
 2051 * [HTTPCLIENT-1003] Handle conditional requests in cache.
 2052   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com> and
 2053   Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com>
 2054 
 2055 * [HTTPCLIENT-1002] Stale connection check fails if wire logging is on.
 2056   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2057 
 2058 * [HTTPCLIENT-1000] Maximum connection lifetimes settings for ThreadSafeClientConnManager.
 2059   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com>
 2060 
 2061 * [HTTPCLIENT-960] HttpMultipart doesn't generate Content-Type header for binary parts in
 2062   BROWSER_COMPATIBLE mode.
 2063   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2064 
 2065 * [HTTPCLIENT-998] Cache should use both Last-Modified and ETag for validations when available.
 2066   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2067 
 2068 * [HTTPCLIENT-997] Cache module should handle out-of-order validations properly and unconditionally
 2069   refresh.
 2070   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2071 
 2072 * [HTTPCLIENT-994] Cache does not allow client to override origin-specified freshness using
 2073   max-stale.
 2074   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2075 
 2076 * [HTTPCLIENT-995] Cache returns cached responses even if validators not consistent with all
 2077   conditional headers.
 2078   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2079 
 2080 * [HTTPCLIENT-977] Memcached implementation for HttpCache.
 2081   Contributed by Mohammed Azeem Uddin <mohammedazeem_uddin at comcast.com>
 2082 
 2083 * [HTTPCLIENT-992] cache should not generate stale responses to requests explicitly requesting
 2084   first-hand or fresh ones.
 2085   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2086 
 2087 * [HTTPCLIENT-991] cache module produces improperly formatted Warning header when revalidation
 2088   fails.
 2089   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2090 
 2091 * [HTTPCLIENT-989] DefaultHttpRequestRetryHandler no longer retries non-idempotent http methods
 2092   if NoHttpResponseException is thrown.
 2093   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2094 
 2095 * [HTTPCLIENT-988] Cache module should strip 'Content-Encoding: identity' from responses
 2096   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2097 
 2098 * [HTTPCLIENT-987] cache module does not recognize equivalent URIs.
 2099   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2100 
 2101 * [HTTPCLIENT-986] cache module does not completely handle upstream Warning headers correctly
 2102   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2103 
 2104 * [HTTPCLIENT-985] cache module should populate Via header to capture upstream and downstream protocols
 2105   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2106 
 2107 * [HTTPCLIENT-984] Additional conditional compliance tests for the caching module for
 2108   Content-Encoding, Content-Location, Date, Expires, Server, Transfer-Encoding, and Vary headers.
 2109   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2110 
 2111 * [HTTPCLIENT-978] HTTP cache update exception handling
 2112   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com>
 2113 
 2114 * [HTTPCLIENT-981] CachingHttpClient returns a 411 respones when executing a POST (HttpPost)
 2115   request.
 2116   Contributed by Joe Campbell <joseph.r.campbell at gmail.com>
 2117 
 2118 * [HTTPCLIENT-980] CachingHttpClient returns a 503 response when the backend HttpClient produces
 2119   an IOException.
 2120   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2121 
 2122 * [HTTPCLIENT-978] Ehcache based HTTP cache implementation
 2123   Contributed by Michajlo Matijkiw <michajlo_matijkiw at comcast.com>
 2124 
 2125 * [HTTPCLIENT-967] support for non-shared (private) caches
 2126   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2127 
 2128 * [HTTPCLIENT-969] BasicCookieStore#getCookies() to return a copy of Cookie list
 2129   Contributed by David Smiley <dsmiley at mitre.org>
 2130 
 2131 * [HTTPCLIENT-965] Fixed problem with cache not honoring must-revalidate or
 2132   proxy-revalidate Cache-Control directives.
 2133   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2134 
 2135 * [HTTPCLIENT-964] 'no-cache' directives with field names are no longer transmitted
 2136   downstream.
 2137   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2138 
 2139 * [HTTPCLIENT-963] Fixed handling of 'Cache-Control: no-store' on requests.
 2140   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2141 
 2142 * [HTTPCLIENT-962] Fixed handling of Authorization headers in shared cache mode.
 2143   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2144 
 2145 * [HTTPCLIENT-961] Not all applicable URIs are invalidated on PUT/POST/DELETEs
 2146   that pass through client cache.
 2147   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2148 
 2149 * [HTTPCLIENT-958] Client cache no longer allows incomplete responses to be
 2150   passed on to the client.
 2151   Contributed by Jonathan Moore <jonathan_moore at comcast.com>
 2152 
 2153 * [HTTPCLIENT-951] Non-repeatable entity enclosing requests are not correctly
 2154   retried when 'expect-continue' handshake is active.
