Releases: ktorio/ktor
Releases · ktorio/ktor
3.0.0-beta-2
Published 15 July 2024
Bugfixes
- io.ktor.util.TextKt.chomp doesn't work on strings with more than one character (KTOR-7209)
- DefaultRequest plugin overwrites http protocol (KTOR-5586)
- Ktor build problem; cannot compile native targets (KTOR-6666)
- SSEException is thrown instead of JobCancellationException when coroutine's job is cancelled (KTOR-6571)
- SSE request drops request body (KTOR-6659)
- SSE: UnsupportedContentTypeException when sending POST request using OKHttp engine (KTOR-6911)
- SSE: NoTransformationFoundException when Logging plugin with LogLevel.ALL is used (KTOR-6912)
- Installing SSE breaks GET/POST functionality (KTOR-6614)
- Cookies with a long Max-Age incorrectly expire in AcceptAllCookiesStorage (KTOR-6646)
- Some dependency versions not tracked (KTOR-7123)
- CSRF: false positive originMatchesHost validation when default port is explicitly defined (KTOR-6701)
- Double Transfer-Encoding header while using respondOutputStream on Tomcat (KTOR-6574)
Improvements
- HttpCalValidatorConfig class name is misspelled (KTOR-6625)
- CallLogging: package is misspelled (KTOR-4273)
- Ambiguous coroutineContext warning in routing handler (KTOR-5181)
- Tracing: allow changing log level at runtime for routing (KTOR-7193)
- io.ktor.network.tls.TLSException has internal visibility (KTOR-6767)
- Auth: Make
refreshTokenofBearerTokensclass nullable (KTOR-6928) - Ktor test application library references internal module (KTOR-6668)
- CSRF: Confusing error message when Origin validation is enabled and only Referrer header is sent (KTOR-6702)
- CSRF: validations probably shouldn't be applied to GET/HEAD/OPTIONS requests (KTOR-6698)
- CSRF: Empty onFailure option is misleading (KTOR-6687)
- Misleading assertion message in the testEmbeddedServerCancellation test (KTOR-6657)
- Allow setting "Secure" flag for cookies on localhost (KTOR-6593)
- SSE: Unable to access response headers (KTOR-6660)
- SSE: Improve support for testing (KTOR-3290)
- OAuth handler does not propagate redirection errors to the caller (KTOR-6605)
- HttpTimeoutTest.testConnect are flaky (KTOR-1583)
Features
- Migrate to new kotlinx.io library (KTOR-6030)
- Change default session serializer to the one that uses kotlinx-serializaion (KTOR-6175)
- Replace custom withTimeout implementation using WeakTimeoutQueue with coroutines.withTimeout (KTOR-3658)
- Add Url capability: parsing/validating url strings (KTOR-360)
- SSE: Support handling HTTP failures (KTOR-6808)
- Ktor client for Kotlin/Wasm (KTOR-5587)
- CSRF protection feature (KTOR-2910)
2.3.12
Published 20 June 2024
Bugfixes
- NoSuchMethodError when using coroutines 1.9.0-RC (KTOR-7054)
- Server: Content-Type header for static js, css and svg resources misses charset (KTOR-6655)
- Embedded Linux device without iso-8859-1 and UTF-16 cannot use ktor-network (KTOR-7016)
Improvements
- Update netty to 4.1.111.Final (KTOR-7094)
- Update netty due to CVE-2024-29025 (KTOR-7014)
- Update dependency on swagger (KTOR-7019)
2.3.11
2.3.10
Published 8 April 2024
Bugfixes
- CallLogging, StatusPages: response logged twice when status handler is used (KTOR-6839)
- NodeJS WebSocket client sometimes drops a frame received immediately after handshake (KTOR-6883)
- IPv6 addresses are not supported in NettyConnectionPoint and CIOConnectionPoint (KTOR-5383)
- JS browser: "Maximum call stack size exceeded" on HTTP request when targeting es2015 (KTOR-6878)
- CIO: File upload fails with
NumberFormatExceptionwhen uploading file larger than INT_MAX bytes (~2.1 GiB) since 2.3.0 (KTOR-6851) - CallLogging: the plugin completely overrides MDC if at least one entry is configured (KTOR-6642)
- SSE plugin: Duplicated "Content-Type: text/event-stream" headers (KTOR-6735)
- CIO: "getSubjectAlternativeNames(...) must not be null" when IP-addresses are verified and no SAN in the certificate (KTOR-6746)
Improvements
2.3.9
2.3.8
Published 31 January 2024
Bugfixes
- "KeyStoreException: JKS not found" exception on Android when configuring secure connection (KTOR-6720)
URLBuildercrashes on React Native platforms (KTOR-6576)- CIO: Unable to perform WebSocket upgrade when Content-Type header is sent in the request (KTOR-6366)
- ContentNegotiation: Adding charset to content type of JacksonConverter breaks request matching (KTOR-6420)
- High Native Server Memory Usage (KTOR-6321)
- Server ContentNegotiation no longer allows multiple decoders for one Content-Type (KTOR-5410)
- Logging plugin blocks response body streaming when level is BODY (KTOR-6482)
- WebSockets: Confusing error message when server doesn't respond with Upgrade (KTOR-6397)
- {...} (tailcard) does not match URLs ending with '/' (KTOR-2121)
- HttpCache: NumberFormatException for cache-control with max age more than Int.MAX_VALUE (KTOR-6505)
- CORS:
allowHostwithout the second argument doesn't allow the secure host (KTOR-6494) - "ReferenceError: 'self' is not defined" when using URLBuilder in a custom JS engine (KTOR-5978)
