All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog.
- Fix SSL case where
verify=False
together with client side certificates.
The 0.28 release includes a limited set of deprecations.
Deprecations:
We are working towards a simplified SSL configuration API.
For users of the standard verify=True
or verify=False
cases, or verify=<ssl_context>
case this should require no changes. The following cases have been deprecated...
- The
verify
argument as a string argument is now deprecated and will raise warnings. - The
cert
argument is now deprecated and will raise warnings.
Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.
The following changes are also included:
- The deprecated
proxies
argument has now been removed. - The deprecated
app
argument has now been removed. - JSON request bodies use a compact representation. (#3363)
- Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
- Ensure
certifi
andhttpcore
are only imported if required. (#3377) - Treat
socks5h
as a valid proxy scheme. (#3178) - Cleanup
Request()
method signature in line withclient.request()
andhttpx.request()
. (#3378) - Bugfix: When passing
params={}
, always strictly update rather than merge with an existing querystring. (#3364)
- Reintroduced supposedly-private
URLTypes
shortcut. (#2673)
- Support for
zstd
content decoding using the pythonzstandard
package is added. Installable usinghttpx[zstd]
. (#3139)
- Improved error messaging for
InvalidURL
exceptions. (#3250) - Fix
app
type signature inASGITransport
. (#3109)
- The
app=...
shortcut has been deprecated. Use the explicit style oftransport=httpx.WSGITransport()
ortransport=httpx.ASGITransport()
instead.
- Respect the
http1
argument while configuring proxy transports. (#3023) - Fix RFC 2069 mode digest authentication. (#3045)
- The
proxy
argument was added. You should use theproxy
argument instead of the deprecatedproxies
, or usemounts=
for more complex configurations. (#2879)
- The
proxies
argument is now deprecated. It will still continue to work, but it will be removed in the future. (#2879)
- Fix cases of double escaping of URL path components. Allow / as a safe character in the query portion. (#2990)
- Handle
NO_PROXY
envvar cases when a fully qualified URL is supplied as the value. (#2741) - Allow URLs where username or password contains unescaped '@'. (#2986)
- Ensure ASGI
raw_path
does not include URL query component. (#2999) - Ensure
Response.iter_text()
cannot yield empty strings. (#2998)
- Add missing type hints to few
__init__()
methods. (#2938)
- Add support for Python 3.12. (#2854)
- Add support for httpcore 1.0 (#2885)
- Raise
ValueError
onResponse.encoding
being set afterResponse.text
has been accessed. (#2852)
- Drop support for Python 3.7. (#2813)
- Support HTTPS proxies. (#2845)
- Change the type of
Extensions
fromMapping[Str, Any]
toMutableMapping[Str, Any]
. (#2803) - Add
socket_options
argument tohttpx.HTTPTransport
andhttpx.AsyncHTTPTransport
classes. (#2716) - The
Response.raise_for_status()
method now returns the response instance. For example:data = httpx.get('...').raise_for_status().json()
. (#2776)
- Return
500
error response instead of exceptions whenraise_app_exceptions=False
is set onASGITransport
. (#2669) - Ensure all
WSGITransport
environs have aSERVER_PROTOCOL
. (#2708) - Always encode forward slashes as
%2F
in query parameters (#2723) - Use Mozilla documentation instead of
httpstatuses.com
for HTTP error reference (#2768)
- Provide additional context in some
InvalidURL
exceptions. (#2675)
- Fix optional percent-encoding behaviour. (#2671)
- More robust checking for opening upload files in binary mode. (#2630)
- Properly support IP addresses in
NO_PROXY
environment variable. (#2659) - Set default file for
NetRCAuth()
toNone
to use the stdlib default. (#2667) - Set logging request lines to INFO level for async requests, in line with sync requests. (#2656)
- Fix which gen-delims need to be escaped for path/query/fragment components in URL. (#2701)
- The logging behaviour has been changed to be more in-line with other standard Python logging usages. We no longer have a custom
TRACE
log level, and we no longer use theHTTPX_LOG_LEVEL
environment variable to auto-configure logging. We now have a significant amount ofDEBUG
logging available at the network level. Full documentation is available at https://www.python-httpx.org/logging/ (#2547, encode/httpcore#648) - The
Response.iter_lines()
method now matches the stdlib behaviour and does not include the newline characters. It also resolves a performance issue. (#2423) - Query parameter encoding switches from using + for spaces and %2F for forward slash, to instead using %20 for spaces and treating forward slash as a safe, unescaped character. This differs from
requests
, but is in line with browser behavior in Chrome, Safari, and Firefox. Both options are RFC valid. (#2543) - NetRC authentication is no longer automatically handled, but is instead supported by an explicit
httpx.NetRCAuth()
authentication class. See the documentation at https://www.python-httpx.org/advanced/authentication/#netrc-authentication (#2525)
- The
rfc3986
dependancy has been removed. (#2252)
- Version 0.23.2 accidentally included stricter type checking on query parameters. This shouldn've have been included in a minor version bump, and is now reverted. (#2523, #2539)
- Support digest auth nonce counting to avoid multiple auth requests. (#2463)
- Multipart file uploads where the file length cannot be determine now use chunked transfer encoding, rather than loading the entire file into memory in order to determine the
Content-Length
. (#2382) - Raise
TypeError
if content is passed a dict-instance. (#2495) - Partially revert the API breaking change in 0.23.1, which removed
RawURL
. We continue to expose aurl.raw
property which is now a plain named-tuple. This API is still expected to be deprecated, but we will do so with a major version bump. (#2481)
Note: The 0.23.1 release should have used a proper version bump, rather than a minor point release. There are API surface area changes that may affect some users. See the "Removed" section of these release notes for details.
