Merge branch 'master' into master

fix(actix-http): wake before return pending when read half disconnect and need to shutdown (#3665 )
chore: Pin actions to full commit SHA (#3736 )
2025-08-23 10:14:34 +09:00 · 2025-08-23 00:56:39 +00:00 · 2025-08-22 16:41:52 +09:00 · 2025-08-22 06:24:22 +00:00 · 2025-08-22 05:38:51 +00:00 · 2025-08-22 02:53:12 +00:00
317 changed files with 15128 additions and 5321 deletions
--- a/.cargo/config.toml
+++ b/.cargo/config.toml
@ -1,17 +0,0 @@
-[alias]
-lint = "clippy --workspace --tests --examples --bins -- -Dclippy::todo"
-lint-all = "clippy --workspace --all-features --tests --examples --bins -- -Dclippy::todo"
-
-# lib checking
-ci-check-min = "hack --workspace check --no-default-features"
-ci-check-default = "hack --workspace check"
-ci-check-default-tests = "check --workspace --tests"
-ci-check-all-feature-powerset="hack --workspace --feature-powerset --skip=__compress,experimental-io-uring check"
-ci-check-all-feature-powerset-linux="hack --workspace --feature-powerset --skip=__compress check"
-
-# testing
-ci-doctest-default = "test --workspace --doc --no-fail-fast -- --nocapture"
-ci-doctest = "test --workspace --all-features --doc --no-fail-fast -- --nocapture"
-
-# compile docs as docs.rs would
-# RUSTDOCFLAGS="--cfg=docsrs" cargo +nightly doc --no-deps --workspace
--- a/.clippy.toml
+++ b/.clippy.toml
@ -0,0 +1,8 @@
+disallowed-names = [
+  "..",
+  "e", # no single letter error bindings
+]
+disallowed-methods = [
+  { path = "std::cell::RefCell::default()", reason = "prefer explicit inner type default" },
+  { path = "std::rc::Rc::default()", reason = "prefer explicit inner type default" },
+]
--- a/.codecov.yml
+++ b/.codecov.yml
--- a/.cspell.yml
+++ b/.cspell.yml
@ -0,0 +1,12 @@
+version: "0.2"
+words:
+  - actix
+  - addrs
+  - bytestring
+  - httparse
+  - msrv
+  - realip
+  - rustls
+  - rustup
+  - serde
+  - zstd
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,3 +1,3 @@
 # These are supported funding model platforms

-github: [robjtede]
+github: [robjtede, JohnTitor]
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+  - package-ecosystem: cargo
+    directory: /
+    schedule:
+      interval: weekly
+    versioning-strategy: lockfile-only
--- a/.github/workflows/bench.yml
+++ b/.github/workflows/bench.yml
@ -2,11 +2,10 @@ name: Benchmark

 on:
  push:
-    branches:
-      - master
+    branches: [master]

 permissions:
-  contents: read # to fetch code (actions/checkout)
+  contents: read

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
@ -17,17 +16,13 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

      - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: nightly
-          profile: minimal
-          override: true
+        run: |
+          rustup set profile minimal
+          rustup install nightly
+          rustup override set nightly

      - name: Check benchmark
-        uses: actions-rs/cargo@v1
-        with:
-          command: bench
-          args: --bench=server -- --sample-size=15
+        run: cargo bench --bench=server -- --sample-size=15
--- a/.github/workflows/ci-post-merge.yml
+++ b/.github/workflows/ci-post-merge.yml
@ -5,7 +5,7 @@ on:
    branches: [master]

 permissions:
-  contents: read # to fetch code (actions/checkout)
+  contents: read

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
@ -16,125 +16,76 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
+        # prettier-ignore
        target:
          - { name: Linux, os: ubuntu-latest, triple: x86_64-unknown-linux-gnu }
          - { name: macOS, os: macos-latest, triple: x86_64-apple-darwin }
-          - { name: Windows, os: windows-2022, triple: x86_64-pc-windows-msvc }
+          - { name: Windows, os: windows-latest, triple: x86_64-pc-windows-msvc }
        version:
-          - nightly
+          - { name: nightly, version: nightly }

-    name: ${{ matrix.target.name }} / ${{ matrix.version }}
+    name: ${{ matrix.target.name }} / ${{ matrix.version.name }}
    runs-on: ${{ matrix.target.os }}

-    env:
-      CI: 1
-      CARGO_INCREMENTAL: 0
-      VCPKGRS_DYNAMIC: 1
-      CARGO_UNSTABLE_SPARSE_REGISTRY: true
-
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Install nasm
+        if: matrix.target.os == 'windows-latest'
+        uses: ilammy/setup-nasm@72793074d3c8cdda771dba85f6deafe00623038b # v1.5.2

-      # install OpenSSL on Windows
-      # TODO: GitHub actions docs state that OpenSSL is
-      # already installed on these Windows machines somewhere
-      - name: Set vcpkg root
-        if: matrix.target.triple == 'x86_64-pc-windows-msvc'
-        run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append
      - name: Install OpenSSL
-        if: matrix.target.triple == 'x86_64-pc-windows-msvc'
-        run: vcpkg install openssl:x64-windows
+        if: matrix.target.os == 'windows-latest'
+        shell: bash
+        run: |
+          set -e
+          choco install openssl --version=1.1.1.2100 -y --no-progress
+          echo 'OPENSSL_DIR=C:\Program Files\OpenSSL' >> $GITHUB_ENV
+          echo "RUSTFLAGS=-C target-feature=+crt-static" >> $GITHUB_ENV

-      - name: Install ${{ matrix.version }}
-        uses: actions-rs/toolchain@v1
+      - name: Install Rust (${{ matrix.version.name }})
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
        with:
-          toolchain: ${{ matrix.version }}
-          profile: minimal
-          override: true
+          toolchain: ${{ matrix.version.version }}

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
-
-      - name: Generate Cargo.lock
-        uses: actions-rs/cargo@v1
-        with: { command: generate-lockfile }
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
+      - name: Install just, cargo-hack, cargo-nextest, cargo-ci-cache-clean
+        uses: taiki-e/install-action@ad95d4e02e061d4390c4b66ef5ed56c7fee3d2ce # v2.58.17
+        with:
+          tool: just,cargo-hack,cargo-nextest,cargo-ci-cache-clean

      - name: check minimal
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-min }
+        run: just check-min

      - name: check default
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-default }
+        run: just check-default

      - name: tests
        timeout-minutes: 60
-        run: |
-          cargo test --lib --tests -p=actix-router --all-features
-          cargo test --lib --tests -p=actix-http --all-features
-          cargo test --lib --tests -p=actix-web --features=rustls,openssl -- --skip=test_reading_deflate_encoding_large_random_rustls
-          cargo test --lib --tests -p=actix-web-codegen --all-features
-          cargo test --lib --tests -p=awc --all-features
-          cargo test --lib --tests -p=actix-http-test --all-features
-          cargo test --lib --tests -p=actix-test --all-features
-          cargo test --lib --tests -p=actix-files
-          cargo test --lib --tests -p=actix-multipart --all-features
-          cargo test --lib --tests -p=actix-web-actors --all-features
+        run: just test

-      - name: Clear the cargo caches
-        run: |
-          cargo install cargo-cache --version 0.8.3 --no-default-features --features ci-autoclean
-          cargo-cache
+      - name: CI cache clean
+        run: cargo-ci-cache-clean

  ci_feature_powerset_check:
    name: Verify Feature Combinations
    runs-on: ubuntu-latest

-    env:
-      CI: 1
-      CARGO_INCREMENTAL: 0
-
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

-      - uses: dtolnay/rust-toolchain@stable
+      - name: Free Disk Space
+        run: ./scripts/free-disk-space.sh

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
+      - name: Setup mold linker
+        uses: rui314/setup-mold@7344740a9418dcdcb481c7df83d9fbd1d5072d7d # v1

-      - name: Generate Cargo.lock
-        run: cargo generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.2.0
+      - name: Install Rust
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0

-      - name: check feature combinations
-        run: cargo ci-check-all-feature-powerset
+      - name: Install just, cargo-hack
+        uses: taiki-e/install-action@ad95d4e02e061d4390c4b66ef5ed56c7fee3d2ce # v2.58.17
+        with:
+          tool: just,cargo-hack

-      - name: check feature combinations
-        run: cargo ci-check-all-feature-powerset-linux
-
-  nextest:
-    name: nextest
-    runs-on: ubuntu-latest
-
-    env:
-      CI: 1
-      CARGO_INCREMENTAL: 0
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - uses: dtolnay/rust-toolchain@stable
-
-      - name: Install nextest
-        uses: taiki-e/install-action@nextest
-
-      - name: Generate Cargo.lock
-        run: cargo generate-lockfile
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v1.3.0
-
-      - name: Test with cargo-nextest
-        run: cargo nextest run
+      - name: Check feature combinations
+        run: just check-feature-combinations
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -3,117 +3,119 @@ name: CI
 on:
  pull_request:
    types: [opened, synchronize, reopened]
+  merge_group:
+    types: [checks_requested]
  push:
    branches: [master]

 permissions:
-  contents: read # to fetch code (actions/checkout)
+  contents: read

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

 jobs:
+  read_msrv:
+    name: Read MSRV
+    uses: actions-rust-lang/msrv/.github/workflows/msrv.yml@8b553824444060021f2843d7b4d803f3624d15e5 # v0.1.0
+
  build_and_test:
+    needs: read_msrv
+
    strategy:
      fail-fast: false
      matrix:
+        # prettier-ignore
        target:
          - { name: Linux, os: ubuntu-latest, triple: x86_64-unknown-linux-gnu }
          - { name: macOS, os: macos-latest, triple: x86_64-apple-darwin }
          - { name: Windows, os: windows-latest, triple: x86_64-pc-windows-msvc }
        version:
-          - 1.59.0 # MSRV
-          - stable
+          - { name: msrv, version: "${{ needs.read_msrv.outputs.msrv }}" }
+          - { name: stable, version: stable }

-    name: ${{ matrix.target.name }} / ${{ matrix.version }}
+    name: ${{ matrix.target.name }} / ${{ matrix.version.name }}
    runs-on: ${{ matrix.target.os }}

-    env: {}
-
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Install nasm
+        if: matrix.target.os == 'windows-latest'
+        uses: ilammy/setup-nasm@72793074d3c8cdda771dba85f6deafe00623038b # v1.5.2

      - name: Install OpenSSL
        if: matrix.target.os == 'windows-latest'
-        run: choco install openssl
-      - name: Set OpenSSL dir in env
-        if: matrix.target.os == 'windows-latest'
-        run: echo 'OPENSSL_DIR=C:\Program Files\OpenSSL-Win64' | Out-File -FilePath $env:GITHUB_ENV -Append
+        shell: bash
+        run: |
+          set -e
+          choco install openssl --version=1.1.1.2100 -y --no-progress
+          echo 'OPENSSL_DIR=C:\Program Files\OpenSSL' >> $GITHUB_ENV
+          echo "RUSTFLAGS=-C target-feature=+crt-static" >> $GITHUB_ENV

-      - name: Install Rust (${{ matrix.version }})
-        uses: actions-rust-lang/setup-rust-toolchain@v1
+      - name: Setup mold linker
+        if: matrix.target.os == 'ubuntu-latest'
+        uses: rui314/setup-mold@7344740a9418dcdcb481c7df83d9fbd1d5072d7d # v1
+
+      - name: Install Rust (${{ matrix.version.name }})
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
        with:
-          toolchain: ${{ matrix.version }}
+          toolchain: ${{ matrix.version.version }}

-      - name: Install cargo-hack
-        uses: taiki-e/install-action@cargo-hack
+      - name: Install just, cargo-hack, cargo-nextest, cargo-ci-cache-clean
+        uses: taiki-e/install-action@ad95d4e02e061d4390c4b66ef5ed56c7fee3d2ce # v2.58.17
+        with:
+          tool: just,cargo-hack,cargo-nextest,cargo-ci-cache-clean

      - name: workaround MSRV issues
-        if: matrix.version != 'stable'
-        run: |
-          cargo install cargo-edit --version=0.8.0
-          cargo add const-str@0.3 --dev -p=actix-web
-          cargo add const-str@0.3 --dev -p=awc
-
-      - name: workaround MSRV issues
-        if: matrix.version != 'stable'
-        run: |
-          cargo update -p=zstd-sys --precise=2.0.1+zstd.1.5.2
+        if: matrix.version.name == 'msrv'
+        run: just downgrade-for-msrv

      - name: check minimal
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-min }
+        run: just check-min

      - name: check default
-        uses: actions-rs/cargo@v1
-        with: { command: ci-check-default }
+        run: just check-default

      - name: tests
        timeout-minutes: 60
-        run: |
-          cargo test --lib --tests -p=actix-router --all-features
-          cargo test --lib --tests -p=actix-http --all-features
-          cargo test --lib --tests -p=actix-web --features=rustls,openssl -- --skip=test_reading_deflate_encoding_large_random_rustls
-          cargo test --lib --tests -p=actix-web-codegen --all-features
-          cargo test --lib --tests -p=awc --all-features
-          cargo test --lib --tests -p=actix-http-test --all-features
-          cargo test --lib --tests -p=actix-test --all-features
-          cargo test --lib --tests -p=actix-files
-          cargo test --lib --tests -p=actix-multipart --all-features
-          cargo test --lib --tests -p=actix-web-actors --all-features
+        run: just test

-      - name: Clear the cargo caches
-        run: |
-          cargo install cargo-cache --version 0.8.3 --no-default-features --features ci-autoclean
-          cargo-cache
+      - name: CI cache clean
+        run: cargo-ci-cache-clean

  io-uring:
    name: io-uring tests
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

      - name: Install Rust
-        uses: actions-rust-lang/setup-rust-toolchain@v1
-        with: { toolchain: nightly }
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          toolchain: nightly

      - name: tests (io-uring)
        timeout-minutes: 60
        run: >
          sudo bash -c "ulimit -Sl 512 && ulimit -Hl 512 && PATH=$PATH:/usr/share/rust/.cargo/bin && RUSTUP_TOOLCHAIN=stable cargo test --lib --tests -p=actix-files --all-features"

-
  rustdoc:
    name: doc tests
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

      - name: Install Rust (nightly)
-        uses: actions-rust-lang/setup-rust-toolchain@v1
-        with: { toolchain: nightly }
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          toolchain: nightly
+
+      - name: Install just
+        uses: taiki-e/install-action@ad95d4e02e061d4390c4b66ef5ed56c7fee3d2ce # v2.58.17
+        with:
+          tool: just

      - name: doc tests
-        run: cargo ci-doctest
-        timeout-minutes: 60
+        run: just test-docs
--- a/.github/workflows/clippy-fmt.yml
+++ b/.github/workflows/clippy-fmt.yml
@ -1,75 +0,0 @@
-name: Lint
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-
-permissions:
-  contents: read # to fetch code (actions/checkout)
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  fmt:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-        with:
-          toolchain: nightly
-          components: rustfmt
-
-      - run: cargo fmt --all -- --check
-
-  clippy:
-    permissions:
-      checks: write # to add clippy checks to PR diffs
-
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-        with: { components: clippy }
-
-      - uses: giraffate/clippy-action@v1
-        with:
-          reporter: 'github-pr-check'
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          clippy_flags: --workspace --all-features --tests --examples --bins -- -Dclippy::todo
-
-  lint-docs:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-        with: { components: rust-docs }
-
-      - name: Check for broken intra-doc links
-        env: { RUSTDOCFLAGS: "-D warnings" }
-        run: cargo doc --no-deps --all-features --workspace
-
-  public-api-diff:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ github.base_ref }}
-
-      - uses: actions/checkout@v3
-
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-        with: { toolchain: nightly }
-
-      - uses: taiki-e/cache-cargo-install-action@v1
-        with: { tool: cargo-public-api }
-
-      - name: generate API diff
-        run: |
-          for f in $(find -mindepth 2 -maxdepth 2 -name Cargo.toml); do
-            cargo public-api --manifest-path "$f" diff ${{ github.event.pull_request.base.sha }}..${{ github.sha }}
-          done
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@ -1,5 +1,3 @@
-# disabled because `cargo tarpaulin` currently segfaults
-
 name: Coverage

 on:
@ -7,27 +5,36 @@ on:
    branches: [master]

 permissions:
-  contents: read # to fetch code (actions/checkout)
+  contents: read

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

 jobs:
-  # job currently (1st Feb 2022) segfaults
  coverage:
-    name: coverage
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-        with: { toolchain: nightly }
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          toolchain: nightly
+          components: llvm-tools

