1Metadata-Version: 2.1 2Name: urllib3 3Version: 1.25.9 4Summary: HTTP library with thread-safe connection pooling, file post, and more. 5Home-page: https://urllib3.readthedocs.io/ 6Author: Andrey Petrov 7Author-email: andrey.petrov@shazow.net 8License: MIT 9Project-URL: Documentation, https://urllib3.readthedocs.io/ 10Project-URL: Code, https://github.com/urllib3/urllib3 11Project-URL: Issue tracker, https://github.com/urllib3/urllib3/issues 12Description: urllib3 13 ======= 14 15 urllib3 is a powerful, *sanity-friendly* HTTP client for Python. Much of the 16 Python ecosystem already uses urllib3 and you should too. 17 urllib3 brings many critical features that are missing from the Python 18 standard libraries: 19 20 - Thread safety. 21 - Connection pooling. 22 - Client-side SSL/TLS verification. 23 - File uploads with multipart encoding. 24 - Helpers for retrying requests and dealing with HTTP redirects. 25 - Support for gzip, deflate, and brotli encoding. 26 - Proxy support for HTTP and SOCKS. 27 - 100% test coverage. 28 29 urllib3 is powerful and easy to use:: 30 31 >>> import urllib3 32 >>> http = urllib3.PoolManager() 33 >>> r = http.request('GET', 'http://httpbin.org/robots.txt') 34 >>> r.status 35 200 36 >>> r.data 37 'User-agent: *\nDisallow: /deny\n' 38 39 40 Installing 41 ---------- 42 43 urllib3 can be installed with `pip <https://pip.pypa.io>`_:: 44 45 $ pip install urllib3 46 47 Alternatively, you can grab the latest source code from `GitHub <https://github.com/urllib3/urllib3>`_:: 48 49 $ git clone git://github.com/urllib3/urllib3.git 50 $ python setup.py install 51 52 53 Documentation 54 ------------- 55 56 urllib3 has usage and reference documentation at `urllib3.readthedocs.io <https://urllib3.readthedocs.io>`_. 57 58 59 Contributing 60 ------------ 61 62 urllib3 happily accepts contributions. Please see our 63 `contributing documentation <https://urllib3.readthedocs.io/en/latest/contributing.html>`_ 64 for some tips on getting started. 65 66 67 Security Disclosures 68 -------------------- 69 70 To report a security vulnerability, please use the 71 `Tidelift security contact <https://tidelift.com/security>`_. 72 Tidelift will coordinate the fix and disclosure with maintainers. 73 74 Maintainers 75 ----------- 76 77 - `@sethmlarson <https://github.com/sethmlarson>`_ (Seth M. Larson) 78 - `@pquentin <https://github.com/pquentin>`_ (Quentin Pradet) 79 - `@theacodes <https://github.com/theacodes>`_ (Thea Flowers) 80 - `@haikuginger <https://github.com/haikuginger>`_ (Jess Shapiro) 81 - `@lukasa <https://github.com/lukasa>`_ (Cory Benfield) 82 - `@sigmavirus24 <https://github.com/sigmavirus24>`_ (Ian Stapleton Cordasco) 83 - `@shazow <https://github.com/shazow>`_ (Andrey Petrov) 84 85 86 87 88 Sponsorship 89 ----------- 90 91 .. |tideliftlogo| image:: https://nedbatchelder.com/pix/Tidelift_Logos_RGB_Tidelift_Shorthand_On-White_small.png 92 :width: 75 93 :alt: Tidelift 94 95 .. list-table:: 96 :widths: 10 100 97 98 * - |tideliftlogo| 99 - Professional support for urllib3 is available as part of the `Tidelift 100 Subscription`_. Tidelift gives software development teams a single source for 101 purchasing and maintaining their software, with professional grade assurances 102 from the experts who know it best, while seamlessly integrating with existing 103 tools. 104 105 .. _Tidelift Subscription: https://tidelift.com/subscription/pkg/pypi-urllib3?utm_source=pypi-urllib3&utm_medium=referral&utm_campaign=readme 106 107 If your company benefits from this library, please consider `sponsoring its 108 development <https://urllib3.readthedocs.io/en/latest/contributing.html#sponsorship-project-grants>`_. 109 110 Sponsors include: 111 112 - Abbott (2018-2019), sponsored `@sethmlarson <https://github.com/sethmlarson>`_'s work on urllib3. 113 - Google Cloud Platform (2018-2019), sponsored `@theacodes <https://github.com/theacodes>`_'s work on urllib3. 114 - Akamai (2017-2018), sponsored `@haikuginger <https://github.com/haikuginger>`_'s work on urllib3 115 - Hewlett Packard Enterprise (2016-2017), sponsored `@Lukasa’s <https://github.com/Lukasa>`_ work on urllib3. 116 117 118 Changes 119 ======= 120 121 1.25.9 (2020-04-16) 122 ------------------- 123 124 * Added ``InvalidProxyConfigurationWarning`` which is raised when 125 erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently 126 support connecting to HTTPS proxies but will soon be able to 127 and we would like users to migrate properly without much breakage. 128 129 See `this GitHub issue <https://github.com/urllib3/urllib3/issues/1850>`_ 130 for more information on how to fix your proxy config. (Pull #1851) 131 132 * Drain connection after ``PoolManager`` redirect (Pull #1817) 133 134 * Ensure ``load_verify_locations`` raises ``SSLError`` for all backends (Pull #1812) 135 136 * Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection`` (Pull #1805) 137 138 * Allow the CA certificate data to be passed as a string (Pull #1804) 139 140 * Raise ``ValueError`` if method contains control characters (Pull #1800) 141 142 * Add ``__repr__`` to ``Timeout`` (Pull #1795) 143 144 145 1.25.8 (2020-01-20) 146 ------------------- 147 148 * Drop support for EOL Python 3.4 (Pull #1774) 149 150 * Optimize _encode_invalid_chars (Pull #1787) 151 152 153 1.25.7 (2019-11-11) 154 ------------------- 155 156 * Preserve ``chunked`` parameter on retries (Pull #1715, Pull #1734) 157 158 * Allow unset ``SERVER_SOFTWARE`` in App Engine (Pull #1704, Issue #1470) 159 160 * Fix issue where URL fragment was sent within the request target. (Pull #1732) 161 162 * Fix issue where an empty query section in a URL would fail to parse. (Pull #1732) 163 164 * Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull #1703) 165 166 167 1.25.6 (2019-09-24) 168 ------------------- 169 170 * Fix issue where tilde (``~``) characters were incorrectly 171 percent-encoded in the path. (Pull #1692) 172 173 174 1.25.5 (2019-09-19) 175 ------------------- 176 177 * Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which 178 caused certificate verification to be enabled when using ``cert_reqs=CERT_NONE``. 