- Support for Python 3.11. (#2420)
- Allow setting an explicit multipart boundary in
Content-Type
header. (#2278) - Allow
tuple
orlist
for multipart values, not justlist
. (#2355) - Allow
str
content for multipart upload files. (#2400) - Support connection upgrades. See https://www.encode.io/httpcore/extensions/#upgrade-requests
- Don't drop empty query parameters. (#2354)
- Upload files must always be opened in binary mode. (#2400)
- Drop
.read
/.aread
fromSyncByteStream
/AsyncByteStream
. (#2407) - Drop
RawURL
. (#2241)
- Drop support for Python 3.6. (#2097)
- Use
utf-8
as the default character set, instead of falling back tocharset-normalizer
for auto-detection. To enable automatic character set detection, see the documentation. (#2165)
- Fix
URL.copy_with
for some oddly formed URL cases. (#2185) - Digest authentication should use case-insensitive comparison for determining which algorithm is being used. (#2204)
- Fix console markup escaping in command line client. (#1866)
- When files are used in multipart upload, ensure we always seek to the start of the file. (#2065)
- Ensure that
iter_bytes
never yields zero-length chunks. (#2068) - Preserve
Authorization
header for redirects that are to the same origin, but are anhttp
-to-https
upgrade. (#2074) - When responses have binary output, don't print the output to the console in the command line client. Use output like
<16086 bytes of binary data>
instead. (#2076) - Fix display of
--proxies
argument in the command line client help. (#2125) - Close responses when task cancellations occur during stream reading. (#2156)
- Fix type error on accessing
.request
onHTTPError
exceptions. (#2158)
- Support for the SOCKS5 proxy protocol via the
socksio
package. (#2034) - Support for custom headers in multipart/form-data requests (#1936)
- Don't perform unreliable close/warning on
__del__
with unclosed clients. (#2026) - Fix
Headers.update(...)
to correctly handle repeated headers (#2038)
- Fix streaming uploads using
SyncByteStream
orAsyncByteStream
. Regression in 0.21.2. (#2016)
- HTTP/2 support for tunnelled proxy cases. (#2009)
- Improved the speed of large file uploads. (#1948)
- The
response.url
property is now correctly annotated asURL
, instead ofOptional[URL]
. (#1940)
The 0.21.0 release integrates against a newly redesigned httpcore
backend.
Both packages ought to automatically update to the required versions, but if you are
seeing any issues, you should ensure that you have httpx==0.21.*
and httpcore==0.14.*
installed.
- The command-line client will now display connection information when
-v/--verbose
is used. - The command-line client will now display server certificate information when
-v/--verbose
is used. - The command-line client is now able to properly detect if the outgoing request should be formatted as HTTP/1.1 or HTTP/2, based on the result of the HTTP/2 negotiation.
- Curio support is no longer currently included. Please get in touch if you require this, so that we can assess priorities.
The 0.20.0 release adds an integrated command-line client, and also includes some design changes. The most notable of these is that redirect responses are no longer automatically followed, unless specifically requested.
This design decision prioritises a more explicit approach to redirects, in order to avoid code that unintentionally issues multiple requests as a result of misconfigured URLs.
For example, previously a client configured to send requests to http://api.github.com/
would end up sending every API request twice, as each request would be redirected to https://api.github.com/
.
If you do want auto-redirect behaviour, you can enable this either by configuring
the client instance with Client(follow_redirects=True)
, or on a per-request
basis, with .get(..., follow_redirects=True)
.
This change is a classic trade-off between convenience and precision, with no "right" answer. See discussion #1785 for more context.
The other major design change is an update to the Transport API, which is the low-level interface against which requests are sent. Previously this interface used only primitive datastructures, like so...
(status_code, headers, stream, extensions) = transport.handle_request(method, url, headers, stream, extensions)
try
...
finally:
stream.close()
Now the interface is much simpler...
response = transport.handle_request(request)
try
...
finally:
response.close()
- The
allow_redirects
flag is nowfollow_redirects
and defaults toFalse
. - The
raise_for_status()
method will now raise an exception for any responses except those with 2xx status codes. Previously only 4xx and 5xx status codes would result in an exception. - The low-level transport API changes to the much simpler
response = transport.handle_request(request)
. - The
client.send()
method no longer accepts atimeout=...
argument, but theclient.build_request()
does. This required by the signature change of the Transport API. The request timeout configuration is now stored on the request instance, asrequest.extensions['timeout']
.
- Added the
httpx
command-line client. - Response instances now include
.is_informational
,.is_success
,.is_redirect
,.is_client_error
, and.is_server_error
properties for checking 1xx, 2xx, 3xx, 4xx, and 5xx response types. Note that the behaviour of.is_redirect
is slightly different in that it now returns True for all 3xx responses, in order to allow for a consistent set of properties onto the different HTTP status code types. Theresponse.has_redirect_location
location may be used to determine responses with properly formed URL redirects.
response.iter_bytes()
no longer raises a ValueError when called on a response with no content. (Pull #1827)- The
'wsgi.error'
configuration now defaults tosys.stderr
, and is corrected to be aTextIO
interface, not aBytesIO
interface. Additionally, the WSGITransport now accepts awsgi_error
configuration. (Pull #1828) - Follow the WSGI spec by properly closing the iterable returned by the application. (Pull #1830)
- Add support for
Client(allow_redirects=<bool>)
. (Pull #1790) - Add automatic character set detection, when no
charset
is included in the responseContent-Type
header. (Pull #1791)
- Event hooks are now also called for any additional redirect or auth requests/responses. (Pull #1806)
- Strictly enforce that upload files must be opened in binary mode. (Pull #1736)
- Strictly enforce that client instances can only be opened and closed once, and cannot be re-opened. (Pull #1800)
- Drop
mode
argument fromhttpx.Proxy(..., mode=...)
