Asynchronous HTTP client/server framework for asyncio and Python
Fixed "Unclosed client session" when initialization of
:py:class:~aiohttp.ClientSession
fails -- by :user:NewGlad
.
Related issues and pull requests on GitHub: #8253.
Fixed regression (from :pr:8280
) with adding Content-Disposition
to the form-data
part after appending to writer -- by :user:Dreamsorcerer
/:user:Olegt0rr
.
Related issues and pull requests on GitHub: #8332.
Added default Content-Disposition
in multipart/form-data
responses to avoid broken
form-data responses -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8335.
The asynchronous internals now set the underlying causes
when assigning exceptions to the future objects
-- by :user:webknjaz
.
Related issues and pull requests on GitHub: #8089.
Treated values of Accept-Encoding
header as case-insensitive when checking
for gzip files -- by :user:steverep
.
Related issues and pull requests on GitHub: #8104.
Improved the DNS resolution performance on cache hit -- by :user:bdraco
.
This is achieved by avoiding an :mod:asyncio
task creation in this case.
Related issues and pull requests on GitHub: #8163.
Changed the type annotations to allow dict
on :meth:aiohttp.MultipartWriter.append
,
:meth:aiohttp.MultipartWriter.append_json
and
:meth:aiohttp.MultipartWriter.append_form
-- by :user:cakemanny
Related issues and pull requests on GitHub: #7741.
Ensure websocket transport is closed when client does not close it
-- by :user:bdraco
.
The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.
Related issues and pull requests on GitHub: #8200.
Leave websocket transport open if receive times out or is cancelled
-- by :user:bdraco
.
This restores the behavior prior to the change in #7978.
Related issues and pull requests on GitHub: #8251.
Fixed content not being read when an upgrade request was not supported with the pure Python implementation.
-- by :user:bdraco
.
Related issues and pull requests on GitHub: #8252.
Fixed a race condition with incoming connections during server shutdown -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8271.
Fixed multipart/form-data
compliance with :rfc:7578
-- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8280.
Fixed blocking I/O in the event loop while processing files in a POST request
-- by :user:bdraco
.
Related issues and pull requests on GitHub: #8283.
Escaped filenames in static view -- by :user:bdraco
.
Related issues and pull requests on GitHub: #8317.
Fixed the pure python parser to mark a connection as closing when a
response has no length -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8320.
Upgraded llhttp to 9.2.1, and started rejecting obsolete line folding
in Python parser to match -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8146, #8292.
Deprecated content_transfer_encoding
parameter in :py:meth:FormData.add_field() <aiohttp.FormData.add_field>
-- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8280.
Added a note about canceling tasks to avoid delaying server shutdown -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8267.
The pull request template is now asking the contributors to
answer a question about the long-term maintenance challenges
they envision as a result of merging their patches
-- by :user:webknjaz
.
Related issues and pull requests on GitHub: #8099.
Updated CI and documentation to use NPM clean install and upgrade
node to version 18 -- by :user:steverep
.
Related issues and pull requests on GitHub: #8116.
A pytest fixture hello_txt
was introduced to aid
static file serving tests in
:file:test_web_sendfile_functional.py
. It dynamically
provisions hello.txt
file variants shared across the
tests in the module.
-- by :user:steverep
Related issues and pull requests on GitHub: #8136.
Added an internal
pytest marker for tests which should be skipped
by packagers (use -m 'not internal'
to disable them) -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8299.
The asynchronous internals now set the underlying causes
when assigning exceptions to the future objects
-- by :user:webknjaz
.
Related issues and pull requests on GitHub: #8089.
Treated values of Accept-Encoding
header as case-insensitive when checking for gzip files -- by :user:steverep
.
Related issues and pull requests on GitHub: #8104.
Upgraded llhttp to 9.2 -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8146.
The pull request template is now asking the contributors to
answer a question about the long-term maintenance challenges
they envision as a result of merging their patches
-- by :user:webknjaz
.
Related issues and pull requests on GitHub: #8099.
Updated CI and documentation to use NPM clean install and upgrade node to version 18 -- by :user:steverep
.
Related issues and pull requests on GitHub: #8116.