179 (Issue #1682) 180 181 182 1.25.4 (2019-09-19) 183 ------------------- 184 185 * Propagate Retry-After header settings to subsequent retries. (Pull #1607) 186 187 * Fix edge case where Retry-After header was still respected even when 188 explicitly opted out of. (Pull #1607) 189 190 * Remove dependency on ``rfc3986`` for URL parsing. 191 192 * Fix issue where URLs containing invalid characters within ``Url.auth`` would 193 raise an exception instead of percent-encoding those characters. 194 195 * Add support for ``HTTPResponse.auto_close = False`` which makes HTTP responses 196 work well with BufferedReaders and other ``io`` module features. (Pull #1652) 197 198 * Percent-encode invalid characters in URL for ``HTTPConnectionPool.request()`` (Pull #1673) 199 200 201 1.25.3 (2019-05-23) 202 ------------------- 203 204 * Change ``HTTPSConnection`` to load system CA certificates 205 when ``ca_certs``, ``ca_cert_dir``, and ``ssl_context`` are 206 unspecified. (Pull #1608, Issue #1603) 207 208 * Upgrade bundled rfc3986 to v1.3.2. (Pull #1609, Issue #1605) 209 210 211 1.25.2 (2019-04-28) 212 ------------------- 213 214 * Change ``is_ipaddress`` to not detect IPvFuture addresses. (Pull #1583) 215 216 * Change ``parse_url`` to percent-encode invalid characters within the 217 path, query, and target components. (Pull #1586) 218 219 220 1.25.1 (2019-04-24) 221 ------------------- 222 223 * Add support for Google's ``Brotli`` package. (Pull #1572, Pull #1579) 224 225 * Upgrade bundled rfc3986 to v1.3.1 (Pull #1578) 226 227 228 1.25 (2019-04-22) 229 ----------------- 230 231 * Require and validate certificates by default when using HTTPS (Pull #1507) 232 233 * Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant. (Pull #1487) 234 235 * Added support for ``key_password`` for ``HTTPSConnectionPool`` to use 236 encrypted ``key_file`` without creating your own ``SSLContext`` object. (Pull #1489) 237 238 * Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext`` 239 implementations. (Pull #1496) 240 241 * Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft. (Issue #303, PR #1492) 242 243 * Fixed issue where OpenSSL would block if an encrypted client private key was 244 given and no password was given. Instead an ``SSLError`` is raised. (Pull #1489) 245 246 * Added support for Brotli content encoding. It is enabled automatically if 247 ``brotlipy`` package is installed which can be requested with 248 ``urllib3[brotli]`` extra. (Pull #1532) 249 250 * Drop ciphers using DSS key exchange from default TLS cipher suites. 251 Improve default ciphers when using SecureTransport. (Pull #1496) 252 253 * Implemented a more efficient ``HTTPResponse.__iter__()`` method. (Issue #1483) 254 255 1.24.3 (2019-05-01) 256 ------------------- 257 258 * Apply fix for CVE-2019-9740. (Pull #1591) 259 260 1.24.2 (2019-04-17) 261 ------------------- 262 263 * Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or 264 ``ssl_context`` parameters are specified. 265 266 * Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510) 267 268 * Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269) 269 270 271 1.24.1 (2018-11-02) 272 ------------------- 273 274 * Remove quadratic behavior within ``GzipDecoder.decompress()`` (Issue #1467) 275 276 * Restored functionality of ``ciphers`` parameter for ``create_urllib3_context()``. (Issue #1462) 277 278 279 1.24 (2018-10-16) 280 ----------------- 281 282 * Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull #1449) 283 284 * Test against Python 3.7 on AppVeyor. (Pull #1453) 285 286 * Early-out ipv6 checks when running on App Engine. (Pull #1450) 287 288 * Change ambiguous description of backoff_factor (Pull #1436) 289 290 * Add ability to handle multiple Content-Encodings (Issue #1441 and Pull #1442) 291 292 * Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue #1405). 293 294 * Add a server_hostname parameter to HTTPSConnection which allows for 295 overriding the SNI hostname sent in the handshake. (Pull #1397) 296 297 * Drop support for EOL Python 2.6 (Pull #1429 and Pull #1430) 298 299 * Fixed bug where responses with header Content-Type: message/* erroneously 300 raised HeaderParsingError, resulting in a warning being logged. (Pull #1439) 301 302 * Move urllib3 to src/urllib3 (Pull #1409) 303 304 305 1.23 (2018-06-04) 306 ----------------- 307 308 * Allow providing a list of headers to strip from requests when redirecting 309 to a different host. Defaults to the ``Authorization`` header. Different 310 headers can be set via ``Retry.remove_headers_on_redirect``. (Issue #1316) 311 312 * Fix ``util.selectors._fileobj_to_fd`` to accept ``long`` (Issue #1247). 