- MDC diagnostic value is changed during logging of the request (KTOR-6528)
- WebSocket doesn't get terminated when runBlocking is used (KTOR-6664)
- CIO: "getSubjectAlternativeNames(...) must not be null" error on Android when using CA without SAN since 2.3.5 (KTOR-6396)
- RequestConnectionPoint should implement toString() (KTOR-6577)
2.3.7
Published 7 December 2023
Bugfixes
- Server ContentNegotiation no longer allows multiple decoders for one Content-Type (KTOR-5410)
- High Native Server Memory Usage (KTOR-6321)
- WebSockets: Confusing error message when server doesn't respond with Upgrade (KTOR-6397)
- ContentNegotiation: Adding charset to content type of JacksonConverter breaks request matching (KTOR-6420)
3.0.0-beta-1
Published 23 November 2023
Bugfixes
- OkHttp: SSE client throws confusing "Unexpected error" on non 200 status (KTOR-6390)
- Logging plugin blocks response body streaming when level is BODY (KTOR-6482)
- HttpResponseValidator consumes HTTP response body (KTOR-4225)
- CIO: Unable to perform WebSocket upgrade when Content-Type header is sent in the request (KTOR-6366)
- ContentNegotiation: Adding charset to content type of JacksonConverter breaks request matching (KTOR-6420)
- DOS via OOM due to unbound request body size (KTOR-2682)
- AcceptAllCookiesStorage ignores cookie's max-age (KTOR-2023)
- Inconsistent behavior for different engines when exception is thrown in the writer of WriteChannelContent (KTOR-3266)
- Server doesn't send a response when a status code is passed to call.respond and the custom serializer throws an exception (KTOR-6150)
- contentLength() returns null on Android (KTOR-1540)
Improvements
- Kotlin/JS: Allow passing custom Agent (KTOR-5861)
- Update Kotlin to 1.9.0 (KTOR-6123)
- Update Kotlin to 1.9.20 (KTOR-6447)
- Deprecate Locations with Level.ERROR (KTOR-6029)
- HSTS plugin hard codes port 443 (KTOR-4168)
- API to use java.nio.Path as resources (KTOR-4275)
- Ability to serve static resources from a .zip file (KTOR-6385)
- Make DefaultHeaders plugin Kotlin native compatible (KTOR-6356)
- Disable compression for SSE requests (KTOR-6327)
- Drop http timeout for sse requests (KTOR-6312)
- Add deprecations for old IO API (KTOR-6036)
- Drop old deprecations (KTOR-6262)
- Drop actual modifier for Memory class in jvm for compatibility with K2 (KTOR-6006)
- Remove @Suppress("NO_ACTUAL_CLASS_MEMBER_FOR_EXPECTED_CLASS") in preparation for Kotlin 2.0 (KTOR-5824)
- Migrate client plugins to new API (KTOR-6303)
- Jetty Server no idle timeout configuration possible (KTOR-6288)
- AttributeKey equality comparison breaks type safety (KTOR-6122)
- Darwin: Support accessing NSURLSessionDelegate (KTOR-5688)
- Remove writing multipart data to temp file (KTOR-5881)
- Netty: Allow listening only for HTTP/1.1 protocol SSL connections (KTOR-6098)
- Persistent Cookie Storage: Make Cookie.matches and Cookie.fillDefaults methods public (KTOR-6119)
- Decompressed response/request should unset Content-Encoding header (KTOR-6080)
- renderSetCookieHeader shouldn't ignore maxAge = 0 (KTOR-6007)
- Webjars plugin should include caching headers and ETag by default (KTOR-6073)
- SessionsConfig.cookie problem with reified type argument (KTOR-5905)
- Make LDAP Auth return generic Principal instead of UserIdPrincipal (KTOR-793)
- Logger name should be prefixed with io.ktor (KTOR-938)
Features
- Add Server-sent events (SSE) plugin for client and support for OkHttp engine (KTOR-505)
- Client support for SSE plugin (CIO, Apache, Java) (KTOR-5963)
- SSE plugin support in Js, Android, Curl, Darwin, WinHttp client engine (KTOR-6217)
- Add Server-sent events (SSE) plugin for server (KTOR-6172)
- Support UTF-8 BOM character (KTOR-5812)
- Support Compression of Request Body with ContentEncoding Client Plugin (KTOR-4502)
Contributors
Suppress
Assets 2
2.3.6
Published 7 November 2023
Bugfixes
- Resolved connectors job does not complete in TestApplicationEngine (KTOR-6411)
- Darwin: Even a coroutine Job is canceled network load keeps high (KTOR-6243)
- Darwin: EOFException when sending multipart data using Ktor 2.3.4 (KTOR-6281)
- Ktor JS client unconfigurable logging in node (KTOR-6275)
- CIO: getEngineHeaderValues() returns duplicated values (KTOR-6352)
- "Server sent a subprotocol but none was requested" when using Node WebSockets (KTOR-4001)
- YAML properties with literal value null cannot be read since 2.3.1 (KTOR-6357)
- AndroidClientEngine cannot handle content length that exceeds Int range (KTOR-6344)
- Client unable to make subsequent requests after the network disconnection and connection when ResponseObserver is installed (KTOR-6252)
- Outdated Gradle jib plubin does not support application/vnd.oci.image.index.v1+json media type (KTOR-6280)
- KTor 2.3.5 Kotlin 1.9.x upgrade is a breaking change (KTOR-6354)
- WebSockets (CIO): Connection Failure Due to Lowercase 'upgrade' in 'Connection: upgrade' Header (KTOR-6388)
- WinHttp: ArrayIndexOutOfBoundsException when sending WS frame with empty body (KTOR-6394)
- Update dependency com.auth0:jwks-rsa to v0.22.1