 2155   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2156 
 2157 * [HTTPCLIENT-948] In rare circumstances the idle connection handling code
 2158   can leave closed connections in a inconsistent state.
 2159   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2160 
 2161 * [HTTPCLIENT-953] IllegalStateException thrown by RouteSpecificPool.
 2162   Contributed by Guillaume <gueugaie at gmail.com>
 2163 
 2164 * [HTTPCLIENT-952] Trust store parameter is ignored by SSLSocketFactory
 2165   (affects version 4.1-alpha2 only)
 2166   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2167 
 2168 * [HTTPCLIENT-937] CacheEntry made immutable; now uses immutable HttpEntity
 2169   to store cached content.
 2170   Contributed by David Mays <david_mays at comcast.com> and
 2171   Oleg Kalnichevski <olegk at apache.org>
 2172 
 2173 Release 4.1 ALPHA2
 2174 -------------------
 2175 
 2176 HttpClient 4.1 ALPHA2 fixes a number of non-severe bugs discovered since
 2177 the last release and introduces support for two frequently requested features:
 2178 
 2179 * HTTP/1.1 response caching
 2180 
 2181 * transparent support for host multihoming
 2182 
 2183 * a mechanism to bypass the standard certificate trust verification
 2184 (useful when dealing with self-signed certificates)
 2185 
 2186 Compatibility notes
 2187 -------------------
 2188 (1) Please note the HTTP caching module is still considered experimental and
 2189 its API may change significantly in the future releases.
 2190 
 2191 (2) This release eliminates Mime4J as a dependency for the HttpMime module.
 2192 HttpMime is no longer binary compatible with the previous releases.
 2193 Full API and binary compatibility between minor versions of HttpMime will be
 2194 maintained as of 4.1 GA release.
 2195 
 2196 Changelog
 2197 -------------------
 2198 
 2199 * [HTTPCLIENT-936] Fixed bug causing NPE or an infinite loop in
 2200   the authentication code in case of a SPNEGO authentication failure.
 2201   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2202 
 2203 * [HTTPCLIENT-427] HTTP caching support
 2204   Contributed by Joe Campbell, David Cleaver, David Mays, Jon Moore, Brad Spenla
 2205 
 2206 * Dropped dependency on Mime4j for HttpMime.
 2207   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2208 
 2209 * Extended SSLSocketFactory with a mechanism to bypass the standard certificate
 2210   trust verification (primarily to simplify dealing with self-signed
 2211   certificates)
 2212   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2213 
 2214 * [HTTPCLIENT-898] Improved support for host multihoming
 2215   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2216 
 2217 * [HTTPCLIENT-916] UsernamePasswordCredentials, NTUserPrincipal,
 2218   BasicClientCookie, BasicClientCookie2 and BasicCookieStore made Serializable.
 2219   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2220 
 2221 * [HTTPCLIENT-914] Upgraded Commons Codec dependency to version 1.4
 2222   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2223 
 2224 * [HTTPCLIENT-903] Use ConcurrentHashMap instead of [Linked]HashMap for
 2225   thread-safety. Improve performance of AuthSchemeRegistry, CookieSpecRegistry
 2226   and SchemeRegistry classes.
 2227   Contributed by Sebastian Bazley <sebb at apache.org>
 2228 
 2229 * [HTTPCLIENT-902] HttpRequestRetryHandler not called on I/O exceptions
 2230   thrown when opening a new connection.
 2231   Contributed by Olivier Lamy <olamy at apache.org> and
 2232   Oleg Kalnichevski <olegk at apache.org>
 2233 
 2234 Release 4.1 ALPHA1
 2235 -------------------
 2236 
 2237 HttpClient 4.1 ALPHA1 builds on the stable 4.0 release and adds several
 2238 functionality improvements and new features.
 2239 
 2240 * Simplified configuration of connection managers.
 2241 
 2242 * Persistence of authentication data between request executions within
 2243   the same execution context.
 2244 
 2245 * Support for SPNEGO/Kerberos authentication scheme
 2246 
 2247 * Support for transparent content encoding. Please note transparent content
 2248   encoding is not enabled per default in order to avoid conflicts with
 2249   already existing custom content encoding solutions.
 2250 
 2251 * 5 to 10% performance increase due to elimination of unnecessary Log object
 2252   lookups by short-lived components.
 2253 
 2254 Please note all methods and classes added in this release and marked as
 2255 4.1 are API unstable and can change in the future 4.1 ALPHA releases.
 2256 
 2257 Changelog
 2258 -------------------
 2259 
 2260 * [HTTPCLIENT-889] 'expect: continue' handshake disabled per default.
 2261   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2262 
 2263 * [HTTPCLIENT-862] Extended client's redirect handling interface to allow
 2264   control of the content of the redirect.
