Sourced from Flurl.Http's releases.

Flurl.Http 3.2.0

Note: This was supposed to be released as 3.1 but mistakenly released as 3.2 and published, at which point it's basically too late. Oh well.

• Do not URL-encode cookie values (#594, potentially breaking)
• Opt-in header forwarding on redirect (#608, potentially breaking)
• Test setups/asserts more forgiving about ignoring query strings (#596, potentially breaking)
• net472 target to avoid unnecessary package dependency (#616)
• BUGFIX: Sending cookies on redirect (#602)
• BUGFIX: Redircts where Location excludes scheme (#595)
• BUGFIX: Exception on .NET Framework if content headers are forwarded on redirect GET (#583)

Flurl.Http 3.0.1

• StatusCode (nullable int) property added to FlurlHttpException (#565)
• BUGFIX: Incorrect parsing of redirect URL when Location header has query params (#586)
• BUGFIX: FlurlCall.Succeeded error when Response is null (#573)
• BUGFIX: Error building FlurlHttpException.Message when Call is null (#579)
• BUGFIX: URL-encoded query params messed up cookie processing in some scenarios (#585)
• BUGFIX: Don't clear multipart "Parts" collection after send (#580)

Flurl.Http 3.0

New Features

• FlurlResponse introduced, primarily to enable inspecting response and deserializing body in separate steps. (#354)
• Major overhaul of cookie functionality. (#506)
• Overhaul of redirect handling. (#500)
• Tests can be set up to return different fake responses depending on the URL or any other request conditions. (#481)
• HttpTest.ForCallsTo(...).AllowRealHttp() for allowing real calls to be made in a test for specific URLs or any other request conditions. (#225)
• New/more complete set of test assertions for headers and cookies. (#508)
• All extension methods on Flurl.Url and string are now also available on System.Uri. (#489)
• Providing a body for PostAsync, PutAsync, and PatchAsync now optional. (#515)

Breaking Changes from 2.x

Making HTTP calls

• Fluent methods that previously returned HttpResponseMessage (such GetAsync, PostAsync, etc) now return FlurlResponse. If you're using GetJsonAsync or chaining ReceiveXXX methods, this shouldn't break anything. (#354)
• HttpCall is now FlurlCall, and several properties of FlurlCall and FlurlHttpException were moved or renamed. (#488)
• Slightly different rules on when a redirect causes the verb to change to GET. (Never on 300, always on 303. #500)
• Minor changes to CapturedStringContent constructors. (#452)

Headers

• New collection type for IFlurlRequest.Headers and IFlurlClient.Headers. (#541)
• HttpRequestMessage.GetHeaderValue and HttpResponseMessage.GetHeaderValue extension methods removed. (#553)
• For multipart requests, Content-Type header for text parts allowed but not defaulted. (#452)
• Cookie request header and Set-Cookie response headers are always visible in Headers collection of request and response. (#506)

Cookies

• CookiesEnabled removed at all settings levels. (#506)
• Cookies, WithCookie and WithCookies removed from IFlurlClient. Use CookieSession instead. (#506)
• IFlurlRequest.Cookies is now read-only IEnumerable<(string Name, string Value)>. Use WithCookies instead. (#506)

... (truncated)

• 0affa6e version bumps
• 60c08b9 Merge pull request #624 from tmenier/596-test-url-matching
• f9d930b #594 don't URL-encode cookie values
• be6839c target framework tweaks
• 974f27b Merge pull request #617 from SiCoe/dev
• 6009590 Merge pull request #593 from AeonLucid/fix/redir-without-scheme
• 2b56cc0 Update test
• b089fb8 #596 testing - don't require trailing * to match URL with query
• e24ff98 #603 trim final url
• 05d0a31 #609 bug when appending just a slash
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)