. (Pull #1795)
- Support for Python 3.10. (Pull #1687)
- Expose
httpx.USE_CLIENT_DEFAULT
, used as the default toauth
andtimeout
parameters in request methods. (Pull #1634) - Support HTTP/2 "prior knowledge", using
httpx.Client(http1=False, http2=True)
. (Pull #1624)
- Clean up some cases where warnings were being issued. (Pull #1687)
- Prefer Content-Length over Transfer-Encoding: chunked for content= cases. (Pull #1619)
- Update brotli support to use the
brotlicffi
package (Pull #1605) - Ensure that
Request(..., stream=...)
does not auto-generate any headers on the request instance. (Pull #1607)
- Pass through
timeout=...
in top-level httpx.stream() function. (Pull #1613) - Map httpcore transport close exceptions to httpx exceptions. (Pull #1606)
The 0.18.x release series formalises our low-level Transport API, introducing the base classes httpx.BaseTransport
and httpx.AsyncBaseTransport
.
See the "Custom transports" documentation and the httpx.BaseTransport.handle_request()
docstring for more complete details on implementing custom transports.
Pull request #1522 includes a checklist of differences from the previous httpcore
transport API, for developers implementing custom transports.
The following API changes have been issuing deprecation warnings since 0.17.0 onwards, and are now fully deprecated...
- You should now use httpx.codes consistently instead of httpx.StatusCodes.
- Use limits=... instead of pool_limits=....
- Use proxies={"http://": ...} instead of proxies={"http": ...} for scheme-specific mounting.
- Transport instances now inherit from
httpx.BaseTransport
orhttpx.AsyncBaseTransport
, and should implement either thehandle_request
method orhandle_async_request
method. (Pull #1522, #1550) - The
response.ext
property andResponse(ext=...)
argument are now namedextensions
. (Pull #1522) - The recommendation to not use
data=<bytes|str|bytes (a)iterator>
in favour ofcontent=<bytes|str|bytes (a)iterator>
has now been escalated to a deprecation warning. (Pull #1573) - Drop
Response(on_close=...)
from API, since it was a bit of leaking implementation detail. (Pull #1572) - When using a client instance, cookies should always be set on the client, rather than on a per-request basis. We prefer enforcing a stricter API here because it provides clearer expectations around cookie persistence, particularly when redirects occur. (Pull #1574)
- The runtime exception
httpx.ResponseClosed
is now namedhttpx.StreamClosed
. (#1584) - The
httpx.QueryParams
model now presents an immutable interface. There is a discussion on the design and motivation here. Useclient.params = client.params.merge(...)
instead ofclient.params.update(...)
. The basic query manipulation methods arequery.set(...)
,query.add(...)
, andquery.remove()
. (#1600)
- The
Request
andResponse
classes can now be serialized using pickle. (#1579) - Handle
data={"key": [None|int|float|bool]}
cases. (Pull #1539) - Support
httpx.URL(**kwargs)
, for examplehttpx.URL(scheme="https", host="www.example.com", path="/')
, orhttpx.URL("https://www.example.com/", username="[email protected]", password="123 456")
. (Pull #1601) - Support
url.copy_with(params=...)
. (Pull #1601) - Add
url.params
parameter, returning an immutableQueryParams
instance. (Pull #1601) - Support query manipulation methods on the URL class. These are
url.copy_set_param()
,url.copy_add_param()
,url.copy_remove_param()
,url.copy_merge_params()
. (Pull #1601) - The
httpx.URL
class now performs port normalization, so:80
ports are stripped fromhttp
URLs and:443
ports are stripped fromhttps
URLs. (Pull #1603) - The
URL.host
property returns unicode strings for internationalized domain names. TheURL.raw_host
property returns byte strings with IDNA escaping applied. (Pull #1590)
- Fix Content-Length for cases of
files=...
where unicode string is used as the file content. (Pull #1537) - Fix some cases of merging relative URLs against
Client(base_url=...)
. (Pull #1532) - The
request.content
attribute is now always available except for streaming content, which requires an explicit.read()
. (Pull #1583)
- Type annotation on
CertTypes
allowskeyfile
andpassword
to be optional. (Pull #1503) - Fix httpcore pinned version. (Pull #1495)
- Add
httpx.MockTransport()
, allowing to mock out a transport using pre-determined responses. (Pull #1401, Pull #1449) - Add
httpx.HTTPTransport()
andhttpx.AsyncHTTPTransport()
default transports. (Pull #1399) - Add mount API support, using
httpx.Client(mounts=...)
. (Pull #1362) - Add
chunk_size
parameter toiter_raw()
,iter_bytes()
,iter_text()
. (Pull #1277) - Add
keepalive_expiry
parameter tohttpx.Limits()
configuration. (Pull #1398) - Add repr to
httpx.Cookies
to display available cookies. (Pull #1411) - Add support for
params=<tuple>
(previously onlyparams=<list>
was supported). (Pull #1426)
- Add missing
raw_path
to ASGI scope. (Pull #1357) - Tweak
create_ssl_context
defaults to usetrust_env=True
. (Pull #1447) - Properly URL-escape WSGI
PATH_INFO
. (Pull #1391) - Properly set default ports in WSGI transport. (Pull #1469)
- Properly encode slashes when using
base_url
. (Pull #1407) - Properly map exceptions in
request.aclose()
. (Pull #1465)
- Support literal IPv6 addresses in URLs. (Pull #1349)
- Force lowercase headers in ASGI scope dictionaries. (Pull #1351)
- Preserve HTTP header casing. (Pull #1338, encode/httpcore#216, python-hyper/h11#104)
- Drop
response.next()
andresponse.anext()
methods in favour ofresponse.next_request
attribute. (Pull #1339) - Closed clients now raise a runtime error if attempting to send a request. (Pull #1346)
- Add Python 3.9 to officially supported versions.