-      - name: Generate coverage file
-        run: |
-          cargo install cargo-tarpaulin --vers "^0.13"
-          cargo tarpaulin --workspace --features=rustls,openssl --out Xml --verbose
-      - name: Upload to Codecov
-        uses: codecov/codecov-action@v1
-        with: { file: cobertura.xml }
+      - name: Install just, cargo-llvm-cov, cargo-nextest
+        uses: taiki-e/install-action@ad95d4e02e061d4390c4b66ef5ed56c7fee3d2ce # v2.58.17
+        with:
+          tool: just,cargo-llvm-cov,cargo-nextest
+
+      - name: Generate code coverage
+        run: just test-coverage-codecov
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        with:
+          files: codecov.json
+          fail_ci_if_error: true
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -0,0 +1,90 @@
+name: Lint
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  fmt:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          toolchain: nightly
+          components: rustfmt
+
+      - name: Check with Rustfmt
+        run: cargo fmt --all -- --check
+
+  clippy:
+    permissions:
+      contents: read
+      checks: write # to add clippy checks to PR diffs
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Install Rust
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          components: clippy
+
+      - name: Check with Clippy
+        uses: giraffate/clippy-action@13b9d32482f25d29ead141b79e7e04e7900281e0 # v1.0.1
+        with:
+          reporter: github-pr-check
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          clippy_flags: >-
+            --workspace --all-features --tests --examples --bins --
+            -A unknown_lints -D clippy::todo -D clippy::dbg_macro
+
+  lint-docs:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Install Rust (nightly)
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          toolchain: nightly
+          components: rust-docs
+
+      - name: Check for broken intra-doc links
+        env:
+          RUSTDOCFLAGS: -D warnings
+        run: cargo +nightly doc --no-deps --workspace --all-features
+
+  check-external-types:
+    if: false # rustdoc mismatch currently
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Install Rust (${{ vars.RUST_VERSION_EXTERNAL_TYPES }})
+        uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0
+        with:
+          toolchain: ${{ vars.RUST_VERSION_EXTERNAL_TYPES }}
+
+      - name: Install just
+        uses: taiki-e/install-action@ad95d4e02e061d4390c4b66ef5ed56c7fee3d2ce # v2.58.17
+        with:
+          tool: just
+
+      - name: Install cargo-check-external-types
+        uses: taiki-e/cache-cargo-install-action@b33c63d3b3c85540f4eba8a4f71a5cc0ce030855 # v2.3.0
+        with:
+          tool: cargo-check-external-types
+
+      - name: check external types
+        run: just check-external-types-all +${{ vars.RUST_VERSION_EXTERNAL_TYPES }}
--- a/.github/workflows/upload-doc.yml
+++ b/.github/workflows/upload-doc.yml
@ -1,38 +0,0 @@
-name: Upload Documentation
-
-on:
-  push:
-    branches: [master]
-
-permissions:
-  contents: read # to fetch code (actions/checkout)
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  build:
-    permissions:
-      contents: write # to push changes in repo (jamesives/github-pages-deploy-action)
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - uses: dtolnay/rust-toolchain@nightly
-
-      - name: Build Docs
-        run: cargo +nightly doc --no-deps --workspace --all-features
-        env:
-          RUSTDOCFLAGS: --cfg=docsrs
-
-      - name: Tweak HTML
-        run: echo '<meta http-equiv="refresh" content="0;url=actix_web/index.html">' > target/doc/index.html
-
-      - name: Deploy to GitHub Pages
-        uses: JamesIves/github-pages-deploy-action@v4.4.1
-        with:
-          folder: target/doc
-          single-commit: true
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,3 @@
-Cargo.lock
 target/
 guide/build/
 /gh-pages
@ -19,3 +18,7 @@ guide/build/

 # Configuration directory generated by VSCode
 .vscode
+
+# code coverage
+/lcov.info
+/codecov.json
--- a/.prettierrc.yaml
+++ b/.prettierrc.yaml
@ -1 +0,0 @@
-proseWrap: never
--- a/.prettierrc.yml
+++ b/.prettierrc.yml
@ -0,0 +1,5 @@
+overrides:
+  - files: "*.md"
+    options:
+      printWidth: 9999
+      proseWrap: never
--- a/.rustfmt.toml
+++ b/.rustfmt.toml
@ -0,0 +1,3 @@
+group_imports = "StdExternalCrate"
+imports_granularity = "Crate"
+use_field_init_shorthand = true
--- a/.taplo.toml
+++ b/.taplo.toml
@ -0,0 +1,38 @@
+exclude = ["target/*"]
+include = ["**/*.toml"]
+
+[formatting]
+column_width = 100
+align_comments = false
+
+[[rule]]
+include = ["**/Cargo.toml"]
+keys = ["features"]
+formatting.column_width = 105
+formatting.reorder_keys = false
+
+[[rule]]
+include = ["**/Cargo.toml"]
+keys = [
+  "dependencies",
+  "*-dependencies",
+  "workspace.dependencies",
+  "workspace.*-dependencies",
+  "target.*.dependencies",
+  "target.*.*-dependencies",
+]
+formatting.column_width = 120
+formatting.reorder_keys = true
+
+[[rule]]
+include = ["**/Cargo.toml"]
+keys = [
+  "dependencies.*",
+  "*-dependencies.*",
+  "workspace.dependencies.*",
+  "workspace.*-dependencies.*",
+  "target.*.dependencies",
+  "target.*.*-dependencies",
+]
+formatting.column_width = 120
+formatting.reorder_keys = false
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,19 +1,26 @@
 [workspace]
 resolver = "2"
 members = [
-    "actix-files",
-    "actix-http-test",
-    "actix-http",
-    "actix-multipart",
-    "actix-multipart-derive",
-    "actix-router",
-    "actix-test",
-    "actix-web-actors",
-    "actix-web-codegen",
-    "actix-web",
-    "awc",
+  "actix-files",
+  "actix-http-test",
+  "actix-http",
+  "actix-multipart",
+  "actix-multipart-derive",
+  "actix-router",
+  "actix-test",
+  "actix-web-actors",
+  "actix-web-codegen",
+  "actix-web",
+  "awc",
 ]

+[workspace.package]
+homepage = "https://actix.rs"
+repository = "https://github.com/actix/actix-web"
+license = "MIT OR Apache-2.0"
+edition = "2021"
+rust-version = "1.75"
+
 [profile.dev]
 # Disabling debug info speeds up builds a bunch and we don't rely on it for debugging that much.
 debug = 0
@ -44,3 +51,11 @@ awc = { path = "awc" }
 # actix-utils = { path = "../actix-net/actix-utils" }
 # actix-tls = { path = "../actix-net/actix-tls" }
 # actix-server = { path = "../actix-net/actix-server" }
+
+[workspace.lints.rust]
+rust_2018_idioms = { level = "deny" }
+future_incompatible = { level = "deny" }
+nonstandard_style = { level = "deny" }
+
+[workspace.lints.clippy]
+# clone_on_ref_ptr = { level = "deny" }
--- a/actix-files/CHANGES.md
+++ b/actix-files/CHANGES.md
@ -1,8 +1,24 @@
 # Changes

-## Unreleased - 2023-xx-xx
+## Unreleased

-## 0.6.3 - 2023-01-21
+- Minimum supported Rust version (MSRV) is now 1.75.
+
+## 0.6.6
+
+- Update `tokio-uring` dependency to `0.4`.
+- Minimum supported Rust version (MSRV) is now 1.72.
+
+## 0.6.5
+
+- Fix handling of special characters in filenames.
+
+## 0.6.4
+
+- Fix handling of newlines in filenames.
+- Minimum supported Rust version (MSRV) is now 1.68 due to transitive `time` dependency.
+
+## 0.6.3

 - XHTML files now use `Content-Disposition: inline` instead of `attachment`. [#2903]
 - Minimum supported Rust version (MSRV) is now 1.59 due to transitive `time` dependency.
@ -10,14 +26,14 @@

 [#2903]: https://github.com/actix/actix-web/pull/2903

-## 0.6.2 - 2022-07-23
+## 0.6.2

 - Allow partial range responses for video content to start streaming sooner. [#2817]
 - Minimum supported Rust version (MSRV) is now 1.57 due to transitive `time` dependency.

 [#2817]: https://github.com/actix/actix-web/pull/2817

-## 0.6.1 - 2022-06-11
+## 0.6.1

 - Add `NamedFile::{modified, metadata, content_type, content_disposition, encoding}()` getters. [#2021]
 - Update `tokio-uring` dependency to `0.3`.
@ -27,25 +43,25 @@
 [#2021]: https://github.com/actix/actix-web/pull/2021
 [#2645]: https://github.com/actix/actix-web/pull/2645

-## 0.6.0 - 2022-02-25
+## 0.6.0

 - No significant changes since `0.6.0-beta.16`.

-## 0.6.0-beta.16 - 2022-01-31
+## 0.6.0-beta.16

 - No significant changes since `0.6.0-beta.15`.

-## 0.6.0-beta.15 - 2022-01-21
+## 0.6.0-beta.15

 - No significant changes since `0.6.0-beta.14`.

-## 0.6.0-beta.14 - 2022-01-14
+## 0.6.0-beta.14

 - The `prefer_utf8` option introduced in `0.4.0` is now true by default. [#2583]

 [#2583]: https://github.com/actix/actix-web/pull/2583

-## 0.6.0-beta.13 - 2022-01-04
+## 0.6.0-beta.13

 - The `Files` service now rejects requests with URL paths that include `%2F` (decoded: `/`). [#2398]
 - The `Files` service now correctly decodes `%25` in the URL path to `%` for the file path. [#2398]
@ -53,19 +69,19 @@

 [#2398]: https://github.com/actix/actix-web/pull/2398

-## 0.6.0-beta.12 - 2021-12-29
+## 0.6.0-beta.12

 - No significant changes since `0.6.0-beta.11`.

-## 0.6.0-beta.11 - 2021-12-27
+## 0.6.0-beta.11

 - No significant changes since `0.6.0-beta.10`.

-## 0.6.0-beta.10 - 2021-12-11
+## 0.6.0-beta.10

 - No significant changes since `0.6.0-beta.9`.

-## 0.6.0-beta.9 - 2021-11-22
+## 0.6.0-beta.9

 - Add crate feature `experimental-io-uring`, enabling async file I/O to be utilized. This feature is only available on Linux OSes with recent kernel versions. This feature is semver-exempt. [#2408]
 - Add `NamedFile::open_async`. [#2408]
@ -77,15 +93,15 @@
 [#2408]: https://github.com/actix/actix-web/pull/2408
 [#2453]: https://github.com/actix/actix-web/pull/2453

-## 0.6.0-beta.8 - 2021-10-20
+## 0.6.0-beta.8

 - Minimum supported Rust version (MSRV) is now 1.52.

-## 0.6.0-beta.7 - 2021-09-09
+## 0.6.0-beta.7

 - Minimum supported Rust version (MSRV) is now 1.51.

-## 0.6.0-beta.6 - 2021-06-26
+## 0.6.0-beta.6

 - Added `Files::path_filter()`. [#2274]
 - `Files::show_files_listing()` can now be used with `Files::index_file()` to show files listing as a fallback when the index file is not found. [#2228]
@ -93,7 +109,7 @@
 [#2274]: https://github.com/actix/actix-web/pull/2274
 [#2228]: https://github.com/actix/actix-web/pull/2228

-## 0.6.0-beta.5 - 2021-06-17
+## 0.6.0-beta.5

 - `NamedFile` now implements `ServiceFactory` and `HttpServiceFactory` making it much more useful in routing. For example, it can be used directly as a default service. [#2135]
 - For symbolic links, `Content-Disposition` header no longer shows the filename of the original file. [#2156]
@ -105,17 +121,17 @@
 [#2225]: https://github.com/actix/actix-web/pull/2225
 [#2257]: https://github.com/actix/actix-web/pull/2257

-## 0.6.0-beta.4 - 2021-04-02
+## 0.6.0-beta.4

 - Add support for `.guard` in `Files` to selectively filter `Files` services. [#2046]

 [#2046]: https://github.com/actix/actix-web/pull/2046

-## 0.6.0-beta.3 - 2021-03-09
+## 0.6.0-beta.3

 - No notable changes.

-## 0.6.0-beta.2 - 2021-02-10
+## 0.6.0-beta.2

 - Fix If-Modified-Since and If-Unmodified-Since to not compare using sub-second timestamps. [#1887]
 - Replace `v_htmlescape` with `askama_escape`. [#1953]
@ -123,39 +139,39 @@
 [#1887]: https://github.com/actix/actix-web/pull/1887
 [#1953]: https://github.com/actix/actix-web/pull/1953

-## 0.6.0-beta.1 - 2021-01-07
+## 0.6.0-beta.1

 - `HttpRange::parse` now has its own error type.
 - Update `bytes` to `1.0`. [#1813]

 [#1813]: https://github.com/actix/actix-web/pull/1813

-## 0.5.0 - 2020-12-26
+## 0.5.0

 - Optionally support hidden files/directories. [#1811]

 [#1811]: https://github.com/actix/actix-web/pull/1811

-## 0.4.1 - 2020-11-24
+## 0.4.1

 - Clarify order of parameters in `Files::new` and improve docs.

-## 0.4.0 - 2020-10-06
+## 0.4.0

 - Add `Files::prefer_utf8` option that adds UTF-8 charset on certain response types. [#1714]

 [#1714]: https://github.com/actix/actix-web/pull/1714

-## 0.3.0 - 2020-09-11
+## 0.3.0

 - No significant changes from 0.3.0-beta.1.

-## 0.3.0-beta.1 - 2020-07-15
+## 0.3.0-beta.1

 - Update `v_htmlescape` to 0.10
 - Update `actix-web` and `actix-http` dependencies to beta.1

-## 0.3.0-alpha.1 - 2020-05-23
+## 0.3.0-alpha.1

 - Update `actix-web` and `actix-http` dependencies to alpha
 - Fix some typos in the docs
@ -164,73 +180,73 @@

 [#1384]: https://github.com/actix/actix-web/pull/1384

-## 0.2.1 - 2019-12-22
+## 0.2.1

 - Use the same format for file URLs regardless of platforms

-## 0.2.0 - 2019-12-20
+## 0.2.0

 - Fix BodyEncoding trait import #1220

-## 0.2.0-alpha.1 - 2019-12-07
+## 0.2.0-alpha.1

 - Migrate to `std::future`

-## 0.1.7 - 2019-11-06
+## 0.1.7

 - Add an additional `filename*` param in the `Content-Disposition` header of `actix_files::NamedFile` to be more compatible. (#1151)

-## 0.1.6 - 2019-10-14
+## 0.1.6

 - Add option to redirect to a slash-ended path `Files` #1132

-## 0.1.5 - 2019-10-08
+## 0.1.5

 - Bump up `mime_guess` crate version to 2.0.1
 - Bump up `percent-encoding` crate version to 2.1
 - Allow user defined request guards for `Files` #1113

-## 0.1.4 - 2019-07-20
+## 0.1.4

 - Allow to disable `Content-Disposition` header #686

-## 0.1.3 - 2019-06-28
+## 0.1.3

 - Do not set `Content-Length` header, let actix-http set it #930

-## 0.1.2 - 2019-06-13
+## 0.1.2

 - Content-Length is 0 for NamedFile HEAD request #914
 - Fix ring dependency from actix-web default features for #741

-## 0.1.1 - 2019-06-01
+## 0.1.1

 - Static files are incorrectly served as both chunked and with length #812

-## 0.1.0 - 2019-05-25
+## 0.1.0

 - NamedFile last-modified check always fails due to nano-seconds in file modified date #820

-## 0.1.0-beta.4 - 2019-05-12
+## 0.1.0-beta.4

 - Update actix-web to beta.4

-## 0.1.0-beta.1 - 2019-04-20
+## 0.1.0-beta.1

 - Update actix-web to beta.1

-## 0.1.0-alpha.6 - 2019-04-14
+## 0.1.0-alpha.6

 - Update actix-web to alpha6

-## 0.1.0-alpha.4 - 2019-04-08
+## 0.1.0-alpha.4

 - Update actix-web to alpha4

-## 0.1.0-alpha.2 - 2019-04-02
+## 0.1.0-alpha.2

 - Add default handler support

-## 0.1.0-alpha.1 - 2019-03-28
+## 0.1.0-alpha.1

 - Initial impl
--- a/actix-files/Cargo.toml
+++ b/actix-files/Cargo.toml
@ -1,21 +1,17 @@
 [package]
 name = "actix-files"
-version = "0.6.3"
-authors = [
-    "Nikolay Kim <fafhrd91@gmail.com>",
-    "Rob Ede <robjtede@icloud.com>",
-]
+version = "0.6.6"
+authors = ["Nikolay Kim <fafhrd91@gmail.com>", "Rob Ede <robjtede@icloud.com>"]
 description = "Static file serving for Actix Web"
 keywords = ["actix", "http", "async", "futures"]
 homepage = "https://actix.rs"
 repository = "https://github.com/actix/actix-web"
 categories = ["asynchronous", "web-programming::http-server"]
 license = "MIT OR Apache-2.0"
-edition = "2018"
+edition = "2021"

-[lib]
-name = "actix_files"
-path = "src/lib.rs"
+[package.metadata.cargo_check_external_types]
+allowed_external_types = ["actix_http::*", "actix_service::*", "actix_web::*", "http::*", "mime::*"]

 [features]
 experimental-io-uring = ["actix-web/experimental-io-uring", "tokio-uring"]
@ -26,9 +22,9 @@ actix-service = "2"
 actix-utils = "3"
 actix-web = { version = "4", default-features = false }

-bitflags = "1"
+bitflags = "2"
 bytes = "1"
-derive_more = "0.99.5"
+derive_more = { version = "2", features = ["display", "error", "from"] }
 futures-core = { version = "0.3.17", default-features = false, features = ["alloc"] }
 http-range = "0.1.4"
 log = "0.4"
@ -40,11 +36,15 @@ v_htmlescape = "0.15.5"

 # experimental-io-uring
 [target.'cfg(target_os = "linux")'.dependencies]
-tokio-uring = { version = "0.4", optional = true, features = ["bytes"] }
-actix-server = { version = "2.2", optional = true } # ensure matching tokio-uring versions
+tokio-uring = { version = "0.5", optional = true, features = ["bytes"] }
+actix-server = { version = "2.4", optional = true }                      # ensure matching tokio-uring versions

 [dev-dependencies]
 actix-rt = "2.7"
 actix-test = "0.1"
 actix-web = "4"
+env_logger = "0.11"
 tempfile = "3.2"
+
+[lints]
+workspace = true
--- a/actix-files/README.md
+++ b/actix-files/README.md
@ -1,18 +1,32 @@
-# actix-files
+# `actix-files`

