Release Notes


See the announcement and closed tickets on the 10.0.5 milestone.

This is the fifth maintenance release of the Akka HTTP 10.0 series. It is primarily aimed at stability aligning the internals with the upcoming Akka 2.5 release. These steps are also the groundwork to enable Play to make use of Akka HTTP and the new Akka Streams materializer in the upcoming Play 2.6.

List of Changes


  • New docs and API for registering custom headers with JavaDSL (#761)
  • Ssl-config upgraded to 0.2.2, allows disabling/changing hostname verification (#943)
  • Don’t depend on Akka internal APIs, become compatible with Akka 2.5 (#877)
  • Make default exception handler logging more informative (#887)
  • now uses the materializer ExecutionContext if no other provided implicitly (#947)

Bug fixes:

  • Prevent longer-than-needed lingering streams by fixing DelayCancellationStage (#945)
  • Avoid redirect-loop when redirectToNoTrailingSlashIfPresent was used for root path (#878)

Compatibility notes

This version of Akka HTTP must be used with Akka in version at-least 2.4.17, however it is also compatible with Akka 2.5, which has just released its Release Candidate 1.


See the announcement and closed tickets on the 10.0.4 milestone.

This release contains mostly bug fixes and smaller improvements. We strongly recommend updating from 10.0.3 which introduced a regression that an Akka HTTP server can leak memory over time which will lead to OOM eventually. See #851 for more information.

List of Changes


  • Http message and header parser now also accepts LF as end of line (as recommended in the spec) (#106)
  • HttpApp now directly extends from Directives (#875)
  • Added HttpApp.startServer(host, port) for even simpler startup. (#873)
  • Multiplexer infrastructure was rewritten to support plugable StreamPrioritizer (not yet surfaced in user API) (f06ab40)
  • New documentation page about how to deal with the client-side max-open-requests exception (39f36dd)
  • Lots of small cleanups and improvements

Bug fixes

  • Fix a regression introduced in 10.0.3 that might lead to memory leaking after a server connection has been closed. (#851)
  • Fix the infamous “Cannot push/pull twice” bug which occurred in relation with 100-Continue requests (like any kind of uploads of POST requests done with curl) (#516)
Build + Testing Infrastructure
  • Updated Akka dependency to Akka 2.4.17. (#858)
  • Use .dilated for tests for better stability. (#194)
  • Fix MiMa to actually check compatibility against the latest released versions. (#870)
  • Throughout the code base @InternalApi, @ApiMayChange, and @DoNotInherit annotations have been added to give hints about the stability of interfaces. (#727)


See the announcement and closed tickets on the 10.0.3 milestone.

This release contains mostly bug fixes, a huge number of contributed documentation fixes and small improvements.


A notable new feature is the experimental HttpApp feature (long time users may know it from spray). It allows to create an Akka HTTP server with very little boilerplate. See its Java and Scala documentation. Thanks a lot, @jlprat for contributing this feature and carrying through the PR with the most comments so far.

Changed semantics

In some cases, we need to change semantics slightly to fix bugs. Some user code may still rely on the previous behavior so we are listing them here to bring attention to potential issues.

  • Uri.Authority.toString now doesn’t render leading double slashes any more (#784)
  • request URIs for requests coming in for a server set up to use TLS now carry the https scheme (#658)

List of changes


  • Optimize frame creation for streamed WS messages (#748)
  • Provide HttpApp API for Scala and Java (#156)
  • Add Java-side mapRejectionResponse (#593)
  • Add Composing directives java (anyOf, allOf). (#620)
  • Add Unmarshaller.andThen to combine two Unmarshallers (#691)
  • Lots of larger and smaller improvements to Http2 support


  • Allow Java bind API to specify port zero (#660)
  • Fix ConnectHttp.toHostHttps when no scheme is given
  • Exclude leading double slash from Uri.Authority.toString (#784)
  • Basic auth fix according to rfc7617 - ‘charset’ auth-param (#716)
  • Provide correct scheme in request URI for TLS connections (#658)
  • Prevent “Connection closed by peer” errors during connection closure (#459)
  • Fix stream marshalling, better errors, more examples (#424)
  • Don’t ignore failed future for NoContent responses (#589)
  • Deprecate wrongly spelled method Unmarshaller.unmarshall
  • Match path maps in order of longest matching key prefix (#394)
  • Don’t leak Scala classes in java Unmarshaller (#604)
  • Add support for Specs2 in testkit (#485)
  • Fix spray-json unmarshalling of 4-byte UTF-8 characters AKA “the 😁 fix” (#691)
  • Updated spray-json dependency to 1.3.3


  • A huge amount of bigger and smaller contributions from the community
  • Add link to sources to every documentation page to simplify contributing small fixes
  • Add search thanks to algolia (#726)


Security patch to prevent denial-of-service due to memory leak in server infrastructure.

See the announcement, Details and changes.


See the announcement and closed tickets on the 10.0.1 milestone


See the announcement and closed tickets on the 10.0.0 milestone

The source code for this page can be found here.