*  Fix: Don't do DNS to get the hostname for `RecordedRequest.requestUrl`. This was doing a DNS
    lookup for the local hostname, but we really just wanted the `Host` header.
 *  Fix: Don't crash with a `InaccessibleObjectException` when detecting the platform trust manager
    on Java 17+.
 *  Fix: Don't crash if a cookie's value is a lone double quote character.

_2016-02-06_

 *  Fix: Permit the trusted CA root to be pinned by `CertificatePinner`.


## Version 2.7.2

_2016-01-07_

 *  Fix: Don't eagerly release stream allocations on cache hits. We might still
    need them to handle redirects.


## Version 2.7.1

_2016-01-01_

 *  Fix: Don't do a health check on newly-created connections. This is
    unnecessary work that could put the client in an inconsistent state if the

## Version 4.9.3

_2021-11-21_

 *  Fix: Don't fail HTTP/2 responses if they complete before a `RST_STREAM` is sent.


## Version 4.9.2

_2021-09-30_

 *  Fix: Don't include potentially-sensitive header values in `Headers.toString()` or exceptions.
    This applies to `Authorization`, `Cookie`, `Proxy-Authorization`, and `Set-Cookie` headers.

    // Don't follow redirects to unsupported protocols.
    val url = userResponse.request.url.resolve(location) ?: return null

    // If configured, don't follow redirects between SSL and non-SSL.
    val sameScheme = url.scheme == userResponse.request.url.scheme
    if (!sameScheme && !client.followSslRedirects) return null

    // Most redirects don't include a request body.

### Don't worry about style

* Don't worry too much about things like commit message styles, I will squash and merge customizing the commit manually.

* Also don't worry about style rules, there are already automatized tools checking that.

    internal var onlyIfCached: Boolean = false
    internal var noTransform: Boolean = false
    internal var immutable: Boolean = false

    /** Don't accept an unvalidated cached response. */
    fun noCache() = commonNoCache()

    /** Don't store the server's response in any cache. */
    fun noStore() = commonNoStore()

    /**

    client.listener.assertClosed(1000, "Goodbye!")
  }

  @Test
  fun clientCloseCancelsConnectionAfterTimeout() {
    client.webSocket!!.close(1000, "Hello!")
    taskFaker.runTasks()
    // Note: we don't process server frames so our client 'close' doesn't receive a server 'close'.
    assertThat(client.canceled).isFalse()

    taskFaker.advanceUntil(ns(RealWebSocket.CANCEL_AFTER_CLOSE_MILLIS - 1))

          ******@****.***ions = extensions
          if (!extensions.isValid()) {
            synchronized(this@RealWebSocket) {
              messageAndCloseQueue.clear() // Don't transmit any messages.
              close(1010, "unexpected Sec-WebSocket-Extensions in response header")
            }
          }

          // Process all web socket messages.

    If you need to enforce it, use `OAuth2PasswordRequestFormStrict` instead of `OAuth2PasswordRequestForm`.

* An optional `client_id` (we don't need it for our example).
* An optional `client_secret` (we don't need it for our example).

!!! info
    The `OAuth2PasswordRequestForm` is not a special class for **FastAPI** as is `OAuth2PasswordBearer`.

            connectionUser.releaseConnectionNoEvents()
          }
          else -> null
        }
      }

    // If the call's connection wasn't released, reuse it. We don't call connectionAcquired() here
    // because we already acquired it.
    if (connectionUser.candidateConnection() != null) {
      check(toClose == null)
      return ReusePlan(candidate)
    }