-> Static file serving for Actix Web
+<!-- prettier-ignore-start -->

 [![crates.io](https://img.shields.io/crates/v/actix-files?label=latest)](https://crates.io/crates/actix-files)
-[![Documentation](https://docs.rs/actix-files/badge.svg?version=0.6.3)](https://docs.rs/actix-files/0.6.3)
-![Version](https://img.shields.io/badge/rustc-1.59+-ab6000.svg)
+[![Documentation](https://docs.rs/actix-files/badge.svg?version=0.6.6)](https://docs.rs/actix-files/0.6.6)
+![Version](https://img.shields.io/badge/rustc-1.72+-ab6000.svg)
 ![License](https://img.shields.io/crates/l/actix-files.svg)
 <br />
-[![dependency status](https://deps.rs/crate/actix-files/0.6.3/status.svg)](https://deps.rs/crate/actix-files/0.6.3)
+[![dependency status](https://deps.rs/crate/actix-files/0.6.6/status.svg)](https://deps.rs/crate/actix-files/0.6.6)
 [![Download](https://img.shields.io/crates/d/actix-files.svg)](https://crates.io/crates/actix-files)
 [![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)

-## Documentation & Resources
+<!-- prettier-ignore-end -->

- [API Documentation](https://docs.rs/actix-files)
- [Example Project](https://github.com/actix/examples/tree/master/basics/static-files)
- Minimum Supported Rust Version (MSRV): 1.59
+<!-- cargo-rdme start -->
+
+Static file serving for Actix Web.
+
+Provides a non-blocking service for serving static files from disk.
+
+## Examples
+
+```rust
+use actix_web::App;
+use actix_files::Files;
+
+let app = App::new()
+    .service(Files::new("/static", ".").prefer_utf8(true));
+```
+
+<!-- cargo-rdme end -->
--- a/actix-files/examples/guarded-listing.rs
+++ b/actix-files/examples/guarded-listing.rs
@ -0,0 +1,33 @@
+use actix_files::Files;
+use actix_web::{get, guard, middleware, App, HttpServer, Responder};
+
+const EXAMPLES_DIR: &str = concat![env!("CARGO_MANIFEST_DIR"), "/examples"];
+
+#[get("/")]
+async fn index() -> impl Responder {
+    "Hello world!"
+}
+
+#[actix_web::main]
+async fn main() -> std::io::Result<()> {
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
+
+    log::info!("starting HTTP server at http://localhost:8080");
+
+    HttpServer::new(|| {
+        App::new()
+            .service(index)
+            .service(
+                Files::new("/assets", EXAMPLES_DIR)
+                    .show_files_listing()
+                    .guard(guard::Header("show-listing", "?1")),
+            )
+            .service(Files::new("/assets", EXAMPLES_DIR))
+            .wrap(middleware::Compress::default())
+            .wrap(middleware::Logger::default())
+    })
+    .bind(("127.0.0.1", 8080))?
+    .workers(2)
+    .run()
+    .await
+}
--- a/actix-files/src/chunked.rs
+++ b/actix-files/src/chunked.rs
@ -7,11 +7,10 @@ use std::{
 };

 use actix_web::{error::Error, web::Bytes};
-use futures_core::{ready, Stream};
-use pin_project_lite::pin_project;
-
 #[cfg(feature = "experimental-io-uring")]
 use bytes::BytesMut;
+use futures_core::{ready, Stream};
+use pin_project_lite::pin_project;

 use super::named::File;

--- a/actix-files/src/directory.rs
+++ b/actix-files/src/directory.rs
@ -1,4 +1,9 @@
-use std::{fmt::Write, fs::DirEntry, io, path::Path, path::PathBuf};
+use std::{
+    fmt::Write,
+    fs::DirEntry,
+    io,
+    path::{Path, PathBuf},
+};

 use actix_web::{dev::ServiceResponse, HttpRequest, HttpResponse};
 use percent_encoding::{utf8_percent_encode, CONTROLS};
--- a/actix-files/src/error.rs
+++ b/actix-files/src/error.rs
@ -6,11 +6,11 @@ use derive_more::Display;
 pub enum FilesError {
    /// Path is not a directory.
    #[allow(dead_code)]
-    #[display(fmt = "path is not a directory. Unable to serve static files")]
+    #[display("path is not a directory. Unable to serve static files")]
    IsNotDirectory,

    /// Cannot render directory.
-    #[display(fmt = "unable to render directory without index file")]
+    #[display("unable to render directory without index file")]
    IsDirectory,
 }

@ -25,19 +25,19 @@ impl ResponseError for FilesError {
 #[non_exhaustive]
 pub enum UriSegmentError {
    /// Segment started with the wrapped invalid character.
-    #[display(fmt = "segment started with invalid character: ('{_0}')")]
+    #[display("segment started with invalid character: ('{_0}')")]
    BadStart(char),

    /// Segment contained the wrapped invalid character.
-    #[display(fmt = "segment contained invalid character ('{_0}')")]
+    #[display("segment contained invalid character ('{_0}')")]
    BadChar(char),

    /// Segment ended with the wrapped invalid character.
-    #[display(fmt = "segment ended with invalid character: ('{_0}')")]
+    #[display("segment ended with invalid character: ('{_0}')")]
    BadEnd(char),

    /// Path is not a valid UTF-8 string after percent-decoding.
-    #[display(fmt = "path is not a valid UTF-8 string after percent-decoding")]
+    #[display("path is not a valid UTF-8 string after percent-decoding")]
    NotValidUtf8,
 }

--- a/actix-files/src/files.rs
+++ b/actix-files/src/files.rs
@ -8,8 +8,7 @@ use std::{
 use actix_service::{boxed, IntoServiceFactory, ServiceFactory, ServiceFactoryExt};
 use actix_web::{
    dev::{
-        AppService, HttpServiceFactory, RequestHead, ResourceDef, ServiceRequest,
-        ServiceResponse,
+        AppService, HttpServiceFactory, RequestHead, ResourceDef, ServiceRequest, ServiceResponse,
    },
    error::Error,
    guard::Guard,
@ -236,7 +235,7 @@ impl Files {
    /// request starts being handled by the file service, it will not be able to back-out and try
    /// the next service, you will simply get a 404 (or 405) error response.
    ///
-    /// To allow `POST` requests to retrieve files, see [`Files::use_guards`].
+    /// To allow `POST` requests to retrieve files, see [`Files::method_guard()`].
    ///
    /// # Examples
    /// ```
@ -301,12 +300,8 @@ impl Files {
    pub fn default_handler<F, U>(mut self, f: F) -> Self
    where
        F: IntoServiceFactory<U, ServiceRequest>,
-        U: ServiceFactory<
-                ServiceRequest,
-                Config = (),
-                Response = ServiceResponse,
-                Error = Error,
-            > + 'static,
+        U: ServiceFactory<ServiceRequest, Config = (), Response = ServiceResponse, Error = Error>
+            + 'static,
    {
        // create and configure default resource
        self.default = Rc::new(RefCell::new(Some(Rc::new(boxed::factory(
@ -422,10 +417,14 @@ mod tests {

        assert_eq!(res.status(), StatusCode::OK);
        let body = test::read_body(res).await;
+        let body_str = std::str::from_utf8(&body).unwrap();
+        let actual_path = Path::new(&body_str);
+        let expected_path = Path::new("actix-files/tests");
        assert!(
-            body.ends_with(b"actix-files/tests/"),
-            "body {:?} does not end with `actix-files/tests/`",
-            body
+            actual_path.ends_with(expected_path),
+            "body {:?} does not end with {:?}",
+            actual_path,
+            expected_path
        );
    }
 }
--- a/actix-files/src/lib.rs
+++ b/actix-files/src/lib.rs
@ -11,13 +11,13 @@
 //!     .service(Files::new("/static", ".").prefer_utf8(true));
 //! ```

-#![deny(rust_2018_idioms, nonstandard_style)]
-#![warn(future_incompatible, missing_docs, missing_debug_implementations)]
-#![allow(clippy::uninlined_format_args)]
+#![warn(missing_docs, missing_debug_implementations)]
 #![doc(html_logo_url = "https://actix.rs/img/logo.png")]
 #![doc(html_favicon_url = "https://actix.rs/favicon.ico")]
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]

+use std::path::Path;
+
 use actix_service::boxed::{BoxService, BoxServiceFactory};
 use actix_web::{
    dev::{RequestHead, ServiceRequest, ServiceResponse},
@ -25,7 +25,6 @@ use actix_web::{
    http::header::DispositionType,
 };
 use mime_guess::from_ext;
-use std::path::Path;

 mod chunked;
 mod directory;
@ -37,16 +36,15 @@ mod path_buf;
 mod range;
 mod service;

-pub use self::chunked::ChunkedReadFile;
-pub use self::directory::Directory;
-pub use self::files::Files;
-pub use self::named::NamedFile;
-pub use self::range::HttpRange;
-pub use self::service::FilesService;
-
-use self::directory::{directory_listing, DirectoryRenderer};
-use self::error::FilesError;
-use self::path_buf::PathBufWrap;
+pub use self::{
+    chunked::ChunkedReadFile, directory::Directory, files::Files, named::NamedFile,
+    range::HttpRange, service::FilesService,
+};
+use self::{
+    directory::{directory_listing, DirectoryRenderer},
+    error::FilesError,
+    path_buf::PathBufWrap,
+};

 type HttpService = BoxService<ServiceRequest, ServiceResponse, Error>;
 type HttpNewService = BoxServiceFactory<(), ServiceRequest, ServiceResponse, Error, ()>;
@ -66,6 +64,7 @@ type PathFilter = dyn Fn(&Path, &RequestHead) -> bool;
 #[cfg(test)]
 mod tests {
    use std::{
+        fmt::Write as _,
        fs::{self},
        ops::Add,
        time::{Duration, SystemTime},
@ -75,7 +74,7 @@ mod tests {
        dev::ServiceFactory,
        guard,
        http::{
-            header::{self, ContentDisposition, DispositionParam, DispositionType},
+            header::{self, ContentDisposition, DispositionParam},
            Method, StatusCode,
        },
        middleware::Compress,
@ -307,11 +306,11 @@ mod tests {
        let resp = file.respond_to(&req);
        assert_eq!(
            resp.headers().get(header::CONTENT_TYPE).unwrap(),
-            "application/javascript; charset=utf-8"
+            "text/javascript",
        );
        assert_eq!(
            resp.headers().get(header::CONTENT_DISPOSITION).unwrap(),
-            "inline; filename=\"test.js\""
+            "inline; filename=\"test.js\"",
        );
    }

@ -554,10 +553,9 @@ mod tests {

    #[actix_rt::test]
    async fn test_static_files_with_spaces() {
-        let srv = test::init_service(
-            App::new().service(Files::new("/", ".").index_file("Cargo.toml")),
-        )
-        .await;
+        let srv =
+            test::init_service(App::new().service(Files::new("/", ".").index_file("Cargo.toml")))
+                .await;
        let request = TestRequest::get()
            .uri("/tests/test%20space.binary")
            .to_request();
@ -569,6 +567,30 @@ mod tests {
        assert_eq!(bytes, data);
    }

+    #[cfg(not(target_os = "windows"))]
+    #[actix_rt::test]
+    async fn test_static_files_with_special_characters() {
+        // Create the file we want to test against ad-hoc. We can't check it in as otherwise
+        // Windows can't even checkout this repository.
+        let temp_dir = tempfile::tempdir().unwrap();
+        let file_with_newlines = temp_dir.path().join("test\n\x0B\x0C\rnewline.text");
+        fs::write(&file_with_newlines, "Look at my newlines").unwrap();
+
+        let srv = test::init_service(
+            App::new().service(Files::new("/", temp_dir.path()).index_file("Cargo.toml")),
+        )
+        .await;
+        let request = TestRequest::get()
+            .uri("/test%0A%0B%0C%0Dnewline.text")
+            .to_request();
+        let response = test::call_service(&srv, request).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        let bytes = test::read_body(response).await;
+        let data = web::Bytes::from(fs::read(file_with_newlines).unwrap());
+        assert_eq!(bytes, data);
+    }
+
    #[actix_rt::test]
    async fn test_files_not_allowed() {
        let srv = test::init_service(App::new().service(Files::new("/", "."))).await;
@ -667,8 +689,7 @@ mod tests {
    #[actix_rt::test]
    async fn test_static_files() {
        let srv =
-            test::init_service(App::new().service(Files::new("/", ".").show_files_listing()))
-                .await;
+            test::init_service(App::new().service(Files::new("/", ".").show_files_listing())).await;
        let req = TestRequest::with_uri("/missing").to_request();

        let resp = test::call_service(&srv, req).await;
@ -681,8 +702,7 @@ mod tests {
        assert_eq!(resp.status(), StatusCode::NOT_FOUND);

        let srv =
-            test::init_service(App::new().service(Files::new("/", ".").show_files_listing()))
-                .await;
+            test::init_service(App::new().service(Files::new("/", ".").show_files_listing())).await;
        let req = TestRequest::with_uri("/tests").to_request();
        let resp = test::call_service(&srv, req).await;
        assert_eq!(
@ -843,19 +863,21 @@ mod tests {

    #[actix_rt::test]
    async fn test_percent_encoding_2() {
-        let tmpdir = tempfile::tempdir().unwrap();
+        let temp_dir = tempfile::tempdir().unwrap();
        let filename = match cfg!(unix) {
-            true => "ض:?#[]{}<>()@!$&'`|*+,;= %20.test",
+            true => "ض:?#[]{}<>()@!$&'`|*+,;= %20\n.test",
            false => "ض#[]{}()@!$&'`+,;= %20.test",
        };
        let filename_encoded = filename
            .as_bytes()
            .iter()
-            .map(|c| format!("%{:02X}", c))
-            .collect::<String>();
-        std::fs::File::create(tmpdir.path().join(filename)).unwrap();
+            .fold(String::new(), |mut buf, c| {
+                write!(&mut buf, "%{:02X}", c).unwrap();
+                buf
+            });
+        std::fs::File::create(temp_dir.path().join(filename)).unwrap();

-        let srv = test::init_service(App::new().service(Files::new("", tmpdir.path()))).await;
+        let srv = test::init_service(App::new().service(Files::new("/", temp_dir.path()))).await;

        let req = TestRequest::get()
            .uri(&format!("/{}", filename_encoded))
--- a/actix-files/src/named.rs
+++ b/actix-files/src/named.rs
@ -8,13 +8,13 @@ use std::{
 use actix_web::{
    body::{self, BoxBody, SizedStream},
    dev::{
-        self, AppService, HttpServiceFactory, ResourceDef, Service, ServiceFactory,
-        ServiceRequest, ServiceResponse,
+        self, AppService, HttpServiceFactory, ResourceDef, Service, ServiceFactory, ServiceRequest,
+        ServiceResponse,
    },
    http::{
        header::{
-            self, Charset, ContentDisposition, ContentEncoding, DispositionParam,
-            DispositionType, ExtendedValue, HeaderValue,
+            self, Charset, ContentDisposition, ContentEncoding, DispositionParam, DispositionType,
+            ExtendedValue, HeaderValue,
        },
        StatusCode,
    },
@ -24,11 +24,11 @@ use bitflags::bitflags;
 use derive_more::{Deref, DerefMut};
 use futures_core::future::LocalBoxFuture;
 use mime::Mime;
-use mime_guess::from_path;

 use crate::{encoding::equiv_utf8_text, range::HttpRange};

 bitflags! {
+    #[derive(Debug, Clone, Copy)]
    pub(crate) struct Flags: u8 {
        const ETAG =                0b0000_0001;
        const LAST_MD =             0b0000_0010;
@ -84,6 +84,7 @@ pub struct NamedFile {

 #[cfg(not(feature = "experimental-io-uring"))]
 pub(crate) use std::fs::File;
+
 #[cfg(feature = "experimental-io-uring")]
 pub(crate) use tokio_uring::fs::File;

@ -126,7 +127,7 @@ impl NamedFile {
                }
            };

-            let ct = from_path(&path).first_or_octet_stream();
+            let ct = mime_guess::from_path(&path).first_or_octet_stream();

            let disposition = match ct.type_() {
                mime::IMAGE | mime::TEXT | mime::AUDIO | mime::VIDEO => DispositionType::Inline,
@ -138,8 +139,13 @@ impl NamedFile {
                _ => DispositionType::Attachment,
            };

-            let mut parameters =
-                vec![DispositionParam::Filename(String::from(filename.as_ref()))];
+            // replace special characters in filenames which could occur on some filesystems
+            let filename_s = filename
+                .replace('\n', "%0A") // \n line break
+                .replace('\x0B', "%0B") // \v vertical tab
+                .replace('\x0C', "%0C") // \f form feed
+                .replace('\r', "%0D"); // \r carriage return
+            let mut parameters = vec![DispositionParam::Filename(filename_s)];

            if !filename.is_ascii() {
                parameters.push(DispositionParam::FilenameExt(ExtendedValue {
--- a/actix-files/src/path_buf.rs
+++ b/actix-files/src/path_buf.rs
@ -97,8 +97,6 @@ impl FromRequest for PathBufWrap {

 #[cfg(test)]
 mod tests {
-    use std::iter::FromIterator;
-
    use super::*;

    #[test]
--- a/actix-files/src/range.rs
+++ b/actix-files/src/range.rs
@ -48,8 +48,8 @@ impl HttpRange {
    /// `header` is HTTP Range header (e.g. `bytes=bytes=0-9`).
    /// `size` is full size of response (file).
    pub fn parse(header: &str, size: u64) -> Result<Vec<HttpRange>, ParseRangeErr> {
-        let ranges = http_range::HttpRange::parse(header, size)
-            .map_err(|err| ParseRangeErr(err.into()))?;
+        let ranges =
+            http_range::HttpRange::parse(header, size).map_err(|err| ParseRangeErr(err.into()))?;

        Ok(ranges
            .iter()
--- a/actix-files/src/service.rs
+++ b/actix-files/src/service.rs
@ -62,11 +62,7 @@ impl FilesService {
        }
    }

