What's New
Version 3.27 (Jan-2024)
New: THttpRequest.OwnsContentStream property.
Improved: Modified logic for sending content using WinHttp, it was not working for the rare stream implementations that return a different number of bytes than requested even when stream data reading was not finished.
Version 3.26 (Nov-2023)
New: Delphi 12 Support.
Version 3.25 (Oct-2023)
New: THttpRequest.ContentStream allows sending body via stream.
Improved: Support for ARM64 macOS and ARM64 iOS Simulator platforms.
Version 3.24 (Jul-2023)
Fixed: JWT middleware was sending response body on authorization errors even for HEAD requests.
Fixed: Static module not properly responding index files (index.html) when
RootDir
property had a relative folder.
What's New
Version 3.23 (Feb-2023)
Improved: Compress middleware now only compress response if the content is effectively compressible (text content type, javascript, JSON or XML).
Improved: Compress middleware does not compress if
cache-control
HTTP header isno-transform
, or ifcontent-range
header is present.Improved: Compress middleware now adds
Vary
header to the response for better caching of compressed and uncompressed responses.Improved:
TSparkleJwtMiddleware.BeforeValidation
event allows adding custom JWT validation rules.Fixed: Middleware logging format string was wrongly parsed when a macro with parameter was close to another without any spaces (for example,
:req[content-type]:req[content-type]
.Fixed: HTTP client not correctly processing compressed responses (only relevant when accessing the in-process server).
Version 3.22 (Sep-2022)
- Improved: Design-time components were greyed out in component palette if current platform was different than Win32.
Version 3.21 (Aug-2022)
New: TTenantMiddleware.DomainMap property now allows choosing the tenant based on the requested domain in URL.
Improved: BREAKING CHANGE JWT is now requiring secret with a minimum size. If you use a secret that is smaller than the minimum size, you should set JWT Middleware property TSparkleJwtMiddleware.SkipKeyValidation to True.
Version 3.20 (Jul-2022)
New: JWT (JOSE) for Delphi units updated. You can now use RSA and ECDSA signing algorithms for both singing new JWT and also verify existing JWT signatures.
New: TSparkleJwtMiddleware improved with new following properties: AllowedClockSkew, RequireExpirationTime, RequireIssuedAt, RequireNotBefore, ExpectedAudiences and ExpectedIssuers.
New: TSparkleLoggingMiddleware.ErrorResponseOptions property.
Fixed: JWT middleware raising error 500 (instead of 400) for internal errors.
Fixed: TStaticModule/TSparkleStaticServer folder redirect was not working correctly when the URL had query or fragment parameters.
Breaking change:
TSparkleUtils.GetQueryParams
return type changed fromTArray<TPair<string, string>>
toTArray<TNameValuePair>
.
Version 3.19 (Feb-2022)
New:
TTenantMiddleware
retrieves a tenant id from several input formats (header, query URL) and set the tenant id in the HTTP context.New: TJwtMiddleware.OnGetSecretEx event allows providing the JWT secret dynamically based on the JWT token content itself.
New: TJwtMiddleware.OnForbidRequest allows configuring which requests will be rejected or approved based on the existing JWT data.
Fixed: Forward middleware was showing up in the form as a non-visual component at design-time.
Fixed:
THttpServerContext.Data
andItem
properties not working in Indy-based servers.Fixed: Memory leak when performing HTTP request using THttpClient in Android devices (introduced with the end of ARC in Sydney 10.4).
Fixed: Better error handling when performing HTTP requests using THttpClient on Android. Sometimes Android app was crashing or displaying a blank error message when the request failed.
Version 3.18 (Sep-2021)
New: Delphi 11 support.
New:
Sparkle.App
unit provides ready-to-use server hosting app for Windows, making a single app to work as both VCL desktop (for development purposes) and Windows service (for deployment purposes).New:
Sparkle.App.Console
unit provides read-to-use server hosting app for Linux/Windows.New: Sparkle.App supports automatic package dynamic loading of server modules.
New: Demo application showing Sparkle.App capabilities.
New:
THttpEngine.CreateEngineFunc
provides a way for client applications to use their own HTTP client engine.
Version 3.17 (Jul-2021)
Improved: Underlying Web Broken
TWebContext
now accessible through a public property in the context object of the Web Broker dispatcher.Improved: Improvements in
TUri
class and added a newIUri
interface.