 2265   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2266 
 2267 * [HTTPCLIENT-872] HttpClient can now persist authentication data between request
 2268   executions as long as they share the same execution context. It has also become
 2269   much easier to make HttpClient authenticate preemptively by pre-populating
 2270   authentication data cache.
 2271   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2272 
 2273 * [HTTPCLIENT-883] SO_TIMEOUT is not reset on persistent (re-used) connections.
 2274   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2275 
 2276 * [HTTPCLIENT-832] Distinguish cookie format errors from violations of
 2277   restrictions imposed by a cookie specification. In the latter case
 2278   CookieRestrictionViolationException will be thrown.
 2279   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2280 
 2281 * [HTTPCLIENT-523] Support for SPNEGO authentication scheme.
 2282   Contributed by Matthew Stevenson <mavricknzwork at yahoo.com>
 2283 
 2284 * Simplified configuration of connection managers. Total connection maximum
 2285   and maximum connection per route limits can be set using methods of
 2286   the class instead of HTTP parameters.
 2287   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2288 
 2289 * Added parameters to define the order of preference for supported auth
 2290   schemes for target host and proxy authentication.
 2291   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2292 
 2293 * [HTTPCLIENT-875] DefaultClientConnectionOperator#openConnection doesn't
 2294   update the connection state if the connection socket changed after
 2295   the call to SocketFactory#connectSocket().
 2296   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2297 
 2298 * [HTTPCLIENT-834] Transparent content encoding support.
 2299   Contributed by James Abley <james.abley at gmail.com>
 2300 
 2301 Release 4.0.1
 2302 -------------------
 2303 
 2304 This is a bug fix release that addresses a number of issues discovered since
 2305 the previous stable release. None of the fixed bugs is considered critical.
 2306 Most notably this release eliminates eliminates dependency on JCIP annotations.
 2307 
 2308 This release is also expected to improve performance by 5 to 10% due to
 2309 elimination of unnecessary Log object lookups by short-lived components.
 2310 
 2311 Changelog
 2312 -------------------
 2313 
 2314 * [HTTPCLIENT-895] Eliminated Log lookups in short lived objects impairing
 2315   performance.
 2316   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2317 
 2318 * [HTTPCLIENT-885] URLEncodedUtils now correctly parses form-url-encoded
 2319   entities that specify a charset.
 2320   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2321 
 2322 * [HTTPCLIENT-884] UrlEncodedFormEntity now sets charset on the Content-Type
 2323   header.
 2324   Contributed by Jared Jacobs <jmjacobs at cs.stanford.edu>
 2325 
 2326 * [HTTPCLIENT-883] SO_TIMEOUT is not reset on persistent (re-used) connections.
 2327   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2328 
 2329 * [HTTPCLIENT-882] Auth state is now correctly updated if a successful NTLM
 2330   authentication results in a redirect. This is a minor bug as HttpClient
 2331   manages to recover from the problem automatically.
 2332   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2333 
 2334 * [HTTPCLIENT-881] Fixed race condition in AbstractClientConnAdapter that makes
 2335   it possible for an aborted connection to be returned to the pool.
 2336   Contributed by Tim Boemker <tboemker at elynx.com> and
 2337   Oleg Kalnichevski <olegk at apache.org>
 2338 
 2339 * [HTTPCLIENT-866] Removed dependency on jcip-annotations.jar.
 2340   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2341   and Sebastian Bazley <sebb at apache.org>
 2342 
 2343 
 2344 Release 4.0
 2345 -------------------
 2346 
 2347 HttpClient 4.0 represents a complete, ground-up redesign and almost a complete
 2348 rewrite of the HttpClient 3.x codeline. This release finally addresses several
 2349 design flaws that existed since the 1.0 release and could not be fixed without
 2350 a major code overhaul and breaking API compatibility.
 2351 
 2352 
 2353 Architectural changes
 2354 ---------------------
 2355 
 2356 * Redesign of the HttpClient internals addressing all known major
 2357   architectural shortcomings of the 3.x codeline.
 2358 
 2359 * Cleaner, more flexible and expressive API.
 2360 
 2361 * More modular structure.
 2362 
 2363 * Better performance and smaller memory footprint due to a more efficient HTTP
 2364   transport based on HttpCore.
 2365 
 2366 * Implementation of cross-cutting HTTP protocol aspects through protocol
 2367   interceptors.
 2368 
 2369 * Improved connection management, better handling of persistent connections,
 2370   support for stateful connections
 2371 
 2372 * Pluggable redirect and authentication handlers.
