METADATA 37 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207
  1. Metadata-Version: 2.1
  2. Name: urllib3
  3. Version: 1.25.3
  4. Summary: HTTP library with thread-safe connection pooling, file post, and more.
  5. Home-page: https://urllib3.readthedocs.io/
  6. Author: Andrey Petrov
  7. Author-email: andrey.petrov@shazow.net
  8. License: MIT
  9. Keywords: urllib httplib threadsafe filepost http https ssl pooling
  10. Platform: UNKNOWN
  11. Classifier: Environment :: Web Environment
  12. Classifier: Intended Audience :: Developers
  13. Classifier: License :: OSI Approved :: MIT License
  14. Classifier: Operating System :: OS Independent
  15. Classifier: Programming Language :: Python
  16. Classifier: Programming Language :: Python :: 2
  17. Classifier: Programming Language :: Python :: 2.7
  18. Classifier: Programming Language :: Python :: 3
  19. Classifier: Programming Language :: Python :: 3.4
  20. Classifier: Programming Language :: Python :: 3.5
  21. Classifier: Programming Language :: Python :: 3.6
  22. Classifier: Programming Language :: Python :: 3.7
  23. Classifier: Programming Language :: Python :: 3.8
  24. Classifier: Programming Language :: Python :: Implementation :: CPython
  25. Classifier: Programming Language :: Python :: Implementation :: PyPy
  26. Classifier: Topic :: Internet :: WWW/HTTP
  27. Classifier: Topic :: Software Development :: Libraries
  28. Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, <4
  29. Provides-Extra: brotli
  30. Requires-Dist: brotlipy (>=0.6.0) ; extra == 'brotli'
  31. Provides-Extra: secure
  32. Requires-Dist: pyOpenSSL (>=0.14) ; extra == 'secure'
  33. Requires-Dist: cryptography (>=1.3.4) ; extra == 'secure'
  34. Requires-Dist: idna (>=2.0.0) ; extra == 'secure'
  35. Requires-Dist: certifi ; extra == 'secure'
  36. Requires-Dist: ipaddress ; (python_version == "2.7") and extra == 'secure'
  37. Provides-Extra: socks
  38. Requires-Dist: PySocks (!=1.5.7,<2.0,>=1.5.6) ; extra == 'socks'
  39. urllib3
  40. =======
  41. .. image:: https://travis-ci.org/urllib3/urllib3.svg?branch=master
  42. :alt: Build status on Travis
  43. :target: https://travis-ci.org/urllib3/urllib3
  44. .. image:: https://img.shields.io/appveyor/ci/urllib3/urllib3/master.svg
  45. :alt: Build status on AppVeyor
  46. :target: https://ci.appveyor.com/project/urllib3/urllib3
  47. .. image:: https://readthedocs.org/projects/urllib3/badge/?version=latest
  48. :alt: Documentation Status
  49. :target: https://urllib3.readthedocs.io/en/latest/
  50. .. image:: https://img.shields.io/codecov/c/github/urllib3/urllib3.svg
  51. :alt: Coverage Status
  52. :target: https://codecov.io/gh/urllib3/urllib3
  53. .. image:: https://img.shields.io/pypi/v/urllib3.svg?maxAge=86400
  54. :alt: PyPI version
  55. :target: https://pypi.org/project/urllib3/
  56. .. image:: https://badges.gitter.im/python-urllib3/Lobby.svg
  57. :alt: Gitter
  58. :target: https://gitter.im/python-urllib3/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
  59. .. image:: https://tidelift.com/badges/github/urllib3/urllib3
  60. :alt: Tidelift Dependencies
  61. :target: https://tidelift.com/subscription/pkg/pypi-urllib3?utm_source=pypi-urllib3&utm_medium=referral&utm_campaign=docs
  62. urllib3 is a powerful, *sanity-friendly* HTTP client for Python. Much of the
  63. Python ecosystem already uses urllib3 and you should too.
  64. urllib3 brings many critical features that are missing from the Python
  65. standard libraries:
  66. - Thread safety.
  67. - Connection pooling.
  68. - Client-side SSL/TLS verification.
  69. - File uploads with multipart encoding.
  70. - Helpers for retrying requests and dealing with HTTP redirects.
  71. - Support for gzip, deflate, and brotli encoding.
  72. - Proxy support for HTTP and SOCKS.
  73. - 100% test coverage.
  74. urllib3 is powerful and easy to use::
  75. >>> import urllib3
  76. >>> http = urllib3.PoolManager()
  77. >>> r = http.request('GET', 'http://httpbin.org/robots.txt')
  78. >>> r.status
  79. 200
  80. >>> r.data
  81. 'User-agent: *\nDisallow: /deny\n'
  82. Installing
  83. ----------
  84. urllib3 can be installed with `pip <https://pip.pypa.io>`_::
  85. $ pip install urllib3
  86. Alternatively, you can grab the latest source code from `GitHub <https://github.com/urllib3/urllib3>`_::
  87. $ git clone git://github.com/urllib3/urllib3.git
  88. $ python setup.py install
  89. Documentation
  90. -------------
  91. urllib3 has usage and reference documentation at `urllib3.readthedocs.io <https://urllib3.readthedocs.io>`_.
  92. Contributing
  93. ------------
  94. urllib3 happily accepts contributions. Please see our
  95. `contributing documentation <https://urllib3.readthedocs.io/en/latest/contributing.html>`_
  96. for some tips on getting started.
  97. Security Disclosures
  98. --------------------
  99. To report a security vulnerability, please use the
  100. `Tidelift security contact <https://tidelift.com/security>`_.