Version 3.16 (Jun-2021)
New: Forward middleware processes
x-forwarded-*
headers for improved behavior of Sparkle servers behind reverse or edge proxies.New: "Sparkle app" demo shows how to create a Windows application working as both VCL application or Windows service.
Fixed: Sparkle URI information now correctly provides host information when host is IPv6 format (between brackets). Windows client also working correctly when URI uses IPv6 host.
Version 3.15 (Mar-2021)
- New:
Data
,Item
andCurrent
properties inTHttpServerContext
makes it very easy to write and read custom data to the request that can be used through middleware items and modules.
procedure TFirstMiddleware.ProcessRequest(Context: THttpServerContext; Next: THttpServerProc);
begin
var Obj := TMyObject.Create;
try
Context.Data['TenantId'] := 5;
Context.SetItem(Obj);
Context.SetItem(BuildConnection);
Next(Context);
finally
Obj.Free;
end;
end;
{...}
procedure TSecondMiddleware.ProcessRequest(Context: THttpServerContext; Next: THttpServerProc);
begin
var Conn := Context.Item<IDBConnection>;
var Obj := Context.Item<TMyObject>;
if not Context.Data['TenantId'].IsEmpty then
TenantId := Context.Data['TenantId'].AsInteger;
end;
- Fixed: JSON reader couldn't read content with a single byte (like
0
for example).
Version 3.14 (Aug-2020)
- New:
TStaticModule.FolderUrlMode allows you
to control how redirects work in URL representing folders.
When user access an URL like <server>/foldername or <server>/foldername/, static module will check this property to decide if both addresses are different or one show redirect to the other.
Version 3.13 (Jun-2020)
Improved: TSparkleHttpSysDispatcher.HttpSys property allows access to the internal underlying THttpSysServer object.
Fixed: JWT middleware was returning status code 400 instead of 401 when the JWT sent by the client was invalid (regression).
Version 3.12 (May-2020)
- New: Support for Delphi 10.4 Sydney.
Version 3.11 (Apr-2020)
- Fixed: Sporadic Access Violation when removing a middleware from the middleware list at design time.
Version 3.10 (Mar-2020)
New: Encryption middleware allows using custom cryptographic algorithm to encrypt request and response data. A new demo EncryptionMiddleware is included to show the capabilities.
Improved: Multilogger allows adding more output handlers calling RegisterTMSLogger multiple times to add several output handlers at different points of application initialization.
Improved: THttpResponse now implements IHttpResponse. You can use it as an interface to benefit from automatic referent counting.
Fixed: THttpResponse.ContentAsBytes can now be read multiple times.
Fixed: THttpRequest.RemoteIp property was returning empty when using Indy-based servers.
Version 3.9 (Nov-2019)
New: Support for Android 64-bit platform (Delphi 10.3.3 Rio).
Fixed: Logging middleware not logging headers (req[header-name]) in mobile platforms.
Version 3.8 (Oct-2019)
Fixed: Logging middleware was not logging messages if an active TXDataServer was stopped and restarted a second time.
Fixed: Logging middleware was not logging messages when the associated Sparkle module was not explicitly closing the request.
Version 3.7 (Sep-2019)
- Improved: Indy-based dispatcher now provides the correct URL scheme (http/https) and in consequence the correct default port (80 or 443) in the request URL. When receiving request through the Indy dispatcher, previous versions could not tell if the request was being made through HTTP or HTTPS protocol. The side effect was that the request URL schema was always being considered as HTTP and the port being 80. This is now improved, and if the request is coming via HTTPS, the default port of the request URL is now 443.
Version 3.6 (Jun-2019)
New: macOS 64 support in Delphi Rio 10.3.2 (version 3.6.1, Jul-2019).
New: Logging mechanism now support named loggers and allow different outputs to be configured for different loggers.
New: LogLevel and ExceptionLogLevel properties in TLoggingMiddleware allows configuring the default log level for log messages generated by the middleware.
New: OnFilterLogEx event in logging middleware provides additional information and allows logging messages using different log levels depending on the request/response data.
New: Multilogger demo shows the mechanism of using multiple named loggers.
Fixed: Workaround memory leaks in Android HTTP client for Delphi Tokyo and up.
Version 3.5 (May-2019)
- Fixed: WinHTTP API import function WinHttpGetProxyForUrl had an incorrect signature.