- Type annotate
__enter__
/__exit__
/__aenter__
/__aexit__
in a way that supports subclasses ofClient
andAsyncClient
. (Pull #1336)
- Add
response.next_request
(Pull #1334)
- Support direct comparisons between
Headers
and dicts or lists of two-tuples. Eg.assert response.headers == {"Content-Length": 24}
(Pull #1326)
- Fix automatic
.read()
whenResponse
instances are created withcontent=<str>
(Pull #1324)
- Fixed connection leak in async client due to improper closing of response streams. (Pull #1316)
- Fixed
response.elapsed
property. (Pull #1313) - Fixed client authentication interaction with
.stream()
. (Pull #1312)
- ASGITransport now properly applies URL decoding to the
path
component, as-per the ASGI spec. (Pull #1307)
- Added support for curio. (Pull encode/httpcore#168)
- Added support for event hooks. (Pull #1246)
- Added support for authentication flows which require either sync or async I/O. (Pull #1217)
- Added support for monitoring download progress with
response.num_bytes_downloaded
. (Pull #1268) - Added
Request(content=...)
for byte content, instead of overloadingRequest(data=...)
(Pull #1266) - Added support for all URL components as parameter names when using
url.copy_with(...)
. (Pull #1285) - Neater split between automatically populated headers on
Request
instances, vs defaultclient.headers
. (Pull #1248) - Unclosed
AsyncClient
instances will now raise warnings if garbage collected. (Pull #1197) - Support
Response(content=..., text=..., html=..., json=...)
for creating usable response instances in code. (Pull #1265, #1297) - Support instantiating requests from the low-level transport API. (Pull #1293)
- Raise errors on invalid URL types. (Pull #1259)
- Cleaned up expected behaviour for URL escaping.
url.path
is now URL escaped. (Pull #1285) - Cleaned up expected behaviour for bytes vs str in URL components.
url.userinfo
andurl.query
are not URL escaped, and so return bytes. (Pull #1285) - Drop
url.authority
property in favour ofurl.netloc
, since "authority" was semantically incorrect. (Pull #1285) - Drop
url.full_path
property in favour ofurl.raw_path
, for better consistency with other parts of the API. (Pull #1285) - No longer use the
chardet
library for auto-detecting charsets, instead defaulting to a simpler approach when no charset is specified. (#1269)
- Swapped ordering of redirects and authentication flow. (Pull #1267)
.netrc
lookups should use host, not host+port. (Pull #1298)
- The
URLLib3Transport
class no longer exists. We've published it instead as an example of a custom transport class. (Pull #1182) - Drop
request.timer
attribute, which was being used internally to setresponse.elapsed
. (Pull #1249) - Drop
response.decoder
attribute, which was being used internally. (Pull #1276) Request.prepare()
is now a private method. (Pull #1284)- The
Headers.getlist()
method had previously been deprecated in favour ofHeaders.get_list()
. It is now fully removed. - The
QueryParams.getlist()
method had previously been deprecated in favour ofQueryParams.get_list()
. It is now fully removed. - The
URL.is_ssl
property had previously been deprecated in favour ofURL.scheme == "https"
. It is now fully removed. - The
httpx.PoolLimits
class had previously been deprecated in favour ofhttpx.Limits
. It is now fully removed. - The
max_keepalive
setting had previously been deprecated in favour of the more explicitmax_keepalive_connections
. It is now fully removed. - The verbose
httpx.Timeout(5.0, connect_timeout=60.0)
style had previously been deprecated in favour ofhttpx.Timeout(5.0, connect=60.0)
. It is now fully removed. - Support for instantiating a timeout config missing some defaults, such as
httpx.Timeout(connect=60.0)
, had previously been deprecated in favour of enforcing a more explicit style, such ashttpx.Timeout(5.0, connect=60.0)
. This is now strictly enforced.
http.Response()
may now be instantiated without arequest=...
parameter. Useful for some unit testing cases. (Pull #1238)- Add
103 Early Hints
and425 Too Early
status codes. (Pull #1244)
DigestAuth
now handles responses that include multiple 'WWW-Authenticate' headers. (Pull #1240)- Call into transport
__enter__
/__exit__
or__aenter__
/__aexit__
when client is used in a context manager style. (Pull #1218)
- Support
client.get(..., auth=None)
to bypass the default authentication on a clients. (Pull #1115) - Support
client.auth = ...
property setter. (Pull #1185) - Support
httpx.get(..., proxies=...)
on top-level request functions. (Pull #1198) - Display instances with nicer import styles. (Eg. <httpx.ReadTimeout ...>) (Pull #1155)
- Support
cookies=[(key, value)]
list-of-two-tuples style usage. (Pull #1211)
- Ensure that automatically included headers on a request may be modified. (Pull #1205)
- Allow explicit
Content-Length
header on streaming requests. (Pull #1170) - Handle URL quoted usernames and passwords properly. (Pull #1159)
- Use more consistent default for
HEAD
requests, settingallow_redirects=True
. (Pull #1183) - If a transport error occurs while streaming the response, raise an
httpx
exception, not the underlyinghttpcore
exception. (Pull #1190) - Include the underlying
httpcore
traceback, when transport exceptions occur. (Pull #1199)
- The
httpx.URL(...)
class now raiseshttpx.InvalidURL
on invalid URLs, rather than exposing the underlyingrfc3986
exception. If a redirect response includes an invalid 'Location' header, then aRemoteProtocolError
exception is raised, which will be associated with the request that caused it. (Pull #1163)
- Handling multiple
Set-Cookie
headers became broken in the 0.14.0 release, and is now resolved. (Pull #1156)
The 0.14 release includes a range of improvements to the public API, intended on preparing for our upcoming 1.0 release.