  101. Tidelift will coordinate the fix and disclosure with maintainers.
  102. Maintainers
  103. -----------
  104. - `@theacodes <https://github.com/theacodes>`_ (Thea Flowers)
  105. - `@sethmlarson <https://github.com/sethmlarson>`_ (Seth M. Larson)
  106. - `@haikuginger <https://github.com/haikuginger>`_ (Jess Shapiro)
  107. - `@lukasa <https://github.com/lukasa>`_ (Cory Benfield)
  108. - `@sigmavirus24 <https://github.com/sigmavirus24>`_ (Ian Cordasco)
  109. - `@shazow <https://github.com/shazow>`_ (Andrey Petrov)
  110. 👋
  111. Sponsorship
  112. -----------
  113. .. |tideliftlogo| image:: https://nedbatchelder.com/pix/Tidelift_Logos_RGB_Tidelift_Shorthand_On-White_small.png
  114. :width: 75
  115. :alt: Tidelift
  116. .. list-table::
  117. :widths: 10 100
  118. * - |tideliftlogo|
  119. - Professional support for urllib3 is available as part of the `Tidelift
  120. Subscription`_. Tidelift gives software development teams a single source for
  121. purchasing and maintaining their software, with professional grade assurances
  122. from the experts who know it best, while seamlessly integrating with existing
  123. tools.
  124. .. _Tidelift Subscription: https://tidelift.com/subscription/pkg/pypi-urllib3?utm_source=pypi-urllib3&utm_medium=referral&utm_campaign=readme
  125. If your company benefits from this library, please consider `sponsoring its
  126. development <https://urllib3.readthedocs.io/en/latest/contributing.html#sponsorship-project-grants>`_.
  127. Sponsors include:
  128. - Google Cloud Platform (2018-present), sponsors `@theacodes <https://github.com/theacodes>`_'s work on an ongoing basis
  129. - Abbott (2018-present), sponsors `@sethmlarson <https://github.com/sethmlarson>`_'s work on an ongoing basis
  130. - Akamai (2017-2018), sponsored `@haikuginger <https://github.com/haikuginger>`_'s work on urllib3
  131. - Hewlett Packard Enterprise (2016-2017), sponsored `@Lukasa’s <https://github.com/Lukasa>`_ work on urllib3
  132. Changes
  133. =======
  134. 1.25.3 (2019-05-23)
  135. -------------------
  136. * Change ``HTTPSConnection`` to load system CA certificates
  137. when ``ca_certs``, ``ca_cert_dir``, and ``ssl_context`` are
  138. unspecified. (Pull #1608, Issue #1603)
  139. * Upgrade bundled rfc3986 to v1.3.2. (Pull #1609, Issue #1605)
  140. 1.25.2 (2019-04-28)
  141. -------------------
  142. * Change ``is_ipaddress`` to not detect IPvFuture addresses. (Pull #1583)
  143. * Change ``parse_url`` to percent-encode invalid characters within the
  144. path, query, and target components. (Pull #1586)
  145. 1.25.1 (2019-04-24)
  146. -------------------
  147. * Add support for Google's ``Brotli`` package. (Pull #1572, Pull #1579)
  148. * Upgrade bundled rfc3986 to v1.3.1 (Pull #1578)
  149. 1.25 (2019-04-22)
  150. -----------------
  151. * Require and validate certificates by default when using HTTPS (Pull #1507)
  152. * Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant. (Pull #1487)
  153. * Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
  154. encrypted ``key_file`` without creating your own ``SSLContext`` object. (Pull #1489)
  155. * Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
  156. implementations. (Pull #1496)
  157. * Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft. (Issue #303, PR #1492)
  158. * Fixed issue where OpenSSL would block if an encrypted client private key was
  159. given and no password was given. Instead an ``SSLError`` is raised. (Pull #1489)
  160. * Added support for Brotli content encoding. It is enabled automatically if
  161. ``brotlipy`` package is installed which can be requested with
  162. ``urllib3[brotli]`` extra. (Pull #1532)
  163. * Drop ciphers using DSS key exchange from default TLS cipher suites.
  164. Improve default ciphers when using SecureTransport. (Pull #1496)
  165. * Implemented a more efficient ``HTTPResponse.__iter__()`` method. (Issue #1483)
  166. 1.24.3 (2019-05-01)
  167. -------------------
  168. * Apply fix for CVE-2019-9740. (Pull #1591)
  169. 1.24.2 (2019-04-17)
  170. -------------------
  171. * Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or
  172. ``ssl_context`` parameters are specified.
  173. * Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510)
  174. * Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269)
  175. 1.24.1 (2018-11-02)
  176. -------------------
  177. * Remove quadratic behavior within ``GzipDecoder.decompress()`` (Issue #1467)
  178. * Restored functionality of ``ciphers`` parameter for ``create_urllib3_context()``. (Issue #1462)
  179. 1.24 (2018-10-16)
  180. -----------------
  181. * Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull #1449)
  182. * Test against Python 3.7 on AppVeyor. (Pull #1453)
  183. * Early-out ipv6 checks when running on App Engine. (Pull #1450)
  184. * Change ambiguous description of backoff_factor (Pull #1436)
  185. * Add ability to handle multiple Content-Encodings (Issue #1441 and Pull #1442)
  186. * Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue #1405).
  187. * Add a server_hostname parameter to HTTPSConnection which allows for
  188. overriding the SNI hostname sent in the handshake. (Pull #1397)
  189. * Drop support for EOL Python 2.6 (Pull #1429 and Pull #1430)
  190. * Fixed bug where responses with header Content-Type: message/* erroneously
  191. raised HeaderParsingError, resulting in a warning being logged. (Pull #1439)
  192. * Move urllib3 to src/urllib3 (Pull #1409)
  193. 1.23 (2018-06-04)
  194. -----------------
  195. * Allow providing a list of headers to strip from requests when redirecting
  196. to a different host. Defaults to the ``Authorization`` header. Different
  197. headers can be set via ``Retry.remove_headers_on_redirect``. (Issue #1316)
  198. * Fix ``util.selectors._fileobj_to_fd`` to accept ``long`` (Issue #1247).
