Skip to content

v1.9.0
Compare
Choose a tag to compare
@SimonFrings SimonFrings released this 26 Apr 10:32
· 27 commits to 1.x since this release
v1.9.0
bb3154d

This is a SECURITY and feature release for the 1.x series of ReactPHP's HTTP component.

  • Security fix: This release fixes a medium severity security issue in ReactPHP's HTTP server component
    that affects all versions between v0.8.0 and v1.8.0. All users are encouraged to upgrade immediately.
    (CVE-2023-26044 reported and fixed by @WyriHaximus)

  • Feature: Support HTTP keep-alive for HTTP client (reusing persistent connections).
    (#481, #484, #486 and #495 by @clue)

    This feature offers significant performance improvements when sending many
    requests to the same host as it avoids recreating the underlying TCP/IP
    connection and repeating the TLS handshake for secure HTTPS requests.

    $browser = new React\Http\Browser();

// Up to 300% faster! HTTP keep-alive is enabled by default
$response = React\Async\await($browser->get('https://httpbingo.org/redirect/6'));
assert($response instanceof Psr\Http\Message\ResponseInterface);

  • Feature: Add Request class to represent outgoing HTTP request message.
    (#480 by @clue)

  • Feature: Preserve request method and body for 307 Temporary Redirect and 308 Permanent Redirect.
    (#442 by @dinooo13)

  • Feature: Include buffer logic to avoid dependency on reactphp/promise-stream.
    (#482 by @clue)

  • Improve test suite and project setup and report failed assertions.
    (#478 by @clue, #487 and #491 by @WyriHaximus and #475 and #479 by @SimonFrings)

Contributors

WyriHaximus, clue, and 2 other contributors
Assets 2