1 Changes in libsoup from 2.37.4 to 2.37.5:
3 * Fixed a bug in SoupSession:use-thread-context [Dan]
5 * Fixed the case of cancelling a message from
6 SoupSession::request-started [#668098, Raphael Kubo da
9 * Fixed a crash in epiphany when loading a page with more than
10 1000 or so images. [#668508, Dan]
12 * Fixed a bunch of cases involving invalid URLs found while
13 testing SoupServer against an HTTP protocol fuzzer. Also
14 fixed up some documentation/annotations and added some new
15 test cases. [#667637, Simon McVittie]
17 * Fixed SoupRequestFile to work on Windows. [Paweł Forysiuk]
19 Changes in libsoup from 2.37.3 to 2.37.4:
21 * SoupMessage now has a "network-event" signal that can be
22 monitored for information about DNS, proxy lookup, TCP
23 connections, and TLS handshakes. [Dan]
25 * The HTTP header parsing code now avoids hitting
26 g_return_if_fails() (and returns an error instead) in a few
27 cases of seriously-invalid headers. [#666316, Simon
30 * POSTs and other non-idempotent requests are now always sent
31 on newly-created connections. You can also force this
32 behavior on other messages by setting the
33 SOUP_MESSAGE_NEW_CONNECTION flag. [#578990, Dan]
35 * Server-closed idle connections are now detected ahead of
36 time on Windows, preventing occasional spurious "Connection
37 terminated unexpectedly" errors. (This had been fixed on
38 UNIX since 2.28, but the earlier fix didn't work with
39 WinSock.) [#578990, Dan]
41 * Plugged a leak in SoupRequestHTTP. [#667099, Xan]
43 Changes in libsoup from 2.37.2 to 2.37.3:
45 * Now requires glib 2.31
47 * Simplified SoupHTTPInputStream and SoupRequestHTTP, allowing
48 related simplifications in WebKit's ResourceHandleSoup. This
49 is an ABI-incompatible change, but SoupHTTPInputStream is an
50 unstable API. [#663451, Dan]
52 * Fixed a bug that caused the SOUP_MESSAGE_CERTIFICATE_TRUSTED
53 flag to always be cleared, causing epiphany to claim all
54 https pages were untrusted. [#665182, Dan]
56 * Fixed some bugs in the handling of SoupSession:http-aliases
57 and SoupSession:https-aliases.
59 * Fixed handling of ACLOCAL_FLAGS [#641470, Craig Keogh]
61 * Fixed SoupContentDecoder's "ignore Content-Encoding: gzip
62 because the server didn't actually mean it" hack to handle
65 * Clarified the documentation on SoupSession:ssl-strict
68 Changes in libsoup from 2.37.1 to 2.37.2:
70 * Fixed up the output of SoupDirectoryInputStream, thus
71 improving the display of local directories in WebKit-based
72 browsers. [#662266, Sergio]
74 * Fixed a bug introduced in 2.37.1 that caused some cancelled
75 SoupMessages to be leaked. [#662847, Sergio]
77 * Added new SoupSession properties "http-aliases" and
78 "https-aliases" that allow you to configure more explicitly
79 what URL protocols are treated as aliases for http (eg,
80 "dav:", "webcal:", etc), and which should be recognized as
81 meaning something else, (eg, "ftp:") [Dan]
83 * Added soup_session_would_redirect() and
84 soup_session_redirect_message(), to help users that want to
85 handle some or all redirects themselves. Added
86 soup_message_set_redirect() to make it easier to return
87 redirection responses from a SoupServer. [Dan]
89 * Added the SoupSession "use-thread-context" property, which
90 tells it to use GMainContexts in a gio-compliant way (and in
91 particular, allows having different messages running in
92 different GMainContexts on the same SoupSession, though only
93 to a limited extent since SoupSessionAsync is still not
94 thread-safe). In particular, this was added in order to
95 address WebKit bug 68238. [Dan]
97 * Made SoupURI %-encode non-ASCII characters when parsing
98 URIs, in particular to fix a problem with certain servers
99 sending syntactically invalid redirects that they would then
100 only interpret correctly if you fixed the syntax for them.
101 (@$!@#! Although the new code is probably more correct than
102 the old code anyway, so...) [#662806, Dan]
104 * Fixed a connection-handling bug that could cause problems
105 with servers that requested authentication and then timed
106 out the connection while the application was waiting for the
107 user to enter a password. [#660057, Dan]
109 * Made NTLM and Basic authentication handle some non-ASCII
110 usernames and passwords. (NTLM should handle most. It's
111 impossible to fix Basic in the general case.) [#576838,
112 Joachim Breitner, "sponsored by ITOMIG GmbH and the City of
115 * Added support for "deflate" Content-Encoding, so that we can
116 work with broken servers that insisted on using it even
117 though we explicitly indicated in the request headers that
118 we didn't support it. (@$#!#) [#661682, Sergio]
120 Changes in libsoup from 2.36.0 to 2.37.1:
122 * Fixed a problem with connections being assigned to multiple
123 requests at once after a redirection [#651146, Sergio]. Made
124 soup_session_pause/unpause_message() work in any state, not
125 just while the HTTP I/O is occurring, and used this to add a
126 test case for that bug. [Dan]
128 * Ported SoupSession to use GTlsDatabase internally, and added
129 two new properties, SoupSession:use-system-ca-file (to
130 specify that the session should use the default system
131 tlsdb) and SoupSession:tlsdb (to specify a specific tlsdb to
134 * Likewise, added SoupServer:tls-certificate, for specifying a
135 certificate/key for an https server to use.
137 * Made SoupHTTPInputStream use memory more efficiently.
140 * Fixed soup_message_get_https_status() to return information
141 more reliably (with latest glib-networking).
143 * Bumped the glib requirement to 2.30.0; although libsoup does
144 not use any new glib 2.30 APIs, there are several important
145 bugfixes in glib between 2.28 and 2.30 that libsoup needs.
146 Currently libsoup builds against either glib 2.30.x or glib
149 Changes in libsoup from 2.35.92 to 2.36.0:
151 * Improvements to gtk-doc documentation. [Dan]
153 Changes in libsoup from 2.35.90 to 2.35.92:
155 * Fixed a problem where SoupHTTPRequest response bodies could
156 be truncated. [#659256, Sergio]
158 * Fixed a bug in copying TLS information from SoupSocket to
159 SoupMessage, causing all https connections to be reported as
160 "untrusted" in epiphany. [Dan]
162 * Made SoupSession remove items from its host cache after a
163 while, so that if a host changes IP address, it will
164 eventually try to re-resolve it. [#646959, Sergio]
166 Changes in libsoup from 2.35.5 to 2.35.90:
168 * Added SOUP_MESSAGE_CAN_REBUILD flag, to use with
169 soup_message_body_set_accumulate(FALSE) on a request body,
170 to indicate that the caller will recreate the request body
171 after it has been discarded if the message needs to be
174 * Fixed the build on mingw-w64 by not using "interface" as
175 as variable name. [#656402, Erik van Pienbroek]
177 * (The multihosted https server regression mentioned in the
178 2.35.5 NEWS turned out to be a glib-networking bug, which is
179 fixed as of 2.29.18.)
181 Changes in libsoup from 2.35.4 to 2.35.5:
183 * Support NTLM single sign on via samba's /usr/bin/ntlm_auth.
184 [#650940, Mandy Wu]. This is enabled by default (if NTLM is
185 enabled for the session and the ntlm_auth binary is
186 available), but will fall back to the standard
187 password-based authentication if SSO fails.
189 * Default to TLS+extensions for https connections, falling
190 back to SSLv3-without-extensions (the old default) only if
191 the server fails to negotiate TLS. [#581342]
193 * As a result of this change, some users are currently
194 seeing problems with sites that serve multiple https
195 hosts from a single IP address (eg,
196 *.launchpad.net). There is no known workaround at
199 * Fixed a longstanding problem with https pages sometimes not
200 loading when using a proxy. [#631368, based on patches from
201 DongJae Kim and Thierry Reding]
203 * SoupContentSniffer: don't use gio's sniffing rules, since
204 the spec now recommends that browsers not do any additional
205 sniffing beyond what's in the spec. [#648846, "arno"]
207 * Fixed SoupRequestHTTP to work properly with alternate
208 GMainContexts. [#653707]
210 * Added some annotations from Vala's vapi files. [#655397,
211 Evan Nemerson]. Also, removed SoupProxyResolver from the
212 gir/typelib, since it had been deprecated since before
213 introspection was available, and it was being scanned wrong
216 Changes in libsoup from 2.35.3 to 2.35.4:
218 * CVE-2011-2524: Fixed a security hole that caused some
219 SoupServer users to unintentionally allow accessing the
220 entire local filesystem when they thought they were only
221 providing access to a single directory. [#653258]
223 * Plugged another SoupCache memory leak [Xan]
225 * Simplified SoupCache keys, and handle collisions. [#649963,
228 * Annotate SoupSession:add-feature, etc, as (skip), so they
229 don't conflict with the methods of the same name. [#655150,
232 Changes in libsoup from 2.34.1 to 2.35.3:
234 * SoupCache fixes [Sergio]:
236 * Don't store hop-by-hop headers [#650094]
238 * Fix status code and headers of responses returned
239 from the cache after being revalidated [#649965]
241 * Added versioning support to the cache file format
242 [#652554] and extended it to keep track of the
243 status code [#649965]
245 * Fixed storage of time values in the cache [#653349]
247 * Fixed a use-after-free that could result in bogus
248 data being written to the cache [#650620]
250 * Various leaks [#649309]
252 * Work around an Apache bug where it tells browsers to
253 automatically decode .gz files but still keep the .gz in the
256 * Fixed an overflow when sending a response larger than 2^31
257 bytes (eg, streaming movies in Rygel). [#638468, Jens Georg]
259 * Always send the Keep-Alive header, not just to hosts we
260 already know to be HTTP/1.0 [#648680, Sergio]
262 * Fixed various leaks [#652699, Sergio], [#651643, Milan],
265 * Minor build fix for Debian/Ubuntu [#648948]
269 Changes in libsoup from 2.34.0 to 2.34.1:
271 * Two multipart forms/Content-Disposition fixes [Dan]:
273 * UTF-8-encoded header encoding/decoding rules updated
274 to match RFC 5987. In particular, a UTF-8-encoded
275 filename parameter in Content-Disposition will now
276 override an ASCII one.