313 314 * Dropped Python 3.3 support. (Pull #1242) 315 316 * Put the connection back in the pool when calling stream() or read_chunked() on 317 a chunked HEAD response. (Issue #1234) 318 319 * Fixed pyOpenSSL-specific ssl client authentication issue when clients 320 attempted to auth via certificate + chain (Issue #1060) 321 322 * Add the port to the connectionpool connect print (Pull #1251) 323 324 * Don't use the ``uuid`` module to create multipart data boundaries. (Pull #1380) 325 326 * ``read_chunked()`` on a closed response returns no chunks. (Issue #1088) 327 328 * Add Python 2.6 support to ``contrib.securetransport`` (Pull #1359) 329 330 * Added support for auth info in url for SOCKS proxy (Pull #1363) 331 332 333 1.22 (2017-07-20) 334 ----------------- 335 336 * Fixed missing brackets in ``HTTP CONNECT`` when connecting to IPv6 address via 337 IPv6 proxy. (Issue #1222) 338 339 * Made the connection pool retry on ``SSLError``. The original ``SSLError`` 340 is available on ``MaxRetryError.reason``. (Issue #1112) 341 342 * Drain and release connection before recursing on retry/redirect. Fixes 343 deadlocks with a blocking connectionpool. (Issue #1167) 344 345 * Fixed compatibility for cookiejar. (Issue #1229) 346 347 * pyopenssl: Use vendored version of ``six``. (Issue #1231) 348 349 350 1.21.1 (2017-05-02) 351 ------------------- 352 353 * Fixed SecureTransport issue that would cause long delays in response body 354 delivery. (Pull #1154) 355 356 * Fixed regression in 1.21 that threw exceptions when users passed the 357 ``socket_options`` flag to the ``PoolManager``. (Issue #1165) 358 359 * Fixed regression in 1.21 that threw exceptions when users passed the 360 ``assert_hostname`` or ``assert_fingerprint`` flag to the ``PoolManager``. 361 (Pull #1157) 362 363 364 1.21 (2017-04-25) 365 ----------------- 366 367 * Improved performance of certain selector system calls on Python 3.5 and 368 later. (Pull #1095) 369 370 * Resolved issue where the PyOpenSSL backend would not wrap SysCallError 371 exceptions appropriately when sending data. (Pull #1125) 372 373 * Selectors now detects a monkey-patched select module after import for modules 374 that patch the select module like eventlet, greenlet. (Pull #1128) 375 376 * Reduced memory consumption when streaming zlib-compressed responses 377 (as opposed to raw deflate streams). (Pull #1129) 378 379 * Connection pools now use the entire request context when constructing the 380 pool key. (Pull #1016) 381 382 * ``PoolManager.connection_from_*`` methods now accept a new keyword argument, 383 ``pool_kwargs``, which are merged with the existing ``connection_pool_kw``. 384 (Pull #1016) 385 386 * Add retry counter for ``status_forcelist``. (Issue #1147) 387 388 * Added ``contrib`` module for using SecureTransport on macOS: 389 ``urllib3.contrib.securetransport``. (Pull #1122) 390 391 * urllib3 now only normalizes the case of ``http://`` and ``https://`` schemes: 392 for schemes it does not recognise, it assumes they are case-sensitive and 393 leaves them unchanged. 394 (Issue #1080) 395 396 397 1.20 (2017-01-19) 398 ----------------- 399 400 * Added support for waiting for I/O using selectors other than select, 401 improving urllib3's behaviour with large numbers of concurrent connections. 402 (Pull #1001) 403 404 * Updated the date for the system clock check. (Issue #1005) 405 406 * ConnectionPools now correctly consider hostnames to be case-insensitive. 407 (Issue #1032) 408 409 * Outdated versions of PyOpenSSL now cause the PyOpenSSL contrib module 410 to fail when it is injected, rather than at first use. (Pull #1063) 411 412 * Outdated versions of cryptography now cause the PyOpenSSL contrib module 413 to fail when it is injected, rather than at first use. (Issue #1044) 414 415 * Automatically attempt to rewind a file-like body object when a request is 416 retried or redirected. (Pull #1039) 417 418 * Fix some bugs that occur when modules incautiously patch the queue module. 419 (Pull #1061) 420 421 * Prevent retries from occurring on read timeouts for which the request method 422 was not in the method whitelist. (Issue #1059) 423 424 * Changed the PyOpenSSL contrib module to lazily load idna to avoid 425 unnecessarily bloating the memory of programs that don't need it. (Pull 426 #1076) 427 428 * Add support for IPv6 literals with zone identifiers. (Pull #1013) 429 430 * Added support for socks5h:// and socks4a:// schemes when working with SOCKS 431 proxies, and controlled remote DNS appropriately. (Issue #1035) 432 433 434 1.19.1 (2016-11-16) 435 ------------------- 436 437 * Fixed AppEngine import that didn't function on Python 3.5. (Pull #1025) 438 439 440 1.19 (2016-11-03) 441 ----------------- 442 443 * urllib3 now respects Retry-After headers on 413, 429, and 503 responses when 444 using the default retry logic. (Pull #955) 445 446 * Remove markers from setup.py to assist ancient setuptools versions. (Issue 447 #986) 448 449 * Disallow superscripts and other integerish things in URL ports. (Issue #989) 450 451 * Allow urllib3's HTTPResponse.stream() method to continue to work with 452 non-httplib underlying FPs. (Pull #990) 453 454 * Empty filenames in multipart headers are now emitted as such, rather than 455 being suppressed. (Issue #1015) 456 457 * Prefer user-supplied Host headers on chunked uploads. (Issue #1009) 458 459 460 1.18.1 (2016-10-27) 461 ------------------- 462 463 * CVE-2016-9015. Users who are using urllib3 version 1.17 or 1.18 along with 464 PyOpenSSL injection and OpenSSL 1.1.0 *must* upgrade to this version. This 465 release fixes a vulnerability whereby urllib3 in the above configuration 466 would silently fail to validate TLS certificates due to erroneously setting 467 invalid flags in OpenSSL's ``SSL_CTX_set_verify`` function. These erroneous 468 flags do not cause a problem in OpenSSL versions before 1.1.0, which 469 interprets the presence of any flag as requesting certificate validation. 