HTTP Connector Release Notes - Mule 4

Optimized the connector to improve its overall stability and performance.

Added a customizable Read Timeout parameter. (Available since Mule Runtime 4.4.0-20211018 and HTTP Service EE 1.7.1)

Encoding characters from RFC 3986 in the HTTP Request Path field. (HTTPC-140)

Updated socket connector dependency to 1.2.1.

Changed authentication token decoding (HTTPC-137)

Fixed an issue where multiple cookies were being sent in separate headers (not RFC6265 compliant) (HTTPC-128)

Fixed an issue that caused a performance degradation

Fixed an issue in which an http-request-config is not updated after redeploy when an application is associated with a domain (MULE-18757)

Fixed an issue in which an input stream was being consumed during the authentication mechanism (MULE-18307)

Fixed an issue where an input stream was being consumed during retry mechanism (MULE-18393)

Fixed an issue where a single listener stop was stopping the server, even if it was behaving to another context (HTTPC-124)

Fixed HTTP policy pointcut parameters not created when listener is under a domain (MULE-18403)

Use graceful shutdown timeout to allow persistent connections to do a last request (MULE-18396)

Added HTTP errors BAD_GATEWAY and GATEWAY_TIMEOUT (MULE-18247)

Fixed an issue where mule.http.client.encodeUriParams wrongly encodes spaces in URI parameters. (MULE-18241)

Use IO threads to handle response streaming. (MULE-18028)

Improved performance of HttpBasicAuthenticationFilter#authenticate. (MULE-18039)

Removed guava dependency from HTTP connector. (MULE-18109)

Removed runtime provided libraries from HTTP connector. (MULE-17423)

General performance improvments. (MULE-18152)

Implemented a new fix for the following issue: onErrorSendingResponse error public method in anonymous class is not accessible via reflection. (MULE-17693)

A new fix was implemented for the following issue: onErrorSendingResponse public method in anonymous class is not accessible via reflection. (MULE-17693)

When stopping or starting an HTTP Listener, basePath is added twice to the available paths. (MULE-17817)

The HTTP header for Anypoint Visualizer is now supported. (MULE-17706)

The issue where properties were not being propagated in basic authentication is fixed. (MULE-17830)

onErrorSendingResponse public method in anonymous class was not accessible via reflection. (MULE-17693)

HTTP ResponseBuilder should not return null headers. (MULE-17670)

Collision of HTTP clients in a cache when the HTTP Connector app is in a domain. (MULE-17478)

HttpClient cannot be restarted when there is an exception on starting the connection. (MULE-17479)

Infinite loop when failure response not sent. (MULE-17378)

Revert to use the format hostname + address in local and remote addresses. (MULE-17262)

HTTP Connector should trim the host parameter to avoid invalid URL. (MULE-16068)

Security fixes.

Improved performance for event and message creation handling in policy scenarios. (MULE-16320)

Security fixes.

No transformers for Iterator to byte[] or String causes error. (MULE-15991)

Improved performance for event and message creation handling in policy scenarios. (MULE-16320)

Miscellaneous performance improvements for proxy scenario (avoid lambda usage in policy code). (MULE-16101)

Allow HTTP requests to retry on all methods. (MULE-15927)

Security fixes.

Miscellaneous performance improvements for proxy scenario (avoid lambda usage in policy code). (MULE-16101)

Security fixes.

HTTP Requester removes the payload when retrying. (MULE-15756)

Changes in HTTP-API module break compilation of the HTTP connector. (MULE-15165)

Minor performance improvements. (MULE-15346)

Avoid unnecessary creation of CaseInsensitive maps during an HTTP request. (MULE-15428)

HTTP: Reduce request creation overhead. (MULE-15419)

Support non-blocking in OAuth HTTP calls. (MULE-11272)

Security fixes.

HTTP attributes toString features sensitive content. (MULE-15260)

HTTP request parse error logs a stacktrace. (MULE-15120)

Remove vulnerable commons-codec library. (MULE-16799)

Basic auth filter accepts header characters beyond the padding. (MULE-16898)

No transformers for Iterator to byte[] or String causes error. (MULE-15991)

Reduce logging verbosity when correlations IDs repeat but match. When both the X-Correlation-ID and Mule-Correlation-ID headers are present, Mule decides on one and logs a warning message about the decision. However, if in Mule 4 and 3 both headers are duplicated with the same value, Mule logs a debug message instead. (MULE-17115)

Allow the encoding of URI parameters in the requester using the system property mule.http.client.encodeUriParams. (MULE-16772)

User credentials are shown in attributes toString(). (MULE-10525)

Mule throws error illegal group reference exception when trying to pass $ in a URI Parameter in an HTTP request. (MULE-16669)

HTTP Connector does not implement equals and hash methods in the RequestHeader POJO which was causing memory leaks. (MULE-16652)

Source completion callback that was not called on failure was causing leaks. (MULE-16634)

Add missing MediaType to HTTP operations, equals or hash to CORS components, and upgrade CORS to 1.1.2. (MULE-16632)

NullPointerException when HTTP Load Resource component gets no attributes. (MULE-16499)

Reduce verbosity in static resource loader not found response (404). (MULE-16495)

Reduced MultiMap copies (MULE-16492)

Upgraded Sockets Connector to 1.1.5.