278 * When not using UTF-8-encoded filenames in
279 Content-Disposition, always quote the filename,
280 since some servers erroneously fail to handle
281 non-quoted ones. [#641280]
283 * Fixed several memory leaks [Dan, Xan]
285 * Fixed decoding base64 data: URLs [#646896, Sergio]
287 * Simplified the libsoup-gnome build on Windows by dropping
288 the gnome-keyring dependency. [Fridrich Štrba]
290 * Fixed a bug in soup_uri_to_string() in which (invalid) port
291 numbers could be output as negative numbers (tripping up a
292 WebKit "sanity checking" test). [#647767, Sergio]
294 * Fixed a cache corruption bug in SoupCache. [#648285, Sergio]
296 * Fixed a crash in SoupSessionSync when using
297 soup_session_abort().
299 Changes in libsoup from 2.33.92 to 2.34.0:
301 * Fixed the GMainContext handling of the new
302 SoupProxyResolverDefault (which among other things fixes
303 gstreamer usage inside epiphany). [#646201, Sebastian Dröge]
305 * Tweaked the introspection Makefile rules to fix a problem
306 building on Debian/Ubuntu. [#645505]
308 * Belated bumped the shared library versioning to reflect the
309 API additions since 2.32.0
311 Changes in libsoup from 2.33.90 to 2.33.92:
313 * LIBSOUP NO LONGER DEPENDS ON GCONF OR LIBPROXY.
316 * Added SoupProxyResolverDefault, which uses uses gio's
317 GProxyResolver to resolve proxies [#642982, Gustavo Noronha
318 Silva]. Despite the "default" in the name, it is not used by
319 default, for compatibility reasons, but it is available in
320 plain libsoup, not libsoup-gnome. (Of course, it depends on
321 having glib-networking installed.)
323 * Updated SoupProxyResolverGNOME to be based on
324 SoupProxyResolverDefault, but explicitly requesting the
325 "gnome" GProxyResolver if it is available [#625898], and
326 removed the old code that used GConf and libproxy directly.
328 * Added soup_server_disconnect(), to explicitly disconnect a
329 SoupServer, since it is not possible to g_object_unref() it
330 from memory-managed language bindings. [#638576, Andreas
333 * SoupDate now parses month names case-insensitively [#644048,
336 * Avoid a g_return_if_fail() when using
337 SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY with non-http URIs
338 (file:, data:, etc). [#643226]
340 * SoupCookieJar now catches overflows when parsing very
341 distant dates [#643462, based on a patch from Mark
344 * Fixed a buggy interaction between request body streaming and
345 restarted requests [David Woodhouse]. Added some new tests
346 to tests/chunk-test.c to make sure that a specific
347 (unsupported!) way of using those methods would not get
348 broken in the future.
350 * Fixed soup_socket_get_remote_address(), which had been
351 broken since 2.33.4 (and which in turn caused
352 soup_client_context_get_address/_get_host to be broken).
355 Changes in libsoup from 2.33.6 to 2.33.90:
357 * Attempted to make libsoup's dependency on glib-networking
358 (for TLS support) more explicit, by requiring that
359 glib-networking be present at compile time unless the
360 builder explicitly passes "--disable-tls-check", and noting
361 that packagers should give libsoup a runtime dependency on
364 * Fixed a bug in talking to servers with virtual hosts with
365 Unicode names (IDNs) [#642075]
367 * Added a "Connection: Keep-Alive" header when talking to
368 HTTP/1.0 hosts, to improve performance. [#640414, Sergio
371 * Changed SoupCache to not cache multipart/x-mixed-replace
372 content. [#642028, Sergio Villar Senin]
374 Changes in libsoup from 2.33.5 to 2.33.6:
376 * Made SoupSessionAsync do idle-connection cleanup more
377 sanely, resulting in faster load times for pages with lots
378 of subresources. [#639768, Sergio Villar Senin]
380 * Fixed soup_form_decode()'s behavior (and by extension,
381 SoupServer query string handling) with datasets that contain
382 multiple values for the same key, and added a test case.
383 [#639783, Sven Neumann]
385 * Fixed warnings pointed out by gcc 4.6, including a bug in
386 SoupCache that would cause unnecessary revalidations
389 * Belated copied a fix from the WebKit copy of soup-cache.c
390 into ours, and fixed a bug in the local copy of
391 soup-request-data.c [#641022, Sergio Villar Senin], in
392 preparation for making WebKit use the libsoup versions.
394 Changes in libsoup from 2.33.4 to 2.33.5:
396 * Fixed certain cases of soup_session_cancel_message() with
397 SoupSessionSync that could previously cause warnings or
400 Changes in libsoup from 2.32.2 to 2.33.4:
402 * SoupSocket now uses GSocketConnection and GTlsConnection
403 internally rather than making socket calls directly and
404 using GIOStream, and TLS is handled via glib's APIs rather
405 than using gnutls directly.
407 * The gzip Content-Encoding handler is now implemented using
410 * As a result of the above two changes, libsoup no longer
411 directly depends on gnutls, libgcrypt, or zlib, though it
412 still indirectly depends on zlib via glib and libxml2. Also,
413 although libsoup does not depend on glib-networking as a
414 build-time dependency, some "make check" tests will be
415 skipped if it is not installed.
417 * The SoupRequest/SoupCache code from WebKit has been
418 imported, but it is not yet recommended for general use, and
419 is not necessarily API stable. [#523100, Sergio Villar, with
420 the SoupRequest parts based on the Summer of Code work by
421 Gabriel Corvalan and the cache parts based on an earlier
424 * Added SoupMessage:tls-certificate and
425 SoupMessage:tls-errors, which give more information about
426 the certificate used to authenticate a TLS connection.
428 * It is now possible to disable Basic or Digest auth in a
429 session by using soup_session_remove_feature_by_type() with
430 SOUP_TYPE_AUTH_BASIC or SOUP_TYPE_AUTH_DIGEST. Likewise, the
431 right way to enable NTLM support now is to call
432 soup_session_add_feature_by_type() with SOUP_TYPE_AUTH_NTLM;
433 SOUP_SESSION_USE_NTLM is now deprecated.
435 * Allow setting cookies on file:// URIs, since other browsers
436 do, and WebKit has a test for it. [#603825]
438 * .gir/.typelib files now include C header/library information
439 (needed by vala and some other bindings) [#635395, Evan
442 * Added annotations on soup_message_headers_get_content_type()
443 [Lucas Rocha] and SoupHTTPVersion [John Palmieri]
445 * Fixed a Set-Cookie processing leak [#636741, Jonathan
448 Changes in libsoup from 2.32.1 to 2.32.2:
450 * Fixed a regression in 2.32.0 that caused evolution-exchange
451 to get stuck and stop updating. [#634422]
453 * Fixed a regression in 2.32.0 with apps using asynchronous
454 sessions from multiple threads (in particular, gupnp)
457 * Fixed the regression test for #631525 to not cause spurious
458 "make check" failures on some machines.
460 Changes in libsoup from 2.32.0 to 2.32.1:
462 * Fixed a regression in 2.32.0 with the use of persistent
463 connections that caused spurious "Connection terminated
464 unexpectedly" errors. [#631525, debugged by Sergio Villar]
466 * Fixed a regression in 2.32.0 that caused proxy-related
467 DNS errors to return SOUP_STATUS_CANT_RESOLVE rather than
468 SOUP_STATUS_CANT_RESOLVE_PROXY.
470 * Usernames/passwords specified explicitly in request URIs now
471 override existing cached auth info. [#631679, Sergio Villar]
473 * Changed soup_uri_decode() and soup_uri_normalize() to just
474 ignore malformed %-encoding rather than returning NULL,
475 for consistency with soup_uri_new(). [#630540]
477 * Fixed soup_form_decode() to ignore invalid parameters,
478 and soup_form_encode_hash() to just g_return_if_fail()
479 rather than crashing if there are NULL values in the
482 * Added another workaround for stupid servers that close the
483 connection before returning the full response (in this case,
484 when using chunked encoding and failing to include the
485 final 0-length chunk). [#629160]
487 * Fixed a bug in SoupCookieJarText that deleted excess cookies
488 whenever any cookie expired. [#631641, Michał Kazior]
490 * Fixed a small leak in SoupContentDecoder if you were using
491 it incorrectly. [pointed out in email by Christophe
494 * Added regression tests for passwords-in-URIs [#631679,
495 Sergio Villar] and SOUP_SESSION_IDLE_TIMEOUT.
497 Changes in libsoup from 2.31.92 to 2.32.0:
499 * (No changes, just a version bump)
501 Changes in libsoup from 2.31.90 to 2.31.92:
503 * Updated for gobject-introspection 0.9.5. Also added some new
504 annotations and removed a bunch of private headers from the
507 * Percent-encoded characters in URIs are no longer
508 automatically normalized to uppercase, since apparently some
509 servers are stupid. [#628728, Sergio Villar Senin]
511 * Fixed a crash when resolving a URI containing both spaces
512 and non-UTF8 8bit characters. [#629449]
514 Changes in libsoup from 2.31.2 to 2.31.90:
516 * libsoup now tries to connect to each IP address associated
517 with a hostname, if the first one fails. In particular, if a
518 host has both IPv4 and IPv6 addresses, and only one of them
519 is reachable from the current host, libsoup will now try the
520 other one rather than failing. (libc is supposed to sort the
521 IP addresses in the right order, such that, eg, if you don't
522 have IPv6 connectivity, it will put the IPv4 address first.