470 471 There is no PR for this patch, as it was prepared for simultaneous disclosure 472 and release. The master branch received the same fix in PR #1010. 473 474 475 1.18 (2016-09-26) 476 ----------------- 477 478 * Fixed incorrect message for IncompleteRead exception. (PR #973) 479 480 * Accept ``iPAddress`` subject alternative name fields in TLS certificates. 481 (Issue #258) 482 483 * Fixed consistency of ``HTTPResponse.closed`` between Python 2 and 3. 484 (Issue #977) 485 486 * Fixed handling of wildcard certificates when using PyOpenSSL. (Issue #979) 487 488 489 1.17 (2016-09-06) 490 ----------------- 491 492 * Accept ``SSLContext`` objects for use in SSL/TLS negotiation. (Issue #835) 493 494 * ConnectionPool debug log now includes scheme, host, and port. (Issue #897) 495 496 * Substantially refactored documentation. (Issue #887) 497 498 * Used URLFetch default timeout on AppEngine, rather than hardcoding our own. 499 (Issue #858) 500 501 * Normalize the scheme and host in the URL parser (Issue #833) 502 503 * ``HTTPResponse`` contains the last ``Retry`` object, which now also 504 contains retries history. (Issue #848) 505 506 * Timeout can no longer be set as boolean, and must be greater than zero. 507 (PR #924) 508 509 * Removed pyasn1 and ndg-httpsclient from dependencies used for PyOpenSSL. We 510 now use cryptography and idna, both of which are already dependencies of 511 PyOpenSSL. (PR #930) 512 513 * Fixed infinite loop in ``stream`` when amt=None. (Issue #928) 514 515 * Try to use the operating system's certificates when we are using an 516 ``SSLContext``. (PR #941) 517 518 * Updated cipher suite list to allow ChaCha20+Poly1305. AES-GCM is preferred to 519 ChaCha20, but ChaCha20 is then preferred to everything else. (PR #947) 520 521 * Updated cipher suite list to remove 3DES-based cipher suites. (PR #958) 522 523 * Removed the cipher suite fallback to allow HIGH ciphers. (PR #958) 524 525 * Implemented ``length_remaining`` to determine remaining content 526 to be read. (PR #949) 527 528 * Implemented ``enforce_content_length`` to enable exceptions when 529 incomplete data chunks are received. (PR #949) 530 531 * Dropped connection start, dropped connection reset, redirect, forced retry, 532 and new HTTPS connection log levels to DEBUG, from INFO. (PR #967) 533 534 535 1.16 (2016-06-11) 536 ----------------- 537 538 * Disable IPv6 DNS when IPv6 connections are not possible. (Issue #840) 539 540 * Provide ``key_fn_by_scheme`` pool keying mechanism that can be 541 overridden. (Issue #830) 542 543 * Normalize scheme and host to lowercase for pool keys, and include 544 ``source_address``. (Issue #830) 545 546 * Cleaner exception chain in Python 3 for ``_make_request``. 547 (Issue #861) 548 549 * Fixed installing ``urllib3[socks]`` extra. (Issue #864) 550 551 * Fixed signature of ``ConnectionPool.close`` so it can actually safely be 552 called by subclasses. (Issue #873) 553 554 * Retain ``release_conn`` state across retries. (Issues #651, #866) 555 556 * Add customizable ``HTTPConnectionPool.ResponseCls``, which defaults to 557 ``HTTPResponse`` but can be replaced with a subclass. (Issue #879) 558 559 560 1.15.1 (2016-04-11) 561 ------------------- 562 563 * Fix packaging to include backports module. (Issue #841) 564 565 566 1.15 (2016-04-06) 567 ----------------- 568 569 * Added Retry(raise_on_status=False). (Issue #720) 570 571 * Always use setuptools, no more distutils fallback. (Issue #785) 572 573 * Dropped support for Python 3.2. (Issue #786) 574 575 * Chunked transfer encoding when requesting with ``chunked=True``. 576 (Issue #790) 577 578 * Fixed regression with IPv6 port parsing. (Issue #801) 579 580 * Append SNIMissingWarning messages to allow users to specify it in 581 the PYTHONWARNINGS environment variable. (Issue #816) 582 583 * Handle unicode headers in Py2. (Issue #818) 584 585 * Log certificate when there is a hostname mismatch. (Issue #820) 586 587 * Preserve order of request/response headers. (Issue #821) 588 589 590 1.14 (2015-12-29) 591 ----------------- 592 593 * contrib: SOCKS proxy support! (Issue #762) 594 595 * Fixed AppEngine handling of transfer-encoding header and bug 596 in Timeout defaults checking. (Issue #763) 597 598 599 1.13.1 (2015-12-18) 600 ------------------- 601 602 * Fixed regression in IPv6 + SSL for match_hostname. (Issue #761) 603 604 605 1.13 (2015-12-14) 606 ----------------- 607 608 * Fixed ``pip install urllib3[secure]`` on modern pip. (Issue #706) 609 610 * pyopenssl: Fixed SSL3_WRITE_PENDING error. (Issue #717) 611 612 * pyopenssl: Support for TLSv1.1 and TLSv1.2. (Issue #696) 613 614 * Close connections more defensively on exception. (Issue #734) 615 616 * Adjusted ``read_chunked`` to handle gzipped, chunk-encoded bodies without 617 repeatedly flushing the decoder, to function better on Jython. (Issue #743) 618 619 * Accept ``ca_cert_dir`` for SSL-related PoolManager configuration. (Issue #758) 620 621 622 1.12 (2015-09-03) 623 ----------------- 624 625 * Rely on ``six`` for importing ``httplib`` to work around 626 conflicts with other Python 3 shims. (Issue #688) 627 628 * Add support for directories of certificate authorities, as supported by 629 OpenSSL. (Issue #701) 630 631 * New exception: ``NewConnectionError``, raised when we fail to establish 632 a new connection, usually ``ECONNREFUSED`` socket error. 