A pytest fixture hello_txt
was introduced to aid
static file serving tests in
:file:test_web_sendfile_functional.py
. It dynamically
provisions hello.txt
file variants shared across the
tests in the module.
-- by :user:steverep
Related issues and pull requests on GitHub: #8136.
Two definitions for "test_invalid_route_name" existed, only one was being run. Refactored them into a single parameterized test. Enabled lint rule to prevent regression. -- by :user:alexmac
.
Related issues and pull requests on GitHub: #8139.
Fixed backwards compatibility breakage (in 3.9.2) of ssl
parameter when set outside
of ClientSession
(e.g. directly in TCPConnector
) -- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #8097, #8098.
Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures.
Related issues and pull requests on GitHub: #3957.
Fixed server-side websocket connection leak.
Related issues and pull requests on GitHub: #7978.
Fixed web.FileResponse
doing blocking I/O in the event loop.
Related issues and pull requests on GitHub: #8012.
Fixed double compress when compression enabled and compressed file exists in server file responses.
Related issues and pull requests on GitHub: #8014.
Added runtime type check for ClientSession
timeout
parameter.
Related issues and pull requests on GitHub: #8021.
Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:pajod
.
Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected.
Invalid header field names containing question mark or slash are now rejected.
Such requests are incompatible with :rfc:9110#section-5.6.2
and are not known to be of any legitimate use.
Related issues and pull requests on GitHub: #8074.
Improved validation of paths for static resources requests to the server -- by :user:bdraco
.
Related issues and pull requests on GitHub: #8079.
Added support for passing :py:data:True
to ssl
parameter in ClientSession
while
deprecating :py:data:None
-- by :user:xiangyan99
.
Related issues and pull requests on GitHub: #7698.
Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:pajod
.
Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected.
Invalid header field names containing question mark or slash are now rejected.
Such requests are incompatible with :rfc:9110#section-5.6.2
and are not known to be of any legitimate use.
Related issues and pull requests on GitHub: #8074.
Fixed examples of fallback_charset_resolver
function in the :doc:client_advanced
document. -- by :user:henry0312
.
Related issues and pull requests on GitHub: #7995.
The Sphinx setup was updated to avoid showing the empty
changelog draft section in the tagged release documentation
builds on Read The Docs -- by :user:webknjaz
.
Related issues and pull requests on GitHub: #8067.
The changelog categorization was made clearer. The
contributors can now mark their fragment files more
accurately -- by :user:webknjaz
.
The new category tags are:
* ``bugfix``
* ``feature``
* ``deprecation``
* ``breaking`` (previously, ``removal``)
* ``doc``
* ``packaging``
* ``contrib``
* ``misc``
Related issues and pull requests on GitHub: #8066.
Updated :ref:contributing/Tests coverage <aiohttp-contributing>
section to show how we use codecov
-- by :user:Dreamsorcerer
.
Related issues and pull requests on GitHub: #7916.
The changelog categorization was made clearer. The
contributors can now mark their fragment files more
accurately -- by :user:webknjaz
.
The new category tags are:
* ``bugfix``
* ``feature``
* ``deprecation``
* ``breaking`` (previously, ``removal``)
* ``doc``
* ``packaging``
* ``contrib``
* ``misc``
Related issues and pull requests on GitHub: #8066.
Replaced all tmpdir
fixtures with tmp_path
in test suite.
Related issues and pull requests on GitHub: #3551.
Fixed importing aiohttp under PyPy on Windows.
(#7848)
Fixed async concurrency safety in websocket compressor.
(#7865)
Fixed ClientResponse.close()
releasing the connection instead of closing.
(#7869)
Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer
(#7879)
Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer
(#7895)
Introduced AppKey
for static typing support of Application
storage.
See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config
(#5864)
Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called.
The period can be adjusted with the shutdown_timeout
parameter. -- by :user:Dreamsorcerer
.
See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown
(#7188)
Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>
_ parameter to cancel web handler on client disconnection. -- by :user:mosquito
This (optionally) reintroduces a feature removed in a previous release.
Recommended for those looking for an extra level of protection against denial-of-service attacks.
(#7056)
Added support for setting response header parameters max_line_size
and max_field_size
.