-    fn serve_named_file(
-        &self,
-        req: ServiceRequest,
-        mut named_file: NamedFile,
-    ) -> ServiceResponse {
+    fn serve_named_file(&self, req: ServiceRequest, mut named_file: NamedFile) -> ServiceResponse {
        if let Some(ref mime_override) = self.mime_override {
            let new_disposition = mime_override(&named_file.content_type.type_());
            named_file.content_disposition.disposition = new_disposition;
@ -83,7 +79,7 @@ impl FilesService {

        let (req, _) = req.into_parts();

-        (self.renderer)(&dir, &req).unwrap_or_else(|e| ServiceResponse::from_err(e, req))
+        (self.renderer)(&dir, &req).unwrap_or_else(|err| ServiceResponse::from_err(err, req))
    }
 }

@ -120,13 +116,11 @@ impl Service<ServiceRequest> for FilesService {
                ));
            }

-            let path_on_disk = match PathBufWrap::parse_path(
-                req.match_info().unprocessed(),
-                this.hidden_files,
-            ) {
-                Ok(item) => item,
-                Err(err) => return Ok(req.error_response(err)),
-            };
+            let path_on_disk =
+                match PathBufWrap::parse_path(req.match_info().unprocessed(), this.hidden_files) {
+                    Ok(item) => item,
+                    Err(err) => return Ok(req.error_response(err)),
+                };

            if let Some(filter) = &this.path_filter {
                if !filter(path_on_disk.as_ref(), req.head()) {
@ -177,8 +171,7 @@ impl Service<ServiceRequest> for FilesService {
                match NamedFile::open_async(&path).await {
                    Ok(mut named_file) => {
                        if let Some(ref mime_override) = this.mime_override {
-                            let new_disposition =
-                                mime_override(&named_file.content_type.type_());
+                            let new_disposition = mime_override(&named_file.content_type.type_());
                            named_file.content_disposition.disposition = new_disposition;
                        }
                        named_file.flags = this.file_flags;
--- a/actix-files/tests/encoding.rs
+++ b/actix-files/tests/encoding.rs
@ -24,8 +24,7 @@ async fn test_utf8_file_contents() {

    // disable UTF-8 attribute
    let srv =
-        test::init_service(App::new().service(Files::new("/", "./tests").prefer_utf8(false)))
-            .await;
+        test::init_service(App::new().service(Files::new("/", "./tests").prefer_utf8(false))).await;

    let req = TestRequest::with_uri("/utf8.txt").to_request();
    let res = test::call_service(&srv, req).await;
--- a/actix-files/tests/guard.rs
+++ b/actix-files/tests/guard.rs
@ -12,9 +12,7 @@ async fn test_guard_filter() {
    let srv = test::init_service(
        App::new()
            .service(Files::new("/", "./tests/fixtures/guards/first").guard(Host("first.com")))
-            .service(
-                Files::new("/", "./tests/fixtures/guards/second").guard(Host("second.com")),
-            ),
+            .service(Files::new("/", "./tests/fixtures/guards/second").guard(Host("second.com"))),
    )
    .await;

--- a/actix-files/tests/traversal.rs
+++ b/actix-files/tests/traversal.rs
@ -9,8 +9,7 @@ use actix_web::{
 async fn test_directory_traversal_prevention() {
    let srv = test::init_service(App::new().service(Files::new("/", "./tests"))).await;

-    let req =
-        TestRequest::with_uri("/../../../../../../../../../../../etc/passwd").to_request();
+    let req = TestRequest::with_uri("/../../../../../../../../../../../etc/passwd").to_request();
    let res = test::call_service(&srv, req).await;
    assert_eq!(res.status(), StatusCode::NOT_FOUND);

--- a/actix-http-test/CHANGES.md
+++ b/actix-http-test/CHANGES.md
@ -1,12 +1,18 @@
 # Changes

-## Unreleased - 2023-xx-xx
+## Unreleased

-## 3.1.0 - 2023-01-21
+- Minimum supported Rust version (MSRV) is now 1.72.
+
+## 3.2.0
+
+- Minimum supported Rust version (MSRV) is now 1.68 due to transitive `time` dependency.
+
+## 3.1.0

 - Minimum supported Rust version (MSRV) is now 1.59.

-## 3.0.0 - 2022-07-24
+## 3.0.0

 - `TestServer::stop` is now async and will wait for the server and system to shutdown. [#2442]
 - Added `TestServer::client_headers` method. [#2097]
@ -22,41 +28,41 @@
 <details>
 <summary>3.0.0 Pre-Releases</summary>

-## 3.0.0-beta.13 - 2022-02-16
+## 3.0.0-beta.13

 - No significant changes since `3.0.0-beta.12`.

-## 3.0.0-beta.12 - 2022-01-31
+## 3.0.0-beta.12

 - No significant changes since `3.0.0-beta.11`.

-## 3.0.0-beta.11 - 2022-01-04
+## 3.0.0-beta.11

 - Minimum supported Rust version (MSRV) is now 1.54.

-## 3.0.0-beta.10 - 2021-12-27
+## 3.0.0-beta.10

 - Update `actix-server` to `2.0.0-rc.2`. [#2550]

 [#2550]: https://github.com/actix/actix-web/pull/2550

-## 3.0.0-beta.9 - 2021-12-11
+## 3.0.0-beta.9

 - No significant changes since `3.0.0-beta.8`.

-## 3.0.0-beta.8 - 2021-11-30
+## 3.0.0-beta.8

 - Update `actix-tls` to `3.0.0-rc.1`. [#2474]

 [#2474]: https://github.com/actix/actix-web/pull/2474

-## 3.0.0-beta.7 - 2021-11-22
+## 3.0.0-beta.7

 - Fix compatibility with experimental `io-uring` feature of `actix-rt`. [#2408]

 [#2408]: https://github.com/actix/actix-web/pull/2408

-## 3.0.0-beta.6 - 2021-11-15
+## 3.0.0-beta.6

 - `TestServer::stop` is now async and will wait for the server and system to shutdown. [#2442]
 - Update `actix-server` to `2.0.0-beta.9`. [#2442]
@ -64,25 +70,25 @@

 [#2442]: https://github.com/actix/actix-web/pull/2442

-## 3.0.0-beta.5 - 2021-09-09
+## 3.0.0-beta.5

 - Minimum supported Rust version (MSRV) is now 1.51.

-## 3.0.0-beta.4 - 2021-04-02
+## 3.0.0-beta.4

 - Added `TestServer::client_headers` method. [#2097]

 [#2097]: https://github.com/actix/actix-web/pull/2097

-## 3.0.0-beta.3 - 2021-03-09
+## 3.0.0-beta.3

 - No notable changes.

-## 3.0.0-beta.2 - 2021-02-10
+## 3.0.0-beta.2

 - No notable changes.

-## 3.0.0-beta.1 - 2021-01-07
+## 3.0.0-beta.1

 - Update `bytes` to `1.0`. [#1813]

@ -90,7 +96,7 @@

 </details>

-## 2.1.0 - 2020-11-25
+## 2.1.0

 - Add ability to set address for `TestServer`. [#1645]
 - Upgrade `base64` to `0.13`.
@ -99,11 +105,11 @@
 [#1773]: https://github.com/actix/actix-web/pull/1773
 [#1645]: https://github.com/actix/actix-web/pull/1645

-## 2.0.0 - 2020-09-11
+## 2.0.0

 - Update actix-codec and actix-utils dependencies.

-## 2.0.0-alpha.1 - 2020-05-23
+## 2.0.0-alpha.1

 - Update the `time` dependency to 0.2.7
 - Update `actix-connect` dependency to 2.0.0-alpha.2
@ -113,57 +119,57 @@
 - Update `base64` dependency to 0.12
 - Update `env_logger` dependency to 0.7

-## 1.0.0 - 2019-12-13
+## 1.0.0

 - Replaced `TestServer::start()` with `test_server()`

-## 1.0.0-alpha.3 - 2019-12-07
+## 1.0.0-alpha.3

 - Migrate to `std::future`

-## 0.2.5 - 2019-09-17
+## 0.2.5

 - Update serde_urlencoded to "0.6.1"
 - Increase TestServerRuntime timeouts from 500ms to 3000ms
 - Do not override current `System`

-## 0.2.4 - 2019-07-18
+## 0.2.4

 - Update actix-server to 0.6

-## 0.2.3 - 2019-07-16
+## 0.2.3

 - Add `delete`, `options`, `patch` methods to `TestServerRunner`

-## 0.2.2 - 2019-06-16
+## 0.2.2

 - Add .put() and .sput() methods

-## 0.2.1 - 2019-06-05
+## 0.2.1

 - Add license files

-## 0.2.0 - 2019-05-12
+## 0.2.0

 - Update awc and actix-http deps

-## 0.1.1 - 2019-04-24
+## 0.1.1

 - Always make new connection for http client

-## 0.1.0 - 2019-04-16
+## 0.1.0

 - No changes

-## 0.1.0-alpha.3 - 2019-04-02
+## 0.1.0-alpha.3

 - Request functions accept path #743

-## 0.1.0-alpha.2 - 2019-03-29
+## 0.1.0-alpha.2

 - Added TestServerRuntime::load_body() method
 - Update actix-http and awc libraries

-## 0.1.0-alpha.1 - 2019-03-28
+## 0.1.0-alpha.1

 - Initial impl
--- a/actix-http-test/Cargo.toml
+++ b/actix-http-test/Cargo.toml
@ -1,26 +1,34 @@
 [package]
 name = "actix-http-test"
-version = "3.1.0"
+version = "3.2.0"
 authors = ["Nikolay Kim <fafhrd91@gmail.com>"]
 description = "Various helpers for Actix applications to use during testing"
 keywords = ["http", "web", "framework", "async", "futures"]
 homepage = "https://actix.rs"
-repository = "https://github.com/actix/actix-web.git"
+repository = "https://github.com/actix/actix-web"
 categories = [
-    "network-programming",
-    "asynchronous",
-    "web-programming::http-server",
-    "web-programming::websocket",
+  "network-programming",
+  "asynchronous",
+  "web-programming::http-server",
+  "web-programming::websocket",
 ]
 license = "MIT OR Apache-2.0"
-edition = "2018"
+edition = "2021"

 [package.metadata.docs.rs]
 features = []

-[lib]
-name = "actix_http_test"
-path = "src/lib.rs"
+[package.metadata.cargo_check_external_types]
+allowed_external_types = [
+  "actix_codec::*",
+  "actix_http::*",
+  "actix_server::*",
+  "awc::*",
+  "bytes::*",
+  "futures_core::*",
+  "http::*",
+  "tokio::*",
+]

 [features]
 default = []
@ -29,26 +37,28 @@ default = []
 openssl = ["tls-openssl", "awc/openssl"]

 [dependencies]
-actix-service = "2"
 actix-codec = "0.5"
-actix-tls = "3"
-actix-utils = "3"
 actix-rt = "2.2"
 actix-server = "2"
+actix-service = "2"
+actix-tls = "3"
+actix-utils = "3"
 awc = { version = "3", default-features = false }

 bytes = "1"
 futures-core = { version = "0.3.17", default-features = false }
 http = "0.2.7"
 log = "0.4"
-socket2 = "0.4"
 serde = "1"
 serde_json = "1"
-slab = "0.4"
 serde_urlencoded = "0.7"
-tls-openssl = { version = "0.10.9", package = "openssl", optional = true }
-tokio = { version = "1.24.2", features = ["sync"] }
+slab = "0.4"
+socket2 = "0.6"
+tls-openssl = { version = "0.10.55", package = "openssl", optional = true }
+tokio = { version = "1.38.2", features = ["sync"] }

 [dev-dependencies]
-actix-web = { version = "4", default-features = false, features = ["cookies"] }
 actix-http = "3"
+
+[lints]
+workspace = true
--- a/actix-http-test/README.md
+++ b/actix-http-test/README.md
@ -1,17 +1,20 @@
-# actix-http-test
+# `actix-http-test`

-> Various helpers for Actix applications to use during testing.
+<!-- prettier-ignore-start -->

 [![crates.io](https://img.shields.io/crates/v/actix-http-test?label=latest)](https://crates.io/crates/actix-http-test)
-[![Documentation](https://docs.rs/actix-http-test/badge.svg?version=3.1.0)](https://docs.rs/actix-http-test/3.1.0)
-![Version](https://img.shields.io/badge/rustc-1.59+-ab6000.svg)
+[![Documentation](https://docs.rs/actix-http-test/badge.svg?version=3.2.0)](https://docs.rs/actix-http-test/3.2.0)
+![Version](https://img.shields.io/badge/rustc-1.72+-ab6000.svg)
 ![MIT or Apache 2.0 licensed](https://img.shields.io/crates/l/actix-http-test)
 <br>
-[![Dependency Status](https://deps.rs/crate/actix-http-test/3.1.0/status.svg)](https://deps.rs/crate/actix-http-test/3.1.0)
+[![Dependency Status](https://deps.rs/crate/actix-http-test/3.2.0/status.svg)](https://deps.rs/crate/actix-http-test/3.2.0)
 [![Download](https://img.shields.io/crates/d/actix-http-test.svg)](https://crates.io/crates/actix-http-test)
 [![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)

-## Documentation & Resources
+<!-- prettier-ignore-end -->

- [API Documentation](https://docs.rs/actix-http-test)
- Minimum Supported Rust Version (MSRV): 1.59
+<!-- cargo-rdme start -->
+
+Various helpers for Actix applications to use during testing.
+
+<!-- cargo-rdme end -->
--- a/actix-http-test/src/lib.rs
+++ b/actix-http-test/src/lib.rs
@ -1,8 +1,5 @@
 //! Various helpers for Actix applications to use during testing.

-#![deny(rust_2018_idioms, nonstandard_style)]
-#![warn(future_incompatible)]
-#![allow(clippy::uninlined_format_args)]
 #![doc(html_logo_url = "https://actix.rs/img/logo.png")]
 #![doc(html_favicon_url = "https://actix.rs/favicon.ico")]
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]
@ -31,24 +28,20 @@ use tokio::sync::mpsc;
 /// for HTTP applications.
 ///
 /// # Examples
-/// ```no_run
-/// use actix_http::HttpService;
+///
+/// ```
+/// use actix_http::{HttpService, Response, Error, StatusCode};
 /// use actix_http_test::test_server;
-/// use actix_service::map_config;
-/// use actix_service::ServiceFactoryExt;
-/// use actix_web::{dev::AppConfig, web, App, Error, HttpResponse};
+/// use actix_service::{fn_service, map_config, ServiceFactoryExt as _};
 ///
-/// async fn my_handler() -> Result<HttpResponse, Error> {
-///     Ok(HttpResponse::Ok().into())
-/// }
-///
-/// #[actix_web::test]
+/// #[actix_rt::test]
+/// # async fn hidden_test() {}
 /// async fn test_example() {
 ///     let srv = test_server(|| {
-///         let app = App::new().service(web::resource("/").to(my_handler));
-///
 ///         HttpService::build()
-///             .h1(map_config(app, |_| AppConfig::default()))
+///             .h1(fn_service(|req| async move {
+///                 Ok::<_, Error>(Response::ok())
+///             }))
 ///             .tcp()
 ///             .map_err(|_| ())
 ///     })
@ -57,8 +50,9 @@ use tokio::sync::mpsc;
 ///     let req = srv.get("/");
 ///     let response = req.send().await.unwrap();
 ///
-///     assert!(response.status().is_success());
+///     assert_eq!(response.status(), StatusCode::OK);
 /// }
+/// # actix_rt::System::new().block_on(test_example());
 /// ```
 pub async fn test_server<F: ServerServiceFactory<TcpStream>>(factory: F) -> TestServer {
    let tcp = net::TcpListener::bind("127.0.0.1:0").unwrap();
@ -112,7 +106,7 @@ pub async fn test_server_with_addr<F: ServerServiceFactory<TcpStream>>(
            builder.set_verify(SslVerifyMode::NONE);
            let _ = builder
                .set_alpn_protos(b"\x02h2\x08http/1.1")
-                .map_err(|e| log::error!("Can not set alpn protocol: {:?}", e));
+                .map_err(|err| log::error!("Can not set ALPN protocol: {err}"));

            Connector::new()
                .conn_lifetime(Duration::from_secs(0))
--- a/actix-http/CHANGES.md
+++ b/actix-http/CHANGES.md
@ -1,19 +1,99 @@
 # Changes

-## Unreleased - 2023-xx-xx
+## Unreleased
+
+- Malformed websocket frames are now gracefully rejected.
+
+## 3.11.0
+
+- Update `brotli` dependency to `8`.
+
+## 3.10.0

 ### Added

- Add `body::to_body_limit()` function.
+- Add `header::CLEAR_SITE_DATA` constant.
+- Add `Extensions::get_or_insert[_with]()` methods.
+- Implement `From<Bytes>` for `Payload`.
+- Implement `From<Vec<u8>>` for `Payload`.
+
+### Changed
+
+- Update `brotli` dependency to `7`.
+- Minimum supported Rust version (MSRV) is now 1.75.
+
+## 3.9.0
+
+### Added
+
+- Implement `FromIterator<(HeaderName, HeaderValue)>` for `HeaderMap`.
+
+## 3.8.0
+
+### Added
+
+- Add `error::InvalidStatusCode` re-export.
+
+## 3.7.0
+
+### Added
+
+- Add `rustls-0_23` crate feature
+- Add `{h1::H1Service, h2::H2Service, HttpService}::rustls_0_23()` and `HttpService::rustls_0_23_with_config()` service constructors.
+
+### Changed
+
+- Update `brotli` dependency to `6`.
+- Minimum supported Rust version (MSRV) is now 1.72.
+
+## 3.6.0
+
+### Added
+
+- Add `rustls-0_22` crate feature.
+- Add `{h1::H1Service, h2::H2Service, HttpService}::rustls_0_22()` and `HttpService::rustls_0_22_with_config()` service constructors.
+- Implement `From<&HeaderMap>` for `http::HeaderMap`.
+
+## 3.5.1
+
+### Fixed
+
+- Prevent hang when returning zero-sized response bodies through compression layer.
+
+## 3.5.0
+
+### Added
+
+- Implement `From<HeaderMap>` for `http::HeaderMap`.
+
+### Changed
+
+- Updated `zstd` dependency to `0.13`.
+
+### Fixed
+
+- Prevent compression of zero-sized response bodies.
+
+## 3.4.0
+
+### Added
+
+- Add `rustls-0_20` crate feature.
+- Add `{h1::H1Service, h2::H2Service, HttpService}::rustls_021()` and `HttpService::rustls_021_with_config()` service constructors.
+- Add `body::to_bytes_limited()` function.
 - Add `body::BodyLimitExceeded` error type.

