All Versions
Latest Version
Avg Release Cycle
18 days
Latest Release

Changelog History
Page 5

  • v3.14.8

    April 29, 2020
  • v3.14.7

    February 25, 2020
  • v3.14.6

    January 12, 2020
  • v3.14.5

    January 03, 2020
  • v3.14.4

    September 29, 2019
  • v3.14.3

    September 10, 2019
  • v3.14.2 Changes

    May 19, 2019


    • Fix: Lock in a route when recovering from an HTTP/2 connection error. We had a bug where two calls that failed at the same time could cause OkHttp to crash with a NoSuchElementException instead of the expected IOException.

    • Fix: Don't crash with a NullPointerException when formatting an error message describing a truncated response from an HTTPS proxy.

  • v3.14.1 Changes

    April 10, 2019


    • Fix: Don't crash when an interceptor retries when there are no more routes. This was an edge-case regression introduced with the events cleanup in 3.14.0.

    • Fix: Provide actionable advice when the exchange is non-null. Prior to 3.14, OkHttp would silently leak connections when an interceptor retries without closing the response body. With 3.14 we detect this problem but the exception was not helpful.

  • v3.14.0 Changes


    • This release deletes the long-deprecated OkUrlFactory and OkApacheClient APIs. These facades hide OkHttp's implementation behind another client's API. If you still need this please copy and paste [][obsolete_url_factory] or [][obsolete_apache_client] into your project.

    • OkHttp now supports duplex calls over HTTP/2. With normal HTTP calls the request must finish before the response starts. With duplex, request and response bodies are transmitted simultaneously. This can be used to implement interactive conversations within a single HTTP call.

      Create duplex calls by overriding the new RequestBody.isDuplex() method to return true. This simple option dramatically changes the behavior of the request body and of the entire call.

      The RequestBody.writeTo() method may now retain a reference to the provided sink and hand it off to another thread to write to it after writeTo returns.

      The EventListener may now see requests and responses interleaved in ways not previously permitted. For example, a listener may receive responseHeadersStart() followed by requestBodyEnd(), both on the same call. Such events may be triggered by different threads even for a single call.

      Interceptors that rewrite or replace the request body may now inadvertently interfere with duplex request bodies. Such interceptors should check RequestBody.isDuplex() and avoid accessing the request body when it is.

      Duplex calls require HTTP/2. If HTTP/1 is established instead the duplex call will fail. The most common use of duplex calls is [gRPC][grpc_http2].

    • New: Prevent OkHttp from retransmitting a request body by overriding RequestBody.isOneShot(). This is most useful when writing the request body is destructive.

    • New: We've added requestFailed() and responseFailed() methods to EventListener. These are called instead of requestBodyEnd() and responseBodyEnd() in some failure situations. They may also be fired in cases where no event was published previously. In this release we did an internal rewrite of our event code to fix problems where events were lost or unbalanced.

    • Fix: Don't leak a connection when a call is canceled immediately preceding the onFailure() callback.

    • Fix: Apply call timeouts when connecting duplex calls, web sockets, and server-sent events. Once the streams are established no further timeout is enforced.

    • Fix: Retain the Route when a connection is reused on a redirect or other follow-up. This was causing some Authenticator calls to see a null route when non-null was expected.

    • Fix: Use the correct key size in the name of TLS_AES_128_CCM_8_SHA256 which is a TLS 1.3 cipher suite. We accidentally specified a key size of 256, preventing that cipher suite from being selected for any TLS handshakes. We didn't notice because this cipher suite isn't supported on Android, Java, or Conscrypt.

      We removed this cipher suite and TLS_AES_128_CCM_SHA256 from the restricted, modern, and compatible sets of cipher suites. These two cipher suites aren't enabled by default in either Firefox or Chrome.

      See our [TLS Configuration History][tls_configuration_history] tracker for a log of all changes to OkHttp's default TLS options.

    • New: Upgrade to Conscrypt 2.0.0. OkHttp works with other versions of Conscrypt but this is the version we're testing against.

    • New: Update the embedded public suffixes list.

  • v3.13.1 Changes


    • Fix: Don't crash when using a custom X509TrustManager or SSLSocket on Android. When we removed obsolete code for Android 4.4 we inadvertently also removed support for custom subclasses. We've restored that support!