- Our HTTP/2 support is now fully optional. You now need to use
pip install httpx[http2]
if you want to include the HTTP/2 dependencies. - Our HSTS support has now been removed. Rewriting URLs from
http
tohttps
if the host is on the HSTS list can be beneficial in avoiding roundtrips to incorrectly formed URLs, but on balance we've decided to remove this feature, on the principle of least surprise. Most programmatic clients do not include HSTS support, and for now we're opting to remove our support for it. - Our exception hierarchy has been overhauled. Most users will want to stick with their existing
httpx.HTTPError
usage, but we've got a clearer overall structure now. See https://www.python-httpx.org/exceptions/ for more details.
When upgrading you should be aware of the following public API changes. Note that deprecated usages will currently continue to function, but will issue warnings.
- You should now use
httpx.codes
consistently instead ofhttpx.StatusCodes
. - Usage of
httpx.Timeout()
should now always include an explicit default. Eg.httpx.Timeout(None, pool=5.0)
. - When using
httpx.Timeout()
, we now have more concisely named keyword arguments. Eg.read=5.0
, instead ofread_timeout=5.0
. - Use
httpx.Limits()
instead ofhttpx.PoolLimits()
, andlimits=...
instead ofpool_limits=...
. - The
httpx.Limits(max_keepalive=...)
argument is now deprecated in favour of a more explicithttpx.Limits(max_keepalive_connections=...)
. - Keys used with
Client(proxies={...})
should now be in the style of{"http://": ...}
, rather than{"http": ...}
. - The multidict methods
Headers.getlist()
andQueryParams.getlist()
are deprecated in favour of more consistent.get_list()
variants. - The
URL.is_ssl
property is deprecated in favour ofURL.scheme == "https"
. - The
URL.join(relative_url=...)
method is nowURL.join(url=...)
. This change does not support warnings for the deprecated usage style.
One notable aspect of the 0.14.0 release is that it tightens up the public API for httpx
, by ensuring that several internal attributes and methods have now become strictly private.
The following previously had nominally public names on the client, but were all undocumented and intended solely for internal usage. They are all now replaced with underscored names, and should not be relied on or accessed.
These changes should not affect users who have been working from the httpx
documentation.
.merge_url()
,.merge_headers()
,.merge_cookies()
,.merge_queryparams()
.build_auth()
,.build_redirect_request()
.redirect_method()
,.redirect_url()
,.redirect_headers()
,.redirect_stream()
.send_handling_redirects()
,.send_handling_auth()
,.send_single_request()
.init_transport()
,.init_proxy_transport()
.proxies
,.transport
,.netrc
,.get_proxy_map()
See pull requests #997, #1065, #1071.
Some areas of API which were already on the deprecation path, and were raising warnings or errors in 0.13.x have now been escalated to being fully removed.
- Drop
ASGIDispatch
,WSGIDispatch
, which have been replaced byASGITransport
,WSGITransport
. - Drop
dispatch=...`` on client, which has been replaced by
transport=...`` - Drop
soft_limit
,hard_limit
, which have been replaced bymax_keepalive
andmax_connections
. - Drop
Response.stream
and, which have been replaced by ``.aiter_bytes
and.aiter_raw
. - Drop
proxies=<transport instance>
in favor ofproxies=httpx.Proxy(...)
.
See pull requests #1057, #1058.
- Added dedicated exception class
httpx.HTTPStatusError
for.raise_for_status()
exceptions. (Pull #1072) - Added
httpx.create_ssl_context()
helper function. (Pull #996) - Support for proxy exclusions like
proxies={"https://www.example.com": None}
. (Pull #1099) - Support
QueryParams(None)
andclient.params = None
. (Pull #1060)
- Use
httpx.codes
consistently in favour ofhttpx.StatusCodes
which is placed into deprecation. (Pull #1088) - Usage of
httpx.Timeout()
should now always include an explicit default. Eg.httpx.Timeout(None, pool=5.0)
. (Pull #1085) - Switch to more concise
httpx.Timeout()
keyword arguments. Eg.read=5.0
, instead ofread_timeout=5.0
. (Pull #1111) - Use
httpx.Limits()
instead ofhttpx.PoolLimits()
, andlimits=...
instead ofpool_limits=...
. (Pull #1113) - Keys used with
Client(proxies={...})
should now be in the style of{"http://": ...}
, rather than{"http": ...}
. (Pull #1127) - The multidict methods
Headers.getlist
andQueryParams.getlist
are deprecated in favour of more consistent.get_list()
variants. (Pull #1089) URL.port
becomesOptional[int]
. Now only returns a port if one is explicitly included in the URL string. (Pull #1080)- The
URL(..., allow_relative=[bool])
parameter no longer exists. All URL instances may be relative. (Pull #1073) - Drop unnecessary
url.full_path = ...
property setter. (Pull #1069) - The
URL.join(relative_url=...)
method is nowURL.join(url=...)