-## 3.3.1 - 2023-03-02
+### Changed
+
+- Minimum supported Rust version (MSRV) is now 1.68 due to transitive `time` dependency.
+
+## 3.3.1

 ### Fixed

 - Use correct `http` version requirement to ensure support for const `HeaderName` definitions.

-## 3.3.0 - 2023-01-21
+## 3.3.0

 ### Added

@ -49,7 +129,7 @@
 [#2956]: https://github.com/actix/actix-web/pull/2956
 [#2968]: https://github.com/actix/actix-web/pull/2968

-## 3.2.2 - 2022-09-11
+## 3.2.2

 ### Changed

@ -61,7 +141,7 @@

 [#2369]: https://github.com/actix/actix-web/pull/2369

-## 3.2.1 - 2022-07-02
+## 3.2.1

 ### Fixed

@ -69,7 +149,7 @@

 [#2794]: https://github.com/actix/actix-web/pull/2794

-## 3.2.0 - 2022-06-30
+## 3.2.0

 ### Changed

@ -83,7 +163,7 @@
 [#2790]: https://github.com/actix/actix-web/pull/2790
 [#2798]: https://github.com/actix/actix-web/pull/2798

-## 3.1.0 - 2022-06-11
+## 3.1.0

 ### Changed

@ -97,13 +177,13 @@
 [#2357]: https://github.com/actix/actix-web/issues/2357
 [#2779]: https://github.com/actix/actix-web/pull/2779

-## 3.0.4 - 2022-03-09
+## 3.0.4

 ### Fixed

 - Document on docs.rs with `ws` feature enabled.

-## 3.0.3 - 2022-03-08
+## 3.0.3

 ### Fixed

@ -111,7 +191,7 @@

 [#2684]: https://github.com/actix/actix-web/pull/2684

-## 3.0.2 - 2022-03-05
+## 3.0.2

 ### Fixed

@ -119,13 +199,13 @@

 [#2683]: https://github.com/actix/actix-web/pull/2683

-## 3.0.1 - 2022-03-04
+## 3.0.1

 - Fix panic in H1 dispatcher when pipelining is used with keep-alive. [#2678]

 [#2678]: https://github.com/actix/actix-web/issues/2678

-## 3.0.0 - 2022-02-25
+## 3.0.0

 ### Dependencies

@ -413,7 +493,7 @@
 <details>
 <summary>3.0.0 Pre-Releases</summary>

-## 3.0.0-rc.4 - 2022-02-22
+## 3.0.0-rc.4

 ### Fixed

@ -421,11 +501,11 @@

 [1ce58ecb]: https://github.com/actix/actix-web/commit/1ce58ecb305c60e51db06e6c913b7a1344e229ca

-## 3.0.0-rc.3 - 2022-02-16
+## 3.0.0-rc.3

 - No significant changes since `3.0.0-rc.2`.

-## 3.0.0-rc.2 - 2022-02-08
+## 3.0.0-rc.2

 ### Added

@ -442,7 +522,7 @@
 [#2624]: https://github.com/actix/actix-web/pull/2624
 [#2625]: https://github.com/actix/actix-web/pull/2625

-## 3.0.0-rc.1 - 2022-01-31
+## 3.0.0-rc.1

 ### Added

@ -478,7 +558,7 @@
 [#2611]: https://github.com/actix/actix-web/pull/2611
 [#2618]: https://github.com/actix/actix-web/pull/2618

-## 3.0.0-beta.19 - 2022-01-21
+## 3.0.0-beta.19

 ### Added

@ -498,7 +578,7 @@
 [#2585]: https://github.com/actix/actix-web/pull/2585
 [#2587]: https://github.com/actix/actix-web/pull/2587

-## 3.0.0-beta.18 - 2022-01-04
+## 3.0.0-beta.18

 ### Added

@ -529,7 +609,7 @@
 [#2501]: https://github.com/actix/actix-web/pull/2501
 [#2565]: https://github.com/actix/actix-web/pull/2565

-## 3.0.0-beta.17 - 2021-12-27
+## 3.0.0-beta.17

 ### Changed

@ -547,7 +627,7 @@
 [#2527]: https://github.com/actix/actix-web/pull/2527
 [#2545]: https://github.com/actix/actix-web/pull/2545

-## 3.0.0-beta.16 - 2021-12-17
+## 3.0.0-beta.16

 ### Added

@ -566,7 +646,7 @@
 [#2510]: https://github.com/actix/actix-web/pull/2510
 [#2522]: https://github.com/actix/actix-web/pull/2522

-## 3.0.0-beta.15 - 2021-12-11
+## 3.0.0-beta.15

 ### Added

@ -620,7 +700,7 @@
 [#2497]: https://github.com/actix/actix-web/pull/2497
 [#2520]: https://github.com/actix/actix-web/pull/2520

-## 3.0.0-beta.14 - 2021-11-30
+## 3.0.0-beta.14

 ### Changed

@ -633,7 +713,7 @@
 [#2470]: https://github.com/actix/actix-web/pull/2470
 [#2474]: https://github.com/actix/actix-web/pull/2474

-## 3.0.0-beta.13 - 2021-11-22
+## 3.0.0-beta.13

 ### Added

@ -662,7 +742,7 @@
 [#2448]: https://github.com/actix/actix-web/pull/2448
 [#2456]: https://github.com/actix/actix-web/pull/2456

-## 3.0.0-beta.12 - 2021-11-15
+## 3.0.0-beta.12

 ### Changed

@ -676,7 +756,7 @@
 [#2425]: https://github.com/actix/actix-web/pull/2425
 [#2442]: https://github.com/actix/actix-web/pull/2442

-## 3.0.0-beta.11 - 2021-10-20
+## 3.0.0-beta.11

 ### Changed

@ -685,7 +765,7 @@

 [#2414]: https://github.com/actix/actix-web/pull/2414

-## 3.0.0-beta.10 - 2021-09-09
+## 3.0.0-beta.10

 ### Changed

@ -703,13 +783,13 @@
 [#2344]: https://github.com/actix/actix-web/pull/2344
 [#2377]: https://github.com/actix/actix-web/pull/2377

-## 3.0.0-beta.9 - 2021-08-09
+## 3.0.0-beta.9

 ### Fixed

 - Potential HTTP request smuggling vulnerabilities. [RUSTSEC-2021-0081](https://github.com/rustsec/advisory-db/pull/977)

-## 3.0.0-beta.8 - 2021-06-26
+## 3.0.0-beta.8

 ### Changed

@ -722,7 +802,7 @@
 [#2291]: https://github.com/actix/actix-web/pull/2291
 [#2250]: https://github.com/actix/actix-web/pull/2250

-## 3.0.0-beta.7 - 2021-06-17
+## 3.0.0-beta.7

 ### Added

@ -769,7 +849,7 @@
 [#2253]: https://github.com/actix/actix-web/pull/2253
 [#2244]: https://github.com/actix/actix-web/pull/2244

-## 3.0.0-beta.6 - 2021-04-17
+## 3.0.0-beta.6

 ### Added

@ -804,7 +884,7 @@
 [#2158]: https://github.com/actix/actix-web/pull/2158
 [#2161]: https://github.com/actix/actix-web/pull/2161

-## 3.0.0-beta.5 - 2021-04-02
+## 3.0.0-beta.5

 ### Added

@ -826,7 +906,7 @@
 [#2094]: https://github.com/actix/actix-web/pull/2094
 [#2127]: https://github.com/actix/actix-web/pull/2127

-## 3.0.0-beta.4 - 2021-03-08
+## 3.0.0-beta.4

 ### Changed

@ -844,11 +924,11 @@
 [#2035]: https://github.com/actix/actix-web/pull/2035
 [#2052]: https://github.com/actix/actix-web/pull/2052

-## 3.0.0-beta.3 - 2021-02-10
+## 3.0.0-beta.3

 - No notable changes.

-## 3.0.0-beta.2 - 2021-02-10
+## 3.0.0-beta.2

 ### Added

@ -900,7 +980,7 @@
 [#1964]: https://github.com/actix/actix-web/pull/1964
 [#1969]: https://github.com/actix/actix-web/pull/1969

-## 3.0.0-beta.1 - 2021-01-07
+## 3.0.0-beta.1

 ### Added

@ -928,7 +1008,7 @@

 </details>

-## 2.2.2 - 2022-01-21
+## 2.2.2

 ### Changed

@ -936,13 +1016,13 @@

 [ad7e3c06]: https://github.com/actix/actix-web/commit/ad7e3c06

-## 2.2.1 - 2021-08-09
+## 2.2.1

 ### Fixed

 - Potential HTTP request smuggling vulnerabilities. [RUSTSEC-2021-0081](https://github.com/rustsec/advisory-db/pull/977)

-## 2.2.0 - 2020-11-25
+## 2.2.0

 ### Added

@ -964,7 +1044,7 @@
 [#1793]: https://github.com/actix/actix-web/pull/1793
 [#1797]: https://github.com/actix/actix-web/pull/1797

-## 2.1.0 - 2020-10-30
+## 2.1.0

 ### Added

@ -981,18 +1061,18 @@
 [#1733]: https://github.com/actix/actix-web/pull/1733
 [#1744]: https://github.com/actix/actix-web/pull/1744

-## 2.0.0 - 2020-09-11
+## 2.0.0

 - No significant changes from `2.0.0-beta.4`.

-## 2.0.0-beta.4 - 2020-09-09
+## 2.0.0-beta.4

 ### Changed

 - Update actix-codec and actix-utils dependencies.
 - Update actix-connect and actix-tls dependencies.

-## 2.0.0-beta.3 - 2020-08-14
+## 2.0.0-beta.3

 ### Fixed

@ -1000,7 +1080,7 @@

 [#1626]: https://github.com/actix/actix-web/pull/1626

-## 2.0.0-beta.2 - 2020-07-21
+## 2.0.0-beta.2

 ### Fixed

@ -1013,7 +1093,7 @@
 [#1614]: https://github.com/actix/actix-web/pull/1614
 [#1615]: https://github.com/actix/actix-web/pull/1615

-## 2.0.0-beta.1 - 2020-07-11
+## 2.0.0-beta.1

 ### Changed

@ -1026,7 +1106,7 @@
 [#1586]: https://github.com/actix/actix-web/pull/1586
 [#1580]: https://github.com/actix/actix-web/pull/1580

-## 2.0.0-alpha.4 - 2020-05-21
+## 2.0.0-alpha.4

 ### Changed

@ -1042,7 +1122,7 @@
 [#1439]: https://github.com/actix/actix-web/pull/1439
 [#1503]: https://github.com/actix/actix-web/pull/1503

-## 2.0.0-alpha.3 - 2020-05-08
+## 2.0.0-alpha.3

 ### Fixed

@ -1057,7 +1137,7 @@
 [#1422]: https://github.com/actix/actix-web/pull/1422
 [#1487]: https://github.com/actix/actix-web/pull/1487

-## 2.0.0-alpha.2 - 2020-03-07
+## 2.0.0-alpha.2

 ### Changed

@ -1069,7 +1149,7 @@
 [#1394]: https://github.com/actix/actix-web/pull/1394
 [#1395]: https://github.com/actix/actix-web/pull/1395

-## 2.0.0-alpha.1 - 2020-02-27
+## 2.0.0-alpha.1

 ### Changed

@ -1082,14 +1162,14 @@

 - Allow `SameSite=None` cookies to be sent in a response.

-## 1.0.1 - 2019-12-20
+## 1.0.1

 ### Fixed

 - Poll upgrade service's readiness from HTTP service handlers
 - Replace brotli with brotli2 #1224

-## 1.0.0 - 2019-12-13
+## 1.0.0

 ### Added

@ -1099,7 +1179,7 @@

 - Replace `flate2-xxx` features with `compress`

-## 1.0.0-alpha.5 - 2019-12-09
+## 1.0.0-alpha.5

 ### Fixed

@ -1110,7 +1190,7 @@

 - Websockets: Ping and Pong should have binary data #1049

-## 1.0.0-alpha.4 - 2019-12-08
+## 1.0.0-alpha.4

 ### Added

@ -1120,14 +1200,14 @@

 - Use rust based brotli compression library

-## 1.0.0-alpha.3 - 2019-12-07
+## 1.0.0-alpha.3

 ### Changed

 - Migrate to tokio 0.2
 - Migrate to `std::future`

-## 0.2.11 - 2019-11-06
+## 0.2.11

 ### Added

@ -1141,7 +1221,7 @@

 [#1878]: https://github.com/actix/actix-web/pull/1878

-## 0.2.10 - 2019-09-11
+## 0.2.10

 ### Added

@ -1152,7 +1232,7 @@
 - h2 will use error response #1080
 - on_connect result isn't added to request extensions for http2 requests #1009

-## 0.2.9 - 2019-08-13
+## 0.2.9

 ### Changed

@ -1164,7 +1244,7 @@

 - Fixed a panic in the HTTP2 handshake in client HTTP requests (#1031)

-## 0.2.8 - 2019-08-01
+## 0.2.8

 ### Added

@ -1176,20 +1256,20 @@
 - awc client panic #1016
 - Invalid response with compression middleware enabled, but compression-related features disabled #997

-## 0.2.7 - 2019-07-18
+## 0.2.7

 ### Added

 - Add support for downcasting response errors #986

-## 0.2.6 - 2019-07-17
+## 0.2.6

 ### Changed

 - Replace `ClonableService` with local copy
 - Upgrade `rand` dependency version to 0.7

-## 0.2.5 - 2019-06-28
+## 0.2.5

 ### Added

@ -1200,13 +1280,13 @@
 - Use `encoding_rs` crate instead of unmaintained `encoding` crate
 - Add `Copy` and `Clone` impls for `ws::Codec`

-## 0.2.4 - 2019-06-16
+## 0.2.4

 ### Fixed

 - Do not compress NoContent (204) responses #918

-## 0.2.3 - 2019-06-02
+## 0.2.3

 ### Added

@ -1217,19 +1297,19 @@

 - SizedStream uses u64

-## 0.2.2 - 2019-05-29
+## 0.2.2

 ### Fixed

 - Parse incoming stream before closing stream on disconnect #868

-## 0.2.1 - 2019-05-25
+## 0.2.1

 ### Fixed

 - Handle socket read disconnect

-## 0.2.0 - 2019-05-12
+## 0.2.0

 ### Changed

@ -1240,13 +1320,13 @@

 - `OneRequest` service

-## 0.1.5 - 2019-05-04
+## 0.1.5

 ### Fixed

 - Clean up response extensions in response pool #817

-## 0.1.4 - 2019-04-24
+## 0.1.4

 ### Added

@ -1256,20 +1336,20 @@

 - Read until eof for http/1.0 responses #771

-## 0.1.3 - 2019-04-23
+## 0.1.3

 ### Fixed

 - Fix http client pool management
 - Fix http client wait queue management #794

-## 0.1.2 - 2019-04-23
+## 0.1.2

 ### Fixed

 - Fix BorrowMutError panic in client connector #793

-## 0.1.1 - 2019-04-19
+## 0.1.1

 ### Changed

@ -1277,7 +1357,7 @@
 - Cookie::max_age_time() accepts value in time::Duration
 - Allow to specify server address for client connector

-## 0.1.0 - 2019-04-16
+## 0.1.0

 ### Added

@ -1288,7 +1368,7 @@
 - `actix_http::encoding` always available
 - use trust-dns-resolver 0.11.0

-## 0.1.0-alpha.5 - 2019-04-12
+## 0.1.0-alpha.5

 ### Added

@ -1300,7 +1380,7 @@
 - MessageBody::length() renamed to MessageBody::size() for consistency
 - ws handshake verification functions take RequestHead instead of Request

-## 0.1.0-alpha.4 - 2019-04-08
+## 0.1.0-alpha.4

 ### Added

@ -1317,7 +1397,7 @@

 - Removed PayloadBuffer

-## 0.1.0-alpha.3 - 2019-04-02
+## 0.1.0-alpha.3

 ### Added

@ -1329,7 +1409,7 @@
 - Preallocate read buffer for h1 codec
 - Detect socket disconnection during protocol selection

-## 0.1.0-alpha.2 - 2019-03-29
+## 0.1.0-alpha.2

 ### Added

@ -1339,6 +1419,6 @@

 - Do not use thread pool for decompression if chunk size is smaller than 2048.