 2373 
 2374 * Improved support for sending requests via a proxy or a chain of proxies
 2375 
 2376 * More flexible SSL context customization
 2377 
 2378 * Reduced intermediate garbage in the process of generating HTTP requests
 2379   and parsing HTTP responses
 2380 
 2381 
 2382 Important notes
 2383 -------------------
 2384 
 2385 * Future releases of HttpMime module may be binary incompatible with this
 2386   release due to possible API changes in Apache Mime4J. Apache Mime4J is
 2387   still being actively developed and its API is considered unstable.
 2388 
 2389 * HttpClient 4.0 is not fully binary compatible with 4.0 BETA1 release.
 2390   Some protected variables in connection management class have been
 2391   made final in order to help ensure their thread safety:
 2392 
 2393     org.apache.http.conn.BasicEofSensorWatcher#attemptReuse
 2394     org.apache.http.conn.BasicEofSensorWatcher#managedConn
 2395     org.apache.http.impl.conn.DefaultClientConnectionOperator#schemeRegistry
 2396     org.apache.http.impl.conn.DefaultHttpRoutePlanner#schemeRegistry
 2397     org.apache.http.impl.conn.ProxySelectorRoutePlanner#schemeRegistry
 2398     org.apache.http.impl.conn.SingleClientConnManager#alwaysShutDown
 2399     org.apache.http.impl.conn.SingleClientConnManager#connOperator
 2400     org.apache.http.impl.conn.SingleClientConnManager#schemeRegistry
 2401     org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager#connOperator
 2402     org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager#schemeRegistry
 2403 
 2404 
 2405 Bug fixes since 4.0 BETA2 release
 2406 -------------------
 2407 
 2408 * [HTTPCLIENT-861] URIUtils#resolve is now compatible with all examples given
 2409   in RFC 3986.
 2410   Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de>
 2411 
 2412 * [HTTPCLIENT-860] HttpClient no longer converts redirects of PUT/POST to GET
 2413   for status codes 301, 302, 307, as required by the HTTP spec.
 2414   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2415 
 2416 * [HTTPCLIENT-859] CookieIdentityComparator now takes path attribute into
 2417   consideration when comparing cookies.
 2418   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2419 
 2420 * HttpClient will no longer send expired cookies back to the origin server.
 2421   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2422 
 2423 * [HTTPCLIENT-856] Proxy NTLM authentication no longer fails on a redirect to
 2424   a different host.
 2425   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2426 
 2427 * [HTTPCLIENT-841] Removed automatic connection release using garbage collection
 2428   due to a memory leak.
 2429   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2430 
 2431 * [HTTPCLIENT-853] Fixed bug causing invalid cookie origin port to be selected
 2432   when the target is accessed on the default port and the connection is
 2433   established via a proxy.
 2434   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2435 
 2436 * [HTTPCLIENT-852] Fixed bug causing automatically retried redirects fail with
 2437   CircularRedirectException.
 2438   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2439 
 2440 * Fixed problem with the default HTTP response parser failing to handle garbage
 2441   preceding a valid HTTP response.
 2442   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2443 
 2444 * NonRepeatableRequestExceptions now include the cause that the original
 2445   request failed.
 2446   Contributed by Sam Berlin <sberlin at apache.org>
 2447 
 2448 * [HTTPCLIENT-837] Fixed problem with the wire log skipping zero byte values
 2449   if read one byte at a time.
 2450   Contributed by Kirill Safonov <ksafonov at swiftteams.com>
 2451 
 2452 * [HTTPCLIENT-823] 'http.conn-manager.max-total' parameter can be adjusted
 2453   dynamically. However, the size of existing connection pools per route,
 2454   once allocated, will not be adjusted.
 2455   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2456 
 2457 * [HTTPCLIENT-822] Default socket factories to rethrow SocketTimeoutException
 2458   as ConnectTimeoutException in case of connect failure due to a time out.
 2459   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2460 
 2461 * [HTTPCLIENT-813] Fixed default port resolution. Invalid ports no longer
 2462   get replaced with the default port value.
 2463   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2464 
 2465 Release 4.0 beta 2
 2466 -------------------
 2467 
 2468 BETA2 is a maintenance release, which addresses a number of issues
 2469 discovered since the previous release.
 2470 
 2471 The only significant new feature is an addition of an OSGi compliant
 2472 bundle combining HttpClient and HttpMime jars.
 2473 
 2474 All upstream projects are strongly encouraged to upgrade.
 2475 
 2476 * Fixed NPE in DefaultRequestDirector thrown when retrying a failed
 2477   request over a proxied connection.
 2478   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2479 
 2480 * [HTTPCLIENT-803] Fixed bug in SSL host verifier implementations
 2481   causing the SSL certificate to be rejected as invalid if the connection
 2482   is established using an IP address.
