All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog.
http.Response()
may now be instantiated without arequest=...
parameter. Useful for some unit testing cases. (Pull #1238)- Add
103 Early Hints
and425 Too Early
status codes. (Pull #1244)
DigestAuth
now handles responses that include multiple 'WWW-Authenticate' headers. (Pull #1240)- Call into transport
__enter__
/__exit__
or__aenter__
/__aexit__
when client is used in a context manager style. (Pull #1218)
- Support
client.get(..., auth=None)
to bypass the default authentication on a clients. (Pull #1115) - Support
client.auth = ...
property setter. (Pull #1185) - Support
httpx.get(..., proxies=...)
on top-level request functions. (Pull #1198) - Display instances with nicer import styles. (Eg. <httpx.ReadTimeout ...>) (Pull #1155)
- Support
cookies=[(key, value)]
list-of-two-tuples style usage. (Pull #1211)
- Ensure that automatically included headers on a request may be modified. (Pull #1205)
- Allow explicit
Content-Length
header on streaming requests. (Pull #1170) - Handle URL quoted usernames and passwords properly. (Pull #1159)
- Use more consistent default for
HEAD
requests, settingallow_redirects=True
. (Pull #1183) - If a transport error occurs while streaming the response, raise an
httpx
exception, not the underlyinghttpcore
exception. (Pull #1190) - Include the underlying
httpcore
traceback, when transport exceptions occur. (Pull #1199)
- The
httpx.URL(...)
class now raiseshttpx.InvalidURL
on invalid URLs, rather than exposing the underlyingrfc3986
exception. If a redirect response includes an invalid 'Location' header, then aRemoteProtocolError
exception is raised, which will be associated with the request that caused it. (Pull #1163)
- Handling multiple
Set-Cookie
headers became broken in the 0.14.0 release, and is now resolved. (Pull #1156)
The 0.14 release includes a range of improvements to the public API, intended on preparing for our upcoming 1.0 release.
- Our HTTP/2 support is now fully optional. You now need to use
pip install httpx[http2]
if you want to include the HTTP/2 dependancies. - Our HSTS support has now been removed. Rewriting URLs from
http
tohttps
if the host is on the HSTS list can be beneficial in avoiding roundtrips to incorrectly formed URLs, but on balance we've decided to remove this feature, on the principle of least surprise. Most programmatic clients do not include HSTS support, and for now we're opting to remove our support for it. - Our exception hierarchy has been overhauled. Most users will want to stick with their existing
httpx.HTTPError
usage, but we've got a clearer overall structure now. See https://www.python-httpx.org/exceptions/ for more details.
When upgrading you should be aware of the following public API changes. Note that deprecated usages will currently continue to function, but will issue warnings.
- You should now use
httpx.codes
consistently instead ofhttpx.StatusCodes
. - Usage of
httpx.Timeout()
should now always include an explicit default. Eg.httpx.Timeout(None, pool=5.0)
. - When using
httpx.Timeout()
, we now have more concisely named keyword arguments. Eg.read=5.0
, instead ofread_timeout=5.0
. - Use
httpx.Limits()
instead ofhttpx.PoolLimits()
, andlimits=...
instead ofpool_limits=...
. - The
httpx.Limits(max_keepalive=...)
argument is now deprecated in favour of a more explicithttpx.Limits(max_keepalive_connections=...)
. - Keys used with
Client(proxies={...})
should now be in the style of{"http://": ...}
, rather than{"http": ...}
. - The multidict methods
Headers.getlist()
andQueryParams.getlist()
are deprecated in favour of more consistent.get_list()
variants. - The
URL.is_ssl
property is deprecated in favour ofURL.scheme == "https"
. - The
URL.join(relative_url=...)
method is nowURL.join(url=...)
. This change does not support warnings for the deprecated usage style.
One notable aspect of the 0.14.0 release is that it tightens up the public API for httpx
, by ensuring that several internal attributes and methods have now become strictly private.
The following previously had nominally public names on the client, but were all undocumented and intended solely for internal usage. They are all now replaced with underscored names, and should not be relied on or accessed.
These changes should not affect users who have been working from the httpx
documentation.
