0_24_4.md

doc/release_notes/0_24_4.md
Last Update: 2024-04-03 14:03:54 +0000

0.24.4

Improvements

  • digest_authentication plugin now supports passing HA1hashed with password HA1s (common to store in htdigest files for example) when setting the:hashed kwarg to true in the .digest_auth call.

  • ex: http.digest_auth(user, get_hashed_passwd_from_htdigest(user), hashed: true)

  • TLS session resumption is now supported

  • whenever possible, httpx sessions will recycle used connections so that, in the case of TLS connections, the first session will keep being reusedd, thereby diminishing the overhead of subsequent TLS handshakes on the same host.

  • TLS sessions are only reused in the scope of the same httpx session, unless the :persistent plugin is used, in which case, the persisted httpx session will always try to resume TLS sessions.

Bugfixes

  • When explicitly using IP addresses in the URL host, TLS handshake will now verify tif he IP address is included in the certificate.

  • IP address will keep not be used for SNI, as per RFC 6066, section 3.

  • ex: http.get("https://10.12.0.12/get")

  • if you want the prior behavior, set HTTPX.with(ssl: {verify_hostname: false})

  • Turn TLS hostname verification on for jruby (it’s turned off by default).

  • if you want the prior behavior, set HTTPX.with(ssl: {verify_hostname: false})