 2483   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2484 
 2485 * [HTTPCLIENT-806] DefaultHttpMethodRetryHandler will no longer retry
 2486   on ConnectExceptions.
 2487   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2488 
 2489 * DigestScheme can use an arbitrary digest algorithm requested by the
 2490   target server (such as SHA) as long as this algorithm is supported by
 2491   the Java runtime.
 2492   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2493 
 2494 * Fixed parsing and validation of RFC2109 compliant Set-Cookie headers
 2495   by the Best-Match cookie spec.
 2496   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2497 
 2498 * Fixed bug that can cause a managed connection to be returned from the
 2499   pool in an inconsistent state.
 2500   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2501 
 2502 
 2503 4.0 Beta 1
 2504 -------------------
 2505 
 2506 BETA1 release brings yet another round of API enhancements and
 2507 improvements in the area of connection management. Among the most notable
 2508 ones is the capability to handle stateful connections such as persistent
 2509 NTLM connections and private key authenticated SSL connections.
 2510 
 2511 This is the first API stable release of HttpClient 4.0. All further
 2512 releases in the 4.0 code line will maintain API compatibility with this
 2513 release.
 2514 
 2515 There has been a number of important bug fixes since ALPHA4. All upstream
 2516 projects are encouraged to upgrade to the latest release.
 2517 
 2518 Please note HttpClient currently provides only limited support for NTLM
 2519 authentication. For details please see NTLM_SUPPORT.txt.
 2520 
 2521 -------------------
 2522 
 2523 Changelog:
 2524 -------------------
 2525 
 2526 * [HTTPCLIENT-790] Protocol interceptors are now correctly invoked when
 2527   executing CONNECT methods.
 2528   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2529 
 2530 * [HTTPCLIENT-668] Do not use static loggers.
 2531   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2532 
 2533 * [HTTPCLIENT-781] Respect Keep-Alive header's timeout value.
 2534   Contributed by Sam Berlin <sberlin at apache.org>
 2535 
 2536 * [HTTPCLIENT-779] Top-level classes (HttpClient, and HttpGet, HttpPut
 2537   and similar HttpMethods) throw fewer checked exceptions.
 2538   Contributed by Sam Berlin <sberlin at apache.org>
 2539 
 2540 * HttpClient will throw an exception if an attempt is made to retry
 2541   a request with a non-repeatable request entity.
 2542   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2543 
 2544 * Fixed request re-generation logic when retrying a failed request.
 2545   Auto-generated headers will no accumulate.
 2546   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2547 
 2548 * [HTTPCLIENT-424] Preemptive authentication no longer limited to BASIC
 2549   scheme only. HttpClient can be customized to authenticate preemptively
 2550   with DIGEST scheme.
 2551   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2552 
 2553 * [HTTPCLIENT-670] Pluggable hostname resolver.
 2554   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2555 
 2556 * [HTTPCLIENT-719] Clone support for HTTP request and cookie objects.
 2557   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2558 
 2559 * [HTTPCLIENT-776] Fixed concurrency issues with AbstractPoolEntry.
 2560   Contributed by Sam Berlin <sberlin at gmail.com>
 2561 
 2562 * Resolved a long standing problem with HttpClient not taking into account
 2563   the user context when pooling / re-using connections. HttpClient now
 2564   correctly handles stateful / user specific connections such as persistent
 2565   NTLM connections and SSL connections with client side authentication.
 2566   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2567 
 2568 * [HTTPCLIENT-773] Improved handling of the 'expires' attribute by the
 2569   'Best Match' cookie spec.
 2570   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2571 
 2572 * Partial NTLM support (requires an external NTLM engine). For details see
 2573   NTLM_SUPPORT.txt
 2574   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2575 
 2576 * Redesigned local execution context management.
 2577   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2578 
 2579 --------------------------------------
 2580 
 2581 Release 4.0 Alpha 4
 2582 -------------------
 2583 
 2584 ALPHA4 marks the completion of the overhaul of the connection management
 2585 code in HttpClient. All known shortcomings of the old HttpClient 3.x
 2586 connection management API have been addressed.
 2587 
 2588 NTLM authentication remains the only missing major feature in the new
 2589 codeline that prevents us from moving awards the API freeze.
 2590 
 2591 There has been a number of important bug fixes since ALPHA3. All upstream
 2592 projects are encouraged to upgrade to the latest release.
 2593 
 2594 -------------------
 2595 
 2596 HttpClient 3.x features that have NOT yet been ported:
 2597 -------------------
 2598 
 2599 * NTLM authentication scheme
 2600 
 2601 -------------------
 2602 
 2603 Changelog:
 2604 -------------------
 2605 
 2606 * [HTTPCLIENT-765] String.toLowerCase() / toUpperCase() should specify
 2607   Locale.ENGLISH
 2608   Contributed by Sebastian Bazley <sebb at apache.org>
 2609 
 2610 * [HTTPCLIENT-769] Do not pool connection marked non-reusable.
