Bug fix #20198 (HttpClient drops connection to the proxy when an invalid 'connection: close' directive is encountered in 'connection established' response) Reviewed by Mike Becke Contributed by Oleg Kalnichevski
Changelog: - StrictSSLProtocolSocketFactory class added to the 'httpclient.contrib.ssl' package. StrictSSLProtocolSocketFactory is a stricter version of SSLProtocolSocketFactory which will do host name verification in addition to the regular certificate validation. This mimics the behavior of Sun's HttpsConnection and should help preventing man-in-the-middle attacks. Contributed by Sebastian Hauer <hauer@psicode.com> Reviewed by Oleg Kalnichevski
Bug fix #19235 (Problem with redirect on HEAD when (bad, naughty) server returns body content) Changelog: - Minor ChunkedInputStream class clean-ups. - HttpExcption is thrown in the strict mode when chunk-encoded body has been declared with 'Transfer-Encoding' header but not sent. - Per default HttpClient does not check for presence of HTTP HEAD response body. Such check can be optionally activated on an individual HEAD method when necessary. In the strict mode presence of a content body in response to HTTP HEAD request will cause an HttpException to be thrown. Contributed by Oleg Kalnichevski
Adds an override of HttpClient.executeMethod that lets the caller specify an HttpState object. This allows advanced clients that need to mess around with the http state (e.g. different cookies for different threads) to use HttpClient rather than manipulating connections and connection managers directly Contributed by Laura Werner <laura@lwerner.org> Committed by Oleg Kalnichevski