- Fixes CVE-2023-43669.
- Remove many implicit flushing behaviours. In general reading and writing messages will no
longer flush until calling
flush
. An exception is automatic responses (e.g. pongs) which will continue to be written and flushed when reading and writing. This allows writing a batch of messages and flushing once, improving performance. - Add
WebSocket::read
,write
,send
,flush
. Deprecateread_message
,write_message
,write_pending
. - Add
FrameSocket::read
,write
,send
,flush
. Removeread_frame
,write_frame
,write_pending
. Note: Previous use ofwrite_frame
may be replaced withsend
. - Add
WebSocketContext::read
,write
,flush
. Removeread_message
,write_message
,write_pending
. Note: Previous use ofwrite_message
may be replaced withwrite
+flush
. - Remove
send_queue
, replaced with using the frame write buffer to achieve similar results.- Add
WebSocketConfig::max_write_buffer_size
. Deprecatemax_send_queue
. - Add
Error::WriteBufferFull
. RemoveError::SendQueueFull
. Note:WriteBufferFull
returns the message that could not be written as aMessage::Frame
.
- Add
- Add ability to buffer multiple writes before writing to the underlying stream, controlled by
WebSocketConfig::write_buffer_size
(default 128 KiB). Improves batch message write performance. - Panic on receiving invalid
WebSocketConfig
.
- Update TLS dependencies.
- Exchanging
base64
fordata-encoding
.
- Make handshake dependencies optional with a new
handshake
feature (now a default one!). - Return HTTP error responses (their HTTP body) upon non 101 status codes.
- Respect the case-sentitivity of the "Origin" header to keep compatibility with the older servers that use case-sensitive comparison.
- Fix panic when invalid manually constructed
http::Request
is passed totungstenite
. - Downgrade the MSRV to
1.56
due to some other crates that rely on us not being quite ready for1.58
.
- Specify the minimum required Rust version.
- Update of dependencies (primarily
sha1
). - Add support of the fragmented messages (allow the user to send the frames without composing the full message).
- Overhaul of the client's request generation process. Now the users are able to pass the constructed
http::Request
"as is" totungstenite-rs
, letting the library to check the correctness of the request and specifying their own headers (including its own key if necessary). No changes for those ones who used the client in a normal way by connecting using a URL/URI (most common use-case).
- Update of dependencies (primarily
rustls
,webpki-roots
,rustls-native-certs
). - When the close frame is received, the reply that is automatically sent to the initiator has the same code (so we just echo the frame back). Previously a new close frame was created (i.e. the close code / reason was always the same regardless of what code / reason specified by the initiator). Now it’s more symmetrical and arguably more intuitive behavior (see #246 for more context).
- The internal
ReadBuffer
implementation uses heap instead of stack to store the buffer. This should solve issues with possible stack overflows in some scenarios (see #241 for more context).
- Allow selecting the method of loading root certificates if
rustls
is used as TLS implementation.- Two new feature flags
rustls-tls-native-roots
andrustls-tls-webpki-roots
have been added that activate the respective method to load certificates. - The
rustls-tls
flag was removed to raise awareness of this change. Otherwise, compilation would have continue to work and potential errors (due to different or missing certificates) only occurred at runtime. - The new feature flags are additive. If both are enabled, both methods will be used to add certificates to the TLS configuration.
- Two new feature flags
- Allow specifying a connector (for more fine-grained configuration of the TLS).
- Use
rustls-native-certs
instead ofwebpki-root
whenrustls-tls
feature is enabled. - Don't use
native-tls
as a default feature (see #202 for more details). - New fast and safe implementation of the reading buffer (replacement for the
input_buffer
). - Remove some errors from the
Error
enum that can't be triggered anymore with the new buffer implementation.
- Add
CapacityError
,UrlError
, andProtocolError
types to represent the different types of capacity, URL, and protocol errors respectively. - Modify variants
Error::Capacity
,Error::Url
, andError::Protocol
to hold the above errors types instead of string error messages. - Add
handshake::derive_accept_key
to facilitate external handshakes. - Add support for
rustls
as TLS backend. The previoustls
feature flag is now removed in favor ofnative-tls
andrustls-tls
, which allows to pick the TLS backend. The error API surface had to be changed to support the new error types coming from rustls related crates.
- Add facilities to allow clients to follow HTTP 3XX redirects.
- Allow accepting unmasked clients on the server side to be compatible with some legacy / invalid clients.
- Update of dependencies and documentation fixes.