.merge_url()
,.merge_headers()
,.merge_cookies()
,.merge_queryparams()
.build_auth()
,.build_redirect_request()
.redirect_method()
,.redirect_url()
,.redirect_headers()
,.redirect_stream()
.send_handling_redirects()
,.send_handling_auth()
,.send_single_request()
.init_transport()
,.init_proxy_transport()
.proxies
,.transport
,.netrc
,.get_proxy_map()
See pull requests #997, #1065, #1071.
Some areas of API which were already on the deprecation path, and were raising warnings or errors in 0.13.x have now been escalated to being fully removed.
- Drop
ASGIDispatch
,WSGIDispatch
, which have been replaced byASGITransport
,WSGITransport
. - Drop
dispatch=...`` on client, which has been replaced by
transport=...`` - Drop
soft_limit
,hard_limit
, which have been replaced bymax_keepalive
andmax_connections
. - Drop
Response.stream
and, which have been replaced by ``.aiter_bytes
and.aiter_raw
. - Drop
proxies=<transport instance>
in favor ofproxies=httpx.Proxy(...)
.
See pull requests #1057, #1058.
- Added dedicated exception class
httpx.HTTPStatusError
for.raise_for_status()
exceptions. (Pull #1072) - Added
httpx.create_ssl_context()
helper function. (Pull #996) - Support for proxy exlcusions like
proxies={"https://www.example.com": None}
. (Pull #1099) - Support
QueryParams(None)
andclient.params = None
. (Pull #1060)
- Use
httpx.codes
consistently in favour ofhttpx.StatusCodes
which is placed into deprecation. (Pull #1088) - Usage of
httpx.Timeout()
should now always include an explicit default. Eg.httpx.Timeout(None, pool=5.0)
. (Pull #1085) - Switch to more concise
httpx.Timeout()
keyword arguments. Eg.read=5.0
, instead ofread_timeout=5.0
. (Pull #1111) - Use
httpx.Limits()
instead ofhttpx.PoolLimits()
, andlimits=...
instead ofpool_limits=...
. (Pull #1113) - Keys used with
Client(proxies={...})
should now be in the style of{"http://": ...}
, rather than{"http": ...}
. (Pull #1127) - The multidict methods
Headers.getlist
andQueryParams.getlist
are deprecated in favour of more consistent.get_list()
variants. (Pull #1089) URL.port
becomesOptional[int]
. Now only returns a port if one is explicitly included in the URL string. (Pull #1080)- The
URL(..., allow_relative=[bool])
parameter no longer exists. All URL instances may be relative. (Pull #1073) - Drop unnecessary
url.full_path = ...
property setter. (Pull #1069) - The
URL.join(relative_url=...)
method is nowURL.join(url=...)
. (Pull #1129) - The
URL.is_ssl
property is deprecated in favour ofURL.scheme == "https"
. (Pull #1128)
- Add missing
Response.next()
method. (Pull #1055) - Ensure all exception classes are exposed as public API. (Pull #1045)
- Support multiple items with an identical field name in multipart encodings. (Pull #777)
- Skip HSTS preloading on single-label domains. (Pull #1074)
- Fixes for
Response.iter_lines()
. (Pull #1033, #1075) - Ignore permission errors when accessing
.netrc
files. (Pull #1104) - Allow bare hostnames in
HTTP_PROXY
etc... environment variables. (Pull #1120) - Settings
app=...
ortransport=...
bypasses any environment based proxy defaults. (Pull #1122) - Fix handling of
.base_url
when a path component is included in the base URL. (Pull #1130)
- Include missing keepalive expiry configuration. (Pull #1005)
- Improved error message when URL redirect has a custom scheme. (Pull #1002)
- Include explicit "Content-Length: 0" on POST, PUT, PATCH if no request body is used. (Pull #995)
- Add
http2
option tohttpx.Client
. (Pull #982) - Tighten up API typing in places. (Pull #992, #999)
- Fix pool options deprecation warning. (Pull #980)
- Include
httpx.URLLib3ProxyTransport
in top-level API. (Pull #979)
This release switches to httpcore
for all the internal networking, which means:
- We're using the same codebase for both our sync and async clients.
