This release fixes a regression in 10.0.8 that occurred when using media ranges and connecting to a HTTP server that fails to specify the charset in the
Additionally, support for HTTP status code 418 has been introduced #1206
Support for proxies that require authentication is yet to be implemented and is tracked by the ticket #1213
Akka-http has a strongly typed media type / content type system, and knows at compile time about which media types are supposed to express a character set attribute, e.g.
text/plain; charset=UTF-8. Before this release, akka would silently assume UTF-8 for
ContentType instances of media types with a missing
From now on, content types missing a charset can be both parsed and expressed directly, using the new
- For incoming Content-Type headers with values missing a charset, such as
text/plain, the header
ContentTypewill be represented as
WithMissingCharset, rather than assuming an UTF-8 charset (which could have been a wrong guess).
- If you need to create such a content type programmatically, use e.g.
Note to scala users: If you have
match statements across
ContentType, keep an eye out for new compiler hints. You need to decide what what to do in case you get a content type with a missing character set, by adding a
Support for Server-Sent events was added by merging akka-sse project by @hseeberger. Thank you very much, Heiko!
- Add support for Server-Sent Events (#669)
- Add support for textual content types with missing character set (#1134)
- Remove unnecessary dependency to ScalaTest from JUnitSuiteLike (#1147)
- Document pluggable client transport infrastructure and HTTPS proxy support (#192)
- Reference security announcements and release notes in ToC (#1199)
- Parse Websocket headers according to the set header processing mode (#1166)
- Fix a regression which caused the idle-timeout on server side not to function properly (#1012)
- Add a special handling of the charset parameter in Accept header when comparing media types (#1139)
- Use ws(s) scheme instead of http(s) when calculating effective websocket request URIs (#909)
We prepared new seed templates for starting out with Akka HTTP using the Java DSL as well as Scala DSL. By using the
sbt new command one can now easily get a small sample project to easily get started with your first Akka HTTP app. More instructions on the seed template pages.
Akka HTTP treats differently by default a route that ends with slash (
/) than one that doesn’t. From this version on, users who don’t want to have this distinction, can use a new Path Directive called
ignoreTrailingSlash. This route, will retry its inner route with and without a trailing slash. If you want to know more about this feature, please check the documentation page.
- Added new Path Directive
- Prepared new seed templates for Akka HTTP apps (for both Java DSL and Scala DSL) (1137 & 1055)
- Migrated to the new docs theme (same as Akka) (#1129)
HttpApp#routemethod was renamed to
routesto highlight it is “all the routes” (#953)
- Synthetic Remote-Address header setting is now honored in HTTP2 server blueprint (#1088)
- OSGi Import-Package ranges have been fixed to allow Akka 2.5.x (#1097)
- Dates in RFC1123 format with single-digit-day are now properly parsed (#1110)
10.0.6 is a security and maintenance release in the stable 10.0.x series of Akka HTTP.
This release contains a fix for a serious security vulnerability that allows a remote attacker to shut down any Akka HTTP application using the routing DSL. See the details for more information. Please update as soon as possible.
- Make response parser more relaxed on accepting status line without reason message (#981)
- Use media type parameters in content negotiation (#963)
- Small performance improvements (#999, #1032)
- Allow binding server with HTTP/2 support via configuration flag with
- Make marshaller composition more lazy to prevent redundant marshalling when using
- Allow Java-implemented ContentTypeResolver (#360)
- Java DSL routing
completenow has override that takes
ResponseEntityas a parameter instead of
- Improved usage and documentation of Encoder / Decoder on the Scala and Java side (#771)
- Refactoring: move handling of per-stream frames to dedicated state handlers (#1064)
- Provide Decoding Response example for Java (#760)
- Add Java example to extract header value with default value (#639)
- Add HTTP custom method example (#954)
- Smaller fixes and additions
- Add OSGi to project in order to release each project with OSGi bundle headers (#574)
- Rename root project to ‘akka-http-root’ (#1030)
- Ignore unsupported
*/xyzmedia types (#1072)
- Exclude port when rendering X-Forwarded-For and X-Real-Ip headers (#440)
- Fix NPE when accessing static Java constant fields (#936)
- Make sure pool log messages have “PoolGateway” set as logClass for easier filtering (#1013)
- Move special non-2xx handling from RequestContextImpl to fromStatusCodeAndHeadersAndValue marshaller (#1072)
- Handle failure while parsing the URI in parameter extraction (#1043)
extractStrictEntityprovide strict entity for inner routes (#961)
- Enable javadsl to unmarshal with default
- Smaller fixes for
- Fix memory leak in ALPN switcher (#886)
This is the fifth maintenance release of the Akka HTTP 10.0 series. It is primarily aimed at stability aligning the internals with the upcoming Akka 2.5 release. These steps are also the groundwork to enable Play to make use of Akka HTTP and the new Akka Streams materializer in the upcoming Play 2.6.
