⚠️ IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
-
Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806)
-
Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that
still wish to use TLS earlier than 1.2 without a deprecation warning
should opt-in explicitly by settingssl_version=ssl.PROTOCOL_TLSv1_1
(Pull #2002)
Starting in urllib3 v2.0: Connections that receive aDeprecationWarning
will fail -
Deprecated
Retry
optionsRetry.DEFAULT_METHOD_WHITELIST
,Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST
andRetry(method_whitelist=...)
in favor ofRetry.DEFAULT_ALLOWED_METHODS
,
Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT
, andRetry(allowed_methods=...)
(Pull #2000) Starting in urllib3 v2.0: Deprecated options will be removed -
Added default
User-Agent
header to every request (Pull #1750) -
Added
urllib3.util.SKIP_HEADER
for skippingUser-Agent
,Accept-Encoding
,
andHost
headers from being automatically emitted with requests (Pull #2018) -
Collapse
transfer-encoding: chunked
request data and framing into
the samesocket.send()
call (Pull #1906) -
Send
http/1.1
ALPN identifier with every TLS handshake by default (Pull #1894) -
Properly terminate SecureTransport connections when CA verification fails (Pull #1977)
-
Don't emit an
SNIMissingWarning
when passingserver_hostname=None
to SecureTransport (Pull #1903) -
Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull #1970)
-
Suppress
BrokenPipeError
when writing request body after the server
has closed the socket (Pull #1524) -
Wrap
ssl.SSLError
that can be raised from reading a socket (e.g. "bad MAC")
into anurllib3.exceptions.SSLError
(Pull #1939)