-## 0.1.0-alpha.1 - 2019-03-28
+## 0.1.0-alpha.1

 - Initial impl
--- a/actix-http/Cargo.toml
+++ b/actix-http/Cargo.toml
@ -1,72 +1,109 @@
 [package]
 name = "actix-http"
-version = "3.3.1"
-authors = [
-    "Nikolay Kim <fafhrd91@gmail.com>",
-    "Rob Ede <robjtede@icloud.com>",
-]
-description = "HTTP primitives for the Actix ecosystem"
+version = "3.11.0"
+authors = ["Nikolay Kim <fafhrd91@gmail.com>", "Rob Ede <robjtede@icloud.com>"]
+description = "HTTP types and services for the Actix ecosystem"
 keywords = ["actix", "http", "framework", "async", "futures"]
 homepage = "https://actix.rs"
-repository = "https://github.com/actix/actix-web.git"
+repository = "https://github.com/actix/actix-web"
 categories = [
-    "network-programming",
-    "asynchronous",
-    "web-programming::http-server",
-    "web-programming::websocket",
+  "network-programming",
+  "asynchronous",
+  "web-programming::http-server",
+  "web-programming::websocket",
 ]
-license = "MIT OR Apache-2.0"
-edition = "2018"
+license.workspace = true
+edition.workspace = true
+rust-version.workspace = true

 [package.metadata.docs.rs]
-# features that docs.rs will build with
-features = ["http2", "ws", "openssl", "rustls", "compress-brotli", "compress-gzip", "compress-zstd"]
+rustdoc-args = ["--cfg", "docsrs"]
+features = [
+  "http2",
+  "ws",
+  "openssl",
+  "rustls-0_20",
+  "rustls-0_21",
+  "rustls-0_22",
+  "rustls-0_23",
+  "compress-brotli",
+  "compress-gzip",
+  "compress-zstd",
+]

-[lib]
-name = "actix_http"
-path = "src/lib.rs"
+[package.metadata.cargo_check_external_types]
+allowed_external_types = [
+  "actix_codec::*",
+  "actix_service::*",
+  "actix_tls::*",
+  "actix_utils::*",
+  "bytes::*",
+  "bytestring::*",
+  "encoding_rs::*",
+  "futures_core::*",
+  "h2::*",
+  "http::*",
+  "httparse::*",
+  "language_tags::*",
+  "mime::*",
+  "openssl::*",
+  "rustls::*",
+  "tokio_util::*",
+  "tokio::*",
+]

 [features]
 default = []

 # HTTP/2 protocol support
-http2 = ["h2"]
+http2 = ["dep:h2"]

 # WebSocket protocol implementation
-ws = [
-    "local-channel",
-    "base64",
-    "rand",
-    "sha1",
-]
+ws = ["dep:local-channel", "dep:base64", "dep:rand", "dep:sha1"]

 # TLS via OpenSSL
-openssl = ["actix-tls/accept", "actix-tls/openssl"]
+openssl = ["__tls", "actix-tls/accept", "actix-tls/openssl"]

-# TLS via Rustls
-rustls = ["actix-tls/accept", "actix-tls/rustls"]
+# TLS via Rustls v0.20
+rustls = ["__tls", "rustls-0_20"]
+
+# TLS via Rustls v0.20
+rustls-0_20 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_20"]
+
+# TLS via Rustls v0.21
+rustls-0_21 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_21"]
+
+# TLS via Rustls v0.22
+rustls-0_22 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_22"]
+
+# TLS via Rustls v0.23
+rustls-0_23 = ["__tls", "actix-tls/accept", "actix-tls/rustls-0_23"]

 # Compression codecs
-compress-brotli = ["__compress", "brotli"]
-compress-gzip   = ["__compress", "flate2"]
-compress-zstd   = ["__compress", "zstd"]
+compress-brotli = ["__compress", "dep:brotli"]
+compress-gzip = ["__compress", "dep:flate2"]
+compress-zstd = ["__compress", "dep:zstd"]

-# Internal (PRIVATE!) features used to aid testing and cheking feature status.
+# Internal (PRIVATE!) features used to aid testing and checking feature status.
 # Don't rely on these whatsoever. They are semver-exempt and may disappear at anytime.
 __compress = []

-[dependencies]
-actix-service = "2"
-actix-codec = "0.5"
-actix-utils = "3"
-actix-rt = { version = "2.2", default-features = false }
+# Internal (PRIVATE!) features used to aid checking feature status.
+# Don't rely on these whatsoever. They may disappear at anytime.
+__tls = []

-ahash = "0.8"
-bitflags = "1.2"
+[dependencies]
+actix-codec = "0.5"
+actix-rt = { version = "2.2", default-features = false }
+actix-service = "2"
+actix-utils = "3"
+
+bitflags = "2"
 bytes = "1"
 bytestring = "1"
-derive_more = "0.99.5"
+derive_more = { version = "2", features = ["as_ref", "deref", "deref_mut", "display", "error", "from"] }
 encoding_rs = "0.8"
+foldhash = "0.1"
 futures-core = { version = "0.3.17", default-features = false, features = ["alloc"] }
 http = "0.2.7"
 httparse = "1.5.1"
@ -77,55 +114,67 @@ mime = "0.3.4"
 percent-encoding = "2.1"
 pin-project-lite = "0.2"
 smallvec = "1.6.1"
-tokio = { version = "1.24.2", features = [] }
+tokio = { version = "1.38.2", features = [] }
 tokio-util = { version = "0.7", features = ["io", "codec"] }
 tracing = { version = "0.1.30", default-features = false, features = ["log"] }

 # http2
-h2 = { version = "0.3.9", optional = true }
+h2 = { version = "0.3.26", optional = true }

 # websockets
+base64 = { version = "0.22", optional = true }
 local-channel = { version = "0.1", optional = true }
-base64 = { version = "0.21", optional = true }
-rand = { version = "0.8", optional = true }
+rand = { version = "0.9", optional = true }
 sha1 = { version = "0.10", optional = true }

 # openssl/rustls
-actix-tls = { version = "3", default-features = false, optional = true }
+actix-tls = { version = "3.4", default-features = false, optional = true }

 # compress-*
-brotli = { version = "3.3.3", optional = true }
+brotli = { version = "8", optional = true }
 flate2 = { version = "1.0.13", optional = true }
-zstd = { version = "0.12", optional = true }
+zstd = { version = "0.13", optional = true }

 [dev-dependencies]
 actix-http-test = { version = "3", features = ["openssl"] }
 actix-server = "2"
-actix-tls = { version = "3", features = ["openssl"] }
+actix-tls = { version = "3.4", features = ["openssl", "rustls-0_23-webpki-roots"] }
 actix-web = "4"

 async-stream = "0.3"
-criterion = { version = "0.4", features = ["html_reports"] }
-env_logger = "0.9"
+criterion = { version = "0.5", features = ["html_reports"] }
+divan = "0.1.8"
+env_logger = "0.11"
 futures-util = { version = "0.3.17", default-features = false, features = ["alloc"] }
 memchr = "2.4"
-once_cell = "1.9"
-rcgen = "0.9"
+once_cell = "1.21"
+rcgen = "0.13"
 regex = "1.3"
+rustls-pemfile = "2"
 rustversion = "1"
-rustls-pemfile = "1"
-serde = { version = "1.0", features = ["derive"] }
+serde = { version = "1", features = ["derive"] }
 serde_json = "1.0"
 static_assertions = "1"
-tls-openssl = { package = "openssl", version = "0.10.9" }
-tls-rustls = { package = "rustls", version = "0.20.0" }
-tokio = { version = "1.24.2", features = ["net", "rt", "macros"] }
+tls-openssl = { package = "openssl", version = "0.10.55" }
+tls-rustls_023 = { package = "rustls", version = "0.23" }
+tokio = { version = "1.38.2", features = ["net", "rt", "macros"] }
+
+[lints]
+workspace = true

 [[example]]
 name = "ws"
-required-features = ["ws", "rustls"]
+required-features = ["ws", "rustls-0_23"]
+
+[[example]]
+name = "tls_rustls"
+required-features = ["http2", "rustls-0_23"]

 [[bench]]
 name = "response-body-compression"
 harness = false
 required-features = ["compress-brotli", "compress-gzip", "compress-zstd"]
+
+[[bench]]
+name = "date-formatting"
+harness = false
--- a/actix-http/README.md
+++ b/actix-http/README.md
@ -1,22 +1,21 @@
-# actix-http
+# `actix-http`

-> HTTP primitives for the Actix ecosystem.
+> HTTP types and services for the Actix ecosystem.
+
+<!-- prettier-ignore-start -->

 [![crates.io](https://img.shields.io/crates/v/actix-http?label=latest)](https://crates.io/crates/actix-http)
-[![Documentation](https://docs.rs/actix-http/badge.svg?version=3.3.1)](https://docs.rs/actix-http/3.3.1)
-![Version](https://img.shields.io/badge/rustc-1.59+-ab6000.svg)
+[![Documentation](https://docs.rs/actix-http/badge.svg?version=3.11.0)](https://docs.rs/actix-http/3.11.0)
+![Version](https://img.shields.io/badge/rustc-1.72+-ab6000.svg)
 ![MIT or Apache 2.0 licensed](https://img.shields.io/crates/l/actix-http.svg)
 <br />
-[![dependency status](https://deps.rs/crate/actix-http/3.3.1/status.svg)](https://deps.rs/crate/actix-http/3.3.1)
+[![dependency status](https://deps.rs/crate/actix-http/3.11.0/status.svg)](https://deps.rs/crate/actix-http/3.11.0)
 [![Download](https://img.shields.io/crates/d/actix-http.svg)](https://crates.io/crates/actix-http)
 [![Chat on Discord](https://img.shields.io/discord/771444961383153695?label=chat&logo=discord)](https://discord.gg/NWpN5mmg3x)