. (Pull #1129) - The
URL.is_ssl
property is deprecated in favour ofURL.scheme == "https"
. (Pull #1128)
- Add missing
Response.next()
method. (Pull #1055) - Ensure all exception classes are exposed as public API. (Pull #1045)
- Support multiple items with an identical field name in multipart encodings. (Pull #777)
- Skip HSTS preloading on single-label domains. (Pull #1074)
- Fixes for
Response.iter_lines()
. (Pull #1033, #1075) - Ignore permission errors when accessing
.netrc
files. (Pull #1104) - Allow bare hostnames in
HTTP_PROXY
etc... environment variables. (Pull #1120) - Settings
app=...
ortransport=...
bypasses any environment based proxy defaults. (Pull #1122) - Fix handling of
.base_url
when a path component is included in the base URL. (Pull #1130)
- Include missing keepalive expiry configuration. (Pull #1005)
- Improved error message when URL redirect has a custom scheme. (Pull #1002)
- Include explicit "Content-Length: 0" on POST, PUT, PATCH if no request body is used. (Pull #995)
- Add
http2
option tohttpx.Client
. (Pull #982) - Tighten up API typing in places. (Pull #992, #999)
- Fix pool options deprecation warning. (Pull #980)
- Include
httpx.URLLib3ProxyTransport
in top-level API. (Pull #979)
This release switches to httpcore
for all the internal networking, which means:
- We're using the same codebase for both our sync and async clients.
- HTTP/2 support is now available with the sync client.
- We no longer have a
urllib3
dependency for our sync client, although there is still an optionalURLLib3Transport
class.
It also means we've had to remove our UDS support, since maintaining that would have meant having to push back our work towards a 1.0 release, which isn't a trade-off we wanted to make.
We also now have a public "Transport API", which you can use to implement custom transport implementations against. This formalises and replaces our previously private "Dispatch API".
- Use
httpcore
for underlying HTTP transport. Dropurllib3
requirement. (Pull #804, #967) - Rename pool limit options from
soft_limit
/hard_limit
tomax_keepalive
/max_connections
. (Pull #968) - The previous private "Dispatch API" has now been promoted to a public "Transport API". When customizing the transport use
transport=...
. TheASGIDispatch
andWSGIDispatch
class naming is deprecated in favour ofASGITransport
andWSGITransport
. (Pull #963)
- Added
URLLib3Transport
class for optionalurllib3
transport support. (Pull #804, #963) - Streaming multipart uploads. (Pull #857)
- Logging via HTTPCORE_LOG_LEVEL and HTTPX_LOG_LEVEL environment variables and TRACE level logging. (Pull encode/httpcore#79)
- Performance improvement in brotli decoder. (Pull #906)
- Proper warning level of deprecation notice in
Response.stream
andResponse.raw
. (Pull #908) - Fix support for generator based WSGI apps. (Pull #887)
- Reuse of connections on HTTP/2 in close concurrency situations. (Pull encode/httpcore#81)
- Honor HTTP/2 max concurrent streams settings (Pull encode/httpcore#89, encode/httpcore#90)
- Fix bytes support in multipart uploads. (Pull #974)
- Improve typing support for
files=...
. (Pull #976)
- Dropped support for
Client(uds=...)
(Pull #804)
The 0.13.0.dev2 is a pre-release version. To install it, use pip install httpx --pre
.
- Logging via HTTPCORE_LOG_LEVEL and HTTPX_LOG_LEVEL environment variables and TRACE level logging. (HTTPCore Pull #79)
- Reuse of connections on HTTP/2 in close concurrency situations. (HTTPCore Pull #81)
- When using an
app=<ASGI app>
observe neater disconnect behaviour instead of sending empty body messages. (Pull #919)
The 0.13.0.dev1 is a pre-release version. To install it, use pip install httpx --pre
.
- Passing
http2
flag to proxy dispatchers. (Pull #934) - Use
httpcore
v0.8.3 which addresses problems in handling of headers when using proxies.
The 0.13.0.dev0 is a pre-release version. To install it, use pip install httpx --pre
.
This release switches to httpcore
for all the internal networking, which means:
- We're using the same codebase for both our sync and async clients.
- HTTP/2 support is now available with the sync client.
- We no longer have a
urllib3
dependency for our sync client, although there is still an optionalURLLib3Dispatcher
class.
It also means we've had to remove our UDS support, since maintaining that would have meant having to push back our work towards a 1.0 release, which isn't a trade-off we wanted to make.
- Use
httpcore
for underlying HTTP transport. Dropurllib3
requirement. (Pull #804)
- Added
URLLib3Dispatcher
class for optionalurllib3
transport support. (Pull #804) - Streaming multipart uploads. (Pull #857)
- Performance improvement in brotli decoder. (Pull #906)
- Proper warning level of deprecation notice in
Response.stream
andResponse.raw
. (Pull #908) - Fix support for generator based WSGI apps. (Pull #887)
- Dropped support for
Client(uds=...)
(Pull #804)
- Resolved packaging issue, where additional files were being included.
The 0.12 release tightens up the API expectations for httpx
by switching to private module names to enforce better clarity around public API.
All imports of httpx
should import from the top-level package only, such as from httpx import Request
, rather than importing from privately namespaced modules such as from httpx._models import Request
.
- Support making response body available to auth classes with
.requires_response_body
. (Pull #803) - Export
NetworkError
exception. (Pull #814) - Add support for
NO_PROXY
environment variable. (Pull #835)
- Switched to private module names. (Pull #785)
- Drop redirect looping detection and the
RedirectLoop
exception, instead usingTooManyRedirects
. (Pull #819) - Drop
backend=...
parameter onAsyncClient
, in favour of always autodetectingtrio
/asyncio
. (Pull #791)
- Support basic auth credentials in proxy URLs. (Pull #780)
- Fix
httpx.Proxy(url, mode="FORWARD_ONLY")
configuration. (Pull #788) - Fallback to setting headers as UTF-8 if no encoding is specified. (Pull #820)
- Close proxy dispatches classes on client close. (Pull #826)
- Support custom
cert
parameters even ifverify=False
. (Pull #796) - Don't support invalid dict-of-dicts form data in
data=...
. (Pull #811)
- Fixed usage of
proxies=...
onClient()
. (Pull #763) - Support both
zlib
anddeflate
style encodings onContent-Encoding: deflate
. (Pull #758) - Fix for streaming a redirect response body with
allow_redirects=False
. (Pull #766) - Handle redirect with malformed Location headers missing host. (Pull #774)
The 0.11 release reintroduces our sync support, so that httpx
now supports both a standard thread-concurrency API, and an async API.