New rawRequestUri and rawRequestPath attributes when a request is received by an HTTP listener (encoded as received unlike requestUri and requestPath which are decoded). (MULE-16246)

Improved performance for event and message creation handling in policy scenarios. (MULE-16320)

New org.mule.extension.http.internal.request.HttpRequestOperations logger for resolved dynamic HTTP requests in DEBUG mode, which logs the final URI being used. (MULE-16295)

New icon for the HTTP connector. (MULE-16378)

Removed sun.misc package usages that are not available with Java 11 (MULE-15917)

Encoding should be preserved by maskedRequestPath so it can be properly used in proxies. (MULE-16359)

No new features were added in this version, but performance enhancements were done.

Miscellaneous performance improvements for proxy scenario (avoid lambda usage in policy code). (MULE-16101)

HTTP path related attributes are not decoded (regression caused by MULE-15868). (MULE-16240)

Upgrade Sockets version in HTTP (due to vulnerabilities related library upgrades there). (MULE-15079)

No new features were added in this version, but some performance enhancements were done.

Miscellaneous performance improvements for proxy scenario (remove reactor usage and improve maskedRequestPath calculation). (MULE-15924)

HTTP connector does not implement equals/hash on POJOs (causing leak for dynamic authentication and proxy set ups). (MULE-16035)

Allow HTTP requests to retry on all methods. (MULE-15927)

Update reactor to 3.2.0. (MULE-14667)

Make "clientCertificate" in HttpRequestAttributes lazy for HTTPS listeners. (MULE-15725)

Upgrade sockets connector to 1.1.2. (MULE-15711)

Upgrade javax.mail to javax.mail-api 1.6.2. (MULE-15550)

Make HTTP host examples consistent with each other. (MULE-15331)

Add maskedRequestPath to HttpRequestAttributes. (MULE-15484)

HTTP null host when port is invalid. (MULE-15665)

No new features were added in this version.

Query string and URI parameters were double decoded by HTTP Listener because of URI usage. (MULE-15868)

No new features were added in this version.

HTTP Requester removes the payload when retrying. (MULE-15756)

HTTP Requester is sending content-type even if no payload is sent. (MULE-15722)

Avoid unnecessary creation of CaseInsensitive maps during an HTTP request. (MULE-15428)

HTTP: Reduce request creation overhead. (MULE-15419)

Support non-blocking in OAuth HTTP calls. (MULE-11272)

Changes in HTTP-API module break compilation of the HTTP connector. (MULE-15165)

HTTP null host when the port is invalid. (MULE-15665)

Revert: MULE-15128 - Proxy Config in HTTP Requester should not accept expressions.

Improves performance by reducing some internal memory usage.

Allows response validators to be configured at the configuration level as defaults for all associated operations, which means the Web Service connector can now also reference a default.

Upgrades commons-lang3 to 3.7.

Upgrades Guava: Google Core Libraries For Java to 25.1.

Fixes the provided error messages that previously featured regular streams instead of repeatable ones.

Fixes the proxy configuration attribute of the HTTP request operation which mistakenly allowed expressions.

Minor performance improvements. (MULE-15346)

Proxy Config in HTTP Requester should not accept expressions. (MULE-15128)

Add global ResponseValidator in the requester configuration. (MULE-15174)

Upgrade commons-lang3 to 3.7. (MULE-15082)

Upgrade Guava to 25.1. (MULE-15079)

HTTP error message stream is not handled. (MULE-14864)

Prevents sensitive data such as headers, query and URI parameters values to be exposed when logging.

Improves performance by avoiding unnecessary transformations to lower case.

Improves logging during certain errors that were too verbose.

HTTP attributes toString features sensitive content. (MULE-15260)

Remove unnecessary String.toLowerCase calls. (MULE-15253)

HTTP request parse error logs a stacktrace. (MULE-15120)

Improves output metadata for listener and requester

Improves TLS/SSL issues logging

Improves validations on the listener attributes

Fixes a security vulnerability related to unescaped input data when receiving invalid requests

Fixes an interoperability issue with Mule 3 by interpreting the MULE_CORRELATION_ID header

Fixes a memory leak related to unclosed streams when streaming mode was set to NEVER

Fixes a policy issue related to Content-Length analysis

HTTP connectors specify incorrect output metadata type for listener/requester. (MULE-14974)

SSL issue log message has wrong debug data. (MULE-14949) HTTP Listener parse errors expose request data without escaping it. (MULE-14944)

Mule 3 and 4 HTTP connectors' correlation IDs should interop. (MULE-14878)

HTTP listener does not close streams when NEVER is set. (MULE-14829)

Content-length is not recalculated when policy is present. (MULE-14821)

HttpRequestAttributesBuilder does not validate entries, (MULE-14457)

Fixes the status code validators to allow spaces in their value definition

Fixes startup error messages so they show up on logs

Improves performance when handling headers

Allows requester to keep provided headers case

Status code validators cannot handle spaces in the values. (MULE-14541)

Mule swallows HTTP exception. (MULE-14535)

HTTP: Allow requester to keep provided headers case. (MULE-14530)

Support for X-Correlation-ID

Added default headers and query parameters to HTTP Requester config

Performance improvements

HTTP Connector exports internal classes. (MULE-14447)

Multi value headers not working when setting HttpPolicyRequestAttributes from DW. (MULE-14380)

HTTP Connector should use FAIL BackpressueStrategy by default. (MULE-14271)

Send X-Correlation-ID header with outbound requests and parse it with inbound requests. (MULE-14085)

Expose host address in HttpRequestAttributes. (MULE-10912)