Version 3.4 (Mar-2019)
New: Logging framework - including TMS Logging - allows easy server-side logging to several output handlers like text files, Windows Event Log, TCP/IP listeners, etc.
New: Logging middleware allows logging HTTP requests and responses processed by Sparkle servers. It uses the new logging framework and can automatically log requests/responses in details with a few lines of code.
Version 3.3 (Jan-2019)
New: Design-time Generic Middleware allows adding middleware custom code using the design-time middleware editor, as a RAD alternative to creating a custom middleware from code.
Improved: Design-time middleware editor now displays the name of middleware components in the list, avoiding ambiguous names.
Version 3.2 (Dec-2018)
- New: THttpClient.OnResponseReceived event, fires when an HTTP response is received from server.
Version 3.1 (Nov-2018)
New: Support for Delphi 10.3 Rio.
New: Sample project for file upload handling. A new project FileUploadSample included in demos folder shows how to use TMultipartFormDataReader to receive files from clients.
Improved: TStaticModule.LastModified property enables the inclusion of Last-Modified header in the response (improves caching).
Fixed: TMultipartFormDataPart.FileName property automatically dequotes string.
Version 3.0 (Oct-2018)
New: Design-time support with new set of components for Sparkle: TSparkleGenericServer and TSparkleStaticServer components, and design-time middleware editor.
New: Smooth support for handling multipart/form-data content with new TMultipartFormDataReader class.
Fixed: TIndySparkleHTTPServer not properly handling requests with content-type application/x-www-form-urlencoded.
Fixed: JWT expiration dates were not being saved in UTC.
Version 2.7 (Sep-2018)
New: TJwtMiddleware.AllowExpiredToken and ForbidAnonymousAccess properties. This makes it easier to reject requests with expired tokens or requests without tokens (anonymous) just by setting those properties. This is a breaking change as the middleware now rejects expired tokens by default.
New: TCorsMiddleware middleware makes it straightforward to add CORS support to any Sparkle module.
Improved: THttpSysContext.SysRequest property made public allowing low-level access to http.sys raw request
Improved: Wizard now adds (commented) CORS and Compress middleware in source code. Uncomment to use them.
Improved: Better error messages for iOS/Mac http client
Version 2.6 (May-2018)
New: THttpSysServer.KeepHostInUrlPrefixes property.
Improved: Windows HTTP client now decompresses deflate/gzip responses automatically at OS level (Windows 8.1 and up).
Improved: THttpClient automatically decompresses responses encoded with gzip or deflate.
Improved: Documentation update with example on how to ignore self-signed certificates when using HTTP client on Windows.
Fixed: THttpResponse.ContentLength returning wrong value on Windows when response body size was greater than 2GB.
Version 2.5 (Feb-2018)
New: TIndySparkleHTTPServer Indy-based web server component allows use of XData/RemoteDB and any other Sparkle-based module to use Indy.
This is an alternative for http.sys-based or Apache-based Sparkle server, useful when you want to have a stand-alone Sparkle/XData/RemoteDB server on platforms like Linux (without Apache) or even Android.
Thanks to Michael Van Canneyt for his contribution on this feature!Fixed: HEAD requests sent by the server were causing a timeout in the very next request sent by the same client.
Fixed: Memory leak in Compress middleware if client was disconnected before server response was completed.
Fixed: Range Check Error in PercentEncode function when compiler range check option was enabled.
Fixed: Error not found (404) when request URL had a query parameter with an URL address (for example, "https://mysparkleserver.com/oauth/login?redirect_uri=https://service.google.com").
Version 2.4.2 (Oct-2017)
- Fixed: ContentLength was being set to 0 when calling THttpServerResponse.Close with no content. This would cause HEAD responses to not return correct content-length in some situations. Now ContentLength will only be set to 0 if it was not previously modified.
Version 2.4.1 (Jul-2017)
- Fixed: Sparkle/XData servers retrieving wrong content from client request on Linux using Web Broker (regression).
Version 2.4 (Jul-2017)
Improved: THttpServerRequest.ContentStream now provides correct value for Size property if request has a ContentLength header.
Fixed: When port of requested URL was different from port of server side module URL, the module was responding with 404 (not found) response.
Fixed: Sparkle HTTP Client was is now merging multiple HTTP headers (with same name) sent by the server. Previously it was keeping only the last one.