(#2304)
Added auto_decompress
parameter to ClientSession.request
to override ClientSession._auto_decompress
. -- by :user:Daste745
(#3751)
Changed raise_for_status
to allow a coroutine.
(#3892)
Added client brotli compression support (optional with runtime check).
(#5219)
Added client_max_size
to BaseRequest.clone()
to allow overriding the request body size. -- :user:anesabml
.
(#5704)
Added a middleware type alias aiohttp.typedefs.Middleware
.
(#5898)
Exported HTTPMove
which can be used to catch any redirection request
that has a location -- :user:dreamsorcerer
.
(#6594)
Changed the path
parameter in web.run_app()
to accept a pathlib.Path
object.
(#6839)
Performance: Skipped filtering CookieJar
when the jar is empty or all cookies have expired.
(#7819)
Performance: Only check origin if insecure scheme and there are origins to treat as secure, in CookieJar.filter_cookies()
.
(#7821)
Performance: Used timestamp instead of datetime
to achieve faster cookie expiration in CookieJar
.
(#7824)
Added support for passing a custom server name parameter to HTTPS connection.
(#7114)
Added support for using Basic Auth credentials from :file:.netrc
file when making HTTP requests with the
:py:class:~aiohttp.ClientSession
trust_env
argument is set to True
. -- by :user:yuvipanda
.
(#7131)
Turned access log into no-op when the logger is disabled.
(#7240)
Added typing information to RawResponseMessage
. -- by :user:Gobot1234
(#7365)
Removed async-timeout
for Python 3.11+ (replaced with asyncio.timeout()
on newer releases).
(#7502)
Added support for brotlicffi
as an alternative to brotli
(fixing Brotli support on PyPy).
(#7611)
Added WebSocketResponse.get_extra_info()
to access a protocol transport's extra info.
(#7078)
Allow link
argument to be set to None/empty in HTTP 451 exception.
(#7689)
Implemented stripping the trailing dots from fully-qualified domain names in Host
headers and TLS context when acting as an HTTP client.
This allows the client to connect to URLs with FQDN host name like https://example.com./
.
-- by :user:martin-sucha
.
(#3636)
Fixed client timeout not working when incoming data is always available without waiting. -- by :user:Dreamsorcerer
.
(#5854)
Fixed readuntil
to work with a delimiter of more than one character.
(#6701)
Added __repr__
to EmptyStreamReader
to avoid AttributeError
.
(#6916)
Fixed bug when using TCPConnector
with ttl_dns_cache=0
.
(#7014)
Fixed response returned from expect handler being thrown away. -- by :user:Dreamsorcerer
(#7025)
Avoided raising UnicodeDecodeError
in multipart and in HTTP headers parsing.
(#7044)
Changed sock_read
timeout to start after writing has finished, avoiding read timeouts caused by an unfinished write. -- by :user:dtrifiro
(#7149)
Fixed missing query in tracing method URLs when using yarl
1.9+.
(#7259)
Changed max 32-bit timestamp to an aware datetime object, for consistency with the non-32-bit one, and to avoid a DeprecationWarning
on Python 3.12.
(#7302)
Fixed EmptyStreamReader.iter_chunks()
never ending. -- by :user:mind1m
(#7616)
Fixed a rare RuntimeError: await wasn't used with future
exception. -- by :user:stalkerg
(#7785)
Fixed issue with insufficient HTTP method and version validation.
(#7700)
Added check to validate that absolute URIs have schemes.
(#7712)
Fixed unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates.
(#7715)
Updated parser to disallow invalid characters in header field names and stop accepting LF as a request line separator.
(#7719)
Fixed Python HTTP parser not treating 204/304/1xx as an empty body.
(#7755)
Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3.
(#7756)
Fixed an issue when a client request is closed before completing a chunked payload. -- by :user:Dreamsorcerer
(#7764)
Edge Case Handling for ResponseParser for missing reason value.
(#7776)
Fixed ClientWebSocketResponse.close_code
being erroneously set to None
when there are concurrent async tasks receiving data and closing the connection.
(#7306)
Added HTTP method validation.
