http/2 and TLS 1.3 are still broken for most services, as discussed before. It's coming up to 1 year since the original request, and new features have been implemented in the meantime, such as the UI overhaul which must have taken a lot of development time. Security should come before features. Can ...

http/2 and TLS 1.3 are still broken for most services, as discussed before.

Kev wrote: ↑

Sun Jul 28, 2019 2:04 pm

Thanks Charles. I may work with you on the side to try and figure this out. That seems odd!

It could be a third party library that is using its own instance of an older version of okhttp. Example here

Thanks for the update. A bug report: My nginx logs show that okhttp has been upgraded to 4.0.1 but only for the torrent functionality (Deluge in my case). This supports http/2 and TLS 1.3. However, okhttp has been downgraded to 2.2.0 (it was previously 2.7.5) for other services like SABnzbd, Sonarr,...

nzb360 13.0.3 uses an old version of the okhttp library - 2.7.5 for Sonarr/Radarr/SABnzbd, but it uses version 3.10.0 for Deluge. There are some security vulnerabilities in the 2.7.5 version, as per the national vulnerability database. In addition, 2.7.5 does not have full support for HTTP/2 as post...

It appears that nzb360 uses a very old version of okhttp for some services (I'm seeing user agents okhttp/2.7.5 for Sonarr/Radarr/SABnzbd and okhttp/3.9.1 for Deluge in my logs). 2.7.5 does not fully support HTTP/2 or TLS 1.3 among other things. 3.9.1 supports HTTP/2 (tested OK with Deluge) but not ...

nzb360 makes connections to web services with HTTP/1.1 even through proxies that support HTTP/2, as my nginx access log shows: "GET /sabnzbd/api?mode=version&output=json&apikey=<redacted>&output=json HTTP/1.1" 200 20 "-" "-" HTTP/2 has performance advantages which should improve speeds on remote con...