 2611   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2612 
 2613 * [HTTPCLIENT-763] Fixed problem with AbstractClientConnAdapter#abortConnection()
 2614   not releasing the connection if called from the main execution thread while
 2615   there is no blocking I/O operation.
 2616   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2617 
 2618 * [HTTPCLIENT-652] Added optional state attribute to managed client connections.
 2619   This enables connection managers to correctly handle stateful connections.
 2620   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2621 
 2622 * [HTTPCLIENT-673] Revised max connections per route configuration
 2623   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2624 
 2625 * [HTTPCLIENT-753] Class Scheme and related classes moved to a separate package
 2626   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2627 
 2628 * [HTTPCLIENT-757] Improved request wrapping in the DefaultClientRequestDirector.
 2629   This also fixed the problem with the default proxy set at the client level
 2630   having no effect.
 2631   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2632 
 2633 * [HTTPCLIENT-734] Request abort will unblock the thread waiting for a connection
 2634   Contributed by Sam Berlin <sberlin at gmail.com>
 2635 
 2636 * [HTTPCLIENT-759] Ensure release of connections back to the connection manager
 2637   on exceptions.
 2638   Contributed by Sam Berlin <sberlin at gmail.com>
 2639 
 2640 * [HTTPCLIENT-758] Fixed the use of generics in AbstractHttpClient
 2641   #removeRequestInterceptorByClass and #removeResponseInterceptorByClass
 2642   Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de>
 2643 
 2644 * [HTTPCLIENT-749] HttpParams beans
 2645   Contributed by Stojce Dimski <sdmiski at yahoo.it>
 2646 
 2647 * [HTTPCLIENT-755] Workaround for known bugs in java.net.URI.resolve()
 2648   Bug ID: 4708535
 2649   Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de>
 2650 
 2651 --------------------------------------
 2652 
 2653 Release 4.0 Alpha 3
 2654 -------------------
 2655 
 2656 ALPHA3 release brings another round of API refinements and improvements in
 2657 functionality. As of this release HttpClient requires Java 5 compatible
 2658 runtime environment and takes full advantage of generics and new concurrency
 2659 primitives.
 2660 
 2661 This release also introduces new default cookie policy that selects a cookie
 2662 specification depending on the format of cookies sent by the target host.
 2663 It is no longer necessary to know beforehand what kind of HTTP cookie support
 2664 the target host provides. HttpClient is now able to pick up either a lenient
 2665 or a strict cookie policy depending on the compliance level of the target host.
 2666 
 2667 Another notable improvement is a completely reworked support for multipart
 2668 entities based on Apache mime4j library.
 2669 
 2670 -------------------
 2671 
 2672 HttpClient 3.x features that have NOT yet been ported:
 2673 -------------------
 2674 
 2675 * NTLM authentication scheme
 2676 
 2677 -------------------
 2678 
 2679 Changelog:
 2680 -------------------
 2681 
 2682 * [HTTPCLIENT-742] common interface for HttpRoute and RouteTracker
 2683   Contributed by Roland Weber <rolandw at apache.org>
 2684 
 2685 * [HTTPCLIENT-741] Fixed concurrency issues in AbstractClientConnAdapter.
 2686   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2687 
 2688 * [HTTPCLIENT-726] testcase for spurious wakeups in ThreadSafeClientConnManager
 2689   Contributed by Roland Weber <rolandw at apache.org>
 2690 
 2691 * [HTTPCLIENT-643] Automatic connect fail-over for multi-home remote servers.
 2692   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2693 
 2694 * [HTTPCLIENT-735] unsetting of DEFAULT_PROXY and FORCED_ROUTE in hierarchies
 2695   Contributed by Roland Weber <rolandw at apache.org>
 2696 
 2697 * [HTTPCLIENT-723] route planner based on java.net.ProxySelector
 2698   Contributed by Roland Weber <rolandw at apache.org>
 2699 
 2700 * [HTTPCLIENT-740] don't start connection GC thread in pool constructor
 2701   Contributed by Roland Weber <rolandw at apache.org>
 2702 
 2703 * [HTTPCLIENT-736] route planners use SchemeRegistry instead of ConnManager
 2704   Contributed by Roland Weber <rolandw at apache.org>
 2705 
 2706 * [HTTPCLIENT-730] Fixed rewriting of URIs containing escaped characters
 2707   Contributed by Sam Berlin <sberlin at gmail.com> and
 2708   Oleg Kalnichevski <olegk at apache.org>
 2709 
 2710 * [HTTPCLIENT-667] Added 'Meta' cookie policy that selects a cookie
 2711   specification depending on the format of the cookie(s).