Existing async httpx
users that are upgrading to 0.11 should ensure that:
- Async codebases should always use a client instance to make requests, instead of the top-level API.
- The async client is named as
httpx.AsyncClient()
, instead ofhttpx.Client()
. - When instantiating proxy configurations use the
httpx.Proxy()
class, instead of the previoushttpx.HTTPProxy()
. This new configuration class works for configuring both sync and async clients.
We believe the API is now pretty much stable, and are aiming for a 1.0 release sometime on or before April 2020.
- Top level API such as
httpx.get(url, ...)
,httpx.post(url, ...)
,httpx.request(method, url, ...)
becomes synchronous. - Added
httpx.Client()
for synchronous clients, withhttpx.AsyncClient
being used for async clients. - Switched to
proxies=httpx.Proxy(...)
for proxy configuration. - Network connection errors are wrapped in
httpx.NetworkError
, rather than exposing lower-level exception types directly.
- The
request.url.origin
property andhttpx.Origin
class are no longer available. - The per-request
cert
,verify
, andtrust_env
arguments are escalated from raising errors if used, to no longer being available. These arguments should be used on a per-client instance instead, or in the top-level API. - The
stream
argument has escalated from raising an error when used, to no longer being available. Use theclient.stream(...)
orhttpx.stream()
streaming API instead.
- Redirect loop detection matches against
(method, url)
rather thanurl
. (Pull #734)
- Fix issue with concurrent connection acquisition. (Pull #700)
- Fix write error on closing HTTP/2 connections. (Pull #699)
The 0.10.0 release makes some changes that will allow us to support both sync and async interfaces.
In particular with streaming responses the response.read()
method becomes response.aread()
, and the response.close()
method becomes response.aclose()
.
If following redirects explicitly the response.next()
method becomes response.anext()
.
- End HTTP/2 streams immediately on no-body requests, rather than sending an empty body message. (Pull #682)
- Improve typing for
Response.request
: switch fromOptional[Request]
toRequest
. (Pull #666) Response.elapsed
now reflects the entire download time. (Pull #687, #692)
- Added
AsyncClient
as a synonym forClient
. (Pull #680) - Switch to
response.aread()
for conditionally reading streaming responses. (Pull #674) - Switch to
response.aclose()
andclient.aclose()
for explicit closing. (Pull #674, #675) - Switch to
response.anext()
for resolving the next redirect response. (Pull #676)
- When using a client instance, the per-request usage of
verify
,cert
, andtrust_env
have now escalated from raising a warning to raising an error. You should set these arguments on the client instead. (Pull #617) - Removed the undocumented
request.read()
, since end users should not require it.
- Fix Host header and HSTS rewrites when an explicit
:80
port is included in URL. (Pull #649) - Query Params on the URL string are merged with any
params=...
argument. (Pull #653) - More robust behavior when closing connections. (Pull #640)
- More robust behavior when handling HTTP/2 headers with trailing whitespace. (Pull #637)
- Allow any explicit
Content-Type
header to take precedence over the encoding default. (Pull #633)
- Added expiry to Keep-Alive connections, resolving issues with acquiring connections. (Pull #627)
- Increased flow control windows on HTTP/2, resolving download speed issues. (Pull #629)
- Fixed HTTP/2 with autodetection backend. (Pull #614)
- Released due to packaging build artifact.
- Released due to packaging build artifact.
The 0.9 releases brings some major new features, including:
- A new streaming API.
- Autodetection of either asyncio or trio.
- Nicer timeout configuration.
- HTTP/2 support off by default, but can be enabled.
We've also removed all private types from the top-level package export.
In order to ensure you are only ever working with public API you should make
sure to only import the top-level package eg. import httpx
, rather than
importing modules within the package.
- Added concurrency backend autodetection. (Pull #585)
- Added
Client(backend='trio')
andClient(backend='asyncio')
API. (Pull #585) - Added
response.stream_lines()
API. (Pull #575) - Added
response.is_error
API. (Pull #574) - Added support for
timeout=Timeout(5.0, connect_timeout=60.0)
styles. (Pull #593)
- Requests or Clients with
timeout=None
now correctly always disable timeouts. (Pull #592) - Request 'Authorization' headers now have priority over
.netrc
authentication info. (Commit 095b691) - Files without a filename no longer set a Content-Type in multipart data. (Commit ed94950)
- Added
httpx.stream()
API. Usingstream=True
now results in a warning. (Pull #600, #610) - HTTP/2 support is switched to "off by default", but can be enabled explicitly. (Pull #584)
- Switched to
Client(http2=True)
API fromClient(http_versions=["HTTP/1.1", "HTTP/2"])
. (Pull #586) - Removed all private types from the top-level package export. (Pull #608)
- The SSL configuration settings of
verify
,cert
, andtrust_env
now raise warnings if used per-request when using a Client instance. They should always be set on the Client instance itself. (Pull #597) - Use plain strings "TUNNEL_ONLY" or "FORWARD_ONLY" on the HTTPProxy
proxy_mode
argument. TheHTTPProxyMode
enum still exists, but its usage will raise warnings. (#610) - Pool timeouts are now on the timeout configuration, not the pool limits configuration. (Pull #563)
- The timeout configuration is now named
httpx.Timeout(...)
, nothttpx.TimeoutConfig(...)
. The old version currently remains as a synonym for backwards compatibility. (Pull #591)
- The synchronous API has been removed, in order to allow us to fundamentally change how we approach supporting both sync and async variants. (See #588 for more details.)