-## Documentation & Resources
+<!-- prettier-ignore-end -->

- [API Documentation](https://docs.rs/actix-http)
- Minimum Supported Rust Version (MSRV): 1.59
-
-## Example
+## Examples

 ```rust
 use std::{env, io};
--- a/actix-http/benches/date-formatting.rs
+++ b/actix-http/benches/date-formatting.rs
@ -0,0 +1,20 @@
+use std::time::SystemTime;
+
+use actix_http::header::HttpDate;
+use divan::{black_box, AllocProfiler, Bencher};
+
+#[global_allocator]
+static ALLOC: AllocProfiler = AllocProfiler::system();
+
+#[divan::bench]
+fn date_formatting(b: Bencher<'_, '_>) {
+    let now = SystemTime::now();
+
+    b.bench(|| {
+        black_box(HttpDate::from(black_box(now)).to_string());
+    })
+}
+
+fn main() {
+    divan::main();
+}
--- a/actix-http/benches/response-body-compression.rs
+++ b/actix-http/benches/response-body-compression.rs
@ -1,5 +1,3 @@
-#![allow(clippy::uninlined_format_args)]
-
 use std::convert::Infallible;

 use actix_http::{encoding::Encoder, ContentEncoding, Request, Response, StatusCode};
--- a/actix-http/examples/actix-web.rs
+++ b/actix-http/examples/actix-web.rs
@ -1,10 +1,10 @@
 use actix_http::HttpService;
 use actix_server::Server;
 use actix_service::map_config;
-use actix_web::{dev::AppConfig, get, App};
+use actix_web::{dev::AppConfig, get, App, Responder};

 #[get("/")]
-async fn index() -> &'static str {
+async fn index() -> impl Responder {
    "Hello, world. From Actix Web!"
 }

--- a/actix-http/examples/echo.rs
+++ b/actix-http/examples/echo.rs
@ -23,7 +23,7 @@ async fn main() -> io::Result<()> {
                        body.extend_from_slice(&item?);
                    }

-                    info!("request body: {:?}", body);
+                    info!("request body: {body:?}");

                    let res = Response::build(StatusCode::OK)
                        .insert_header(("x-head", HeaderValue::from_static("dummy value!")))
@ -31,8 +31,7 @@ async fn main() -> io::Result<()> {

                    Ok::<_, Error>(res)
                })
-                // No TLS
-                .tcp()
+                .tcp() // No TLS
        })?
        .run()
        .await
--- a/actix-http/examples/h2c-detect.rs
+++ b/actix-http/examples/h2c-detect.rs
@ -8,7 +8,7 @@

 use std::{convert::Infallible, io};

-use actix_http::{HttpService, Request, Response, StatusCode};
+use actix_http::{body::BodyStream, HttpService, Request, Response, StatusCode};
 use actix_server::Server;

 #[tokio::main(flavor = "current_thread")]
@ -19,7 +19,12 @@ async fn main() -> io::Result<()> {
        .bind("h2c-detect", ("127.0.0.1", 8080), || {
            HttpService::build()
                .finish(|_req: Request| async move {
-                    Ok::<_, Infallible>(Response::build(StatusCode::OK).body("Hello!"))
+                    Ok::<_, Infallible>(Response::build(StatusCode::OK).body(BodyStream::new(
+                        futures_util::stream::iter([
+                            Ok::<_, String>("123".into()),
+                            Err("wertyuikmnbvcxdfty6t".to_owned()),
+                        ]),
+                    )))
                })
                .tcp_auto_h2c()
        })?
--- a/actix-http/examples/hello-world.rs
+++ b/actix-http/examples/hello-world.rs
@ -17,16 +17,13 @@ async fn main() -> io::Result<()> {
                    ext.insert(42u32);
                })
                .finish(|req: Request| async move {
-                    info!("{:?}", req);
+                    info!("{req:?}");

                    let mut res = Response::build(StatusCode::OK);
                    res.insert_header(("x-head", HeaderValue::from_static("dummy value!")));

                    let forty_two = req.conn_data::<u32>().unwrap().to_string();
-                    res.insert_header((
-                        "x-forty-two",
-                        HeaderValue::from_str(&forty_two).unwrap(),
-                    ));
+                    res.insert_header(("x-forty-two", HeaderValue::from_str(&forty_two).unwrap()));

                    Ok::<_, Infallible>(res.body("Hello world!"))
                })
--- a/actix-http/examples/streaming-error.rs
+++ b/actix-http/examples/streaming-error.rs
@ -22,16 +22,16 @@ async fn main() -> io::Result<()> {
        .bind("streaming-error", ("127.0.0.1", 8080), || {
            HttpService::build()
                .finish(|req| async move {
-                    info!("{:?}", req);
+                    info!("{req:?}");
                    let res = Response::ok();

                    Ok::<_, Infallible>(res.set_body(BodyStream::new(stream! {
                        yield Ok(Bytes::from("123"));
                        yield Ok(Bytes::from("456"));

-                        actix_rt::time::sleep(Duration::from_millis(1000)).await;
+                        actix_rt::time::sleep(Duration::from_secs(1)).await;

-                        yield Err(io::Error::new(io::ErrorKind::Other, ""));
+                        yield Err(io::Error::other("abc"));
                    })))
                })
                .tcp()
--- a/actix-http/examples/tls_rustls.rs
+++ b/actix-http/examples/tls_rustls.rs
@ -0,0 +1,76 @@
+//! Demonstrates TLS configuration (via Rustls) for HTTP/1.1 and HTTP/2 connections.
+//!
+//! Test using cURL:
+//!
+//! ```console
+//! $ curl --insecure https://127.0.0.1:8443
+//! Hello World!
+//! Protocol: HTTP/2.0
+//!
+//! $ curl --insecure --http1.1 https://127.0.0.1:8443
+//! Hello World!
+//! Protocol: HTTP/1.1
+//! ```
+
+extern crate tls_rustls_023 as rustls;
+
+use std::io;
+
+use actix_http::{Error, HttpService, Request, Response};
+use actix_utils::future::ok;
+
+#[actix_rt::main]
+async fn main() -> io::Result<()> {
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
+
+    tracing::info!("starting HTTP server at https://127.0.0.1:8443");
+
+    actix_server::Server::build()
+        .bind("echo", ("127.0.0.1", 8443), || {
+            HttpService::build()
+                .finish(|req: Request| {
+                    let body = format!(
+                        "Hello World!\n\
+                        Protocol: {:?}",
+                        req.head().version
+                    );
+                    ok::<_, Error>(Response::ok().set_body(body))
+                })
+                .rustls_0_23(rustls_config())
+        })?
+        .run()
+        .await
+}
+
+fn rustls_config() -> rustls::ServerConfig {
+    let rcgen::CertifiedKey { cert, key_pair } =
+        rcgen::generate_simple_self_signed(["localhost".to_owned()]).unwrap();
+    let cert_file = cert.pem();
+    let key_file = key_pair.serialize_pem();
+
+    let cert_file = &mut io::BufReader::new(cert_file.as_bytes());
+    let key_file = &mut io::BufReader::new(key_file.as_bytes());
+
+    let cert_chain = rustls_pemfile::certs(cert_file)
+        .collect::<Result<Vec<_>, _>>()
+        .unwrap();
+    let mut keys = rustls_pemfile::pkcs8_private_keys(key_file)
+        .collect::<Result<Vec<_>, _>>()
+        .unwrap();
+
+    let mut config = rustls::ServerConfig::builder()
+        .with_no_client_auth()
+        .with_single_cert(
+            cert_chain,
+            rustls::pki_types::PrivateKeyDer::Pkcs8(keys.remove(0)),
+        )
+        .unwrap();
+
+    const H1_ALPN: &[u8] = b"http/1.1";
+    const H2_ALPN: &[u8] = b"h2";
+
+    config.alpn_protocols.push(H2_ALPN.to_vec());
+    config.alpn_protocols.push(H1_ALPN.to_vec());
+
+    config
+}
--- a/actix-http/examples/ws.rs
+++ b/actix-http/examples/ws.rs
@ -1,7 +1,7 @@
 //! Sets up a WebSocket server over TCP and TLS.
 //! Sends a heartbeat message every 4 seconds but does not respond to any incoming frames.

-extern crate tls_rustls as rustls;
+extern crate tls_rustls_023 as rustls;

 use std::{
    io,
@ -17,7 +17,6 @@ use bytes::{Bytes, BytesMut};
 use bytestring::ByteString;
 use futures_core::{ready, Stream};
 use tokio_util::codec::Encoder;
-use tracing::{info, trace};

 #[actix_rt::main]
 async fn main() -> io::Result<()> {
@ -28,19 +27,21 @@ async fn main() -> io::Result<()> {
            HttpService::build().h1(handler).tcp()
        })?
        .bind("tls", ("127.0.0.1", 8443), || {
-            HttpService::build().finish(handler).rustls(tls_config())
+            HttpService::build()
+                .finish(handler)
+                .rustls_0_23(tls_config())
        })?
        .run()
        .await
 }

 async fn handler(req: Request) -> Result<Response<BodyStream<Heartbeat>>, Error> {
-    info!("handshaking");
+    tracing::info!("handshaking");
    let mut res = ws::handshake(req.head())?;

    // handshake will always fail under HTTP/2

-    info!("responding");
+    tracing::info!("responding");
    res.message_body(BodyStream::new(Heartbeat::new(ws::Codec::new())))
 }

@ -62,7 +63,7 @@ impl Stream for Heartbeat {
    type Item = Result<Bytes, Error>;

    fn poll_next(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Option<Self::Item>> {
-        trace!("poll");
+        tracing::trace!("poll");

        ready!(self.as_mut().interval.poll_tick(cx));

@ -83,27 +84,27 @@ impl Stream for Heartbeat {
 fn tls_config() -> rustls::ServerConfig {
    use std::io::BufReader;

-    use rustls::{Certificate, PrivateKey};
    use rustls_pemfile::{certs, pkcs8_private_keys};

-    let cert = rcgen::generate_simple_self_signed(vec!["localhost".to_owned()]).unwrap();
-    let cert_file = cert.serialize_pem().unwrap();
-    let key_file = cert.serialize_private_key_pem();
+    let rcgen::CertifiedKey { cert, key_pair } =
+        rcgen::generate_simple_self_signed(["localhost".to_owned()]).unwrap();
+    let cert_file = cert.pem();
+    let key_file = key_pair.serialize_pem();

    let cert_file = &mut BufReader::new(cert_file.as_bytes());
    let key_file = &mut BufReader::new(key_file.as_bytes());

-    let cert_chain = certs(cert_file)
-        .unwrap()
-        .into_iter()
-        .map(Certificate)
-        .collect();
-    let mut keys = pkcs8_private_keys(key_file).unwrap();
+    let cert_chain = certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
+    let mut keys = pkcs8_private_keys(key_file)
+        .collect::<Result<Vec<_>, _>>()
+        .unwrap();

    let mut config = rustls::ServerConfig::builder()
-        .with_safe_defaults()
        .with_no_client_auth()
-        .with_single_cert(cert_chain, PrivateKey(keys.remove(0)))
+        .with_single_cert(
+            cert_chain,
+            rustls::pki_types::PrivateKeyDer::Pkcs8(keys.remove(0)),
+        )
        .unwrap();

    config.alpn_protocols.push(b"http/1.1".to_vec());
--- a/actix-http/src/body/body_stream.rs
+++ b/actix-http/src/body/body_stream.rs
@ -47,9 +47,8 @@ where

    /// Attempts to pull out the next value of the underlying [`Stream`].
    ///
-    /// Empty values are skipped to prevent [`BodyStream`]'s transmission being
-    /// ended on a zero-length chunk, but rather proceed until the underlying
-    /// [`Stream`] ends.
+    /// Empty values are skipped to prevent [`BodyStream`]'s transmission being ended on a
+    /// zero-length chunk, but rather proceed until the underlying [`Stream`] ends.
    fn poll_next(
        mut self: Pin<&mut Self>,
        cx: &mut Context<'_>,
@ -132,7 +131,7 @@ mod tests {
        assert_eq!(to_bytes(body).await.ok(), Some(Bytes::from("12")));
    }
    #[derive(Debug, Display, Error)]
-    #[display(fmt = "stream error")]
+    #[display("stream error")]
    struct StreamErr;

    #[actix_rt::test]
--- a/actix-http/src/body/boxed.rs
+++ b/actix-http/src/body/boxed.rs
@ -77,12 +77,8 @@ impl MessageBody for BoxBody {
        cx: &mut Context<'_>,
    ) -> Poll<Option<Result<Bytes, Self::Error>>> {
        match &mut self.0 {
-            BoxBodyInner::None(body) => {
-                Pin::new(body).poll_next(cx).map_err(|err| match err {})
-            }
-            BoxBodyInner::Bytes(body) => {
-                Pin::new(body).poll_next(cx).map_err(|err| match err {})
-            }
+            BoxBodyInner::None(body) => Pin::new(body).poll_next(cx).map_err(|err| match err {}),
+            BoxBodyInner::Bytes(body) => Pin::new(body).poll_next(cx).map_err(|err| match err {}),
            BoxBodyInner::Stream(body) => Pin::new(body).poll_next(cx),
        }
    }
@ -104,7 +100,6 @@ impl MessageBody for BoxBody {

 #[cfg(test)]
 mod tests {
-
    use static_assertions::{assert_impl_all, assert_not_impl_any};

    use super::*;
--- a/actix-http/src/body/message_body.rs
+++ b/actix-http/src/body/message_body.rs
@ -531,7 +531,6 @@ where
 mod tests {
    use actix_rt::pin;
    use actix_utils::future::poll_fn;
-    use bytes::{Bytes, BytesMut};
    use futures_util::stream;

    use super::*;
@ -555,6 +554,7 @@ mod tests {
        };
    }

+    #[allow(unused_allocation)] // triggered by `Box::new(()).size()`
    #[actix_rt::test]
    async fn boxing_equivalence() {
        assert_eq!(().size(), BodySize::Sized(0));
--- a/actix-http/src/body/mod.rs
+++ b/actix-http/src/body/mod.rs
@ -14,12 +14,14 @@ mod size;
 mod sized_stream;
 mod utils;

-pub use self::body_stream::BodyStream;
-pub use self::boxed::BoxBody;
-pub use self::either::EitherBody;
-pub use self::message_body::MessageBody;
 pub(crate) use self::message_body::MessageBodyMapErr;
-pub use self::none::None;
-pub use self::size::BodySize;
-pub use self::sized_stream::SizedStream;
-pub use self::utils::{to_bytes, to_bytes_limited, BodyLimitExceeded};
+pub use self::{
+    body_stream::BodyStream,
+    boxed::BoxBody,
+    either::EitherBody,
+    message_body::MessageBody,
+    none::None,
+    size::BodySize,
+    sized_stream::SizedStream,
+    utils::{to_bytes, to_bytes_limited, BodyLimitExceeded},
+};
--- a/actix-http/src/body/utils.rs
+++ b/actix-http/src/body/utils.rs
@ -38,7 +38,7 @@ pub async fn to_bytes<B: MessageBody>(body: B) -> Result<Bytes, B::Error> {

 /// Error type returned from [`to_bytes_limited`] when body produced exceeds limit.
 #[derive(Debug, Display, Error)]
-#[display(fmt = "limit exceeded while collecting body bytes")]
+#[display("limit exceeded while collecting body bytes")]
 #[non_exhaustive]
 pub struct BodyLimitExceeded;

@ -190,7 +190,7 @@ mod tests {

    #[actix_rt::test]
    async fn to_body_limit_error() {
-        let err_stream = stream::once(async { Err(io::Error::new(io::ErrorKind::Other, "")) });
+        let err_stream = stream::once(async { Err(io::Error::other("")) });
        let body = SizedStream::new(8, err_stream);
        // not too big, but propagates error from body stream
        assert!(to_bytes_limited(body, 10).await.unwrap().is_err());
--- a/actix-http/src/config.rs
+++ b/actix-http/src/config.rs
@ -132,15 +132,15 @@ impl ServiceConfig {

 #[cfg(test)]
 mod tests {
-    use super::*;
-    use crate::{date::DATE_VALUE_LENGTH, notify_on_drop};
-
    use actix_rt::{
        task::yield_now,
        time::{sleep, sleep_until},
    };
    use memchr::memmem;

+    use super::*;
+    use crate::{date::DATE_VALUE_LENGTH, notify_on_drop};
+
    #[actix_rt::test]
    async fn test_date_service_update() {
        let settings =
--- a/actix-http/src/date.rs
+++ b/actix-http/src/date.rs
@ -28,7 +28,7 @@ impl Date {

    fn update(&mut self) {
        self.pos = 0;
-        write!(self, "{}", httpdate::fmt_http_date(SystemTime::now())).unwrap();
+        write!(self, "{}", httpdate::HttpDate::from(SystemTime::now())).unwrap();
    }
 }

--- a/actix-http/src/encoding/decoder.rs
+++ b/actix-http/src/encoding/decoder.rs
@ -9,11 +9,9 @@ use std::{

 use actix_rt::task::{spawn_blocking, JoinHandle};
 use bytes::Bytes;
-use futures_core::{ready, Stream};
-
 #[cfg(feature = "compress-gzip")]
 use flate2::write::{GzDecoder, ZlibDecoder};
-
+use futures_core::{ready, Stream};
 #[cfg(feature = "compress-zstd")]
 use zstd::stream::write::Decoder as ZstdDecoder;

@ -49,9 +47,9 @@ where
            ))),

            #[cfg(feature = "compress-gzip")]
-            ContentEncoding::Deflate => Some(ContentDecoder::Deflate(Box::new(
-                ZlibDecoder::new(Writer::new()),
-            ))),
+            ContentEncoding::Deflate => Some(ContentDecoder::Deflate(Box::new(ZlibDecoder::new(
+                Writer::new(),
+            )))),

            #[cfg(feature = "compress-gzip")]
            ContentEncoding::Gzip => Some(ContentDecoder::Gzip(Box::new(GzDecoder::new(
@ -102,10 +100,7 @@ where
        loop {
            if let Some(ref mut fut) = this.fut {
                let (chunk, decoder) = ready!(Pin::new(fut).poll(cx)).map_err(|_| {
-                    PayloadError::Io(io::Error::new(
-                        io::ErrorKind::Other,
-                        "Blocking task was cancelled unexpectedly",
-                    ))
+                    PayloadError::Io(io::Error::other("Blocking task was cancelled unexpectedly"))
                })??;

                *this.decoder = Some(decoder);
@ -193,7 +188,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },

            #[cfg(feature = "compress-gzip")]
@ -207,7 +202,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },

            #[cfg(feature = "compress-gzip")]
@ -220,7 +215,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },

            #[cfg(feature = "compress-zstd")]
@ -233,7 +228,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },
        }
    }
@ -252,7 +247,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },

            #[cfg(feature = "compress-gzip")]
@ -267,7 +262,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },

            #[cfg(feature = "compress-gzip")]
@ -282,7 +277,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },

            #[cfg(feature = "compress-zstd")]
@ -297,7 +292,7 @@ impl ContentDecoder {
                        Ok(None)
                    }
                }
-                Err(e) => Err(e),
+                Err(err) => Err(err),
            },
        }
    }
--- a/actix-http/src/encoding/encoder.rs
+++ b/actix-http/src/encoding/encoder.rs
@ -11,12 +11,10 @@ use std::{
 use actix_rt::task::{spawn_blocking, JoinHandle};
 use bytes::Bytes;
 use derive_more::Display;
-use futures_core::ready;
-use pin_project_lite::pin_project;
-
 #[cfg(feature = "compress-gzip")]
 use flate2::write::{GzEncoder, ZlibEncoder};
-
+use futures_core::ready;
+use pin_project_lite::pin_project;
 use tracing::trace;
 #[cfg(feature = "compress-zstd")]
 use zstd::stream::write::Encoder as ZstdEncoder;
@ -52,10 +50,21 @@ impl<B: MessageBody> Encoder<B> {
        }
    }

+    fn empty() -> Self {
+        Encoder {
+            body: EncoderBody::Full { body: Bytes::new() },
+            encoder: None,
+            fut: None,
+            eof: true,
+        }
+    }
+
    pub fn response(encoding: ContentEncoding, head: &mut ResponseHead, body: B) -> Self {
-        // no need to compress an empty body
-        if matches!(body.size(), BodySize::None) {
-            return Self::none();
+        // no need to compress empty bodies
+        match body.size() {
+            BodySize::None => return Self::none(),
+            BodySize::Sized(0) => return Self::empty(),
+            _ => {}
        }

        let should_encode = !(head.headers().contains_key(&CONTENT_ENCODING)
@ -174,8 +183,7 @@ where
            if let Some(ref mut fut) = this.fut {
                let mut encoder = ready!(Pin::new(fut).poll(cx))
                    .map_err(|_| {
-                        EncoderError::Io(io::Error::new(
-                            io::ErrorKind::Other,
+                        EncoderError::Io(io::Error::other(
                            "Blocking task was cancelled unexpectedly",
                        ))
                    })?
@ -406,11 +414,11 @@ fn new_brotli_compressor() -> Box<brotli::CompressorWriter<Writer>> {
 #[non_exhaustive]
 pub enum EncoderError {
    /// Wrapped body stream error.
-    #[display(fmt = "body")]
+    #[display("body")]
    Body(Box<dyn StdError>),

    /// Generic I/O error.
-    #[display(fmt = "io")]
+    #[display("io")]
    Io(io::Error),
 }

--- a/actix-http/src/encoding/mod.rs
+++ b/actix-http/src/encoding/mod.rs
@ -7,13 +7,12 @@ use bytes::{Bytes, BytesMut};
 mod decoder;
 mod encoder;

-pub use self::decoder::Decoder;
-pub use self::encoder::Encoder;
+pub use self::{decoder::Decoder, encoder::Encoder};

 /// Special-purpose writer for streaming (de-)compression.
 ///
 /// Pre-allocates 8KiB of capacity.
-pub(self) struct Writer {
+struct Writer {
    buf: BytesMut,
 }

--- a/actix-http/src/error.rs
+++ b/actix-http/src/error.rs
@ -3,12 +3,11 @@
 use std::{error::Error as StdError, fmt, io, str::Utf8Error, string::FromUtf8Error};

 use derive_more::{Display, Error, From};
+pub use http::{status::InvalidStatusCode, Error as HttpError};
 use http::{uri::InvalidUri, StatusCode};

 use crate::{body::BoxBody, Response};

-pub use http::Error as HttpError;
-
 pub struct Error {
    inner: Box<ErrorInner>,
 }
@ -81,28 +80,28 @@ impl From<Error> for Response<BoxBody> {

 #[derive(Debug, Clone, Copy, PartialEq, Eq, Display)]
 pub(crate) enum Kind {
-    #[display(fmt = "error processing HTTP")]
+    #[display("error processing HTTP")]
    Http,

-    #[display(fmt = "error parsing HTTP message")]
+    #[display("error parsing HTTP message")]