- HTTP/2 support is now available with the sync client.
- We no longer have a
urllib3
dependency for our sync client, although there is still an optionalURLLib3Transport
class.
It also means we've had to remove our UDS support, since maintaining that would have meant having to push back our work towards a 1.0 release, which isn't a trade-off we wanted to make.
We also now have a public "Transport API", which you can use to implement custom transport implementations against. This formalises and replaces our previously private "Dispatch API".
- Use
httpcore
for underlying HTTP transport. Dropurllib3
requirement. (Pull #804, #967) - Rename pool limit options from
soft_limit
/hard_limit
tomax_keepalive
/max_connections
. (Pull #968) - The previous private "Dispatch API" has now been promoted to a public "Transport API". When customizing the transport use
transport=...
. TheASGIDispatch
andWSGIDispatch
class naming is deprecated in favour ofASGITransport
andWSGITransport
. (Pull #963)
- Added
URLLib3Transport
class for optionalurllib3
transport support. (Pull #804, #963) - Streaming multipart uploads. (Pull #857)
- Logging via HTTPCORE_LOG_LEVEL and HTTPX_LOG_LEVEL environment variables and TRACE level logging. (Pull encode/httpcore#79)
- Performance improvement in brotli decoder. (Pull #906)
- Proper warning level of deprecation notice in
Response.stream
andResponse.raw
. (Pull #908) - Fix support for generator based WSGI apps. (Pull #887)
- Reuse of connections on HTTP/2 in close concurrency situations. (Pull encode/httpcore#81)
- Honor HTTP/2 max concurrent streams settings (Pull encode/httpcore#89, encode/httpcore#90)
- Fix bytes support in multipart uploads. (Pull #974)
- Improve typing support for
files=...
. (Pull #976)
- Dropped support for
Client(uds=...)
(Pull #804)
The 0.13.0.dev2 is a pre-release version. To install it, use pip install httpx --pre
.
- Logging via HTTPCORE_LOG_LEVEL and HTTPX_LOG_LEVEL environment variables and TRACE level logging. (HTTPCore Pull #79)
- Reuse of connections on HTTP/2 in close concurrency situations. (HTTPCore Pull #81)
- When using an
app=<ASGI app>
observe neater disconnect behaviour instead of sending empty body messages. (Pull #919)
The 0.13.0.dev1 is a pre-release version. To install it, use pip install httpx --pre
.
- Passing
http2
flag to proxy dispatchers. (Pull #934) - Use
httpcore
v0.8.3 which addresses problems in handling of headers when using proxies.
The 0.13.0.dev0 is a pre-release version. To install it, use pip install httpx --pre
.
This release switches to httpcore
for all the internal networking, which means:
- We're using the same codebase for both our sync and async clients.
- HTTP/2 support is now available with the sync client.
- We no longer have a
urllib3
dependency for our sync client, although there is still an optionalURLLib3Dispatcher
class.
It also means we've had to remove our UDS support, since maintaining that would have meant having to push back our work towards a 1.0 release, which isn't a trade-off we wanted to make.
- Use
httpcore
for underlying HTTP transport. Dropurllib3
requirement. (Pull #804)
- Added
URLLib3Dispatcher
class for optionalurllib3
transport support. (Pull #804) - Streaming multipart uploads. (Pull #857)
- Performance improvement in brotli decoder. (Pull #906)
- Proper warning level of deprecation notice in
Response.stream
andResponse.raw
. (Pull #908) - Fix support for generator based WSGI apps. (Pull #887)
- Dropped support for
Client(uds=...)
(Pull #804)
- Resolved packaging issue, where additional files were being included.
The 0.12 release tightens up the API expectations for httpx
by switching to private module names to enforce better clarity around public API.
All imports of httpx
should import from the top-level package only, such as from httpx import Request
, rather than importing from privately namespaced modules such as from httpx._models import Request
.