633 634 635 1.11 (2015-07-21) 636 ----------------- 637 638 * When ``ca_certs`` is given, ``cert_reqs`` defaults to 639 ``'CERT_REQUIRED'``. (Issue #650) 640 641 * ``pip install urllib3[secure]`` will install Certifi and 642 PyOpenSSL as dependencies. (Issue #678) 643 644 * Made ``HTTPHeaderDict`` usable as a ``headers`` input value 645 (Issues #632, #679) 646 647 * Added `urllib3.contrib.appengine <https://urllib3.readthedocs.io/en/latest/contrib.html#google-app-engine>`_ 648 which has an ``AppEngineManager`` for using ``URLFetch`` in a 649 Google AppEngine environment. (Issue #664) 650 651 * Dev: Added test suite for AppEngine. (Issue #631) 652 653 * Fix performance regression when using PyOpenSSL. (Issue #626) 654 655 * Passing incorrect scheme (e.g. ``foo://``) will raise 656 ``ValueError`` instead of ``AssertionError`` (backwards 657 compatible for now, but please migrate). (Issue #640) 658 659 * Fix pools not getting replenished when an error occurs during a 660 request using ``release_conn=False``. (Issue #644) 661 662 * Fix pool-default headers not applying for url-encoded requests 663 like GET. (Issue #657) 664 665 * log.warning in Python 3 when headers are skipped due to parsing 666 errors. (Issue #642) 667 668 * Close and discard connections if an error occurs during read. 669 (Issue #660) 670 671 * Fix host parsing for IPv6 proxies. (Issue #668) 672 673 * Separate warning type SubjectAltNameWarning, now issued once 674 per host. (Issue #671) 675 676 * Fix ``httplib.IncompleteRead`` not getting converted to 677 ``ProtocolError`` when using ``HTTPResponse.stream()`` 678 (Issue #674) 679 680 1.10.4 (2015-05-03) 681 ------------------- 682 683 * Migrate tests to Tornado 4. (Issue #594) 684 685 * Append default warning configuration rather than overwrite. 686 (Issue #603) 687 688 * Fix streaming decoding regression. (Issue #595) 689 690 * Fix chunked requests losing state across keep-alive connections. 691 (Issue #599) 692 693 * Fix hanging when chunked HEAD response has no body. (Issue #605) 694 695 696 1.10.3 (2015-04-21) 697 ------------------- 698 699 * Emit ``InsecurePlatformWarning`` when SSLContext object is missing. 700 (Issue #558) 701 702 * Fix regression of duplicate header keys being discarded. 703 (Issue #563) 704 705 * ``Response.stream()`` returns a generator for chunked responses. 706 (Issue #560) 707 708 * Set upper-bound timeout when waiting for a socket in PyOpenSSL. 709 (Issue #585) 710 711 * Work on platforms without `ssl` module for plain HTTP requests. 712 (Issue #587) 713 714 * Stop relying on the stdlib's default cipher list. (Issue #588) 715 716 717 1.10.2 (2015-02-25) 718 ------------------- 719 720 * Fix file descriptor leakage on retries. (Issue #548) 721 722 * Removed RC4 from default cipher list. (Issue #551) 723 724 * Header performance improvements. (Issue #544) 725 726 * Fix PoolManager not obeying redirect retry settings. (Issue #553) 727 728 729 1.10.1 (2015-02-10) 730 ------------------- 731 732 * Pools can be used as context managers. (Issue #545) 733 734 * Don't re-use connections which experienced an SSLError. (Issue #529) 735 736 * Don't fail when gzip decoding an empty stream. (Issue #535) 737 738 * Add sha256 support for fingerprint verification. (Issue #540) 739 740 * Fixed handling of header values containing commas. (Issue #533) 741 742 743 1.10 (2014-12-14) 744 ----------------- 745 746 * Disabled SSLv3. (Issue #473) 747 748 * Add ``Url.url`` property to return the composed url string. (Issue #394) 749 750 * Fixed PyOpenSSL + gevent ``WantWriteError``. (Issue #412) 751 752 * ``MaxRetryError.reason`` will always be an exception, not string. 753 (Issue #481) 754 755 * Fixed SSL-related timeouts not being detected as timeouts. (Issue #492) 756 757 * Py3: Use ``ssl.create_default_context()`` when available. (Issue #473) 758 759 * Emit ``InsecureRequestWarning`` for *every* insecure HTTPS request. 760 (Issue #496) 761 762 * Emit ``SecurityWarning`` when certificate has no ``subjectAltName``. 763 (Issue #499) 764 765 * Close and discard sockets which experienced SSL-related errors. 766 (Issue #501) 767 768 * Handle ``body`` param in ``.request(...)``. (Issue #513) 769 770 * Respect timeout with HTTPS proxy. (Issue #505) 771 772 * PyOpenSSL: Handle ZeroReturnError exception. (Issue #520) 773 774 775 1.9.1 (2014-09-13) 776 ------------------ 777 778 * Apply socket arguments before binding. (Issue #427) 779 780 * More careful checks if fp-like object is closed. (Issue #435) 781 782 * Fixed packaging issues of some development-related files not 783 getting included. (Issue #440) 784 785 * Allow performing *only* fingerprint verification. (Issue #444) 786 787 * Emit ``SecurityWarning`` if system clock is waaay off. (Issue #445) 788 789 * Fixed PyOpenSSL compatibility with PyPy. (Issue #450) 790 791 * Fixed ``BrokenPipeError`` and ``ConnectionError`` handling in Py3. 