 2712   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2713 
 2714 * [HTTPCLIENT-729] Move HttpRoute and related classes to routing package.
 2715   Contributed by Roland Weber <rolandw at apache.org>
 2716 
 2717 * [HTTPCLIENT-725] Use TimeUnit arguments for timeouts in connection manager.
 2718   Contributed by Roland Weber <rolandw at apache.org>
 2719 
 2720 * [HTTPCLIENT-677] Connection manager no longer uses Thread.interrupt().
 2721   Contributed by Roland Weber <rolandw at apache.org>
 2722 
 2723 * [HTTPCLIENT-716] Allow application-defined routes.
 2724   Contributed by Roland Weber <rolandw at apache.org>
 2725 
 2726 * [HTTPCLIENT-712] Improve HttpRoute API
 2727   Contributed by Roland Weber <rolandw at apache.org>
 2728 
 2729 * [HTTPCLIENT-711] Bad route computed for redirected requests
 2730   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2731 
 2732 * [HTTPCLIENT-715] Remove RoutedRequest from API
 2733   Contributed by Roland Weber <rolandw at apache.org>
 2734 
 2735 * [HTTPCLIENT-705] Fixed incorrect handling of URIs with null path component.
 2736   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2737 
 2738 * [HTTPCLIENT-688] HttpOptions#getAllowedMethods can now handle multiple
 2739   Allow headers.
 2740   Contributed by Andrea Selva <selva.andre at gmail.com>
 2741 
 2742 --------------------------------------
 2743 
 2744 Release 4.0 Alpha 2
 2745 -------------------
 2746 
 2747 ALPHA2 release is another milestone in the redesign of HttpClient. It includes
 2748 a number of improvements since ALPHA1, among which are improved connection
 2749 pooling, support for proxy chains, redesigned HTTP state and authentication
 2750 credentials management API, improved RFC 2965 cookie specification.
 2751 
 2752 -------------------
 2753 
 2754 HttpClient 3.x features that have NOT yet been ported
 2755 -------------------
 2756 * NTLM authentication scheme
 2757 
 2758 * Support for multipart MIME coded entities
 2759 
 2760 -------------------
 2761 
 2762 Changelog
 2763 -------------------
 2764 
 2765 * [HTTPCLIENT-698] Resolve non-absolute redirect URIs relative to
 2766   the request URI
 2767   Contributed by Johannes Koch <johannes.koch at fit.fraunhofer.de>
 2768 
 2769 * [HTTPCLIENT-697] Throw a more intelligible exception when connection
 2770   to a remote host cannot be established.
 2771   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2772 
 2773 * [HTTPCLIENT-689] Caching of SimpleDateFormat in DateUtils
 2774   Contributed by Daniel Müller <strider at digitalstrider.com>
 2775 
 2776 * [HTTPCLIENT-689] stackable parameters in AbstractHttpClient
 2777   Contributed by Roland Weber <rolandw at apache.org>
 2778 
 2779 * [HTTPCLIENT-477] Use distinct instances of the authentication handler
 2780   interface for authentication with target and proxy hosts
 2781   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2782 
 2783 * [HTTPCLIENT-690] ManagedClientConnection provides access to SSLSession
 2784   Contributed by Roland Weber <rolandw at apache.org>
 2785 
 2786 * [HTTPCLIENT-692] ClientConnectionManager throws InterruptedException
 2787   Contributed by Roland Weber <rolandw at apache.org>
 2788 
 2789 * [HTTPCORE-116] moved parameter names to interfaces
 2790   Contributed by Roland Weber <rolandw at apache.org>
 2791 
 2792 * [HTTPCLIENT-649] support for proxy chains in HttpConn
 2793   Contributed by Roland Weber <rolandw at apache.org>
 2794 
 2795 * [HTTPCLIENT-636] refactor ThreadSafeClientConnManager in separate package
 2796   Contributed by Roland Weber <rolandw at apache.org>
 2797 
 2798 * [HTTPCLIENT-669] new HttpRoutePlanner interface and implementation
 2799   Contributed by Andrea Selva <selva.andre at gmail.com>
 2800 
 2801 * [HTTPCLIENT-653] detached connection wrapper no longer prevents
 2802   garbage collection of ThreadSafeClientConnManager
 2803   Contributed by Roland Weber <rolandw at apache.org>
 2804 
 2805 * [HTTPCLIENT-674] use org.apache.http.util.VersionInfo instead of a local one
 2806   Contributed by Roland Weber <rolandw at apache.org>
 2807 
 2808 * [HTTPCLIENT-666] Replaced HttpState with CredentialsProvier and CookieStore interfaces
 2809   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2810 
 2811 * [HTTPCORE-100] revised HttpContext hierarchy
 2812   Contributed by Roland Weber <rolandw at apache.org>
 2813 
 2814 * [HTTPCLIENT-618] eliminate class HostConfiguration
 2815   Contributed by Roland Weber <rolandw at apache.org>
 2816 
 2817 * [HTTPCLIENT-672] re-sync with API changes in core alpha6-SNAPSHOT
 2818   Contributed by Roland Weber <rolandw at apache.org>
 2819 
 2820 --------------------------------------
 2821 
 2822 Release 4.0 Alpha 1
 2823 -------------------
 2824 
 2825 HttpClient 4.0 represents a complete, ground-up redesign and almost a complete
 2826 rewrite of the HttpClient 3.x codeline. This release finally addresses several
 2827 design flaws that existed since the 1.0 release and could not be fixed without
 2828 a major code overhaul and breaking API compatibility.