- Support making response body available to auth classes with
.requires_response_body
. (Pull #803) - Export
NetworkError
exception. (Pull #814) - Add support for
NO_PROXY
environment variable. (Pull #835)
- Switched to private module names. (Pull #785)
- Drop redirect looping detection and the
RedirectLoop
exception, instead usingTooManyRedirects
. (Pull #819) - Drop
backend=...
parameter onAsyncClient
, in favour of always autodetectingtrio
/asyncio
. (Pull #791)
- Support basic auth credentials in proxy URLs. (Pull #780)
- Fix
httpx.Proxy(url, mode="FORWARD_ONLY")
configuration. (Pull #788) - Fallback to setting headers as UTF-8 if no encoding is specified. (Pull #820)
- Close proxy dispatches classes on client close. (Pull #826)
- Support custom
cert
parameters even ifverify=False
. (Pull #796) - Don't support invalid dict-of-dicts form data in
data=...
. (Pull #811)
- Fixed usage of
proxies=...
onClient()
. (Pull #763) - Support both
zlib
anddeflate
style encodings onContent-Encoding: deflate
. (Pull #758) - Fix for streaming a redirect response body with
allow_redirects=False
. (Pull #766) - Handle redirect with malformed Location headers missing host. (Pull #774)
The 0.11 release reintroduces our sync support, so that httpx
now supports both a standard thread-concurrency API, and an async API.
Existing async httpx
users that are upgrading to 0.11 should ensure that:
- Async codebases should always use a client instance to make requests, instead of the top-level API.
- The async client is named as
httpx.AsyncClient()
, instead ofhttpx.Client()
. - When instantiating proxy configurations use the
httpx.Proxy()
class, instead of the previoushttpx.HTTPProxy()
. This new configuration class works for configuring both sync and async clients.
We believe the API is now pretty much stable, and are aiming for a 1.0 release sometime on or before April 2020.
- Top level API such as
httpx.get(url, ...)
,httpx.post(url, ...)
,httpx.request(method, url, ...)
becomes synchronous. - Added
httpx.Client()
for synchronous clients, withhttpx.AsyncClient
being used for async clients. - Switched to
proxies=httpx.Proxy(...)
for proxy configuration. - Network connection errors are wrapped in
httpx.NetworkError
, rather than exposing lower-level exception types directly.
- The
request.url.origin
property andhttpx.Origin
class are no longer available. - The per-request
cert
,verify
, andtrust_env
arguments are escalated from raising errors if used, to no longer being available. These arguments should be used on a per-client instance instead, or in the top-level API. - The
stream
argument has escalated from raising an error when used, to no longer being available. Use theclient.stream(...)
orhttpx.stream()
streaming API instead.
- Redirect loop detection matches against
(method, url)
rather thanurl
. (Pull #734)
- Fix issue with concurrent connection acquiry. (Pull #700)
- Fix write error on closing HTTP/2 connections. (Pull #699)
The 0.10.0 release makes some changes that will allow us to support both sync and async interfaces.
In particular with streaming responses the response.read()
method becomes response.aread()
, and the response.close()
method becomes response.aclose()
.
If following redirects explicitly the response.next()
method becomes response.anext()
.
- End HTTP/2 streams immediately on no-body requests, rather than sending an empty body message. (Pull #682)
- Improve typing for
Response.request
: switch fromOptional[Request]
toRequest
. (Pull #666) Response.elapsed
now reflects the entire download time. (Pull #687, #692)
- Added
AsyncClient
as a synonym forClient
. (Pull #680) - Switch to
response.aread()
for conditionally reading streaming responses. (Pull #674) - Switch to
response.aclose()
andclient.aclose()
for explicit closing. (Pull #674, #675) - Switch to
response.anext()
for resolving the next redirect response. (Pull #676)
- When using a client instance, the per-request usage of
verify
,cert
, andtrust_env
have now escalated from raising a warning to raising an error. You should set these arguments on the client instead. (Pull #617) - Removed the undocumented
request.read()
, since end users should not require it.
- Fix Host header and HSTS rewrites when an explicit
:80
port is included in URL. (Pull #649) - Query Params on the URL string are merged with any
params=...
argument. (Pull #653) - More robust behavior when closing connections. (Pull #640)
- More robust behavior when handling HTTP/2 headers with trailing whitespace. (Pull #637)
- Allow any explicit
Content-Type
header to take precedence over the encoding default. (Pull #633)
- Added expiry to Keep-Alive connections, resolving issues with acquiring connections. (Pull #627)
- Increased flow control windows on HTTP/2, resolving download speed issues. (Pull #629)
- Fixed HTTP/2 with autodetection backend. (Pull #614)
- Released due to packaging build artifact.