  199. * Dropped Python 3.3 support. (Pull #1242)
  200. * Put the connection back in the pool when calling stream() or read_chunked() on
  201. a chunked HEAD response. (Issue #1234)
  202. * Fixed pyOpenSSL-specific ssl client authentication issue when clients
  203. attempted to auth via certificate + chain (Issue #1060)
  204. * Add the port to the connectionpool connect print (Pull #1251)
  205. * Don't use the ``uuid`` module to create multipart data boundaries. (Pull #1380)
  206. * ``read_chunked()`` on a closed response returns no chunks. (Issue #1088)
  207. * Add Python 2.6 support to ``contrib.securetransport`` (Pull #1359)
  208. * Added support for auth info in url for SOCKS proxy (Pull #1363)
  209. 1.22 (2017-07-20)
  210. -----------------
  211. * Fixed missing brackets in ``HTTP CONNECT`` when connecting to IPv6 address via
  212. IPv6 proxy. (Issue #1222)
  213. * Made the connection pool retry on ``SSLError``. The original ``SSLError``
  214. is available on ``MaxRetryError.reason``. (Issue #1112)
  215. * Drain and release connection before recursing on retry/redirect. Fixes
  216. deadlocks with a blocking connectionpool. (Issue #1167)
  217. * Fixed compatibility for cookiejar. (Issue #1229)
  218. * pyopenssl: Use vendored version of ``six``. (Issue #1231)
  219. 1.21.1 (2017-05-02)
  220. -------------------
  221. * Fixed SecureTransport issue that would cause long delays in response body
  222. delivery. (Pull #1154)
  223. * Fixed regression in 1.21 that threw exceptions when users passed the
  224. ``socket_options`` flag to the ``PoolManager``. (Issue #1165)
  225. * Fixed regression in 1.21 that threw exceptions when users passed the
  226. ``assert_hostname`` or ``assert_fingerprint`` flag to the ``PoolManager``.
  227. (Pull #1157)
  228. 1.21 (2017-04-25)
  229. -----------------
  230. * Improved performance of certain selector system calls on Python 3.5 and
  231. later. (Pull #1095)
  232. * Resolved issue where the PyOpenSSL backend would not wrap SysCallError
  233. exceptions appropriately when sending data. (Pull #1125)
  234. * Selectors now detects a monkey-patched select module after import for modules
  235. that patch the select module like eventlet, greenlet. (Pull #1128)
  236. * Reduced memory consumption when streaming zlib-compressed responses
  237. (as opposed to raw deflate streams). (Pull #1129)
  238. * Connection pools now use the entire request context when constructing the
  239. pool key. (Pull #1016)
  240. * ``PoolManager.connection_from_*`` methods now accept a new keyword argument,
  241. ``pool_kwargs``, which are merged with the existing ``connection_pool_kw``.
  242. (Pull #1016)
  243. * Add retry counter for ``status_forcelist``. (Issue #1147)
  244. * Added ``contrib`` module for using SecureTransport on macOS:
  245. ``urllib3.contrib.securetransport``. (Pull #1122)
  246. * urllib3 now only normalizes the case of ``http://`` and ``https://`` schemes:
  247. for schemes it does not recognise, it assumes they are case-sensitive and
  248. leaves them unchanged.
  249. (Issue #1080)
  250. 1.20 (2017-01-19)
  251. -----------------
  252. * Added support for waiting for I/O using selectors other than select,
  253. improving urllib3's behaviour with large numbers of concurrent connections.
  254. (Pull #1001)
  255. * Updated the date for the system clock check. (Issue #1005)
  256. * ConnectionPools now correctly consider hostnames to be case-insensitive.
  257. (Issue #1032)
  258. * Outdated versions of PyOpenSSL now cause the PyOpenSSL contrib module
  259. to fail when it is injected, rather than at first use. (Pull #1063)
  260. * Outdated versions of cryptography now cause the PyOpenSSL contrib module
  261. to fail when it is injected, rather than at first use. (Issue #1044)
  262. * Automatically attempt to rewind a file-like body object when a request is
  263. retried or redirected. (Pull #1039)
  264. * Fix some bugs that occur when modules incautiously patch the queue module.
  265. (Pull #1061)
  266. * Prevent retries from occurring on read timeouts for which the request method
  267. was not in the method whitelist. (Issue #1059)
  268. * Changed the PyOpenSSL contrib module to lazily load idna to avoid
  269. unnecessarily bloating the memory of programs that don't need it. (Pull
  270. #1076)
  271. * Add support for IPv6 literals with zone identifiers. (Pull #1013)
  272. * Added support for socks5h:// and socks4a:// schemes when working with SOCKS
  273. proxies, and controlled remote DNS appropriately. (Issue #1035)
  274. 1.19.1 (2016-11-16)
  275. -------------------
  276. * Fixed AppEngine import that didn't function on Python 3.5. (Pull #1025)
  277. 1.19 (2016-11-03)
  278. -----------------
  279. * urllib3 now respects Retry-After headers on 413, 429, and 503 responses when
  280. using the default retry logic. (Pull #955)
  281. * Remove markers from setup.py to assist ancient setuptools versions. (Issue
  282. #986)
  283. * Disallow superscripts and other integerish things in URL ports. (Issue #989)
  284. * Allow urllib3's HTTPResponse.stream() method to continue to work with
  285. non-httplib underlying FPs. (Pull #990)
  286. * Empty filenames in multipart headers are now emitted as such, rather than
  287. being suppressed. (Issue #1015)
  288. * Prefer user-supplied Host headers on chunked uploads. (Issue #1009)
  289. 1.18.1 (2016-10-27)
  290. -------------------
  291. * CVE-2016-9015. Users who are using urllib3 version 1.17 or 1.18 along with
  292. PyOpenSSL injection and OpenSSL 1.1.0 *must* upgrade to this version. This
  293. release fixes a vulnerability whereby urllib3 in the above configuration
  294. would silently fail to validate TLS certificates due to erroneously setting
  295. invalid flags in OpenSSL's ``SSL_CTX_set_verify`` function. These erroneous
  296. flags do not cause a problem in OpenSSL versions before 1.1.0, which
  297. interprets the presence of any flag as requesting certificate validation.