(#6533)
Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:Dreamsorcerer
(#7835)
Performance: Fixed increase in latency with small messages from websocket compression changes.
(#7797)
Fixed the ClientResponse.release
's type in the doc. Changed from comethod
to method
.
(#5836)
Added information on behavior of base_url parameter in ClientSession
.
(#6647)
Fixed ClientResponseError
docs.
(#6700)
Updated Redis code examples to follow the latest API.
(#6907)
Added a note about possibly needing to update headers when using on_response_prepare
. -- by :user:Dreamsorcerer
(#7283)
Completed trust_env
parameter description to honor wss_proxy
, ws_proxy
or no_proxy
env.
(#7325)
Expanded SSL documentation with more examples (e.g. how to use certifi). -- by :user:Dreamsorcerer
(#7334)
Fix, update, and improve client exceptions documentation.
(#7733)
Added shutdown_timeout
parameter to BaseRunner
, while
deprecating shutdown_timeout
parameter from BaseSite
. -- by :user:Dreamsorcerer
(#7718)
Dropped Python 3.6 support.
(#6378)
Dropped Python 3.7 support. -- by :user:Dreamsorcerer
(#7336)
Removed support for abandoned tokio
event loop. -- by :user:Dreamsorcerer
(#7281)
Made print
argument in run_app()
optional.
(#3690)
Improved performance of ceil_timeout
in some cases.
(#6316)
Changed importing Gunicorn to happen on-demand, decreasing import time by ~53%. -- :user:Dreamsorcerer
(#6591)
Improved import time by replacing http.server
with http.HTTPStatus
.
(#6903)
Fixed annotation of ssl
parameter to disallow True
. -- by :user:Dreamsorcerer
.
(#7335)
Performance: Skipped filtering CookieJar
when the jar is empty or all cookies have expired.
(#7819)
Performance: Only check origin if insecure scheme and there are origins to treat as secure, in CookieJar.filter_cookies()
.
(#7821)
Performance: Used timestamp instead of datetime
to achieve faster cookie expiration in CookieJar
.
(#7824)
Fixed an issue where the client could go into an infinite loop. -- by :user:Dreamsorcerer
(#7815)
Added HTTP method validation.
(#6533)
Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:Dreamsorcerer
(#7835)
Performance: Fixed increase in latency with small messages from websocket compression changes.
(#7797)
Added WebSocketResponse.get_extra_info()
to access a protocol transport's extra info.
(#7078)
Allow link
argument to be set to None/empty in HTTP 451 exception.
(#7689)
Added shutdown_timeout
parameter to BaseRunner
, while
deprecating shutdown_timeout
parameter from BaseSite
. -- by :user:Dreamsorcerer
(#7718)
Fixed keep-alive connections stopping a graceful shutdown. -- by :user:Dreamsorcerer
(#7718)
Fixed ClientWebSocketResponse.close_code
being erroneously set to None
when there are concurrent async tasks receiving data and closing the connection.
(#7306)
Changed AppKey
warning to web.NotAppKeyWarning
and stop it being displayed by default. -- by :user:Dreamsorcerer
(#7677)
Fix issue with insufficient HTTP method and version validation.
(#7700)
Add check to validate that absolute URIs have schemes.
(#7712)
Fix unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates.
(#7715)
Update parser to disallow invalid characters in header field names and stop accepting LF as a request line separator.
(#7719)
Fix py http parser not treating 204/304/1xx as an empty body
(#7755)
Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3
(#7756)
Fixed an issue when a client request is closed before completing a chunked payload -- by :user:Dreamsorcerer
(#7764)
Edge Case Handling for ResponseParser for missing reason value
(#7776)
Fixed a rare RuntimeError: await wasn't used with future
exception -- by :user:stalkerg
(#7785)
Fix, update, and improve client exceptions documentation.
(#7733)
Introduced AppKey
for static typing support of Application
storage.
See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config
(#5864)
Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called.
The period can be adjusted with the shutdown_timeout
parameter. -- by :user:Dreamsorcerer
.
See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown
(#7188)
Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>
_ parameter to cancel web handler on client disconnection. -- by :user:mosquito
This (optionally) reintroduces a feature removed in a previous release.