 2829 
 2830 The HttpClient 4.0 API is still very experimental and is bound to change
 2831 during the course of the ALPHA development phase. Several important features
 2832 have not yet been ported to the new API.
 2833 
 2834 Architectural changes
 2835 ---------------------
 2836 
 2837 * Redesign of the HttpClient internals addressing all known
 2838   major architectural shortcomings of the 3.x codeline
 2839 
 2840 * Cleaner, more flexible and expressive API
 2841 
 2842 * Better performance and smaller memory footprint due to a more
 2843   efficient HTTP transport based on HttpCore. HttpClient 4.0 is
 2844   expected to be 10% to 25% faster than HttpClient 3.x codeline
 2845 
 2846 * More modular structure
 2847 
 2848 * Pluggable redirect and authentication handlers
 2849 
 2850 * Support for protocol incerceptors
 2851 
 2852 * Improved connection management
 2853 
 2854 * Improved support for sending requests via a proxy or a chain of
 2855   proxies
 2856 
 2857 * Improved handling redirects of entity enclosing requests
 2858 
 2859 * More flexible SSL context customization
 2860 
 2861 * Reduced intermediate garbage in the process of
 2862   generating HTTP requests and parsing HTTP responses
 2863 
 2864 -------------------
 2865 
 2866 HttpClient 3.x features that have NOT yet been ported
 2867 -------------------
 2868 * NTLM authentication scheme
 2869 
 2870 * RFC2965 cookie policy (Cookie2)
 2871 
 2872 * Support for multipart MIME coded entities
 2873 
 2874 -------------------
 2875 
 2876 Changelog
 2877 -------------------
 2878 
 2879 The following is a list of contributions tracked in JIRA.
 2880 Note that this is not a complete list of contributions or changes.
 2881 Since the API was redesigned completely, tracking everything outside
 2882 of the source code repository would have been too burdensome.
 2883 
 2884 * [HTTPCLIENT-655] User-Agent string no longer violates RFC
 2885   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2886 
 2887 * [HTTPCLIENT-541] Virtual host API redesign
 2888   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2889 
 2890 * [HTTPCLIENT-614] Allow for different strategies when checking
 2891   CN of x509 certificates
 2892   Contributed by Julius Davies <juliusdavies at gmail.com>
 2893 
 2894 * [HTTPCLIENT-136] Fixed inadequate proxy support
 2895   Long standing architectural problem. Issue opened on 19/Dec/2002.
 2896   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2897 
 2898 * [HTTPCLIENT-63] Support for pluggable redirect and authentication handlers
 2899   Long standing architectural problem. Issue opened on 15/Jul/2002.
 2900   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2901 
 2902 * [HTTPCLIENT-245] Fixed redirect handling. HttpClient can now automatically
 2903   handle redirects of entity enclosing requests.
 2904   Long standing architectural problem. Issue opened on 14/Jul/2003.
 2905   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2906 
 2907 * [HTTPCLIENT-613] HTTPS connections now verify CN of x509 certificates
 2908   Contributed by Julius Davies <juliusdavies at gmail.com>
 2909 
 2910 * [HTTPCLIENT-497] Wire/header logger names consistent with class loggers
 2911   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2912 
 2913 * [HTTPCLIENT-484] AuthSSLProtocolSocketFactory in the main distribution
 2914   Contributed by Oleg Kalnichevski <olegk at apache.org>
 2915 
 2916 * [HTTPCLIENT-589] Do not consume the remaining response content if
 2917   the connection is to be closed
 2918   Contributed by Roland Weber <rolandw at apache.org>
 2919 
 2920 * [HTTPCLIENT-475] Support for unconnected sockets. HTTP requests can now be
 2921   aborted while network socket is still being connected.
 2922   Contributed by Roland Weber <rolandw at apache.org>
 2923