  298. There is no PR for this patch, as it was prepared for simultaneous disclosure
  299. and release. The master branch received the same fix in PR #1010.
  300. 1.18 (2016-09-26)
  301. -----------------
  302. * Fixed incorrect message for IncompleteRead exception. (PR #973)
  303. * Accept ``iPAddress`` subject alternative name fields in TLS certificates.
  304. (Issue #258)
  305. * Fixed consistency of ``HTTPResponse.closed`` between Python 2 and 3.
  306. (Issue #977)
  307. * Fixed handling of wildcard certificates when using PyOpenSSL. (Issue #979)
  308. 1.17 (2016-09-06)
  309. -----------------
  310. * Accept ``SSLContext`` objects for use in SSL/TLS negotiation. (Issue #835)
  311. * ConnectionPool debug log now includes scheme, host, and port. (Issue #897)
  312. * Substantially refactored documentation. (Issue #887)
  313. * Used URLFetch default timeout on AppEngine, rather than hardcoding our own.
  314. (Issue #858)
  315. * Normalize the scheme and host in the URL parser (Issue #833)
  316. * ``HTTPResponse`` contains the last ``Retry`` object, which now also
  317. contains retries history. (Issue #848)
  318. * Timeout can no longer be set as boolean, and must be greater than zero.
  319. (PR #924)
  320. * Removed pyasn1 and ndg-httpsclient from dependencies used for PyOpenSSL. We
  321. now use cryptography and idna, both of which are already dependencies of
  322. PyOpenSSL. (PR #930)
  323. * Fixed infinite loop in ``stream`` when amt=None. (Issue #928)
  324. * Try to use the operating system's certificates when we are using an
  325. ``SSLContext``. (PR #941)
  326. * Updated cipher suite list to allow ChaCha20+Poly1305. AES-GCM is preferred to
  327. ChaCha20, but ChaCha20 is then preferred to everything else. (PR #947)
  328. * Updated cipher suite list to remove 3DES-based cipher suites. (PR #958)
  329. * Removed the cipher suite fallback to allow HIGH ciphers. (PR #958)
  330. * Implemented ``length_remaining`` to determine remaining content
  331. to be read. (PR #949)
  332. * Implemented ``enforce_content_length`` to enable exceptions when
  333. incomplete data chunks are received. (PR #949)
  334. * Dropped connection start, dropped connection reset, redirect, forced retry,
  335. and new HTTPS connection log levels to DEBUG, from INFO. (PR #967)
  336. 1.16 (2016-06-11)
  337. -----------------
  338. * Disable IPv6 DNS when IPv6 connections are not possible. (Issue #840)
  339. * Provide ``key_fn_by_scheme`` pool keying mechanism that can be
  340. overridden. (Issue #830)
  341. * Normalize scheme and host to lowercase for pool keys, and include
  342. ``source_address``. (Issue #830)
  343. * Cleaner exception chain in Python 3 for ``_make_request``.
  344. (Issue #861)
  345. * Fixed installing ``urllib3[socks]`` extra. (Issue #864)
  346. * Fixed signature of ``ConnectionPool.close`` so it can actually safely be
  347. called by subclasses. (Issue #873)
  348. * Retain ``release_conn`` state across retries. (Issues #651, #866)
  349. * Add customizable ``HTTPConnectionPool.ResponseCls``, which defaults to
  350. ``HTTPResponse`` but can be replaced with a subclass. (Issue #879)
  351. 1.15.1 (2016-04-11)
  352. -------------------
  353. * Fix packaging to include backports module. (Issue #841)
  354. 1.15 (2016-04-06)
  355. -----------------
  356. * Added Retry(raise_on_status=False). (Issue #720)
  357. * Always use setuptools, no more distutils fallback. (Issue #785)
  358. * Dropped support for Python 3.2. (Issue #786)
  359. * Chunked transfer encoding when requesting with ``chunked=True``.