- Add support for proxy tunnels for Python 3.6 + asyncio. (Pull #521)
- Resolve an issue with cookies behavior on redirect requests. (Pull #529)
- Add request/response DEBUG logs. (Pull #502)
- Use TRACE log level for low level info. (Pull #500)
- Drop
proxies
parameter from the high-level API. (Pull #485)
- Tweak multipart files: omit null filenames, add support for
str
file contents. (Pull #482) - Cache NETRC authentication per-client. (Pull #400)
- Rely on
getproxies
for all proxy environment variables. (Pull #470) - Wait for the
asyncio
stream to close when closing a connection. (Pull #494)
- Allow lists of values to be passed to
params
. (Pull #386) ASGIDispatch
,WSGIDispatch
are now available in thehttpx.dispatch
namespace. (Pull #407)HTTPError
is now available in thehttpx
namespace. (Pull #421)- Add support for
start_tls()
to the Trio concurrency backend. (Pull #467)
- Username and password are no longer included in the
Host
header when basic authentication credentials are supplied via the URL. (Pull #417)
- The
.delete()
function no longer hasjson
,data
, orfiles
parameters to match the expected semantics of theDELETE
method. (Pull #408) - Removed the
trio
extra. Trio support is detected automatically. (Pull #390)
- Add Trio concurrency backend. (Pull #276)
- Add
params
parameter toClient
for setting default query parameters. (Pull #372) - Add support for
SSL_CERT_FILE
andSSL_CERT_DIR
environment variables. (Pull #307) - Add debug logging to calls into ASGI apps. (Pull #371)
- Add debug logging to SSL configuration. (Pull #378)
- Fix a bug when using
Client
without timeouts in Python 3.6. (Pull #383) - Propagate
Client
configuration to HTTP proxies. (Pull #377)
- HTTP Proxy support. (Pulls #259, #353)
- Add Digest authentication. (Pull #332)
- Add
.build_request()
method toClient
andAsyncClient
. (Pull #319) - Add
.elapsed
property on responses. (Pull #351) - Add support for
SSLKEYLOGFILE
in Python 3.8b4+. (Pull #301)
- Drop NPN support for HTTP version negotiation. (Pull #314)
- Fix distribution of type annotations for mypy (Pull #361).
- Set
Host
header when redirecting cross-origin. (Pull #321) - Drop
Content-Length
headers onGET
redirects. (Pull #310) - Raise
KeyError
if header isn't found inHeaders
. (Pull #324) - Raise
NotRedirectResponse
inresponse.next()
if there is no redirection to perform. (Pull #297) - Fix bug in calculating the HTTP/2 maximum frame size. (Pull #153)
- Enforce using
httpx.AsyncioBackend
for the synchronous client. (Pull #232) httpx.ConnectionPool
will properly release a dropped connection. (Pull #230)- Remove the
raise_app_exceptions
argument fromClient
. (Pull #238) DecodeError
will no longer be raised for an empty body encoded with Brotli. (Pull #237)- Added
http_versions
parameter toClient
. (Pull #250) - Only use HTTP/1.1 on short-lived connections like
httpx.get()
. (Pull #284) - Convert
Client.cookies
andClient.headers
when set as a property. (Pull #274) - Setting
HTTPX_DEBUG=1
enables debug logging on all requests. (Pull #277)
- Include files with source distribution to be installable. (Pull #233)
- Add the
trust_env
property toBaseClient
. (Pull #187) - Add the
links
property toBaseResponse
. (Pull #211) - Accept
ssl.SSLContext
instances intoSSLConfig(verify=...)
. (Pull #215) - Add
Response.stream_text()
with incremental encoding detection. (Pull #183) - Properly updated the
Host
header when a redirect changes the origin. (Pull #199) - Ignore invalid
Content-Encoding
headers. (Pull #196) - Use
~/.netrc
and~/_netrc
files by default whentrust_env=True
. (Pull #189) - Create exception base class
HTTPError
withrequest
andresponse
properties. (Pull #162) - Add HSTS preload list checking within
BaseClient
to upgrade HTTP URLs to HTTPS. (Pull #184) - Switch IDNA encoding from IDNA 2003 to IDNA 2008. (Pull #161)
- Expose base classes for alternate concurrency backends. (Pull #178)
- Improve Multipart parameter encoding. (Pull #167)
- Add the
headers
property toBaseClient
. (Pull #159) - Add support for Google's
brotli
library. (Pull #156) - Remove deprecated TLS versions (TLSv1 and TLSv1.1) from default
SSLConfig
. (Pull #155) - Fix
URL.join(...)
to work similarly to RFC 3986 URL joining. (Pull #144)
- Check for disconnections when searching for an available
connection in
ConnectionPool.keepalive_connections
(Pull #145) - Allow string comparison for
URL
objects (Pull #139) - Add HTTP status codes 418 and 451 (Pull #135)
- Add support for client certificate passwords (Pull #118)
- Enable post-handshake client cert authentication for TLSv1.3 (Pull #118)
- Disable using
commonName
for hostname checking for OpenSSL 1.1.0+ (Pull #118) - Detect encoding for
Response.json()
(Pull #116)
- Check for connection aliveness on re-acquisition (Pull #111)
- Improve
USER_AGENT
(Pull #110) - Add
Connection: keep-alive
by default to HTTP/1.1 connections. (Pull #110)
- Include
Host
header by default. (Pull #109) - Improve HTTP protocol detection. (Pull #107)
- Implement read and write timeouts (Pull #104)
- Handle early connection closes (Pull #103)
- Use urllib3's
DEFAULT_CIPHERS
for theSSLConfig
object. (Pull #100)
- Add support for setting a
base_url
on theClient
.
- Honor
local_flow_control_window
for HTTP/2 connections (Pull #98)