792 (Issue #443) 793 794 795 796 1.9 (2014-07-04) 797 ---------------- 798 799 * Shuffled around development-related files. If you're maintaining a distro 800 package of urllib3, you may need to tweak things. (Issue #415) 801 802 * Unverified HTTPS requests will trigger a warning on the first request. See 803 our new `security documentation 804 <https://urllib3.readthedocs.io/en/latest/security.html>`_ for details. 805 (Issue #426) 806 807 * New retry logic and ``urllib3.util.retry.Retry`` configuration object. 808 (Issue #326) 809 810 * All raised exceptions should now wrapped in a 811 ``urllib3.exceptions.HTTPException``-extending exception. (Issue #326) 812 813 * All errors during a retry-enabled request should be wrapped in 814 ``urllib3.exceptions.MaxRetryError``, including timeout-related exceptions 815 which were previously exempt. Underlying error is accessible from the 816 ``.reason`` property. (Issue #326) 817 818 * ``urllib3.exceptions.ConnectionError`` renamed to 819 ``urllib3.exceptions.ProtocolError``. (Issue #326) 820 821 * Errors during response read (such as IncompleteRead) are now wrapped in 822 ``urllib3.exceptions.ProtocolError``. (Issue #418) 823 824 * Requesting an empty host will raise ``urllib3.exceptions.LocationValueError``. 825 (Issue #417) 826 827 * Catch read timeouts over SSL connections as 828 ``urllib3.exceptions.ReadTimeoutError``. (Issue #419) 829 830 * Apply socket arguments before connecting. (Issue #427) 831 832 833 1.8.3 (2014-06-23) 834 ------------------ 835 836 * Fix TLS verification when using a proxy in Python 3.4.1. (Issue #385) 837 838 * Add ``disable_cache`` option to ``urllib3.util.make_headers``. (Issue #393) 839 840 * Wrap ``socket.timeout`` exception with 841 ``urllib3.exceptions.ReadTimeoutError``. (Issue #399) 842 843 * Fixed proxy-related bug where connections were being reused incorrectly. 844 (Issues #366, #369) 845 846 * Added ``socket_options`` keyword parameter which allows to define 847 ``setsockopt`` configuration of new sockets. (Issue #397) 848 849 * Removed ``HTTPConnection.tcp_nodelay`` in favor of 850 ``HTTPConnection.default_socket_options``. (Issue #397) 851 852 * Fixed ``TypeError`` bug in Python 2.6.4. (Issue #411) 853 854 855 1.8.2 (2014-04-17) 856 ------------------ 857 858 * Fix ``urllib3.util`` not being included in the package. 859 860 861 1.8.1 (2014-04-17) 862 ------------------ 863 864 * Fix AppEngine bug of HTTPS requests going out as HTTP. (Issue #356) 865 866 * Don't install ``dummyserver`` into ``site-packages`` as it's only needed 867 for the test suite. (Issue #362) 868 869 * Added support for specifying ``source_address``. (Issue #352) 870 871 872 1.8 (2014-03-04) 873 ---------------- 874 875 * Improved url parsing in ``urllib3.util.parse_url`` (properly parse '@' in 876 username, and blank ports like 'hostname:'). 877 878 * New ``urllib3.connection`` module which contains all the HTTPConnection 879 objects. 880 881 * Several ``urllib3.util.Timeout``-related fixes. Also changed constructor 882 signature to a more sensible order. [Backwards incompatible] 883 (Issues #252, #262, #263) 884 885 * Use ``backports.ssl_match_hostname`` if it's installed. (Issue #274) 886 887 * Added ``.tell()`` method to ``urllib3.response.HTTPResponse`` which 888 returns the number of bytes read so far. (Issue #277) 889 890 * Support for platforms without threading. (Issue #289) 891 892 * Expand default-port comparison in ``HTTPConnectionPool.is_same_host`` 893 to allow a pool with no specified port to be considered equal to to an 894 HTTP/HTTPS url with port 80/443 explicitly provided. (Issue #305) 895 896 * Improved default SSL/TLS settings to avoid vulnerabilities. 897 (Issue #309) 898 899 * Fixed ``urllib3.poolmanager.ProxyManager`` not retrying on connect errors. 900 (Issue #310) 901 902 * Disable Nagle's Algorithm on the socket for non-proxies. A subset of requests 903 will send the entire HTTP request ~200 milliseconds faster; however, some of 904 the resulting TCP packets will be smaller. (Issue #254) 905 906 * Increased maximum number of SubjectAltNames in ``urllib3.contrib.pyopenssl`` 907 from the default 64 to 1024 in a single certificate. (Issue #318) 908 909 * Headers are now passed and stored as a custom 910 ``urllib3.collections_.HTTPHeaderDict`` object rather than a plain ``dict``. 911 (Issue #329, #333) 912 913 * Headers no longer lose their case on Python 3. (Issue #236) 914 915 * ``urllib3.contrib.pyopenssl`` now uses the operating system's default CA 916 certificates on inject. (Issue #332) 917 918 * Requests with ``retries=False`` will immediately raise any exceptions without 919 wrapping them in ``MaxRetryError``. (Issue #348) 920 921 * Fixed open socket leak with SSL-related failures. (Issue #344, #348) 922 923 924 1.7.1 (2013-09-25) 925 ------------------ 926 927 * Added granular timeout support with new ``urllib3.util.Timeout`` class. 928 (Issue #231) 929 930 * Fixed Python 3.4 support. (Issue #238) 931 932 933 1.7 (2013-08-14) 934 ---------------- 935 936 * More exceptions are now pickle-able, with tests. (Issue #174) 937 938 * Fixed redirecting with relative URLs in Location header. (Issue #178) 939 940 * Support for relative urls in ``Location: ...`` header. (Issue #179) 941 942 * ``urllib3.response.HTTPResponse`` now inherits from ``io.IOBase`` for bonus 943 file-like functionality. (Issue #187) 944 945 * Passing ``assert_hostname=False`` when creating a HTTPSConnectionPool will 946 skip hostname verification for SSL connections. (Issue #194) 947 948 * New method ``urllib3.response.HTTPResponse.stream(...)