What's Changed
- feat(client): add RetryIfErrUpstream function to handle upstream information by @mdenushev in #2176
- Match net/http sensitive header redirect policy by @erikdubbelboer in #2181
- Sanitize first-line header setters to prevent CRLF injection by @erikdubbelboer in #2182
- server: apply ReadTimeout before first byte with ReduceMemoryUsage by @erikdubbelboer in #2183
- header: reject invalid trailer names by @erikdubbelboer in #2188
- header: reject pre-colon whitespace in request headers by @erikdubbelboer in #2187
- Sanitize redirect Location header to prevent CRLF injection by @erikdubbelboer in #2186
- server: keep hijacked reader out of pool by @erikdubbelboer in #2184
- Sanitize cookie setters to prevent CRLF injection by @erikdubbelboer in #2185
- feat: add ExpectHandler for richer Expect: 100-continue handling by @miretskiy in #2175
- http: reject whitespace before chunk extensions by @erikdubbelboer in #2193
- header: reject unsupported response Transfer-Encoding by @erikdubbelboer in #2192
- header: match net/http CL+TE handling by @erikdubbelboer in #2190
- chore(deps): bump securego/gosec from 2.25.0 to 2.26.1 by @dependabot[bot] in #2195
- chore(deps): bump github.com/klauspost/compress from 1.18.5 to 1.18.6 by @dependabot[bot] in #2196
- feat(prefork): Enhance prefork management with WatchMaster, CommandProducer, and Windows support by @ReneWerner87 in #2180
New Contributors
- @miretskiy made their first contribution in #2175
Full Changelog: v1.70.0...v1.71.0