- Lazily parse captured TLS certificates. This improves performance and memory usage. Additionally,
openssl_x509_parsecurrently leaks memory. This fix ensures it leaks only if explicitly requested (until the PHP bug is fixed). See https://bugs.php.net/bug.php?id=75363. - Small performance improvements for connections not using a proxy.
- Fixed null pointer access in response handling completely breaking the client.
- Clean references correctly, so unused bodies aren't consumed and the connection is closed.
- Allow empty content type for multipart form fields.
- Fail aborted requests correctly.
- Apply transfer timeouts correctly (was previously a header timeout only).
- Check for incomplete response bodies and error out in case of an incomplete body.
- Close sockets if response body is not consumed instead of trying to silently consume it in the background, which might hang indefinitely (depending on the timeout).
- Fixed multipart body bounaries not ending in
\r\n.
- Fixed GC issues if request bodies mismatches the specified content-length.
- Read the public suffix list only once instead of once per check. This was supposed to work previously, but failed to set the
$initializedflag.
- Fixed issues with cookies when IDN support is not available.
- Enforce body size limit also for compressed responses. This is a protection measure against malicious servers as described here.
- Upgrade to Amp v2.
- Major refactoring for streamed response bodies.
- Updated redirect policy to use a new
Requestif the host changes.