523 For some reason though, this seems to be broken on some
526 * Fixed Accept-Language header generation in locales where ","
527 is used as the decimal point.
529 Changes in libsoup from 2.31.2 to 2.31.6:
531 * Disabled TLS 1.2 in addition to the already-disabled 1.1 and
532 1.0 [see below, in libsoup 2.27.2], thus making libsoup
533 usable with gnutls 2.10. [#622857. This commit, 01a43ad9,
534 can be applied to libsoup 2.30.x as well if you need that
535 release to work with gnutls 2.10.]
537 * When using libproxy 0.3 or newer, libsoup no longer leaks
538 proxy-related environment variables into child processes
541 * Changed the way message/connection binding works in
542 SoupSession so that (among other things), when there are
543 multiple requests queued to a host, and one of them gets a
544 network error, the other requests are still allowed to try
545 to succeed, rather than all failing immediately. [#619633]
547 * SoupSession now limits the number of times a message can be
548 redirected, to avoid infinite loops [#604383, José Millán
551 * Fixed handling of certain messages where the response
552 headers included "Connection: close" but the server did not
553 actually close the connection at the end. [#611481]
555 * Fixed some incorrect g-i annotations [#621021]
557 * Fixed an out-of-bounds memory access when processing certain
558 Set-Cookie headers [#620288]
560 * Improved msg->reason_phrase on network errors [#623274]
562 * Fixed gir file disting [#621727, Yaakov Selkowitz]
564 Changes in libsoup from 2.30.1 to 2.31.2:
566 * gobject-introspection has now been merged in. Use
567 --enable-introspection to build. [#576595, Andreas Rottmann]
568 Note that the introspected API is not yet stable, and in
569 particular, there are numerous values annotated as "utf8"
570 which are actually not guaranteed to be utf8. (Eg, most
573 * Added some helper functions for bindings:
574 soup_buffer_new_take(),
575 soup_message_body_append_take(), and
576 soup_buffer_get_data(). [#576595, Andreas Rottmann]
578 * Also added properties for several SoupMessage public
579 fields, and getter methods for various boxed types
580 (SoupCookie, SoupDate, SoupURI).
582 * Added some additional hash-table annotations.
583 [#619086, Gustavo Noronha Silva]
585 * Marked SoupSession abstract. [#617216, Lorenzo Gil, the
586 first bug filed by someone trying to use libsoup via
587 introspection!] Likewise for SoupAuth and SoupAuthDomain.
589 * Fixed a problem with SoupSessionAsync that would cause
590 messages to get lost if you aborted a previous message while
591 it was still looking up the hostname. Fixed several other
592 problems that were discovered while adding a regression test
593 for that. [#618641, thanks to Claudio Saavedra for a good
596 * Fixed another connecting-to-lame-http-server problem, and a
597 getting-stuck-in-a-loop-reconnecting bug that it revealed.
600 Changes in libsoup from 2.30.0 to 2.30.1:
602 * Fix for https through proxies that close the connection when
603 returning a "407 Proxy Authentication Required" response,
604 and add a regression test for that case. [#611663]
606 * Fixed multiple forms/multipart-related interoperability
607 problems reported by Egon Andersen:
609 * Don't quote the multipart boundary string if it's
610 not needed, since RFC 2616 recommends that you
611 don't, and some servers don't handle quotes there
612 correctly. (Sigh.) [#614176]
614 * Don't put an extra blank line before the first
615 multipart part, since it's unnecessary and some
616 servers don't handle a multipart preamble correctly.
619 * Don't put Content-Transfer-Encoding headers in the
620 multipart/form-data parts, even though the HTML 4
621 spec says you must, since no other browsers do, and
622 some servers don't handle them correctly. (Sigh.)
625 * Changed SoupCookieJarSqlite to actually erase deleted
626 cookies from the database. [#615711, Lukasz Slachciak]
628 * Fixed SoupLogger to be more robust against getting passed
629 bad data by the session. [#611663]
631 * Fixed SoupAuthDomain to ignore paths when doing proxy auth
633 * Fixed a g_warning when hovering over a javascript link in
634 WebKit. [#613442, Xan Lopez]
636 Changes in libsoup from 2.29.91 to 2.30.0:
638 * Fixed a crash in the whitespace-stripping code in
639 soup_uri_new() [#612644, "arnaud.lb"]
641 * Update content-sniffing algorithm to match Chrome and the
642 soon-to-be-updated sniffing spec. [#611502, Gustavo Noronha
645 * We now handle "Content-Encoding: x-gzip" as well as "gzip"
646 (even though "x-gzip" has been deprecated for more than 10
649 * Fixed leaks found by valgrind
651 * Make the "make check" programs only bind to 127.0.0.1, not
652 any public network interfaces. [#609489, Saleem Absulrasool]
654 * Add a test to sniffing-test to make sure that Content-Type
655 parameters are preserved correctly. [Gustavo Noronha Silva]
657 Changes in libsoup from 2.29.90 to 2.29.91:
659 * Added SOUP_SESSION_SSL_STRICT and
660 SOUP_MESSAGE_CERTIFICATE_TRUSTED, to allow callers to
661 determine if an https response comes from a server with a
662 recognized/valid or unrecognized/invalid certificate.
663 [#610374, Gustavo Noronha Silva]
665 * Fixed handling of certain badly-formatted URIs [#590524]
667 Changes in libsoup from 2.29.6 to 2.29.90:
669 * Added soup_cookie_jar_set_accept_policy() and related API
670 for implementing cookie acceptance policies. [#608353, Xan
673 * Fixed the "request-read" signal in SoupServer to actually be
676 Changes in libsoup from 2.29.5 to 2.29.6:
678 * Fixed SoupContentDecoder to ignore trailing junk after the
679 encoded message body (as other browsers do), rather than
680 getting stuck in an infinite loop. [#606352]
682 * Fixed an invalid read in soup_cookie_applies_to_uri()
683 [#607024, pointed out by Xan]
685 * Fixed linking on OS X [#606959]
687 * Removed a harmless warning in SoupServer. [#606645]
689 Changes in libsoup from 2.29.3 to 2.29.5:
691 * Added SoupContentDecoder, providing support for
692 Content-Encoding: gzip for WebKitGTK. [#522772]
694 * Added "accept-language" and "accept-language-auto"
695 properties to SoupSession, to support the Accept-Language
696 header. [#597004, Mario Sanchez Prada]
698 * Fixed a bug in SoupPasswordManagerGNOME that could cause
699 crashes if you typed the wrong password once and then tried
700 again. [#595554, debugged by Gustavo Noronha Silva]
702 * Fixed a crash in SoupAuthDigest if the server claims support
703 for both qop=auth and qop=auth-int. (This was not noticed
704 sooner because no one actually supports qop=auth-int, and
705 the server in question here was probably confused. :)
707 * Updated cookie parsing/output to more closely match
708 draft-ietf-httpstate-cookie-00. [Also fixes #603496 (WebKit
709 unit test), and #604794 (hang parsing malformed Set-Cookie
712 * Fixed https-via-proxy to not hang if there is an error
713 communicating with the proxy immediately after the TLS
714 negotiation. [#587528]
716 * Fixed a bug that broke gobject-introspection's introspection
717 of libsoup. [#603696, Vincent Untz]
719 * Handle spurious CR/LFs between responses. [#602863,
720 Alexander V. Butenko]
722 * Fixed soup-message-client-io to not erroneously include URI
723 fragments on the Request-Line when sending via a proxy.
724 [Related to WebKit bug #28687]
726 * Fixed Digest authentication against certain (buggy?)
727 clients/servers that require you to use quotes in exactly the
728 same places where the spec uses them. [#582219]
730 * Fix ugly gtype-related hack to work with the latest unstable
731 glib. [Benjamin Otte]
733 Changes in libsoup from 2.28.1 to 2.29.3:
735 * Fixed a crash in SoupCookieJarSqlite when using cookie
736 databases not created by libsoup (eg, upgraded epiphany
737 installations). [Patch from Emilio Pozuelo Monfort]
739 * Fixed SoupCookieJar to handle non-http URIs properly (so
740 that, eg, JavaScript bookmarklets that try to set/read
741 cookies won't cause crashes). [#602498]
743 * HEAD requests that receive a "303 See Other" response will
744 now do a HEAD, not a GET, on the redirected-to resource.