- Released due to packaging build artifact.
The 0.9 releases brings some major new features, including:
- A new streaming API.
- Autodetection of either asyncio or trio.
- Nicer timeout configuration.
- HTTP/2 support off by default, but can be enabled.
We've also removed all private types from the top-level package export.
In order to ensure you are only ever working with public API you should make
sure to only import the top-level package eg. import httpx
, rather than
importing modules within the package.
- Added concurrency backend autodetection. (Pull #585)
- Added
Client(backend='trio')
andClient(backend='asyncio')
API. (Pull #585) - Added
response.stream_lines()
API. (Pull #575) - Added
response.is_error
API. (Pull #574) - Added support for
timeout=Timeout(5.0, connect_timeout=60.0)
styles. (Pull #593)
- Requests or Clients with
timeout=None
now correctly always disable timeouts. (Pull #592) - Request 'Authorization' headers now have priority over
.netrc
authentication info. (Commit 095b691) - Files without a filename no longer set a Content-Type in multipart data. (Commit ed94950)
- Added
httpx.stream()
API. Usingstream=True
now results in a warning. (Pull #600, #610) - HTTP/2 support is switched to "off by default", but can be enabled explicitly. (Pull #584)
- Switched to
Client(http2=True)
API fromClient(http_versions=["HTTP/1.1", "HTTP/2"])
. (Pull #586) - Removed all private types from the top-level package export. (Pull #608)
- The SSL configuration settings of
verify
,cert
, andtrust_env
now raise warnings if used per-request when using a Client instance. They should always be set on the Client instance itself. (Pull #597) - Use plain strings "TUNNEL_ONLY" or "FORWARD_ONLY" on the HTTPProxy
proxy_mode
argument. TheHTTPProxyMode
enum still exists, but its usage will raise warnings. (#610) - Pool timeouts are now on the timeout configuration, not the pool limits configuration. (Pull #563)
- The timeout configuration is now named
httpx.Timeout(...)
, nothttpx.TimeoutConfig(...)
. The old version currently remains as a synonym for backwards compatability. (Pull #591)
- The synchronous API has been removed, in order to allow us to fundamentally change how we approach supporting both sync and async variants. (See #588 for more details.)
- Add support for proxy tunnels for Python 3.6 + asyncio. (Pull #521)
- Resolve an issue with cookies behavior on redirect requests. (Pull #529)
- Add request/response DEBUG logs. (Pull #502)
- Use TRACE log level for low level info. (Pull #500)
- Drop
proxies
parameter from the high-level API. (Pull #485)
- Tweak multipart files: omit null filenames, add support for
str
file contents. (Pull #482) - Cache NETRC authentication per-client. (Pull #400)
- Rely on
getproxies
for all proxy environment variables. (Pull #470) - Wait for the
asyncio
stream to close when closing a connection. (Pull #494)
- Allow lists of values to be passed to
params
. (Pull #386) ASGIDispatch
,WSGIDispatch
are now available in thehttpx.dispatch
namespace. (Pull #407)HTTPError
is now available in thehttpx
namespace. (Pull #421)- Add support for
start_tls()
to the Trio concurrency backend. (Pull #467)
- Username and password are no longer included in the
Host
header when basic authentication credentials are supplied via the URL. (Pull #417)
- The
.delete()
function no longer hasjson
,data
, orfiles
parameters to match the expected semantics of theDELETE
method. (Pull #408) - Removed the
trio
extra. Trio support is detected automatically. (Pull #390)
- Add Trio concurrency backend. (Pull #276)
- Add
params
parameter toClient
for setting default query parameters. (Pull #372) - Add support for
SSL_CERT_FILE
andSSL_CERT_DIR
environment variables. (Pull #307) - Add debug logging to calls into ASGI apps. (Pull #371)
- Add debug logging to SSL configuration. (Pull #378)
- Fix a bug when using
Client
without timeouts in Python 3.6. (Pull #383) - Propagate
Client
configuration to HTTP proxies. (Pull #377)
- HTTP Proxy support. (Pulls #259, #353)
- Add Digest authentication. (Pull #332)
- Add
.build_request()
method toClient
andAsyncClient
. (Pull #319) - Add
.elapsed
property on responses. (Pull #351) - Add support for
SSLKEYLOGFILE
in Python 3.8b4+. (Pull #301)
- Drop NPN support for HTTP version negotiation. (Pull #314)
- Fix distribution of type annotations for mypy (Pull #361).