  360. (Issue #790)
  361. * Fixed regression with IPv6 port parsing. (Issue #801)
  362. * Append SNIMissingWarning messages to allow users to specify it in
  363. the PYTHONWARNINGS environment variable. (Issue #816)
  364. * Handle unicode headers in Py2. (Issue #818)
  365. * Log certificate when there is a hostname mismatch. (Issue #820)
  366. * Preserve order of request/response headers. (Issue #821)
  367. 1.14 (2015-12-29)
  368. -----------------
  369. * contrib: SOCKS proxy support! (Issue #762)
  370. * Fixed AppEngine handling of transfer-encoding header and bug
  371. in Timeout defaults checking. (Issue #763)
  372. 1.13.1 (2015-12-18)
  373. -------------------
  374. * Fixed regression in IPv6 + SSL for match_hostname. (Issue #761)
  375. 1.13 (2015-12-14)
  376. -----------------
  377. * Fixed ``pip install urllib3[secure]`` on modern pip. (Issue #706)
  378. * pyopenssl: Fixed SSL3_WRITE_PENDING error. (Issue #717)
  379. * pyopenssl: Support for TLSv1.1 and TLSv1.2. (Issue #696)
  380. * Close connections more defensively on exception. (Issue #734)
  381. * Adjusted ``read_chunked`` to handle gzipped, chunk-encoded bodies without
  382. repeatedly flushing the decoder, to function better on Jython. (Issue #743)
  383. * Accept ``ca_cert_dir`` for SSL-related PoolManager configuration. (Issue #758)
  384. 1.12 (2015-09-03)
  385. -----------------
  386. * Rely on ``six`` for importing ``httplib`` to work around
  387. conflicts with other Python 3 shims. (Issue #688)
  388. * Add support for directories of certificate authorities, as supported by
  389. OpenSSL. (Issue #701)
  390. * New exception: ``NewConnectionError``, raised when we fail to establish
  391. a new connection, usually ``ECONNREFUSED`` socket error.
  392. 1.11 (2015-07-21)
  393. -----------------
  394. * When ``ca_certs`` is given, ``cert_reqs`` defaults to
  395. ``'CERT_REQUIRED'``. (Issue #650)
  396. * ``pip install urllib3[secure]`` will install Certifi and
  397. PyOpenSSL as dependencies. (Issue #678)
  398. * Made ``HTTPHeaderDict`` usable as a ``headers`` input value
  399. (Issues #632, #679)
  400. * Added `urllib3.contrib.appengine <https://urllib3.readthedocs.io/en/latest/contrib.html#google-app-engine>`_
  401. which has an ``AppEngineManager`` for using ``URLFetch`` in a
  402. Google AppEngine environment. (Issue #664)
  403. * Dev: Added test suite for AppEngine. (Issue #631)
  404. * Fix performance regression when using PyOpenSSL. (Issue #626)
  405. * Passing incorrect scheme (e.g. ``foo://``) will raise
  406. ``ValueError`` instead of ``AssertionError`` (backwards
  407. compatible for now, but please migrate). (Issue #640)
  408. * Fix pools not getting replenished when an error occurs during a
  409. request using ``release_conn=False``. (Issue #644)
  410. * Fix pool-default headers not applying for url-encoded requests
  411. like GET. (Issue #657)
  412. * log.warning in Python 3 when headers are skipped due to parsing
  413. errors. (Issue #642)
  414. * Close and discard connections if an error occurs during read.
  415. (Issue #660)
  416. * Fix host parsing for IPv6 proxies. (Issue #668)
  417. * Separate warning type SubjectAltNameWarning, now issued once
  418. per host. (Issue #671)
  419. * Fix ``httplib.IncompleteRead`` not getting converted to
  420. ``ProtocolError`` when using ``HTTPResponse.stream()``
  421. (Issue #674)
  422. 1.10.4 (2015-05-03)
  423. -------------------
  424. * Migrate tests to Tornado 4. (Issue #594)
  425. * Append default warning configuration rather than overwrite.
  426. (Issue #603)
  427. * Fix streaming decoding regression. (Issue #595)
  428. * Fix chunked requests losing state across keep-alive connections.
  429. (Issue #599)
  430. * Fix hanging when chunked HEAD response has no body. (Issue #605)
  431. 1.10.3 (2015-04-21)
  432. -------------------
  433. * Emit ``InsecurePlatformWarning`` when SSLContext object is missing.
  434. (Issue #558)
  435. * Fix regression of duplicate header keys being discarded.
  436. (Issue #563)
  437. * ``Response.stream()`` returns a generator for chunked responses.
  438. (Issue #560)
  439. * Set upper-bound timeout when waiting for a socket in PyOpenSSL.
  440. (Issue #585)
  441. * Work on platforms without `ssl` module for plain HTTP requests.
  442. (Issue #587)
  443. * Stop relying on the stdlib's default cipher list. (Issue #588)
  444. 1.10.2 (2015-02-25)
  445. -------------------
  446. * Fix file descriptor leakage on retries. (Issue #548)
  447. * Removed RC4 from default cipher list. (Issue #551)
  448. * Header performance improvements. (Issue #544)
  449. * Fix PoolManager not obeying redirect retry settings. (Issue #553)
  450. 1.10.1 (2015-02-10)
  451. -------------------
  452. * Pools can be used as context managers. (Issue #545)
  453. * Don't re-use connections which experienced an SSLError. (Issue #529)
  454. * Don't fail when gzip decoding an empty stream. (Issue #535)
  455. * Add sha256 support for fingerprint verification. (Issue #540)
  456. * Fixed handling of header values containing commas. (Issue #533)
  457. 1.10 (2014-12-14)
  458. -----------------
  459. * Disabled SSLv3. (Issue #473)
  460. * Add ``Url.url`` property to return the composed url string. (Issue #394)
  461. * Fixed PyOpenSSL + gevent ``WantWriteError``. (Issue #412)
  462. * ``MaxRetryError.reason`` will always be an exception, not string.
  463. (Issue #481)
  464. * Fixed SSL-related timeouts not being detected as timeouts. (Issue #492)
  465. * Py3: Use ``ssl.create_default_context()`` when available. (Issue #473)
  466. * Emit ``InsecureRequestWarning`` for *every* insecure HTTPS request.
  467. (Issue #496)
  468. * Emit ``SecurityWarning`` when certificate has no ``subjectAltName``.
  469. (Issue #499)
  470. * Close and discard sockets which experienced SSL-related errors.