Version 2.3 (May-2017)
New: Linux support using Delphi 10.2 Tokyo and later. You can now use Sparkle modules on Linux, through Apache modules created using WebBroker.
New: In-process server. You can now create an in-process server that will handle client requests from same application without needing to create a real HTTP server using http.sys or Apache. This is very useful for building stand-alone applications using Sparkle servers without changing your existing code, and it's also very useful to easily test your server modules.
Fixed: Error when using some UTF8 characters in URL like "ç" or "ã", even when percent encoded.
Fixed: HTTP client issue on Android in Delphi Tokyo.
Fixed: Memory leak in Android HTTP client.
Previous Versions
Version 2.2 (Mar-2017)
New: Delphi 10.2 Tokyo Support.
New: Option for custom proxy configuration for Windows clients or automatic proxy detection on Windows 8.1 and later.
Version 2.1 (Aug-2016)
- New: TStaticModule for serving static files.
Version 2.0.1 (Jul-2016)
- Improved: Minor source code modifications for compatibility with TMS XData 2.1.
Version 2.0 (May-2016)
New: Authentication and authorization mechanism.
New: JWT (JSON Web Token) authentication middleware (XE6 and up).
New: Basic authentication middleware.
New: JSON Web Token library for creating and validating tokens (based on the Delphi JOSE and JWT Library: http://github.com/paolo-rossi/delphi-jose-jwt).
New: Delphi 10.1 Berlin support.
New: IsFloat and IsInt64 methods in TJsonReader class.
Improved: Json Reader and Writer supports reading/writing literal values (JSON values that are neither object or array).
Version 1.4 (Feb-2016)
New: Design-time wizard to create a Sparkle Server easily with a few clicks.
New: Middleware system provides a modular way to add custom request and response processing.
New: Compress Middleware provides automatic gzip/deflate response based on request headers.
New: TWinHttpRequest.BeforeWinHttpSendRequest event allow low level setting of WinHttp options.
Fixed: Error when sending non-chunked responses with size greater than 2GB.
Fixed: Response.Close not working correctly with chunked responses.
Version 1.3.1 (Sep-2015)
- New: Delphi 10 Seattle support.
Version 1.3 (Aug-2015)
- New: THttpClient.OnSendingRequest event provides an opportunity to customize request, for example adding custom headers.
Version 1.2.4 (Jun-2015)
- Improved: Better handling of URI percent encoding/decoding.
Version 1.2.3 (Apr-2015)
- New: Delphi XE8 support.
Version 1.2.2 (Mar-2015)
Improved: Support THttpMethod.Options new type allows easier implementation of handling Http OPTIONS requests.
Fixed: THttpServerRequest.RawMethod property empty when request had non-standard http methods.
Fixed: Support for modules that respond to root URL addresses.
Version 1.2.1 (Dec-2014)
Fixed: Issues with floating-point numbers in JSON reader/writer in non-English systems.
Fixed: Mac/iOS HTTP Client was setting content-type to x-www-form-urlencoded automatically (inconsistent with other clients).
Version 1.2 (Oct-2014)
New: TMSHttpConfig tool to configure URL reservations and HTTPS certificates using a friendly GUI. Source code included as a demo.
New: THttpSysServerConfig class methods and properties for configuring URL reservation and HTTPS certificates from Delphi source code.
New: TAnonymousServerModule class to easily create a server modules with very simple request processing.
Improved: TJsonReader doesn't raise an exception if input stream is empty, it stays in EOF state instead.
Fixed: Possible wrong module routing when modules share same path segments at different ports.
Version 1.1.1 (Sep-2014)
- New: Delphi XE7 support.
Version 1.1 (Aug-2014)
New: JSON classes for reading and writing JSON now fully documented.
New: THttpServerRequest.RemoteIP provides the server with the IP address of client which sent request to the server.
New: THttpRequest.Timeout property allows specifying a different timeout value for each request.
New: Patch value in THttpMethod enumeration type to check for PATCH requests.
Improved: Error messages now explain detailed reason why HTTPS connection fails in Windows clients either due like invalid server certificate, expired certificate, or other reasons.
Improved: More detailed error messages in JSON reader when reading fails.
Fixed: JSON writer wrongly escaping of Unicode control characters.
Version 1.0.1 (May-2014)
- New: Delphi XE6 support.
Version 1.0 (Mar-2014)
- First public release.