Recommended for those looking for an extra level of protection against denial-of-service attacks.
(#7056)
Added support for setting response header parameters max_line_size
and max_field_size
.
(#2304)
Added auto_decompress
parameter to ClientSession.request
to override ClientSession._auto_decompress
. -- by :user:Daste745
(#3751)
Changed raise_for_status
to allow a coroutine.
(#3892)
Added client brotli compression support (optional with runtime check).
(#5219)
Added client_max_size
to BaseRequest.clone()
to allow overriding the request body size -- :user:anesabml
.
(#5704)
Added a middleware type alias aiohttp.typedefs.Middleware
.
(#5898)
Exported HTTPMove
which can be used to catch any redirection request
that has a location -- :user:dreamsorcerer
.
(#6594)
Changed the path
parameter in web.run_app()
to accept a pathlib.Path
object.
(#6839)
Added support for passing a custom server name parameter to HTTPS connection.
(#7114)
Added support for using Basic Auth credentials from :file:.netrc
file when making HTTP requests with the :py:class:~aiohttp.ClientSession
trust_env
argument is set to True
-- by :user:yuvipanda
.
(#7131)
Turned access log into no-op when the logger is disabled.
(#7240)
Added typing information to RawResponseMessage
-- by :user:Gobot1234
(#7365)
Removed async-timeout
for Python 3.11+ (replaced with asyncio.timeout()
on newer releases).
(#7502)
Added support for brotlicffi
as an alternative to brotli
(fixing Brotli support on PyPy).
(#7611)
Implemented stripping the trailing dots from fully-qualified domain names in Host
headers and TLS context when acting as an HTTP client.
This allows the client to connect to URLs with FQDN host name like https://example.com./
.
-- by :user:martin-sucha
.
(#3636)
Fixed client timeout not working when incoming data is always available without waiting -- by :user:Dreamsorcerer
.
(#5854)
Fixed readuntil
to work with a delimiter of more than one character
(#6701)
Added __repr__
to EmptyStreamReader
to avoid AttributeError
.
(#6916)
Fixed bug when using TCPConnector
with ttl_dns_cache=0
.
(#7014)
Fixed response returned from expect handler being thrown away. -- by :user:Dreamsorcerer
(#7025)
Avoided raising UnicodeDecodeError
in multipart and in HTTP headers parsing.
(#7044)
Changed sock_read
timeout to start after writing has finished, avoiding read timeouts caused by an unfinished write. -- by :user:dtrifiro
(#7149)
Fixed missing query in tracing method URLs when using yarl
1.9+.
(#7259)
Changed max 32-bit timestamp to an aware datetime object, for consistency with the non-32-bit one, and to avoid a DeprecationWarning
on Python 3.12.
(#7302)
Fixed EmptyStreamReader.iter_chunks()
never ending. -- by :user:mind1m
(#7616)
Fixed the ClientResponse.release
's type in the doc. Changed from comethod
to method
.
(#5836)
Added information on behavior of base_url parameter in ClientSession
.
(#6647)
Fixed ClientResponseError
docs.
(#6700)
Updated Redis code examples to follow the latest API.
(#6907)
Added a note about possibly needing to update headers when using on_response_prepare
. -- by :user:Dreamsorcerer
(#7283)
Completed trust_env
parameter description to honor wss_proxy
, ws_proxy
or no_proxy
env.
(#7325)
Expanded SSL documentation with more examples (e.g. how to use certifi). -- by :user:Dreamsorcerer
(#7334)
Dropped Python 3.6 support.
(#6378)
Dropped Python 3.7 support. -- by :user:Dreamsorcerer
(#7336)
Removed support for abandoned tokio
event loop. -- by :user:Dreamsorcerer
(#7281)
Made print
argument in run_app()
optional.
(#3690)
Improved performance of ceil_timeout
in some cases.
(#6316)
Changed importing Gunicorn to happen on-demand, decreasing import time by ~53%. -- :user:Dreamsorcerer
(#6591)
Improved import time by replacing http.server
with http.HTTPStatus
.
(#6903)
Fixed annotation of ssl
parameter to disallow True
. -- by :user:Dreamsorcerer
(#7335)