Published 15 July 2024
Bugfixes
- io.ktor.util.TextKt.chomp doesn't work on strings with more than one character (KTOR-7209)
- DefaultRequest plugin overwrites http protocol (KTOR-5586)
- Ktor build problem; cannot compile native targets (KTOR-6666)
- SSEException is thrown instead of JobCancellationException when coroutine's job is cancelled (KTOR-6571)
- SSE request drops request body (KTOR-6659)
- SSE: UnsupportedContentTypeException when sending POST request using OKHttp engine (KTOR-6911)
- SSE: NoTransformationFoundException when Logging plugin with LogLevel.ALL is used (KTOR-6912)
- Installing SSE breaks GET/POST functionality (KTOR-6614)
- Cookies with a long Max-Age incorrectly expire in AcceptAllCookiesStorage (KTOR-6646)
- Some dependency versions not tracked (KTOR-7123)
- CSRF: false positive originMatchesHost validation when default port is explicitly defined (KTOR-6701)
- Double Transfer-Encoding header while using respondOutputStream on Tomcat (KTOR-6574)
Improvements
- HttpCalValidatorConfig class name is misspelled (KTOR-6625)
- CallLogging: package is misspelled (KTOR-4273)
- Ambiguous coroutineContext warning in routing handler (KTOR-5181)
- Tracing: allow changing log level at runtime for routing (KTOR-7193)
- io.ktor.network.tls.TLSException has internal visibility (KTOR-6767)
- Auth: Make
refreshToken
ofBearerTokens
class nullable (KTOR-6928) - Ktor test application library references internal module (KTOR-6668)
- CSRF: Confusing error message when Origin validation is enabled and only Referrer header is sent (KTOR-6702)
- CSRF: validations probably shouldn't be applied to GET/HEAD/OPTIONS requests (KTOR-6698)
- CSRF: Empty onFailure option is misleading (KTOR-6687)
- Misleading assertion message in the testEmbeddedServerCancellation test (KTOR-6657)
- Allow setting "Secure" flag for cookies on localhost (KTOR-6593)
- SSE: Unable to access response headers (KTOR-6660)
- SSE: Improve support for testing (KTOR-3290)
- OAuth handler does not propagate redirection errors to the caller (KTOR-6605)
- HttpTimeoutTest.testConnect are flaky (KTOR-1583)
Features
- Migrate to new kotlinx.io library (KTOR-6030)
- Change default session serializer to the one that uses kotlinx-serializaion (KTOR-6175)
- Replace custom withTimeout implementation using WeakTimeoutQueue with coroutines.withTimeout (KTOR-3658)
- Add Url capability: parsing/validating url strings (KTOR-360)
- SSE: Support handling HTTP failures (KTOR-6808)
- Ktor client for Kotlin/Wasm (KTOR-5587)
- CSRF protection feature (KTOR-2910)