745 Fixes gvfs access to some sites, including certain
746 youtube.com URIs. [#600830]
748 * Fixed a g_warning that would always trigger in the
749 server-side SoupCookie code. [#602389]
751 * Fixed the server-side SoupMultipart code to be able to parse
752 multiparts containing binary attachments, rather than
753 rejecting them as malformed. [#601640]
755 * Fixed the Request-Line format in the https-over-proxy case.
756 Among other things, this fixes access to bugzilla.gnome.org
757 from WebKitGTK-based browsers. [#598277, #600826]
759 * Fixed a leak in SoupSession if a message was cancelled while
760 the initial socket connection was in progress. [#596074,
761 debugged by Arnout Vandecappelle]
763 * Fixed server-side parsing of Digest auth. [#602898, Chris
766 * Fixed WinSock initialization on Windows. [#600689, Tor
769 * Fixed a sporadic crash in the SSL code on Windows. [#600748,
772 * Fixed handling of https connections with timeouts on
773 Windows. [#600749, Tor Lillqvist]
775 * Added soup_session_prepare_for_uri(), to allow DNS
776 prefetching for faster browsing. [#598948, José Millán Soto]
778 * SoupSession now avoids redundant DNS lookups again when
779 first connecting to a new site, resulting in (probably
780 imperceptibly) faster loads.
782 * Added some debugging APIs to SoupConnection and SoupSession
783 for use by, eg, epiphany's soup-fly extension. [#589163,
786 Changes in libsoup from 2.28.0 to 2.28.1:
788 * libsoup will now attempt to make multiple connections to a
789 server at once when there are multiple messages queued to
790 that server. The previous behavior (only allowing a single
791 pending connection to each server) resulted in slow load
792 times on pages with lots of subresources (images, css, js,
793 etc) on servers that disallow persistent connections.
796 * There should now be fewer (no?) "Connection terminated
797 unexpectedly" errors in WebKitGTK.
799 * Fixed a crash in SoupCookieJarSqlite [#596859, patch from
802 * Fixed soup_address_get_physical() and address-to-name
803 resolution of SoupAddress [patch from Enrico Tröger].
805 * Fixed a bug in SoupContentSniffer that could cause false
806 negatives [#597545, patch from Alejandro Castro].
808 * Fixed the configure error if you have gnutls-devel but not
809 gcrypt-devel installed [#587709].
811 Changes in libsoup from 2.27.92 to 2.28.0:
813 * Fixed a handful of leaks found with valgrind, including a
814 large one in SoupContentSniffer [WebKit bug 28148].
816 * Changed the behavior of SoupCookieJarSqlite to improve
817 performance. [#584522, patch from Gustavo Noronha Silva]
819 * Fixed a crash in SoupSocket that affected gupnp. [#594951,
820 patch from Olivier Crête]
822 * Fixed the type of the SOUP_METHOD_* and SOUP_URI_SCHEME_*
823 macros to be const char * rather than gpointer. [#594508]
825 Changes in libsoup from 2.27.91 to 2.27.92:
827 * Removed SoupPasswordManager from the public API until its
828 problems can be addressed. Although it is still present, you
829 need to #define a special symbol for it to be visible in the
830 header files; see #594377 for details.
832 * Fixed a bug where empty query components were dropped from
835 * Fixed "make check" to work (but warn) when building with
838 * Fixed some small documentation bugs pointed out by Dominik
839 Bylica and Lucian Langa.
841 Changes in libsoup from 2.27.90 to 2.27.91:
843 * Added SoupPasswordManager, an interface for managing
844 persistent password storage, and SoupPasswordManagerGNOME
845 (in libsoup-gnome), which implements it using gnome-keyring.
846 tests/get.c provides a minimal example of how to use it.
848 * libsoup should now notice when the server closes a
849 persistent connection, and close its side of the connection
850 sooner. This should hopefully fix the spurious "Connection
851 terminated unexpectedly" errors in WebKitGTK. [#578990]
853 * Fixed some problems with connection management in
854 SoupSession that could cause a session to eventually "stall"
855 and be unable to process new requests. [#592084]
857 * Fixed an infinite loop that caused 100% CPU usage if the
858 network went down at exactly the right time while there were
859 unsent messages in the queue. [#592492]
861 * Fixed a crash in SoupLogger. [#591857]
863 * Fixed the definition of soup_message_is_keepalive() for
864 HTTP/1.0 messages, to fix a problem introduced in 2.27.90
865 where some messages would load completely but never emit
868 * Fixed a crash in SoupServer introduced in 2.27.90 when
869 processing a request with no "Host" header.
871 Changes in libsoup from 2.27.5 to 2.27.90:
873 * libsoup now uses glib's GResolver rather than its own DNS
874 code. For 2.27.90, the only visible change should be that
875 internationalized domain names are now supported. [#548287]
877 * Added soup_message_disable_feature(), which allows you to
878 disable particular features (eg, cookies, proxy,
879 content-sniffing, etc) on a per-message basis. [#574773]
881 * It is now possible to implement "OPTIONS *" in a SoupServer;
882 you must explicitly register a handler for "*" in order to
885 * Ignore Content-Length on EOF-terminated responses, to match
886 other browsers and therefore cope with broken servers that
887 send the wrong length. [Patch from Benjamin Otte.]
889 * Fixed the status code when trying to fetch an https URI with
890 a non-gnutls build of libsoup. [#590464]
892 * Fixed strict-aliasing warnings introduced in 2.27.4
895 * Fixed some warnings noted by fortify [#591226] and -Wextra.
897 * libsoup now uses automake 1.11's silent-rules support by
898 default (if you are building with automake 1.11). Use
899 "./configure --disable-silent-rules" or "make V=1" to
902 Changes in libsoup from 2.27.4 to 2.27.5:
904 * Fixed a crash when a web server redirected a request to a
905 non-http URI (eg, "about:blank"). [#528882]
907 * Fixed a hang when trying to create an attachment on certain
908 bugzilla installations from epiphany. [#584645]
910 * Fixed verification of V1 TLS certificates [#589323, Patrick
913 * Fixed compile problems on Windows (in the ssl code), and on
914 Linux (when the most recent version of gtk-doc was
917 Changes in libsoup from 2.27.2 to 2.27.4:
919 * Added SoupContentSniffer and the "content-sniffed" signal on
920 SoupMessage, to do Content-Type sniffing per the HTML5 /
921 draft-abarth-mime-sniff algorithm. [#572589, Gustavo Noronha
924 * Updated the earlier SoupSession timeout fixes ([#574414],
925 [#578928]) so that async connect() also times out [#588177,
926 Mark Nauwelaerts] and SSL works on Windows again [#587910,
929 * Fixed the behavior on a 301 response to a POST to match
930 real-world usage rather than what the spec says. (We were
931 doing the right thing on 302 and 303, but had missed 301.)
934 * Changed configure so that if GNUTLS isn't found then it
935 errors out, rather than silently building an SSL-less
936 libsoup. Configure with --disable-ssl if you actually don't
939 Changes in libsoup from 2.27.1 to 2.27.2:
941 * Replaced SoupProxyResolver with SoupProxyURIResolver, which
942 is a bit simpler, works with non-HTTP URIs (and so could be
943 used by gvfsd-ftp) and supports proxy auth correctly.
946 * Fixed SoupSession to not try to resolve http server
947 hostnames when it's just going to pass the hostname off to a
948 proxy server anyway. This fixes things on hosts that use a
949 proxy for everything and have no working DNS config
950 [#577532] and also makes WebKitGTK behave more like other
951 browsers in terms of per-host connection limits (we now
952 limit connections based on hostname rather than on IP
955 We also no longer set the AI_CANONNAME flag when calling
956 getaddrinfo(), which saves us a little bit of unnecessary
957 network traffic. [Pointed out by Christophe Gillette on the
960 * libsoup now always uses SSL 3.0 (not TLS 1.0 or 1.1) for
961 https URIs, to work around problems with older servers that
962 don't implement the (apparently quite confusing) TLS/SSL
963 compatibility rules correctly. Makes a bunch of
964 previously-inaccessible sites now accessible in WebKitGTK
965 (notably PayPal) [#581342]. Will eventually be revisited, to
966 first try TLS 1.1 and fall back if that fails.
968 * Fixed Digest auth to (recent) Apple CalDAV servers.
971 * Changed the way the SoupSession "authenticate" signal works
972 a bit. We now never emit "authenticate" before sending a
973 request, even if we know for sure that it's going to fail,
974 because this makes the semantics of the authenticate handler
975 too complicated (and because we'll only get into this
976 situation if a previous call to the authenticate handler
977 failed anyway). Fixes problems in WebKitGTK when you cancel
978 a password dialog, and then later try to load the page
979 again. [#583462, mostly figured out by Gustavo Noronha
982 * Fixed a bug in the CRLF-vs-LF patch (#571283) that caused
983 libsoup to fail to parse the response headers (returning
984 SOUP_STATUS_MALFORMED) if a CR LF got split across two
987 * Allow using PUT in soup_form_request_for_data(), to work
988 with certain broken web APIs. [#581860, Ross Burton]. Also,
989 fixed a problem with empty POST bodies that made some parts
990 of gmail not work in WebKitGTK.