- Set
Host
header when redirecting cross-origin. (Pull #321) - Drop
Content-Length
headers onGET
redirects. (Pull #310) - Raise
KeyError
if header isn't found inHeaders
. (Pull #324) - Raise
NotRedirectResponse
inresponse.next()
if there is no redirection to perform. (Pull #297) - Fix bug in calculating the HTTP/2 maximum frame size. (Pull #153)
- Enforce using
httpx.AsyncioBackend
for the synchronous client. (Pull #232) httpx.ConnectionPool
will properly release a dropped connection. (Pull #230)- Remove the
raise_app_exceptions
argument fromClient
. (Pull #238) DecodeError
will no longer be raised for an empty body encoded with Brotli. (Pull #237)- Added
http_versions
parameter toClient
. (Pull #250) - Only use HTTP/1.1 on short-lived connections like
httpx.get()
. (Pull #284) - Convert
Client.cookies
andClient.headers
when set as a property. (Pull #274) - Setting
HTTPX_DEBUG=1
enables debug logging on all requests. (Pull #277)
- Include files with source distribution to be installable. (Pull #233)
- Add the
trust_env
property toBaseClient
. (Pull #187) - Add the
links
property toBaseResponse
. (Pull #211) - Accept
ssl.SSLContext
instances intoSSLConfig(verify=...)
. (Pull #215) - Add
Response.stream_text()
with incremental encoding detection. (Pull #183) - Properly updated the
Host
header when a redirect changes the origin. (Pull #199) - Ignore invalid
Content-Encoding
headers. (Pull #196) - Use
~/.netrc
and~/_netrc
files by default whentrust_env=True
. (Pull #189) - Create exception base class
HTTPError
withrequest
andresponse
properties. (Pull #162) - Add HSTS preload list checking within
BaseClient
to upgrade HTTP URLs to HTTPS. (Pull #184) - Switch IDNA encoding from IDNA 2003 to IDNA 2008. (Pull #161)
- Expose base classes for alternate concurrency backends. (Pull #178)
- Improve Multipart parameter encoding. (Pull #167)
- Add the
headers
proeprty toBaseClient
. (Pull #159) - Add support for Google's
brotli
library. (Pull #156) - Remove deprecated TLS versions (TLSv1 and TLSv1.1) from default
SSLConfig
. (Pull #155) - Fix
URL.join(...)
to work similarly to RFC 3986 URL joining. (Pull #144)
- Check for disconnections when searching for an available
connection in
ConnectionPool.keepalive_connections
(Pull #145) - Allow string comparison for
URL
objects (Pull #139) - Add HTTP status codes 418 and 451 (Pull #135)
- Add support for client certificate passwords (Pull #118)
- Enable post-handshake client cert authentication for TLSv1.3 (Pull #118)
- Disable using
commonName
for hostname checking for OpenSSL 1.1.0+ (Pull #118) - Detect encoding for
Response.json()
(Pull #116)
- Check for connection aliveness on re-acquiry (Pull #111)
- Improve
USER_AGENT
(Pull #110) - Add
Connection: keep-alive
by default to HTTP/1.1 connections. (Pull #110)
- Include
Host
header by default. (Pull #109) - Improve HTTP protocol detection. (Pull #107)
- Implement read and write timeouts (Pull #104)
- Handle early connection closes (Pull #103)
- Use urllib3's
DEFAULT_CIPHERS
for theSSLConfig
object. (Pull #100)
- Add support for setting a
base_url
on theClient
.
- Honor
local_flow_control_window
for HTTP/2 connections (Pull #98)