`` which acts as a 949 generator wrapped around ``.read(...)``. (Issue #198) 950 951 * IPv6 url parsing enforces brackets around the hostname. (Issue #199) 952 953 * Fixed thread race condition in 954 ``urllib3.poolmanager.PoolManager.connection_from_host(...)`` (Issue #204) 955 956 * ``ProxyManager`` requests now include non-default port in ``Host: ...`` 957 header. (Issue #217) 958 959 * Added HTTPS proxy support in ``ProxyManager``. (Issue #170 #139) 960 961 * New ``RequestField`` object can be passed to the ``fields=...`` param which 962 can specify headers. (Issue #220) 963 964 * Raise ``urllib3.exceptions.ProxyError`` when connecting to proxy fails. 965 (Issue #221) 966 967 * Use international headers when posting file names. (Issue #119) 968 969 * Improved IPv6 support. (Issue #203) 970 971 972 1.6 (2013-04-25) 973 ---------------- 974 975 * Contrib: Optional SNI support for Py2 using PyOpenSSL. (Issue #156) 976 977 * ``ProxyManager`` automatically adds ``Host: ...`` header if not given. 978 979 * Improved SSL-related code. ``cert_req`` now optionally takes a string like 980 "REQUIRED" or "NONE". Same with ``ssl_version`` takes strings like "SSLv23" 981 The string values reflect the suffix of the respective constant variable. 982 (Issue #130) 983 984 * Vendored ``socksipy`` now based on Anorov's fork which handles unexpectedly 985 closed proxy connections and larger read buffers. (Issue #135) 986 987 * Ensure the connection is closed if no data is received, fixes connection leak 988 on some platforms. (Issue #133) 989 990 * Added SNI support for SSL/TLS connections on Py32+. (Issue #89) 991 992 * Tests fixed to be compatible with Py26 again. (Issue #125) 993 994 * Added ability to choose SSL version by passing an ``ssl.PROTOCOL_*`` constant 995 to the ``ssl_version`` parameter of ``HTTPSConnectionPool``. (Issue #109) 996 997 * Allow an explicit content type to be specified when encoding file fields. 998 (Issue #126) 999 1000 * Exceptions are now pickleable, with tests. (Issue #101) 1001 1002 * Fixed default headers not getting passed in some cases. (Issue #99) 1003 1004 * Treat "content-encoding" header value as case-insensitive, per RFC 2616 1005 Section 3.5. (Issue #110) 1006 1007 * "Connection Refused" SocketErrors will get retried rather than raised. 1008 (Issue #92) 1009 1010 * Updated vendored ``six``, no longer overrides the global ``six`` module 1011 namespace. (Issue #113) 1012 1013 * ``urllib3.exceptions.MaxRetryError`` contains a ``reason`` property holding 1014 the exception that prompted the final retry. If ``reason is None`` then it 1015 was due to a redirect. (Issue #92, #114) 1016 1017 * Fixed ``PoolManager.urlopen()`` from not redirecting more than once. 1018 (Issue #149) 1019 1020 * Don't assume ``Content-Type: text/plain`` for multi-part encoding parameters 1021 that are not files. (Issue #111) 1022 1023 * Pass `strict` param down to ``httplib.HTTPConnection``. (Issue #122) 1024 1025 * Added mechanism to verify SSL certificates by fingerprint (md5, sha1) or 1026 against an arbitrary hostname (when connecting by IP or for misconfigured 1027 servers). (Issue #140) 1028 1029 * Streaming decompression support. (Issue #159) 1030 1031 1032 1.5 (2012-08-02) 1033 ---------------- 1034 1035 * Added ``urllib3.add_stderr_logger()`` for quickly enabling STDERR debug 1036 logging in urllib3. 1037 1038 * Native full URL parsing (including auth, path, query, fragment) available in 1039 ``urllib3.util.parse_url(url)``. 1040 1041 * Built-in redirect will switch method to 'GET' if status code is 303. 1042 (Issue #11) 1043 1044 * ``urllib3.PoolManager`` strips the scheme and host before sending the request 1045 uri. (Issue #8) 1046 1047 * New ``urllib3.exceptions.DecodeError`` exception for when automatic decoding, 1048 based on the Content-Type header, fails. 1049 1050 * Fixed bug with pool depletion and leaking connections (Issue #76). Added 1051 explicit connection closing on pool eviction. Added 1052 ``urllib3.PoolManager.clear()``. 1053 1054 * 99% -> 100% unit test coverage. 1055 1056 1057 1.4 (2012-06-16) 1058 ---------------- 1059 1060 * Minor AppEngine-related fixes. 1061 1062 * Switched from ``mimetools.choose_boundary`` to ``uuid.uuid4()``. 1063 1064 * Improved url parsing. (Issue #73) 1065 1066 * IPv6 url support. (Issue #72) 1067 1068 1069 1.3 (2012-03-25) 1070 ---------------- 1071 1072 * Removed pre-1.0 deprecated API. 1073 1074 * Refactored helpers into a ``urllib3.util`` submodule. 1075 1076 * Fixed multipart encoding to support list-of-tuples for keys with multiple 1077 values. (Issue #48) 1078 1079 * Fixed multiple Set-Cookie headers in response not getting merged properly in 1080 Python 3. (Issue #53) 1081 1082 * AppEngine support with Py27. (Issue #61) 1083 1084 * Minor ``encode_multipart_formdata`` fixes related to Python 3 strings vs 1085 bytes. 1086 1087 1088 1.2.2 (2012-02-06) 1089 ------------------ 1090 1091 * Fixed packaging bug of not shipping ``test-requirements.txt``. (Issue #47) 1092 1093 1094 1.2.1 (2012-02-05) 1095 ------------------ 1096 1097 * Fixed another bug related to when ``ssl`` module is not available. (Issue #41) 1098 1099 * Location parsing errors now raise ``urllib3.exceptions.LocationParseError`` 1100 which inherits from ``ValueError``. 