992 * Applied some minor bugfixes to configure.in and autogen.sh
993 [#583911, #583942]. Fixed configure.in to not use gcc
994 warning options that the installed version of gcc doesn't
997 * Added G_GNUC_NULL_TERMINATED and G_GNUC_PRINTF to a few
998 methods that should have had them. [#581754, Ross Burton]
1000 Changes in libsoup from 2.26.1 to 2.27.1:
1002 * SOUP_SESSION_TIMEOUT now works properly with
1003 SoupSessionAsync [#574414] and SSL [#578928]. Added
1004 tests/timeout-test to test this.
1008 * soup_date_to_string() now handles SOUP_DATE_RFC2822
1009 [#579055, Enrico Tröger]
1011 * soup_date_new_from_string() now accepts 24:00 as a
1012 time in ISO8601 timestamps
1014 * soup_date_to_string() now coerces the date to UTC
1015 for HTTP and cookie dates, and outputs the UTC
1016 correct offset for the other date types.
1018 * Added regression tests to tests/date
1020 * soup_headers_parse() now completely ignores
1021 syntactically-incorrect headers, rather than passing them to
1022 soup_message_headers_append() and causing a g_warning.
1023 soup_message_headers_append() now also rejects 0-length
1024 header names. Updated tests/header-parsing to check this.
1027 * Fix a crash when cancelling a message from a "restarted"
1028 handler, and updated a regression test to notice the
1029 underlying cause. [#580193]
1031 * Completing the API updates for #576760 from 2.26.1,
1032 soup_message_headers_get() is now marked deprecated in favor
1033 of soup_message_headers_get_one() and _get_list().
1035 Changes in libsoup from 2.26.0 to 2.26.1:
1037 * libsoup uses libproxy for PAC and WPAD proxy resolution
1038 again. However, it arranges to do all communication with
1039 GConf itself, to ensure that libproxy doesn't call it in
1040 non-thread-safe ways. [#571527] Also, fixed a bug in
1041 SoupSessionSync when proxy resolution failed. [#574957,
1042 patch from Milan Crha].
1044 (Also fixed three SoupProxyResolverGNOME bugs since the
1045 2.26.0.9 preview release. [#578746, #578809])
1047 * SoupURI now handles unencoded spaces in URIs. In particular,
1048 redirects via Location headers with spaces in them now work.
1051 * libsoup can now deal with servers (and clients) that
1052 erroneously use LF LF instead of CR LF CR LF to separate
1053 the headers and body. [#571283]
1055 * Added soup_message_headers_get_one() and
1056 soup_message_headers_get_list(), which will eventually
1057 deprecate soup_message_headers_get(). This lets applications
1058 deal correctly with implementations that erroneously send
1059 multiple copies of single-valued headers. [#576760]
1061 * In particular, soup_message_headers_get_content_type() now
1062 ignores duplicate Content-Type headers [#576760] and also
1063 ignores syntactically-incorrect Content-Type headers.
1066 * SoupCookieJar can now store multiple cookies with the same
1067 domain and name, but different paths. [#577360]
1069 * Abnormal SSL connection closes are now treated as ordinary
1070 EOFs, for compatibility with certain sites. [#577386]
1072 * soup_header_g_string_append_param() now allows NULL values.
1075 * soup_message_headers_append() now rejects header names and
1076 values with newlines or certain other illegal data in them,
1077 rather than generating syntactically invalid headers.
1079 * Fixed a small bug in soup_date_new_from_string's ISO 8601
1080 handling [qv #578369 for g_time_val_from_iso8601].
1082 * The regression tests now work correctly on machines where
1083 "localhost" resolves to "::1" instead of "127.0.0.1".
1084 [#576583, patch from Andreas Rottmann]
1086 * Fixed warnings when a message has a network problem when
1087 many other messages are queued. [#578809]
1089 * Miscellaneous documentation fixes/clarifications.
1091 Changes in libsoup from 2.25.91 to 2.26.0:
1093 * Temporarily disable libproxy support to work around a bug in
1094 its gnome plugin that causes gvfsd-http (and probably
1095 eventually other apps) to crash. [#571527]. For now,
1096 SoupProxyResolverGNOME uses only GConf. To be fixed in
1099 * Fixed a bug that showed up in WebKit, where if many messages
1100 were queued all at once to a server that doesn't support
1101 persistent connections, some of the requests will get lost.
1102 #574365, reported by Xan Lopez.
1104 * Fixed SoupServer to support using SOUP_ENCODING_EOF, so you
1105 can stream responses of unknown length to HTTP/1.0 clients.
1106 [#572153]. Added a regression test for this, and for chunked
1107 and Content-Length-based streaming.
1109 * Fixed several bugs that prevented SoupCookieJarSqlite from
1110 working. [#572409, patch from Xan Lopez]
1112 * Added G_{BEGIN,END}_DECLS guards to public headers that were
1113 missing it. (Xan Lopez)
1115 * Misc gtk-doc improvements
1117 Changes in libsoup from 2.25.5 to 2.25.91:
1119 * Fixed a crash in SoupProxyResolverGNOME when the proxy
1120 requires authentication. (This does not make proxy
1121 authentication *work* yet, it just makes it not crash.)
1123 * Updated documentation
1125 Changes in libsoup from 2.25.4 to 2.25.5:
1127 * SoupProxyResolverGConf (which was incomplete) is gone, and
1128 libsoup-gnome now requires libproxy, which is now officially
1129 an external dependency of GNOME.
1131 * Fixed a bug in SoupCookieJar that was making it send
1132 "Cookie: (null)" when it had no cookies for a site, which
1133 confused some web servers (WebKit bug 23240).
1135 * Fixed a bug with using SOUP_MEMORY_TEMPORARY buffers and
1136 soup_message_body_set_accumulate(FALSE). (Part of WebKit bug
1137 18343, noticed by Gustavo Noronha Silva.)
1139 * Fixed the build with non-gcc compilers
1141 Changes in libsoup from 2.25.3 to 2.25.4:
1143 * Added soup_session_get_feature() and
1144 soup_session_get_features(), to query the features currently
1145 available in a session (which is needed by the patch in
1146 https://bugs.webkit.org/show_bug.cgi?id=22624)
1148 Changes in libsoup from 2.25.2 to 2.25.3:
1150 * Fixed a crash when using both cookies and a proxy. [#562191,
1153 * Fixed soup_form_decode() to correctly handle forms with
1154 URI-encoded parameter names [#563302, Evan Nemerson] and
1155 added a regression test.
1157 * Fixed a crash in SoupProxyResolverGConf. [#563145]
1159 Changes in libsoup from 2.25.1 to 2.25.2:
1161 * Fixed client behavior when presented with multiple auth
1162 types to choose the *strongest* auth type (eg, Digest)
1163 rather than the *weakest* one [#562339, Pontus Oldberg].
1164 Added a regression test for this.
1166 * Moved libsoup-gnome headers to a different directory to make
1167 it easier to split libsoup and libsoup-gnome into separate
1168 packages, and to ensure that things that only want to be
1169 looking at plain libsoup headers (like gir-repository) don't
1170 accidentally see the libsoup-gnome ones.
1172 * Some minor doc fixes
1174 * Fixed libsoup-gnome linking with --as-needed. [#559342]
1176 Changes in libsoup from 2.24.1 to 2.25.1:
1178 libsoup 2.25.1 introduces a new library, libsoup-gnome, which
1179 will be used for features which are important to GNOME apps,
1180 but which require GNOME-specific libraries that non-GNOME apps
1181 may not want to add dependencies on.
1183 In 2.25.1, libsoup-gnome contains:
1185 * SOUP_TYPE_PROXY_RESOLVER_GNOME, a SoupSessionFeature
1186 type that can be added to a SoupSession to provide
1187 automatic proxy handling via the GConf proxy keys. (See
1188 below) The default implementation uses libproxy, which
1189 also handles WPAD, PAC, etc, but if libproxy is not
1190 available it will use GConf directly, supporting only
1191 the basic HTTP proxy functionality.
1193 * SoupCookieJarSqlite, a SoupSessionFeature that handles
1194 cookies and stores them in a Firefox 3-compatible sqlite
1195 file. (This is not actually a "GNOME-specific" feature,
1196 but I didn't want to make libsoup itself depend on
1197 sqlite, and I didn't want to make the dependency
1198 optional. This might change before 2.26.)
1200 * SOUP_TYPE_GNOME_FEATURES_2_26: a SoupSessionFeature type
1201 that can be added to a SoupSession to add all
1202 GNOME-integration features that are available for 2.26;
1203 as of 2.25.1, this is just the GNOME proxy resolver, but
1204 by 2.26.0 it may also include gnome-keyring support and
1205 possibly other features.
1207 Applications/libraries that are currently doing GConf proxy
1208 lookup by hand can be updated as follows:
1210 * Remove all of the existing code that listens to the
1211 GConf keys and sets SOUP_SESSION_PROXY_URI
1213 * Change the configure check to require
1214 "libsoup-gnome-2.4 >= 2.25.1" instead of "libsoup-2.4"
1216 * #include <libsoup/soup-gnome.h>
1218 * After creating your SoupSession, do:
1220 soup_session_add_feature_by_type (session, SOUP_TYPE_PROXY_RESOLVER_GNOME);
1222 (Or alternatively, use SOUP_SESSION_ADD_FEATURE_BY_TYPE
1223 with soup_session_async_new_with_options() or
1224 soup_session_sync_new_with_options().)
