Splash

------------------

This is a bugfix release:

* XSS in HTTP UI is fixed;
* Splash-Jupyter docker image is fixed.

* many Splash HTTP UI improvements;
* better support for :ref:`binary data <binary-data>`;
* built-in :ref:`lib-json` and :ref:`lib-base64` libraries;
* more :ref:`control <lib-treat>` for result serialization
(support for JSON arrays and raw bytes);
* it is now possible to turn Private mode OFF at startup using command-line
option or at runtime using :ref:`splash-private-mode-enabled` attribute;
* :ref:`http-ping` endpoint is added;
* cookie handling is fixed;
* downloader efficiency is improved;
* request processing is stopped when client disconnects;
* logging inside callbacks now uses proper verbosity;
* sandbox memory limit for user objects is increased to 50MB;
* some sandboxing issues are fixed;
* :ref:`splash-evaljs` and :ref:`splash-jsfunc` results are sanitized better;
* it is possible to pass arguments when starting Splash-Jupyter - it means
now you can get a browser window for splash-jupyter when it is executed
from docker;
* proxy authentication is fixed;
* logging improvements: logs now contain request arguments in JSON format;
errors are logged;

There are **backwards-incompatible** changes
to :ref:`Splash Scripting <scripting-tutorial>`: previously, different
Splash methods were returning/receiving inconsistent
response and request objects. For example, :ref:`splash-http-get` response was
not in the same format as ``response`` received by :ref:`splash-on-response`
callbacks. Splash 2.0 uses :ref:`Request <splash-request>` and
:ref:`Response <splash-response>` objects consistently.
Unfortunately this requires changes to existing user scripts:

* replace ``resp = splash:http_get(...)`` and ``resp = splash:http_post(...)``
with ``resp = splash:http_get(...).info`` and
``resp = splash:http_post(...).info``. Client code also may need to be
changed: the default encoding of ``info['content']['text']`` is now base64.
If you used ``resp.content.text`` consider switching to
:ref:`splash-response-body`.

* ``response`` object received by :ref:`splash-on-response-headers` and
:ref:`splash-on-response` callbacks is changed: instead of
``response.request`` write ``response.request.info``.

Serialization of JS objects in :ref:`splash-jsfunc`, :ref:`splash-evaljs`
and :ref:`splash-wait-for-resume` **is changed**: circular objects are
no longer returned, Splash doesn't try to serialize DOM elements, and error
messages are changed.

Splash **no longer supports** QT-based disk cache; it was disable by default
and it usage was discouraged since Splash 1.0, in Splash 2.0 ``--cache``
command-line option is removed. For HTTP cache there are better options like
`Squid <http://www.squid-cache.org/>`_.

Another **backwards-incompatible** change is that Splash-as-a-proxy feature
is removed. Please use regular HTTP API instead of this proxy interface.
Of course, Splash will still support using proxies to make requests,
these are two different features.

----------------

New features:

* POST requests support: :ref:`http_method <arg-http-method>` and
:ref:`body <arg-body>` arguments for render endpoints;
new :ref:`splash-go` arguments: ``body``, ``http_method`` and ``formdata``;
new :ref:`splash-http-post` method.
* Errors are now returned in JSON format; error mesages became more detailed;
Splash UI now displays detailed error information.
* new :ref:`splash-call-later` method which allows to schedule tasks in future;
* new :ref:`splash-on-response` method allows to register a callback to be
executed after each response;
* proxy can now be set directly, without using proxy profiles - there is a new
:ref:`proxy <arg-proxy>` argument for render endpoints;
* more detailed :ref:`splash-go` errors: a new "render_error" error type can
be reported;
* new :ref:`splash-set-result-status-code` method;
* new :ref:`splash-resource-timeout` attribute as a shortcut for
``request:set_timeout`` in :ref:`splash-on-request`;
* new :ref:`splash-get-version` method;
* new :ref:`splash-autoload-reset`, :ref:`splash-on-response-reset`,
:ref:`splash-on-request-reset`, :ref:`splash-on-response-headers-reset`,
:ref:`splash-har-reset` methods and a new ``reset=true`` argument for
:ref:`splash-har`. They are most useful with Splash-Jupyter.

Bug fixes and improvements:

* fixed an issue: proxies were not applied for POST requests;
* improved argument validation for various methods;
* more detailed logs;
* it is now possible to load a combatibility shim for window.localStorage;
* code coverage integration;
* improved Splash-Jupyter tests;
* Splash-Jupyter is upgraded to Jupyter 4.0.

----------------

New features:

* :ref:`render.jpeg` endpoint and :ref:`splash-jpeg` function allow to take
screenshots in JPEG format;
* :ref:`splash-on-response-headers` Lua function and
:ref:`allowed_content_types <arg-allowed-content-types>` /
:ref:`forbidden_content_types <arg-forbidden-content-types>` HTTP arguments
allow to discard responses earlier based on their headers;
* :ref:`splash-images-enabled` attribute to enable/disable images from
Lua scripts;
* :ref:`splash-js-enabled` attribute to enable/disable JS processing from
Lua scripts;
* :ref:`splash-set-result-header` method for setting custom HTTP headers
returned to Splash clients;
* :ref:`resource_timeout <arg-resource-timeout>` argument for setting network
request timeouts in render endpoints;
* ``request:set_timeout(timeout)`` method (ses :ref:`splash-on-request`)
for setting request timeouts from Lua scripts;
* SOCKS5 proxy support: new 'type' argument
in :ref:`proxy profile <proxy profiles>` config files
and ``request:set_proxy`` method (ses :ref:`splash-on-request`)
* enabled HTTPS proxying;

Other changes:

* HTTP error detection is improved;
* MS fonts are added to the Docker image for better rendering quality;
* Chinese fonts are added to the Docker image to enable rendering of Chinese
websites;
* validation of ``timeout`` and ``wait`` arguments is improved;
* documentation: grammar is fixed in the tutorial;
* assorted documentation improvements and code cleanups;
* ``splash:set_images_enabled`` method is deprecated.

----------------

The main new feature in Splash 1.6 is :ref:`splash-on-request` function
which allows to process individual outgoing requests: log, abort,
change them.

Other improvements:

* a new :ref:`http-gc` endpoint which allows to clear QWebKit caches;
* Docker images are updated with more recent package versions;
* HTTP arguments validation is improved;
* serving Splash UI under HTTPS is fixed.
* documentation improvements and typo fixes.

----------------

In this release we introduce :ref:`Splash-Jupyter <splash-jupyter>` - a
web-based IDE for Splash Lua scripts with syntax highlighting, autocompletion
and a connected live browser window. It is implemented as a kernel for
Jupyter (IPython).

Docker images for Splash 1.5 are optimized - download size is much smaller
than in previous releases.

Other changes:

* :ref:`splash:go() <splash-go>` returned incorrect result after an
unsuccessful splash:go() call - this is fixed;
* Lua ``main`` function can now return multiple results;
* there are testing improvements and internal cleanups.