  471. (Issue #501)
  472. * Handle ``body`` param in ``.request(...)``. (Issue #513)
  473. * Respect timeout with HTTPS proxy. (Issue #505)
  474. * PyOpenSSL: Handle ZeroReturnError exception. (Issue #520)
  475. 1.9.1 (2014-09-13)
  476. ------------------
  477. * Apply socket arguments before binding. (Issue #427)
  478. * More careful checks if fp-like object is closed. (Issue #435)
  479. * Fixed packaging issues of some development-related files not
  480. getting included. (Issue #440)
  481. * Allow performing *only* fingerprint verification. (Issue #444)
  482. * Emit ``SecurityWarning`` if system clock is waaay off. (Issue #445)
  483. * Fixed PyOpenSSL compatibility with PyPy. (Issue #450)
  484. * Fixed ``BrokenPipeError`` and ``ConnectionError`` handling in Py3.
  485. (Issue #443)
  486. 1.9 (2014-07-04)
  487. ----------------
  488. * Shuffled around development-related files. If you're maintaining a distro
  489. package of urllib3, you may need to tweak things. (Issue #415)
  490. * Unverified HTTPS requests will trigger a warning on the first request. See
  491. our new `security documentation
  492. <https://urllib3.readthedocs.io/en/latest/security.html>`_ for details.
  493. (Issue #426)
  494. * New retry logic and ``urllib3.util.retry.Retry`` configuration object.
  495. (Issue #326)
  496. * All raised exceptions should now wrapped in a
  497. ``urllib3.exceptions.HTTPException``-extending exception. (Issue #326)
  498. * All errors during a retry-enabled request should be wrapped in
  499. ``urllib3.exceptions.MaxRetryError``, including timeout-related exceptions
  500. which were previously exempt. Underlying error is accessible from the
  501. ``.reason`` property. (Issue #326)
  502. * ``urllib3.exceptions.ConnectionError`` renamed to
  503. ``urllib3.exceptions.ProtocolError``. (Issue #326)
  504. * Errors during response read (such as IncompleteRead) are now wrapped in
  505. ``urllib3.exceptions.ProtocolError``. (Issue #418)
  506. * Requesting an empty host will raise ``urllib3.exceptions.LocationValueError``.
  507. (Issue #417)
  508. * Catch read timeouts over SSL connections as
  509. ``urllib3.exceptions.ReadTimeoutError``. (Issue #419)
  510. * Apply socket arguments before connecting. (Issue #427)
  511. 1.8.3 (2014-06-23)
  512. ------------------
  513. * Fix TLS verification when using a proxy in Python 3.4.1. (Issue #385)
  514. * Add ``disable_cache`` option to ``urllib3.util.make_headers``. (Issue #393)
  515. * Wrap ``socket.timeout`` exception with
  516. ``urllib3.exceptions.ReadTimeoutError``. (Issue #399)
  517. * Fixed proxy-related bug where connections were being reused incorrectly.
  518. (Issues #366, #369)
  519. * Added ``socket_options`` keyword parameter which allows to define
  520. ``setsockopt`` configuration of new sockets. (Issue #397)
  521. * Removed ``HTTPConnection.tcp_nodelay`` in favor of
  522. ``HTTPConnection.default_socket_options``. (Issue #397)
  523. * Fixed ``TypeError`` bug in Python 2.6.4. (Issue #411)
  524. 1.8.2 (2014-04-17)
  525. ------------------
  526. * Fix ``urllib3.util`` not being included in the package.
  527. 1.8.1 (2014-04-17)
  528. ------------------
  529. * Fix AppEngine bug of HTTPS requests going out as HTTP. (Issue #356)
  530. * Don't install ``dummyserver`` into ``site-packages`` as it's only needed
  531. for the test suite. (Issue #362)
  532. * Added support for specifying ``source_address``. (Issue #352)
  533. 1.8 (2014-03-04)
  534. ----------------
  535. * Improved url parsing in ``urllib3.util.parse_url`` (properly parse '@' in
  536. username, and blank ports like 'hostname:').
  537. * New ``urllib3.connection`` module which contains all the HTTPConnection
  538. objects.
  539. * Several ``urllib3.util.Timeout``-related fixes. Also changed constructor
  540. signature to a more sensible order. [Backwards incompatible]
  541. (Issues #252, #262, #263)
  542. * Use ``backports.ssl_match_hostname`` if it's installed. (Issue #274)
  543. * Added ``.tell()`` method to ``urllib3.response.HTTPResponse`` which
  544. returns the number of bytes read so far. (Issue #277)
  545. * Support for platforms without threading. (Issue #289)
  546. * Expand default-port comparison in ``HTTPConnectionPool.is_same_host``
  547. to allow a pool with no specified port to be considered equal to to an
  548. HTTP/HTTPS url with port 80/443 explicitly provided. (Issue #305)
  549. * Improved default SSL/TLS settings to avoid vulnerabilities.
  550. (Issue #309)
  551. * Fixed ``urllib3.poolmanager.ProxyManager`` not retrying on connect errors.
  552. (Issue #310)
  553. * Disable Nagle's Algorithm on the socket for non-proxies. A subset of requests
  554. will send the entire HTTP request ~200 milliseconds faster; however, some of
  555. the resulting TCP packets will be smaller. (Issue #254)
  556. * Increased maximum number of SubjectAltNames in ``urllib3.contrib.pyopenssl``
  557. from the default 64 to 1024 in a single certificate. (Issue #318)
  558. * Headers are now passed and stored as a custom
  559. ``urllib3.collections_.HTTPHeaderDict`` object rather than a plain ``dict``.