1227 Other new features and bug fixes in 2.25.1 include:
1229 * SoupCookieJarText, like SoupCookieJarSqlite, but using the
1230 old-style cookies.txt format, and in the base libsoup rather
1233 * Various bugfixes to SoupCookie and SoupCookieJar to fix the
1234 problems with cookies not working on certain sites.
1236 * The new SoupMultipart type provides support for multipart
1237 MIME bodies, and soup-form now includes several methods for
1238 generating and parsing multipart form data and file uploads.
1240 * SoupMessageHeaders now has methods for easy handling of the
1241 Content-Type, Content-Disposition, Range, and Content-Range
1242 headers. The Content-Disposition handling recognizes
1243 RFC2231-encoded UTF-8 filenames.
1245 * SoupServer now automatically handles partial GET requests;
1246 if your server returns SOUP_STATUS_OK in response to a
1247 partial GET, libsoup will automatically convert it to a
1248 SOUP_STATUS_PARTIAL_CONTENT response with only the requested
1251 Thanks to Xan Lopez and Diego Escalante Urrelo for their work
1252 on SoupCookie, SoupCookieJar, SoupCookieJarText, and
1253 SoupCookieJarSqlite.
1255 Changes in libsoup from 2.24.0.1 to 2.24.1:
1257 * Fixed a crash when unreffing the session from a
1258 soup_session_queue_message() callback [#533473], and added
1259 regression test. In particular, this fixes a crash in
1260 seahorse when trying to connect to a non-responsive
1263 * Fixed an infinite loop when giving a bad password to a site
1264 that uses non-standard capitalization in the
1265 WWW-Authenticate header (eg, gmail.com) [#536285].
1267 * Fixed a leak in SoupSessionAsync when using a non-default
1268 GMainContext. [addendum to #498509, Arnout Vandecappelle]
1269 Added additional code to the regression tests to make sure
1270 sessions and servers do not get leaked.
1272 * Fixed a leak in the XML-RPC code
1274 * Compile fixes for "gcc -pedantic" [#553976, Sander Dijkhuis]
1275 and -DG_DISABLE_DEPRECATED / -DG_DISABLE_SINGLE_INCLUDES
1276 [#557072, Cosimo Cecchi]
1278 * Patched xmlrpc-test to accept the incorrect response to
1279 test_echo() that php-xmlrpc gives when it's built against
1280 libxml2 >= 2.7.1 (qv http://bugs.php.net/45996), so that
1281 I can "make distcheck"...
1283 * Updated generated documentation
1285 Changes in libsoup from 2.23.92 to 2.24.0.1:
1287 * Reverted part of the fix for #528882, which caused the DAAP
1288 plugin in rhythmbox to crash. [#553466]
1290 Changes in libsoup from 2.23.91 to 2.23.92:
1292 * Fixed the handling of a 302 response to a HEAD request,
1293 which should NOT be treated like a 303 response. [#551190,
1296 Changes in libsoup from 2.23.6 to 2.23.91:
1298 * Fixed a crash in gvfs [#528882], though there is still an
1299 unknown bug there. As part of this fix, libsoup will now
1300 return an error if you try to do an operation on a non-HTTP
1301 URI. (Previously it was just treating any URI scheme except
1304 * Added soup_date_to_timeval() for gvfs. [#549006, patch from
1307 Changes in libsoup from 2.23.1 to 2.23.6:
1309 * Fixed use of g_idle_add() so that heavy I/O won't end up
1310 blocking libsoup callbacks. [#536676, Benjamin Otte]
1312 * Allow the caller to override the Host header. [#539803, Marc
1315 * Properly handle responses larger than 4G. [#539861, Peter
1318 * Fixed the build when using certain LDFLAGS [#541506, Götz
1321 * Fixed a small bug in Digest auth handling. [#544681, Mads
1324 * Fixed multiple Windows bugs [Tor Lillqvist]
1326 Changes in libsoup from 2.4.1 to 2.23.1:
1328 * This is the first unstable release leading up to GNOME 2.24.
1329 Bumped the libsoup version number up to 2.23.x to match the
1330 GNOME version; note that the API version is still "2.4",
1331 meaning in particular that you still call it "libsoup-2.4"
1332 when using pkg-config.
1334 * Added SoupSessionFeature, an interface type that will be
1335 used for several new features. Ported SoupLogger and
1336 SoupAuthManager to use it.
1338 * Added SoupCookie and SoupCookieJar. This API is already
1339 being used in Epiphany, via WebKit, but it is not yet
1342 * Fixed GnuTLS support on Win32. [#528752, Marc Maurer]
1344 Changes in libsoup from 2.4.0 to 2.4.1:
1346 * Fixed SoupMessage to not downgrade to HTTP/1.0 for the
1347 second attempt when it receives an HTTP/1.0 redirect or 401.
1348 [#521848, Tommu Komulainen]
1350 * Fixed Host: header syntax when the host is an IPv6 address
1353 * Fixed SoupSession to not emit "authenticate" multiple times
1354 for messages that have been requeued. [#522601, Tommi
1355 Komulainen]. Also added two new signals to SoupSession,
1356 request-queued and request-unqueued, to help simplify
1357 certain session-helpers and avoid bugs like this in the
1360 * Fixed soup_server_pause_message() to actually work (rather
1361 than *un*pausing the message).
1363 * Added a property SOUP_SESSION_IDLE_TIMEOUT that can be used
1364 to set a timeout after which idle connections will
1365 automatically be closed. [#518214, Jorn Baayen]
1367 * Implemented RFC 2069-style Digest auth, and fixed SoupAuth
1368 to compare auth scheme names case-insensitively, to fix
1369 authentication against Apple's calendar server. [#498484]
1371 * Fixed a crash in SoupAuthDomainDigest if the client provided
1372 an unrecognized username. [pointed out by Curtis Magyar on
1375 * Fixed a few SoupDate bugs. (In particular, it was outputting
1376 the wrong day of the week when stringifying dates.)
1378 * Improved the cleanup of idle connections, to fix slow load
1379 times with the libsoup backend of WebKit.
1381 * Added a new SoupMessage signal "wrote-body-data" that can be
1382 used for progress information when sending a large request
1383 body. Also allow providing the request body in multiple
1384 chunks even when using Content-Length encoding. [#525101,
1387 * libsoup now ignores SIGPIPE globally, instead of
1388 un-thread-safe-ly ignoring it only around network writes. In
1389 particular, this means it is ignored when the SSL code needs
1390 to unexpectedly do a write when we asked it to do a read.
1391 [#524397, Curtis Magyar]
1393 * The discard-body-chunks-once-they're-no-longer-needed
1394 behavior, confusingly called SOUP_MESSAGE_OVERWRITE_CHUNKS,
1395 is now controlled by a SoupMessageBody method
1396 (soup_message_body_set_accumulate()), and can be applied to
1397 either the request body or the response body.
1398 (OVERWRITE_CHUNKS is still available for backward
1399 compatibility.) [#522146, Christian Kellner]
1401 * The DNS cache no longer caches "no such host" results, since
1402 some name servers lie to clients outside their firewall,
1403 which could then cause problems for laptops moved between
1404 networks. [#523269, Jörgen Scheibengruber]
1406 * Added some new regression tests, fixed some small bugs in
1409 Changes in libsoup from 2.3.4 to 2.4.0:
1411 * Fixed a small memory leak in SoupSession. [#518798, Wouter
1414 * Minor fixes to redirect behavior; PROPFINDs can now be
1415 automatically redirected (pointed out by Christian Kellner),
1416 and 302 is treated like 307, not 303. Also fixed to make
1417 sure that redirect-test actually gets run by "make check".
1419 * The SoupSocket I/O methods now set nread/nwrote even on
1420 error. [Benjamin Otte]
1422 Changes in libsoup from 2.3.2 to 2.3.4:
1424 * The documentation should be accessible from devhelp again
1425 [#518384, Mart Raudsepp]. (Also fixed another
1426 documentation-generation bug that affected builds from svn,
1427 but not the 2.3.2 tarball for some reason. [#518317,
1430 * Fixed dependencies in libsoup-2.4.pc file [#517631,
1433 Changes in libsoup from 2.3.0.1 to 2.3.2:
1435 API changes / Behavior changes:
1437 * soup_server_add_auth_domain() now refs the auth domain when
1438 adding it. (soup_server_remove_auth_domain() already
1439 unreffed it.) This means existing applications using
1440 SoupAuthDomain will now have a small memory leak. Those
1441 applications should update their libsoup-2.4 requirement to
1442 ">= 2.3.2" at some point before the final GNOME 2.22.0
1443 release, and then fix the code to unref the auth domain
1444 after adding it to the server.
1446 * SoupSession's automatic redirect-handling behavior now obeys
1447 RFC 2616 more closely. In particular, status codes 300 and
1448 304 are no longer mistakenly considered redirects; POSTs
1449 that receive 303 are now redirected into GETs; and POSTs
1450 that receive 301, 302, or 307 are now not redirected.
1452 Applications that were using the SOUP_MESSAGE_NO_REDIRECT
1453 flag to prevent libsoup from redirecting POSTs incorrectly
1454 before should now be able to remove that if they depend on
1455 libsoup-2.4 >= 2.3.2.