1101 1102 1103 1.2 (2012-01-29) 1104 ---------------- 1105 1106 * Added Python 3 support (tested on 3.2.2) 1107 1108 * Dropped Python 2.5 support (tested on 2.6.7, 2.7.2) 1109 1110 * Use ``select.poll`` instead of ``select.select`` for platforms that support 1111 it. 1112 1113 * Use ``Queue.LifoQueue`` instead of ``Queue.Queue`` for more aggressive 1114 connection reusing. Configurable by overriding ``ConnectionPool.QueueCls``. 1115 1116 * Fixed ``ImportError`` during install when ``ssl`` module is not available. 1117 (Issue #41) 1118 1119 * Fixed ``PoolManager`` redirects between schemes (such as HTTP -> HTTPS) not 1120 completing properly. (Issue #28, uncovered by Issue #10 in v1.1) 1121 1122 * Ported ``dummyserver`` to use ``tornado`` instead of ``webob`` + 1123 ``eventlet``. Removed extraneous unsupported dummyserver testing backends. 1124 Added socket-level tests. 1125 1126 * More tests. Achievement Unlocked: 99% Coverage. 1127 1128 1129 1.1 (2012-01-07) 1130 ---------------- 1131 1132 * Refactored ``dummyserver`` to its own root namespace module (used for 1133 testing). 1134 1135 * Added hostname verification for ``VerifiedHTTPSConnection`` by vendoring in 1136 Py32's ``ssl_match_hostname``. (Issue #25) 1137 1138 * Fixed cross-host HTTP redirects when using ``PoolManager``. (Issue #10) 1139 1140 * Fixed ``decode_content`` being ignored when set through ``urlopen``. (Issue 1141 #27) 1142 1143 * Fixed timeout-related bugs. (Issues #17, #23) 1144 1145 1146 1.0.2 (2011-11-04) 1147 ------------------ 1148 1149 * Fixed typo in ``VerifiedHTTPSConnection`` which would only present as a bug if 1150 you're using the object manually. (Thanks pyos) 1151 1152 * Made RecentlyUsedContainer (and consequently PoolManager) more thread-safe by 1153 wrapping the access log in a mutex. (Thanks @christer) 1154 1155 * Made RecentlyUsedContainer more dict-like (corrected ``__delitem__`` and 1156 ``__getitem__`` behaviour), with tests. Shouldn't affect core urllib3 code. 1157 1158 1159 1.0.1 (2011-10-10) 1160 ------------------ 1161 1162 * Fixed a bug where the same connection would get returned into the pool twice, 1163 causing extraneous "HttpConnectionPool is full" log warnings. 1164 1165 1166 1.0 (2011-10-08) 1167 ---------------- 1168 1169 * Added ``PoolManager`` with LRU expiration of connections (tested and 1170 documented). 1171 * Added ``ProxyManager`` (needs tests, docs, and confirmation that it works 1172 with HTTPS proxies). 1173 * Added optional partial-read support for responses when 1174 ``preload_content=False``. You can now make requests and just read the headers 1175 without loading the content. 1176 * Made response decoding optional (default on, same as before). 1177 * Added optional explicit boundary string for ``encode_multipart_formdata``. 1178 * Convenience request methods are now inherited from ``RequestMethods``. Old 1179 helpers like ``get_url`` and ``post_url`` should be abandoned in favour of 1180 the new ``request(method, url, ...)``. 1181 * Refactored code to be even more decoupled, reusable, and extendable. 1182 * License header added to ``.py`` files. 1183 * Embiggened the documentation: Lots of Sphinx-friendly docstrings in the code 1184 and docs in ``docs/`` and on https://urllib3.readthedocs.io/. 1185 * Embettered all the things! 1186 * Started writing this file. 1187 1188 1189 0.4.1 (2011-07-17) 1190 ------------------ 1191 1192 * Minor bug fixes, code cleanup. 1193 1194 1195 0.4 (2011-03-01) 1196 ---------------- 1197 1198 * Better unicode support. 1199 * Added ``VerifiedHTTPSConnection``. 1200 * Added ``NTLMConnectionPool`` in contrib. 1201 * Minor improvements. 1202 1203 1204 0.3.1 (2010-07-13) 1205 ------------------ 1206 1207 * Added ``assert_host_name`` optional parameter. Now compatible with proxies. 1208 1209 1210 0.3 (2009-12-10) 1211 ---------------- 1212 1213 * Added HTTPS support. 1214 * Minor bug fixes. 1215 * Refactored, broken backwards compatibility with 0.2. 1216 * API to be treated as stable from this version forward. 1217 1218 1219 0.2 (2008-11-17) 1220 ---------------- 1221 1222 * Added unit tests. 1223 * Bug fixes. 1224 1225 1226 0.1 (2008-11-16) 1227 ---------------- 1228 1229 * First release. 1230 1231Keywords: urllib httplib threadsafe filepost http https ssl pooling 1232Platform: UNKNOWN 1233Classifier: Environment :: Web Environment 1234Classifier: Intended Audience :: Developers 1235Classifier: License :: OSI Approved :: MIT License 1236Classifier: Operating System :: OS Independent 1237Classifier: Programming Language :: Python 1238Classifier: Programming Language :: Python :: 2 1239Classifier: Programming Language :: Python :: 2.7 1240Classifier: Programming Language :: Python :: 3 1241Classifier: Programming Language :: Python :: 3.5 1242Classifier: Programming Language :: Python :: 3.6 1243Classifier: Programming Language :: Python :: 3.7 1244Classifier: Programming Language :: Python :: 3.8 1245Classifier: Programming Language :: Python :: 3.9 1246Classifier: Programming Language :: Python :: Implementation :: CPython 1247Classifier: Programming Language :: Python :: Implementation :: PyPy 1248Classifier: Topic :: Internet :: WWW/HTTP 1249Classifier: Topic :: Software Development :: Libraries 1250Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4 1251Provides-Extra: brotli 1252Provides-Extra: secure 1253Provides-Extra: socks 1254