  560. (Issue #329, #333)
  561. * Headers no longer lose their case on Python 3. (Issue #236)
  562. * ``urllib3.contrib.pyopenssl`` now uses the operating system's default CA
  563. certificates on inject. (Issue #332)
  564. * Requests with ``retries=False`` will immediately raise any exceptions without
  565. wrapping them in ``MaxRetryError``. (Issue #348)
  566. * Fixed open socket leak with SSL-related failures. (Issue #344, #348)
  567. 1.7.1 (2013-09-25)
  568. ------------------
  569. * Added granular timeout support with new ``urllib3.util.Timeout`` class.
  570. (Issue #231)
  571. * Fixed Python 3.4 support. (Issue #238)
  572. 1.7 (2013-08-14)
  573. ----------------
  574. * More exceptions are now pickle-able, with tests. (Issue #174)
  575. * Fixed redirecting with relative URLs in Location header. (Issue #178)
  576. * Support for relative urls in ``Location: ...`` header. (Issue #179)
  577. * ``urllib3.response.HTTPResponse`` now inherits from ``io.IOBase`` for bonus
  578. file-like functionality. (Issue #187)
  579. * Passing ``assert_hostname=False`` when creating a HTTPSConnectionPool will
  580. skip hostname verification for SSL connections. (Issue #194)
  581. * New method ``urllib3.response.HTTPResponse.stream(...)`` which acts as a
  582. generator wrapped around ``.read(...)``. (Issue #198)
  583. * IPv6 url parsing enforces brackets around the hostname. (Issue #199)
  584. * Fixed thread race condition in
  585. ``urllib3.poolmanager.PoolManager.connection_from_host(...)`` (Issue #204)
  586. * ``ProxyManager`` requests now include non-default port in ``Host: ...``
  587. header. (Issue #217)
  588. * Added HTTPS proxy support in ``ProxyManager``. (Issue #170 #139)
  589. * New ``RequestField`` object can be passed to the ``fields=...`` param which
  590. can specify headers. (Issue #220)
  591. * Raise ``urllib3.exceptions.ProxyError`` when connecting to proxy fails.
  592. (Issue #221)
  593. * Use international headers when posting file names. (Issue #119)
  594. * Improved IPv6 support. (Issue #203)
  595. 1.6 (2013-04-25)
  596. ----------------
  597. * Contrib: Optional SNI support for Py2 using PyOpenSSL. (Issue #156)
  598. * ``ProxyManager`` automatically adds ``Host: ...`` header if not given.
  599. * Improved SSL-related code. ``cert_req`` now optionally takes a string like
  600. "REQUIRED" or "NONE". Same with ``ssl_version`` takes strings like "SSLv23"
  601. The string values reflect the suffix of the respective constant variable.
  602. (Issue #130)
  603. * Vendored ``socksipy`` now based on Anorov's fork which handles unexpectedly
  604. closed proxy connections and larger read buffers. (Issue #135)
  605. * Ensure the connection is closed if no data is received, fixes connection leak
  606. on some platforms. (Issue #133)
  607. * Added SNI support for SSL/TLS connections on Py32+. (Issue #89)
  608. * Tests fixed to be compatible with Py26 again. (Issue #125)
  609. * Added ability to choose SSL version by passing an ``ssl.PROTOCOL_*`` constant
  610. to the ``ssl_version`` parameter of ``HTTPSConnectionPool``. (Issue #109)
  611. * Allow an explicit content type to be specified when encoding file fields.
  612. (Issue #126)
  613. * Exceptions are now pickleable, with tests. (Issue #101)
  614. * Fixed default headers not getting passed in some cases. (Issue #99)
  615. * Treat "content-encoding" header value as case-insensitive, per RFC 2616
  616. Section 3.5. (Issue #110)
  617. * "Connection Refused" SocketErrors will get retried rather than raised.
  618. (Issue #92)
  619. * Updated vendored ``six``, no longer overrides the global ``six`` module
  620. namespace. (Issue #113)
  621. * ``urllib3.exceptions.MaxRetryError`` contains a ``reason`` property holding
  622. the exception that prompted the final retry. If ``reason is None`` then it
  623. was due to a redirect. (Issue #92, #114)
  624. * Fixed ``PoolManager.urlopen()`` from not redirecting more than once.
  625. (Issue #149)
  626. * Don't assume ``Content-Type: text/plain`` for multi-part encoding parameters
  627. that are not files. (Issue #111)
  628. * Pass `strict` param down to ``httplib.HTTPConnection``. (Issue #122)
  629. * Added mechanism to verify SSL certificates by fingerprint (md5, sha1) or
  630. against an arbitrary hostname (when connecting by IP or for misconfigured
  631. servers). (Issue #140)
  632. * Streaming decompression support. (Issue #159)
  633. 1.5 (2012-08-02)
  634. ----------------
  635. * Added ``urllib3.add_stderr_logger()`` for quickly enabling STDERR debug
  636. logging in urllib3.
  637. * Native full URL parsing (including auth, path, query, fragment) available in
  638. ``urllib3.util.parse_url(url)``.
  639. * Built-in redirect will switch method to 'GET' if status code is 303.
  640. (Issue #11)
  641. * ``urllib3.PoolManager`` strips the scheme and host before sending the request
  642. uri. (Issue #8)
  643. * New ``urllib3.exceptions.DecodeError`` exception for when automatic decoding,
  644. based on the Content-Type header, fails.
  645. * Fixed bug with pool depletion and leaking connections (Issue #76). Added
  646. explicit connection closing on pool eviction. Added
  647. ``urllib3.PoolManager.clear()``.
  648. * 99% -> 100% unit test coverage.
  649. 1.4 (2012-06-16)
  650. ----------------
  651. * Minor AppEngine-related fixes.
