All Versions
Latest Version
Avg Release Cycle
126 days
Latest Release
261 days ago

Changelog History
Page 1

  • v2.4.0 Changes

    February 06, 2021
    • βž• Added support for --session cookie expiration based on Set-Cookie: max-age=<n>. (#1029_)
    • ⚠ Show a --check-status warning with --quiet as well, not only when the output is redirected. (#1026_)
    • πŸ›  Fixed upload with --session (#1020_).
    • πŸ›  Fixed a missing blank line between request and response (#1006_).
  • v2.3.0 Changes

    October 25, 2020
    • βž• Added support for streamed uploads (#201).
    • βž• Added support for multipart upload streaming (#684).
    • βž• Added support for body-from-file upload streaming (http @file).
    • βž• Added --chunked to enable chunked transfer encoding (#753).
    • βž• Added --multipart to allow multipart/form-data encoding for non-file --form requests as well.
    • βž• Added support for preserving field order in multipart requests (#903).
    • βž• Added --boundary to allow a custom boundary string for multipart/form-data requests.
    • βž• Added support for combining cookies specified on the CLI and in a session file (#932).
    • βž• Added out of the box SOCKS support with no extra installation (#904).
    • βž• Added --quiet, -q flag to enforce silent behaviour.
    • πŸ›  Fixed the handling of invalid expires dates in Set-Cookie headers (#963).
    • βœ‚ Removed Tox testing entirely (#943).

    πŸ”Œ HTTPie /aitch-tee-tee-pie/ CLI is a user-friendly command-line HTTP client for the API era. It comes with JSON support, syntax highlighting, persistent sessions, wget-like downloads, plugins, and more.

    Learn more:
    πŸ“„ Install HTTPie:

  • v2.2.0 Changes

    June 18, 2020
    • βž• Added support for custom content types for uploaded files (#927, #668).
    • Added support for $XDG_CONFIG_HOME (#920).
    • βž• Added support for Set-Cookie-triggered cookie expiration (#853).
    • βž• Added --format-options to allow disabling sorting, changing JSON indent size, etc. (#128)
    • βž• Added --sorted and --unsorted shortcuts for (un)setting all sorting-related --format-options. (#128)
    • βž• Added --ciphers to allow configuring OpenSSL ciphers (#870).
    • βž• Added netrc support for auth plugins. Enabled for --auth-type=basic and digest, 3rd parties may opt in (#718, #719, #852, #934).
    • πŸ›  Fixed built-in plugins-related circular imports (#925).
  • v2.1.0 Changes

    April 18, 2020
    • βž• Added --path-as-is to bypass dot segment (/../ or /./) URL squashing (#895).
    • Changed the default Accept header value for JSON requests from application/json, */* to application/json, */*;q=0.5 to clearly indicate preference (#488).
    • πŸ›  Fixed --form file upload mixed with redirected stdin error handling (#840).
  • v2.0.0 Changes

    January 12, 2020
    • βœ‚ Removed Python 2.7 support (EOL Jan 2020 <>_).
    • βž• Added --offline to allow building an HTTP request and printing it but not actually sending it over the network.
    • Replaced the old collect-all-then-process handling of HTTP communication with one-by-one processing of each HTTP request or response as they become available. This means that you can see headers immediately, see what is being sent even if the request fails, etc.
    • βœ‚ Removed automatic config file creation to avoid concurrency issues.
    • βœ‚ Removed the default 30-second connection --timeout limit.
    • βœ‚ Removed Python’s default limit of 100 response headers.
    • βž• Added --max-headers to allow setting the max header limit.
    • βž• Added --compress to allow request body compression.
    • βž• Added --ignore-netrc to allow bypassing credentials from .netrc.
    • βž• Added https alias command with https:// as the default scheme.
    • βž• Added $ALL_PROXY documentation.
    • βž• Added type annotations throughout the codebase.
    • βž• Added tests/ to the PyPi package for the convenience of downstream package maintainers.
    • πŸ›  Fixed an error when stdin was a closed fd.
    • πŸ‘Œ Improved --debug output formatting.
  • v1.0.3 Changes

    August 26, 2019
    • πŸ›  Fixed CVE-2019-10751 β€” the way the output filename is generated for --download requests without --output resulting in a redirect has been changed to only consider the initial URL as the base for the generated filename, and not the final one. This fixes a potential security issue under the following scenario:
    1. A --download request with no explicit --output is made (e.g., $ http -d, instructing httpie to generate the output filename <>_ from the Content-Disposition response header, or from the URL if the header is not provided.
    2. The server handling the request has been modified by an attacker and instead of the expected response the URL returns a redirect to another URL, e.g.,, whose response does not provide a Content-Disposition header (i.e., the base for the generated filename becomes .bash_profile instead of file.txt).
    3. Your current directory doesn’t already contain .bash_profile (i.e., no unique suffix is added to the generated filename).
    4. You don’t notice the potentially unexpected output filename as reported by httpie in the console output (e.g., Downloading 100.00 B to ".bash_profile").

    Reported by Raul Onitza and Giulio Comi.

  • v1.0.2 Changes

    November 14, 2018
    • πŸ›  Fixed tests for installation with pyOpenSSL.
  • v1.0.1 Changes

    November 14, 2018
    • βœ‚ Removed external URL calls from tests.
  • v1.0.0 Changes

    November 02, 2018
    • βž• Added --style=auto which follows the terminal ANSI color styles.
    • βž• Added support for selecting TLS 1.3 via --ssl=tls1.3 (available once implemented in upstream libraries).
    • βž• Added true/false as valid values for --verify (in addition to yes/no) and the boolean value is case-insensitive.
    • πŸ’… Changed the default --style from solarized to auto (on Windows it stays fruity).
    • πŸ›  Fixed default headers being incorrectly case-sensitive.
    • βœ‚ Removed Python 2.6 support.
  • v0.9.9 Changes

    December 08, 2016
    • Only README changes.