1459 * Added a SOUP_SESSION_USER_AGENT property to SoupSession, and
1460 SOUP_SERVER_SERVER_HEADER to SoupServer, to support
1461 automatically adding "User-Agent" and "Server" headers to
1462 messages. (The default behavior is to do nothing, as
1465 * Added several new methods to soup-forms.h. Applications that
1466 are encoding a fixed set of form fields can now just pass
1467 them to soup_form_encode(), rather than needing to construct
1468 a GHashTable or GData list. (Likewise, the new
1469 soup_uri_set_query_from_fields() behaves similarly for
1470 directly updating a URI with form data.) There are also now
1471 soup_form_request_new() and other related methods, to
1472 directly create a GET or POST SoupMessage for submitting a
1475 The original soup_form_* methods have all been renamed,
1476 although #defines exist for backward compatibility.
1478 * Added soup_message_set_chunk_allocator() and
1479 soup_buffer_new_with_owner(), to give applications more
1480 control over memory usage/copying when doing streaming HTTP.
1481 [Wouter Cloetens, #513810].
1483 * Added several new methods to soup-value-utils.h for working
1484 with multiple array or hash table values at once:
1485 soup_value_hash_new_with_vals(),
1486 soup_value_hash_insert_vals(),
1487 soup_value_hash_lookup_vals(),
1488 soup_value_array_new_with_vals(), and
1489 soup_value_array_append_vals().
1491 This helps to simplify XML-RPC calls that send or receive
1494 * Added soup_date_to_time_t().
1496 * Added SoupMessageHeadersIterator, an iterator type for
1497 SoupMessageHeaders that can be used instead of
1498 soup_message_headers_foreach().
1502 * Fixed a crash-when-idle in evolution-exchange [#437835] and
1503 rhythmbox [#506552].
1505 * Added the API version to the gtk-doc installation dir, to
1506 prevent parallel-installation problems with libsoup 2.2 and
1507 2.4. [#512810, Daniel Gryniewicz].
1509 * Fixed tests/query-test to compile correctly on Solaris.
1510 [#513602, patch from Jeff Cai]
1512 * Fixed some other minor HTTP conformance issues.
1516 * Although not present in the release tarball, there are now
1517 experimental python bindings for libsoup in GNOME subversion
1518 (in the python/ subdirectory of libsoup trunk). These are
1519 not yet stable (and are not built by default or installed
1520 even when building from svn), but comments on them are
1521 welcome at libsoup-list@gnome.org
1523 Changes in libsoup from the 2.2 series to 2.3.0.1:
1525 libsoup 2.3.0 is the first beta release of the libsoup 2.4
1526 series. It is an API break from the earlier 2.2 series that
1527 fixes various bugs and API warts and lays the groundwork for
1528 language bindings and various new features in upcoming
1531 (2.3.0.1 is identical to the 2.3.0 release in terms of code,
1532 but includes this updated NEWS file which was accidentally
1533 left out of the 2.3.0 tarball.)
1535 http://library.gnome.org/devel/libsoup/unstable/libsoup-porting-2.2-2.4.html
1536 goes over the API changes in detail. If you have questions not
1537 answered by the porting document, please send mail to
1538 libsoup-list@gnome.org.
1540 Specific user-reported bugs fixed in this release:
1542 * SoupURI now correctly handles URIs with complex encoded
1543 queries [#266516, Jean-Yves Lefort]
1545 * It is now possible for a SoupServer to use Digest auth
1546 without needing to have the cleartext password available.
1547 [#347108, Anas Nashif]
1549 * Digest authentication now properly handles "stale=true" and
1550 "nextnonce=..." [#471380, Jari Urpalainen]
1552 * SoupServer is now subclassible [#491653, Mathias Hasselmann]
1554 * soup_server_run_async and soup_server_quit no longer ref and
1555 unref the server, as that doesn't match ordinary GObject
1556 conventions [#494128, Mathias Hasselmann]
1558 * The test programs no longer use a symbol name that conflicts
1559 with Cygwin [#501631, Cygwin Ports Maintainer]
1561 * libsoup can now handle the not-quite-HTTP responses returned
1562 by Shoutcast servers [#502325, Wouter Cloetens]
1564 * If you use libsoup while disconnected from the network, it
1565 no longer caches the failed DNS results [#508593, Bradley
1568 Items from http://live.gnome.org/LibSoup/ToDo fixed:
1570 * "Expect: 100-continue" processing now works correctly on
1571 both client and server.
1573 * SoupSessions are no longer leaked
1575 * The XML-RPC API is improved. The SOAP API is gone...
1577 * Added utility functions for HTML form handling
1579 * Improved message header handling
1581 * SoupServer now automatically adds a "Date" header
1585 Changes in libsoup from 2.2.103 to 2.2.104:
1587 * soup_message_io_pause() and soup_message_io_pause() are now
1588 allowed for client messages (and in particular, they don't
1589 mess up when called from the "got_chunk" callback).
1590 [#452280, Marco Barisione]
1592 * Fixed some bugs in SOUP_SESSION_ASYNC_CONTEXT support that
1593 would cause parts of an operation to run in the default
1594 context rather than the session's context. Also fixed some
1595 leaks and added a regression test. [#498509, Wouter
1598 * There is a new test/sample program, tests/pull-api.c,
1599 showing how to implement a pull API using SoupSessionAsync.
1600 (This depends on the fixes for #452280 and #498509, so it
1601 won't work with older versions of libsoup.)
1603 * Discovered "valgrind --leak-resolution=med" and fixed some
1606 Changes in libsoup from 2.2.102 to 2.2.103:
1608 * Fix memory corruption in SoupSessionAsync that caused
1609 rhythmbox to crash. [#484988, patch from Rob Bradford]
1611 * Fix socket refcounting in SoupServer to fix warnings /
1612 possible crash. [#459896, Emanuele Aina]
1614 Changes in libsoup from 2.2.101 to 2.2.102:
1616 * Unbreak the build when building without SSL. Not that you
1617 should be building without SSL anyway, but... (reported by
1620 Changes in libsoup from 2.2.100 to 2.2.101:
1622 * Fix build on cygwin [384498]
1624 * Fix SSL rehandshaking on synchronous sockets [415402, Jacob
1625 Berkman] and add a regression test for it.
1627 * Fix two bugs in https tunnels over proxies that require
1628 authentication (noticed by Varadhan), and add a regression
1631 * Ensure that if you queue multiple messages at once to an
1632 http server that requires authentication but that you
1633 haven't authenticated to yet, that all of the messages get
1634 properly authenticated [271540, James Willcox]. And add a
1635 regression test for it.
1637 * Fix NTLM authentication, which got broken by the previous
1638 fix. [471389, Varadhan]. Add a basic NTLM regression test
1639 that doesn't really test the crypto/encoding parts, but at
1640 least makes sure that the message flow is correct.
1642 * Allow trailing whitespace after HTTP version in
1643 Response-Line, for compatibility with broken servers
1644 [475169, Stephane Loeuillet]. Add that case to the
1645 header-parsing regression test.
1647 * Fix crash when the session's "authenticate" handler returns
1648 a username and no password when using NTLM. [480987, Wendell
1651 * Use "new" glib base64 and iso8601 methods rather than
1652 duplicating them. [337010, patch from Emmanuele Bassi].
1654 * Implement soup_session_queue_message() for SoupSessionSync.
1656 * Add G_BEGIN_DECLS / G_END_DECLS to all headers that were
1657 missing them. [438776, patch from Jonathon Jongsma].
1659 * Fix broken definition of SOUP_IS_MESSAGE_FILTER_CLASS. Noted
1660 by "cascardo" on libsoup-list.
1662 * Remove documentation of non-public MD5 methods [440092,
1663 Jonathon Jongsma]. Removed a mysterious half-sentence in the
1664 SoupMessage docs [458116, Marco Barisione].
1666 Changes in libsoup from 2.2.99 to 2.2.100:
1668 * Fixed soup_headers_parse_status_line() so WebDAV response
1669 parsing will work again. [406997]
1671 * Fixed a bug in the header-parsing regression test that
1672 caused the test to fail sometimes, even though the actual
1673 header-parsing code was fine.
1675 Changes in libsoup from 2.2.98 to 2.2.99:
1677 * Fixed header parsing, including a crash in SoupServer with
1678 certain malformed requests [391970].
1680 * Fixed redirection to other hosts with SoupSessionAsync.
1683 * Fixed a small memory leak pointed out by Chris Austin.
1685 Changes in libsoup from 2.2.97 to 2.2.98:
1687 * The XML-RPC code now correctly interprets <value>foo</value>
1688 as meaning the same thing as
1689 <value><string>foo</string></value>. [364490] Pointed out by
1692 * Memory leak fixes from Andrew W. Nosenko.
1694 * A few symbols that should have been static before now are.
1695 [376387] Patch from Matthias Clasen.
1697 Changes in libsoup from 2.2.96 to 2.2.97:
1699 * Fixed SOAP and XML-RPC code to handle whitespace and
1700 comments in the XML better. (Based on a patch from Andrew W.
1703 * Fixed lots of typecasting/constness warnings in the code
1704 (mostly via a patch from Andrew W. Nosenko)
1706 * Fixed build on Cygwin [321827]
1708 * Fixed libsoup-2.2.pc fields [343340] and make it get
1709 uninstalled correctly [356809]. (Mikhail Zabaluev and
1712 * Fixed some small leaks in SoupServer pointed out by Paolo
1715 Changes in libsoup from 2.2.95.1 to 2.2.96:
1717 * SoupServer now works even if you don't explicitly set an
1718 encoding for the response. (In particular, the automatic 404
1719 if you request a path with no handlers now works. Problem
1720 pointed out by Dennis Jacobfeuerborn.)