  652. * Switched from ``mimetools.choose_boundary`` to ``uuid.uuid4()``.
  653. * Improved url parsing. (Issue #73)
  654. * IPv6 url support. (Issue #72)
  655. 1.3 (2012-03-25)
  656. ----------------
  657. * Removed pre-1.0 deprecated API.
  658. * Refactored helpers into a ``urllib3.util`` submodule.
  659. * Fixed multipart encoding to support list-of-tuples for keys with multiple
  660. values. (Issue #48)
  661. * Fixed multiple Set-Cookie headers in response not getting merged properly in
  662. Python 3. (Issue #53)
  663. * AppEngine support with Py27. (Issue #61)
  664. * Minor ``encode_multipart_formdata`` fixes related to Python 3 strings vs
  665. bytes.
  666. 1.2.2 (2012-02-06)
  667. ------------------
  668. * Fixed packaging bug of not shipping ``test-requirements.txt``. (Issue #47)
  669. 1.2.1 (2012-02-05)
  670. ------------------
  671. * Fixed another bug related to when ``ssl`` module is not available. (Issue #41)
  672. * Location parsing errors now raise ``urllib3.exceptions.LocationParseError``
  673. which inherits from ``ValueError``.
  674. 1.2 (2012-01-29)
  675. ----------------
  676. * Added Python 3 support (tested on 3.2.2)
  677. * Dropped Python 2.5 support (tested on 2.6.7, 2.7.2)
  678. * Use ``select.poll`` instead of ``select.select`` for platforms that support
  679. it.
  680. * Use ``Queue.LifoQueue`` instead of ``Queue.Queue`` for more aggressive
  681. connection reusing. Configurable by overriding ``ConnectionPool.QueueCls``.
  682. * Fixed ``ImportError`` during install when ``ssl`` module is not available.
  683. (Issue #41)
  684. * Fixed ``PoolManager`` redirects between schemes (such as HTTP -> HTTPS) not
  685. completing properly. (Issue #28, uncovered by Issue #10 in v1.1)
  686. * Ported ``dummyserver`` to use ``tornado`` instead of ``webob`` +
  687. ``eventlet``. Removed extraneous unsupported dummyserver testing backends.
  688. Added socket-level tests.
  689. * More tests. Achievement Unlocked: 99% Coverage.
  690. 1.1 (2012-01-07)
  691. ----------------
  692. * Refactored ``dummyserver`` to its own root namespace module (used for
  693. testing).
  694. * Added hostname verification for ``VerifiedHTTPSConnection`` by vendoring in
  695. Py32's ``ssl_match_hostname``. (Issue #25)
  696. * Fixed cross-host HTTP redirects when using ``PoolManager``. (Issue #10)
  697. * Fixed ``decode_content`` being ignored when set through ``urlopen``. (Issue
  698. #27)
  699. * Fixed timeout-related bugs. (Issues #17, #23)
  700. 1.0.2 (2011-11-04)
  701. ------------------
  702. * Fixed typo in ``VerifiedHTTPSConnection`` which would only present as a bug if
  703. you're using the object manually. (Thanks pyos)
  704. * Made RecentlyUsedContainer (and consequently PoolManager) more thread-safe by
  705. wrapping the access log in a mutex. (Thanks @christer)
  706. * Made RecentlyUsedContainer more dict-like (corrected ``__delitem__`` and
  707. ``__getitem__`` behaviour), with tests. Shouldn't affect core urllib3 code.
  708. 1.0.1 (2011-10-10)
  709. ------------------
  710. * Fixed a bug where the same connection would get returned into the pool twice,
  711. causing extraneous "HttpConnectionPool is full" log warnings.
  712. 1.0 (2011-10-08)
  713. ----------------
  714. * Added ``PoolManager`` with LRU expiration of connections (tested and
  715. documented).
  716. * Added ``ProxyManager`` (needs tests, docs, and confirmation that it works
  717. with HTTPS proxies).
  718. * Added optional partial-read support for responses when
  719. ``preload_content=False``. You can now make requests and just read the headers
  720. without loading the content.
  721. * Made response decoding optional (default on, same as before).
  722. * Added optional explicit boundary string for ``encode_multipart_formdata``.
  723. * Convenience request methods are now inherited from ``RequestMethods``. Old
  724. helpers like ``get_url`` and ``post_url`` should be abandoned in favour of
  725. the new ``request(method, url, ...)``.
  726. * Refactored code to be even more decoupled, reusable, and extendable.
  727. * License header added to ``.py`` files.
  728. * Embiggened the documentation: Lots of Sphinx-friendly docstrings in the code
  729. and docs in ``docs/`` and on https://urllib3.readthedocs.io/.
  730. * Embettered all the things!
  731. * Started writing this file.
  732. 0.4.1 (2011-07-17)
  733. ------------------
  734. * Minor bug fixes, code cleanup.
  735. 0.4 (2011-03-01)
  736. ----------------
  737. * Better unicode support.
  738. * Added ``VerifiedHTTPSConnection``.
  739. * Added ``NTLMConnectionPool`` in contrib.
  740. * Minor improvements.
  741. 0.3.1 (2010-07-13)
  742. ------------------
  743. * Added ``assert_host_name`` optional parameter. Now compatible with proxies.
  744. 0.3 (2009-12-10)
  745. ----------------
  746. * Added HTTPS support.
  747. * Minor bug fixes.
  748. * Refactored, broken backwards compatibility with 0.2.
  749. * API to be treated as stable from this version forward.
  750. 0.2 (2008-11-17)
  751. ----------------
  752. * Added unit tests.
  753. * Bug fixes.
  754. 0.1 (2008-11-16)
  755. ----------------
  756. * First release.