- New docs and API for registering custom headers with JavaDSL (#761)
- Ssl-config upgraded to 0.2.2, allows disabling/changing hostname verification (#943)
- Don’t depend on Akka internal APIs, become compatible with Akka 2.5 (#877)
- Make default exception handler logging more informative (#887)
- Unmarshal.to now uses the materializer ExecutionContext if no other provided implicitly (#947)
- Prevent longer-than-needed lingering streams by fixing DelayCancellationStage (#945)
- Avoid redirect-loop when redirectToNoTrailingSlashIfPresent was used for root path (#878)
This version of Akka HTTP must be used with Akka in version at-least 2.4.17, however it is also compatible with Akka 2.5, which has just released its Release Candidate 1.
This release contains mostly bug fixes and smaller improvements. We strongly recommend updating from 10.0.3 which introduced a regression that an Akka HTTP server can leak memory over time which will lead to OOM eventually. See #851 for more information.
- Http message and header parser now also accepts LF as end of line (as recommended in the spec) (#106)
HttpAppnow directly extends from Directives (#875)
HttpApp.startServer(host, port)for even simpler startup. (#873)
- Multiplexer infrastructure was rewritten to support plugable
StreamPrioritizer(not yet surfaced in user API) (f06ab40)
- New documentation page about how to deal with the client-side
- Lots of small cleanups and improvements
- Fix a regression introduced in 10.0.3 that might lead to memory leaking after a server connection has been closed. (#851)
- Fix the infamous “Cannot push/pull twice” bug which occurred in relation with 100-Continue requests (like any kind of uploads of POST requests done with
- Updated Akka dependency to Akka 2.4.17. (#858)
.dilatedfor tests for better stability. (#194)
- Fix MiMa to actually check compatibility against the latest released versions. (#870)
- Throughout the code base
@DoNotInheritannotations have been added to give hints about the stability of interfaces. (#727)
This release contains mostly bug fixes, a huge number of contributed documentation fixes and small improvements.
A notable new feature is the experimental
HttpApp feature (long time users may know it from spray). It allows to create an Akka HTTP server with very little boilerplate. See its documentation. Thanks a lot, @jlprat for contributing this feature and carrying through the PR with the most comments so far.
In some cases, we need to change semantics slightly to fix bugs. Some user code may still rely on the previous behavior so we are listing them here to bring attention to potential issues.
Uri.Authority.toStringnow doesn’t render leading double slashes any more (#784)
- request URIs for requests coming in for a server set up to use TLS now carry the
- Optimize frame creation for streamed WS messages (#748)
- Provide HttpApp API for Scala and Java (#156)
- Add Java-side mapRejectionResponse (#593)
- Add Composing directives java (
- Add Unmarshaller.andThen to combine two Unmarshallers (#691)
- Lots of larger and smaller improvements to Http2 support
- Allow Java bind API to specify port zero (#660)
- Fix ConnectHttp.toHostHttps when no scheme is given
- Exclude leading double slash from Uri.Authority.toString (#784)
- Basic auth fix according to rfc7617 - ‘charset’ auth-param (#716)
- Provide correct scheme in request URI for TLS connections (#658)
- Prevent “Connection closed by peer” errors during connection closure (#459)
- Fix stream marshalling, better errors, more examples (#424)
- Don’t ignore failed future for NoContent responses (#589)
- Deprecate wrongly spelled method
- Match path maps in order of longest matching key prefix (#394)
- Don’t leak Scala classes in java Unmarshaller (#604)
- Add support for Specs2 in testkit (#485)
- Fix spray-json unmarshalling of 4-byte UTF-8 characters AKA “the 😁 fix” (#691)
- Updated spray-json dependency to 1.3.3
- A huge amount of bigger and smaller contributions from the community
- Add link to sources to every documentation page to simplify contributing small fixes
- Add search thanks to algolia (#726)
Security patch to prevent denial-of-service due to memory leak in server infrastructure.