1722 * WWW-Authenticate and Proxy-Authenticate responses with no
1723 realm parameter are now ignored, as per RFC 2617, fixing a
1724 crash pointed out by Nate Nielsen.
1726 * Added soup_xmlrpc_message_from_string(), from Fernando
1729 * simple-httpd and "get" now support HEAD
1731 Changes in libsoup from 2.2.94 to 2.2.95.1:
1733 * Even more fixes to XML-RPC, found by the new XML-RPC
1734 regression test. This includes some API changes that I don't
1735 feel guilty about, because the code totally didn't work at
1738 * Fixed a bug in soup_mktime_utc()
1740 * (2.2.95 was identical to 2.2.95.1. The only difference is
1741 that the shared library version was belatedly bumped from
1742 8.2.0 to 8.3.0 to reflect the API "additions")
1744 Changes in libsoup from 2.2.93 to 2.2.94:
1746 * Various fixes to the XML-RPC code (which apparently had not
1747 actually ever worked before) from Brent Smith. [343973,
1750 * Added client and server API tutorials to the docs
1752 * auth-test now uses a local Apache 2.2 install, if possible,
1753 rather than depending on files that used to be on an old
1754 Ximian web server but haven't been anywhere for a long time.
1757 Changes in libsoup from 2.2.92 to 2.2.93:
1759 * Fixed outgoing data corruption caused when SoupServer
1760 started writing out a response a second time after already
1761 having started once. [334469]. Also fixed 342640 and another
1762 bug caused by the workaround for 334469 in 2.2.92. Based on
1763 patches and analysis from William Jon McCann and Armin
1766 * Fixed a deadlock when changing a session's proxy URI.
1767 [309867 / bnc 174255, based on a patch by Veerapuram
1770 * Fixed https-via-proxies in the synchronous case. [bnc 174255]
1772 * Fixed a crash in evolution-exchange [342545, fix based on an
1773 analysis by Wang Xin].
1775 * Fixed simple-proxy to not crash at startup. Oops. (Alex
1778 Changes in libsoup from 2.2.91 to 2.2.92:
1780 * Fixed server-side digest auth to return a valid "algorithm"
1781 value and client-side to not crash if it sees an invalid one
1784 * Fixed the Request-Line parsing code to not hardcode a
1785 maximum URI length (to allow very long DAAP requests from
1786 iTunes in Rhythmbox). [335040]
1788 * Fixed some warnings (signed/unsigned mismatch).
1790 Changes in libsoup from 2.2.7 to 2.2.91:
1792 * (The large version number bump is because there was an
1793 internal 2.2.90 release for SUSE 10.1 alphas, which was
1794 supposed to be intermediate between 2.2.7 and 2.4.0. But
1795 2.4.0 didn't end up happening, and I don't want to regress
1796 the version number at this point.)
1798 * SoupSession, SoupServer, SoupConnection, SoupSocket, and
1799 SoupAddress now have an "async-context" property that allows
1800 you to use the async API in a non-default GMainContext.
1801 [Based on patches from Armin Bauer and Jürg Billeter.]
1803 * SoupSession, SoupConnection, and SoupSocket now have a
1804 "timeout" property to stop synchronous sockets from hanging
1805 forever if the remote end is unresponsive (from Varadhan).
1807 * Fixed some bugs in soup_date_iso8601_parse(). [324671, from
1810 * More Windows build fixes from Tor.
1812 Changes in libsoup from 2.2.6.1 to 2.2.7:
1814 * Fixed a crash when using NTLM connections [316313, probably
1815 also 318252]. (Also 321208, which was a bug introduced in
1816 the original fix for 316313.)
1818 * Fixed a bug that could cause soup to suck up all available
1819 CPU when a connection to a SoupServer was dropped by the
1820 other side [319305, patch from Jonathan Matthew]
1822 * Fixed the creation of struct elements in XMLRPC messages
1823 [321362, patch from Sebastian Bauer]
1825 * Plugged a small memory leak in SoupSocket (from Wang Xin).
1827 * Fixed two compile problems, a gccism [320349, patch from
1828 Roland Illig], and a strict-aliasing warning from gcc 4.1.
1830 Changes in libsoup from 2.2.6 to 2.2.6.1:
1832 * Fixed a crash when using SoupSoapMessage
1834 Changes from 2.2.5 to 2.2.6:
1836 * Fixed a crash when canceling a message (from Tambet Ingo)
1838 * Fixed a bug where a connection could be leaked forever in
1839 some circumstances if a request got a 30x, 401, or 407
1840 response, eventually causing a hang when the session hit its
1841 maximum connection limit. (Dan/Tambet)
1843 * Fixed a memory leak. (Tambet)
1845 * Fixed a bug that would sometimes show up when connecting to
1846 a server on localhost [#312540]
1848 * Added some API to SoupServer and SoupSocket to help fix a
1849 long-standing rcd bug.
1851 Changes from 2.2.4 to 2.2.5:
1853 * Win32 support (from Tor Lillqvist)
1855 * Up-to-date API documentation pretty much everywhere
1857 * Basic XMLRPC support (from Mariano Suarez-Alvarez, Fernando
1858 Herrera, and Jeff Bailey)
1860 * New HTTP timestamp-manipulation methods soup_date_parse,
1861 soup_date_generate, and soup_date_iso8601_parse.
1863 * SoupSession now handles relative URLs in the Location header
1864 (in violation of RFC 2616, but in line with how some servers
1867 Changes from 2.2.3 to 2.2.4:
1869 * Fixed a problem with NTLM authentication against
1870 multi-domain servers. [306877]
1872 * Fixed DNS lookups on Solaris. [254551, 268389]
1874 Changes from 2.2.2 to 2.2.3:
1876 * Now compiles against gnutls 1.2.0 [257811]
1878 * Fixed a bug that could result in 100% CPU usage if an SSL
1879 server closed the connection uncleanly. [273352]
1881 Changes from 2.2.1 to 2.2.2:
1883 * The SSL validation fix from 2.2.1 [264414] is now completely
1884 fixed. (Part of the fix didn't actually make it into 2.2.1)
1886 * HTTPS certificate validation now works when using an HTTP
1889 * HTTP proxy code deals better with proxies that try to make
1890 the user do HTML-form-based authentication. [268531]
1892 * 64-bit fixes for NTLM auth code. [270323, from Michael
1895 Changes from 2.2.0 to 2.2.1:
1897 * Updated for a libgcrypt API change between 1.1.9x and 1.2.x
1898 that caused a crash at runtime if you compiled against
1901 * SSL certificate validation failure should now always result
1902 in a status of SOUP_STATUS_SSL_FAILED, rather than getting
1903 turned into SOUP_STATUS_IO_ERROR. [264414]
1906 Changes in libsoup from the 2.0 series (1.99.x versions) to 2.2:
1908 * Most of the libsoup datatypes are now GObjects. (SoupUri
1909 is currently an exception to this.)
1911 * SoupMessage now emits signals at various stages of
1912 processing. (Eg, "wrote_body", "got_headers".) (You
1913 can also still use soup_message_add_*handler().)
1915 * SoupContexts are gone; soup_message_new() now takes a URI
1918 * All formerly global state is now maintained by the
1919 SoupSession object. (This includes the connection pool,
1920 proxy server, cached authentication information, SSL
1923 * You can create a SoupSessionAsync (for 2.0-like
1924 behavior) or SoupSessionSync (for blocking,
1927 * You can add SoupMessageFilter objects to a session
1928 to have certain processing automatically performed
1929 on every message sent via that session. (Eg, setting
1932 * NTLM authentication is no longer supported by
1933 default. You must enable it by setting the
1934 SOUP_SESSION_USE_NTLM flag on the session.
1936 * The preferred method of handling authentication is
1937 now via the "authenticate" and "reauthenticate"
1938 signals on SoupSession. (The old style, of encoding
1939 the user and password information into the url is
1940 also still supported.)
1942 * The SOUP_ERROR_* values are now SOUP_STATUS_* (so that we
1943 don't have "SOUP_ERROR_OK" and the like).
1945 * SOUP_MESSAGE_IS_ERROR() is gone, since some cases
1946 want to include 3xx responses and some don't.
1948 * SOUP_ERROR_CANT_AUTHENTICATE and
1949 SOUP_ERROR_CANT_AUTHENTICATE_PROXY are now gone,
1950 since they didn't carry any information that
1951 SOUP_STATUS_UNAUTHORIZED and
1952 SOUP_STATUS_PROXY_UNAUTHORIZED don't.
1954 * DNS errors now show up as the new status code
1955 SOUP_STATUS_CANT_RESOLVE rather than being mixed in
1956 with SOUP_ERROR_CANT_CONNECT.
1958 * Minimal SOAP support has been added back, via
1959 SoupSoapMessage/SoupSoapResponse
1961 * The HTTP I/O state machine was completely rewritten, fixing
1962 numerous crashes, leaks, and protocol errors.
1964 * SoupUri now conforms to RFC 2396. Mostly.
1966 * Various test programs have been added under tests/
1970 * Support for OpenSSL (which was horribly buggy) and
1971 Mozilla NSS (which was never finished). We only
1972 support GNUTLS for SSL now.
1976 * CGI support in SoupServer