    Parse,

-    #[display(fmt = "request payload read error")]
+    #[display("request payload read error")]
    Payload,

-    #[display(fmt = "response body write error")]
+    #[display("response body write error")]
    Body,

-    #[display(fmt = "send response error")]
+    #[display("send response error")]
    SendResponse,

-    #[display(fmt = "error in WebSocket process")]
+    #[display("error in WebSocket process")]
    Ws,

-    #[display(fmt = "connection error")]
+    #[display("connection error")]
    Io,

-    #[display(fmt = "encoder error")]
+    #[display("encoder error")]
    Encoder,
 }

@ -161,44 +160,44 @@ impl From<crate::ws::ProtocolError> for Error {
 #[non_exhaustive]
 pub enum ParseError {
    /// An invalid `Method`, such as `GE.T`.
-    #[display(fmt = "invalid method specified")]
+    #[display("invalid method specified")]
    Method,

    /// An invalid `Uri`, such as `exam ple.domain`.
-    #[display(fmt = "URI error: {}", _0)]
+    #[display("URI error: {}", _0)]
    Uri(InvalidUri),

    /// An invalid `HttpVersion`, such as `HTP/1.1`
-    #[display(fmt = "invalid HTTP version specified")]
+    #[display("invalid HTTP version specified")]
    Version,

    /// An invalid `Header`.
-    #[display(fmt = "invalid Header provided")]
+    #[display("invalid Header provided")]
    Header,

    /// A message head is too large to be reasonable.
-    #[display(fmt = "message head is too large")]
+    #[display("message head is too large")]
    TooLarge,

    /// A message reached EOF, but is not complete.
-    #[display(fmt = "message is incomplete")]
+    #[display("message is incomplete")]
    Incomplete,

    /// An invalid `Status`, such as `1337 ELITE`.
-    #[display(fmt = "invalid status provided")]
+    #[display("invalid status provided")]
    Status,

    /// A timeout occurred waiting for an IO event.
    #[allow(dead_code)]
-    #[display(fmt = "timeout")]
+    #[display("timeout")]
    Timeout,

    /// An I/O error that occurred while trying to read or write to a network stream.
-    #[display(fmt = "I/O error: {}", _0)]
+    #[display("I/O error: {}", _0)]
    Io(io::Error),

    /// Parsing a field as string failed.
-    #[display(fmt = "UTF-8 error: {}", _0)]
+    #[display("UTF-8 error: {}", _0)]
    Utf8(Utf8Error),
 }

@ -257,28 +256,28 @@ impl From<ParseError> for Response<BoxBody> {
 #[non_exhaustive]
 pub enum PayloadError {
    /// A payload reached EOF, but is not complete.
-    #[display(fmt = "payload reached EOF before completing: {:?}", _0)]
+    #[display("payload reached EOF before completing: {:?}", _0)]
    Incomplete(Option<io::Error>),

    /// Content encoding stream corruption.
-    #[display(fmt = "can not decode content-encoding")]
+    #[display("can not decode content-encoding")]
    EncodingCorrupted,

    /// Payload reached size limit.
-    #[display(fmt = "payload reached size limit")]
+    #[display("payload reached size limit")]
    Overflow,

    /// Payload length is unknown.
-    #[display(fmt = "payload length is unknown")]
+    #[display("payload length is unknown")]
    UnknownLength,

    /// HTTP/2 payload error.
    #[cfg(feature = "http2")]
-    #[display(fmt = "{}", _0)]
+    #[display("{}", _0)]
    Http2Payload(::h2::Error),

    /// Generic I/O error.
-    #[display(fmt = "{}", _0)]
+    #[display("{}", _0)]
    Io(io::Error),
 }

@ -327,44 +326,44 @@ impl From<PayloadError> for Error {
 #[non_exhaustive]
 pub enum DispatchError {
    /// Service error.
-    #[display(fmt = "service error")]
+    #[display("service error")]
    Service(Response<BoxBody>),

    /// Body streaming error.
-    #[display(fmt = "body error: {}", _0)]
+    #[display("body error: {}", _0)]
    Body(Box<dyn StdError>),

    /// Upgrade service error.
-    #[display(fmt = "upgrade error")]
+    #[display("upgrade error")]
    Upgrade,

    /// An `io::Error` that occurred while trying to read or write to a network stream.
-    #[display(fmt = "I/O error: {}", _0)]
+    #[display("I/O error: {}", _0)]
    Io(io::Error),

    /// Request parse error.
-    #[display(fmt = "request parse error: {}", _0)]
+    #[display("request parse error: {}", _0)]
    Parse(ParseError),

    /// HTTP/2 error.
-    #[display(fmt = "{}", _0)]
+    #[display("{}", _0)]
    #[cfg(feature = "http2")]
    H2(h2::Error),

    /// The first request did not complete within the specified timeout.
-    #[display(fmt = "request did not complete within the specified timeout")]
+    #[display("request did not complete within the specified timeout")]
    SlowRequestTimeout,

    /// Disconnect timeout. Makes sense for TLS streams.
-    #[display(fmt = "connection shutdown timeout")]
+    #[display("connection shutdown timeout")]
    DisconnectTimeout,

    /// Handler dropped payload before reading EOF.
-    #[display(fmt = "handler dropped payload before reading EOF")]
+    #[display("handler dropped payload before reading EOF")]
    HandlerDroppedPayload,

    /// Internal error.
-    #[display(fmt = "internal error")]
+    #[display("internal error")]
    InternalError,
 }

@ -390,19 +389,17 @@ impl StdError for DispatchError {
 #[non_exhaustive]
 pub enum ContentTypeError {
    /// Can not parse content type.
-    #[display(fmt = "could not parse content type")]
+    #[display("could not parse content type")]
    ParseError,

    /// Unknown content encoding.
-    #[display(fmt = "unknown content encoding")]
+    #[display("unknown content encoding")]
    UnknownEncoding,
 }

 #[cfg(test)]
 mod tests {
-    use std::io;
-
-    use http::{Error as HttpError, StatusCode};
+    use http::Error as HttpError;

    use super::*;

@ -418,7 +415,7 @@ mod tests {

    #[test]
    fn test_as_response() {
-        let orig = io::Error::new(io::ErrorKind::Other, "other");
+        let orig = io::Error::other("other");
        let err: Error = ParseError::Io(orig).into();
        assert_eq!(
            format!("{}", err),
@ -428,14 +425,14 @@ mod tests {

    #[test]
    fn test_error_display() {
-        let orig = io::Error::new(io::ErrorKind::Other, "other");
+        let orig = io::Error::other("other");
        let err = Error::new_io().with_cause(orig);
        assert_eq!("connection error: other", err.to_string());
    }

    #[test]
    fn test_error_http_response() {
-        let orig = io::Error::new(io::ErrorKind::Other, "other");
+        let orig = io::Error::other("other");
        let err = Error::new_io().with_cause(orig);
        let resp: Response<BoxBody> = err.into();
        assert_eq!(resp.status(), StatusCode::INTERNAL_SERVER_ERROR);
@ -443,7 +440,7 @@ mod tests {

    #[test]
    fn test_payload_error() {
-        let err: PayloadError = io::Error::new(io::ErrorKind::Other, "ParseError").into();
+        let err: PayloadError = io::Error::other("ParseError").into();
        assert!(err.to_string().contains("ParseError"));

        let err = PayloadError::Incomplete(None);
@ -478,7 +475,7 @@ mod tests {

    #[test]
    fn test_from() {
-        from_and_cause!(io::Error::new(io::ErrorKind::Other, "other") => ParseError::Io(..));
+        from_and_cause!(io::Error::other("other") => ParseError::Io(..));
        from!(httparse::Error::HeaderName => ParseError::Header);
        from!(httparse::Error::HeaderName => ParseError::Header);
        from!(httparse::Error::HeaderValue => ParseError::Header);
--- a/actix-http/src/extensions.rs
+++ b/actix-http/src/extensions.rs
@ -31,7 +31,7 @@ impl Hasher for NoOpHasher {
 /// All entries into this map must be owned types (or static references).
 #[derive(Default)]
 pub struct Extensions {
-    /// Use AHasher with a std HashMap with for faster lookups on the small `TypeId` keys.
+    // use no-op hasher with a std HashMap with for faster lookups on the small `TypeId` keys
    map: HashMap<TypeId, Box<dyn Any>, BuildHasherDefault<NoOpHasher>>,
 }

@ -104,6 +104,46 @@ impl Extensions {
            .and_then(|boxed| boxed.downcast_mut())
    }

+    /// Inserts the given `value` into the extensions if it is not present, then returns a reference
+    /// to the value in the extensions.
+    ///
+    /// ```
+    /// # use actix_http::Extensions;
+    /// let mut map = Extensions::new();
+    /// assert_eq!(map.get::<Vec<u32>>(), None);
+    ///
+    /// map.get_or_insert(Vec::<u32>::new()).push(1);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1]));
+    ///
+    /// map.get_or_insert(Vec::<u32>::new()).push(2);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1,2]));
+    /// ```
+    pub fn get_or_insert<T: 'static>(&mut self, value: T) -> &mut T {
+        self.get_or_insert_with(|| value)
+    }
+
+    /// Inserts a value computed from `f` into the extensions if the given `value` is not present,
+    /// then returns a reference to the value in the extensions.
+    ///
+    /// ```
+    /// # use actix_http::Extensions;
+    /// let mut map = Extensions::new();
+    /// assert_eq!(map.get::<Vec<u32>>(), None);
+    ///
+    /// map.get_or_insert_with(Vec::<u32>::new).push(1);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1]));
+    ///
+    /// map.get_or_insert_with(Vec::<u32>::new).push(2);
+    /// assert_eq!(map.get::<Vec<u32>>(), Some(&vec![1,2]));
+    /// ```
+    pub fn get_or_insert_with<T: 'static, F: FnOnce() -> T>(&mut self, default: F) -> &mut T {
+        self.map
+            .entry(TypeId::of::<T>())
+            .or_insert_with(|| Box::new(default()))
+            .downcast_mut()
+            .expect("extensions map should now contain a T value")
+    }
+
    /// Remove an item from the map of a given type.
    ///
    /// If an item of this type was already stored, it will be returned.
--- a/actix-http/src/h1/client.rs
+++ b/actix-http/src/h1/client.rs
@ -16,6 +16,7 @@ use crate::{
 };

 bitflags! {
+    #[derive(Debug, Clone, Copy)]
    struct Flags: u8 {
        const HEAD               = 0b0000_0001;
        const KEEP_ALIVE_ENABLED = 0b0000_1000;
--- a/actix-http/src/h1/codec.rs
+++ b/actix-http/src/h1/codec.rs
@ -9,11 +9,10 @@ use super::{
    decoder::{self, PayloadDecoder, PayloadItem, PayloadType},
    encoder, Message, MessageType,
 };
-use crate::{
-    body::BodySize, error::ParseError, ConnectionType, Request, Response, ServiceConfig,
-};
+use crate::{body::BodySize, error::ParseError, ConnectionType, Request, Response, ServiceConfig};

 bitflags! {
+    #[derive(Debug, Clone, Copy)]
    struct Flags: u8 {
        const HEAD               = 0b0000_0001;
        const KEEP_ALIVE_ENABLED = 0b0000_0010;
@ -199,9 +198,6 @@ impl Encoder<Message<(Response<()>, BodySize)>> for Codec {

 #[cfg(test)]
 mod tests {
-    use bytes::BytesMut;
-    use http::Method;
-
    use super::*;
    use crate::HttpMessage as _;

--- a/actix-http/src/h1/decoder.rs
+++ b/actix-http/src/h1/decoder.rs
@ -1,4 +1,4 @@
-use std::{convert::TryFrom, io, marker::PhantomData, mem::MaybeUninit, task::Poll};
+use std::{io, marker::PhantomData, mem::MaybeUninit, task::Poll};

 use actix_codec::Decoder;
 use bytes::{Bytes, BytesMut};
@ -94,9 +94,7 @@ pub(crate) trait MessageType: Sized {
                // SAFETY: httparse already checks header value is only visible ASCII bytes
                // from_maybe_shared_unchecked contains debug assertions so they are omitted here
                let value = unsafe {
-                    HeaderValue::from_maybe_shared_unchecked(
-                        slice.slice(idx.value.0..idx.value.1),
-                    )
+                    HeaderValue::from_maybe_shared_unchecked(slice.slice(idx.value.0..idx.value.1))
                };

                match name {
@ -275,8 +273,7 @@ impl MessageType for Request {
        let mut msg = Request::new();

        // convert headers
-        let mut length =
-            msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len], ver)?;
+        let mut length = msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len], ver)?;

        // disallow HTTP/1.0 POST requests that do not contain a Content-Length headers
        // see https://datatracker.ietf.org/doc/html/rfc1945#section-7.2.2
@ -356,8 +353,8 @@ impl MessageType for ResponseHead {
                        Version::HTTP_10
                    };

-                    let status = StatusCode::from_u16(res.code.unwrap())
-                        .map_err(|_| ParseError::Status)?;
+                    let status =
+                        StatusCode::from_u16(res.code.unwrap()).map_err(|_| ParseError::Status)?;
                    HeaderIndex::record(src, res.headers, &mut headers);

                    (len, version, status, res.headers.len())
@ -378,8 +375,7 @@ impl MessageType for ResponseHead {
        msg.version = ver;

        // convert headers
-        let mut length =
-            msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len], ver)?;
+        let mut length = msg.set_headers(&src.split_to(len).freeze(), &headers[..h_len], ver)?;

        // Remove CL value if 0 now that all headers and HTTP/1.0 special cases are processed.
        // Protects against some request smuggling attacks.
@ -536,7 +532,7 @@ impl Decoder for PayloadDecoder {
                    *state = match state.step(src, size, &mut buf) {
                        Poll::Pending => return Ok(None),
                        Poll::Ready(Ok(state)) => state,
-                        Poll::Ready(Err(e)) => return Err(e),
+                        Poll::Ready(Err(err)) => return Err(err),
                    };

                    if *state == ChunkedState::End {
@ -567,15 +563,8 @@ impl Decoder for PayloadDecoder {

 #[cfg(test)]
 mod tests {
-    use bytes::{Bytes, BytesMut};
-    use http::{Method, Version};
-
    use super::*;
-    use crate::{
-        error::ParseError,
-        header::{HeaderName, SET_COOKIE},
-        HttpMessage as _,
-    };
+    use crate::{header::SET_COOKIE, HttpMessage as _};

    impl PayloadType {
        pub(crate) fn unwrap(self) -> PayloadDecoder {
--- a/actix-http/src/h1/dispatcher.rs
+++ b/actix-http/src/h1/dispatcher.rs
@ -19,6 +19,13 @@ use tokio::io::{AsyncRead, AsyncWrite};
 use tokio_util::codec::{Decoder as _, Encoder as _};
 use tracing::{error, trace};

+use super::{
+    codec::Codec,
+    decoder::MAX_BUFFER_SIZE,
+    payload::{Payload, PayloadSender, PayloadStatus},
+    timer::TimerState,
+    Message, MessageType,
+};
 use crate::{
    body::{BodySize, BoxBody, MessageBody},
    config::ServiceConfig,
@ -27,19 +34,12 @@ use crate::{
    Error, Extensions, OnConnectData, Request, Response, StatusCode,
 };

-use super::{
-    codec::Codec,
-    decoder::MAX_BUFFER_SIZE,
-    payload::{Payload, PayloadSender, PayloadStatus},
-    timer::TimerState,
-    Message, MessageType,
-};
-
 const LW_BUFFER_SIZE: usize = 1024;
 const HW_BUFFER_SIZE: usize = 1024 * 8;
 const MAX_PIPELINED_MESSAGES: usize = 16;

 bitflags! {
+    #[derive(Debug, Clone, Copy)]
    pub struct Flags: u8 {
        /// Set when stream is read for first time.
        const STARTED          = 0b0000_0001;
@ -212,9 +212,7 @@ where
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            Self::None => write!(f, "State::None"),
-            Self::ExpectCall { .. } => {
-                f.debug_struct("State::ExpectCall").finish_non_exhaustive()
-            }
+            Self::ExpectCall { .. } => f.debug_struct("State::ExpectCall").finish_non_exhaustive(),
            Self::ServiceCall { .. } => {
                f.debug_struct("State::ServiceCall").finish_non_exhaustive()
            }
@ -275,9 +273,7 @@ where

                    head_timer: TimerState::new(config.client_request_deadline().is_some()),
                    ka_timer: TimerState::new(config.keep_alive().enabled()),
-                    shutdown_timer: TimerState::new(
-                        config.client_disconnect_deadline().is_some(),
-                    ),
+                    shutdown_timer: TimerState::new(config.client_disconnect_deadline().is_some()),

                    io: Some(io),
                    read_buf: BytesMut::with_capacity(HW_BUFFER_SIZE),
@ -455,9 +451,7 @@ where
                    }

                    // return with upgrade request and poll it exclusively
-                    Some(DispatcherMessage::Upgrade(req)) => {
-                        return Ok(PollResponse::Upgrade(req))
-                    }
+                    Some(DispatcherMessage::Upgrade(req)) => return Ok(PollResponse::Upgrade(req)),

                    // all messages are dealt with
                    None => {
@ -518,8 +512,10 @@ where
                            }

                            Poll::Ready(Some(Err(err))) => {
+                                let err = err.into();
+                                tracing::error!("Response payload stream error: {err:?}");
                                this.flags.insert(Flags::FINISHED);
-                                return Err(DispatchError::Body(err.into()));
+                                return Err(DispatchError::Body(err));
                            }

                            Poll::Pending => return Ok(PollResponse::DoNothing),
@ -555,6 +551,7 @@ where
                            }

                            Poll::Ready(Some(Err(err))) => {
+                                tracing::error!("Response payload stream error: {err:?}");
                                this.flags.insert(Flags::FINISHED);
                                return Err(DispatchError::Body(
                                    Error::new_body().with_cause(err).into(),
@ -674,9 +671,7 @@ where
                }

                _ => {
-                    unreachable!(
-                        "State must be set to ServiceCall or ExceptCall in handle_request"
-                    )
+                    unreachable!("State must be set to ServiceCall or ExceptCall in handle_request")
                }
            }
        }
@ -685,10 +680,7 @@ where
    /// Process one incoming request.
    ///
    /// Returns true if any meaningful work was done.
-    fn poll_request(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<bool, DispatchError> {
+    fn poll_request(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<bool, DispatchError> {
        let pipeline_queue_full = self.messages.len() >= MAX_PIPELINED_MESSAGES;
        let can_not_read = !self.can_read(cx);

@ -714,7 +706,7 @@ where

                            req.head_mut().peer_addr = *this.peer_addr;

-                            req.conn_data = this.conn_data.as_ref().map(Rc::clone);
+                            req.conn_data.clone_from(this.conn_data);

                            match this.codec.message_type() {
                                // request has no payload
@ -858,10 +850,7 @@ where
        Ok(())
    }

-    fn poll_ka_timer(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<(), DispatchError> {
+    fn poll_ka_timer(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<(), DispatchError> {
        let this = self.as_mut().project();
        if let TimerState::Active { timer } = this.ka_timer {
            debug_assert!(
@ -926,10 +915,7 @@ where
    }

    /// Poll head, keep-alive, and disconnect timer.
-    fn poll_timers(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<(), DispatchError> {
+    fn poll_timers(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<(), DispatchError> {
        self.as_mut().poll_head_timer(cx)?;
        self.as_mut().poll_ka_timer(cx)?;
        self.as_mut().poll_shutdown_timer(cx)?;
@ -943,10 +929,7 @@ where
    /// - `std::io::ErrorKind::ConnectionReset` after partial read;
    /// - all data read done.
    #[inline(always)] // TODO: bench this inline
-    fn read_available(
-        self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
-    ) -> Result<bool, DispatchError> {
+    fn read_available(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Result<bool, DispatchError> {
        let this = self.project();

        if this.flags.contains(Flags::READ_DISCONNECT) {
@ -1199,7 +1182,7 @@ where
                    let state_is_none = inner_p.state.is_none();

                    // read half is closed; we do not process any responses
-                    if inner_p.flags.contains(Flags::READ_DISCONNECT) && state_is_none {
+                    if inner_p.flags.contains(Flags::READ_DISCONNECT) {
                        trace!("read half closed; start shutdown");
                        inner_p.flags.insert(Flags::SHUTDOWN);
                    }
@ -1233,6 +1216,9 @@ where
                        inner_p.shutdown_timer,
                    );

+                    if inner_p.flags.contains(Flags::SHUTDOWN) {
+                        cx.waker().wake_by_ref();
+                    }
                    Poll::Pending
                };

--- a/actix-http/src/h1/dispatcher_tests.rs
+++ b/actix-http/src/h1/dispatcher_tests.rs
@ -1,14 +1,11 @@
 use std::{future::Future, str, task::Poll, time::Duration};

-use actix_rt::{pin, time::sleep};
-use actix_service::fn_service;
-use actix_utils::future::{ready, Ready};
-use bytes::Bytes;
-use futures_util::future::lazy;
-
 use actix_codec::Framed;
-use actix_service::Service;
-use bytes::{Buf, BytesMut};
+use actix_rt::{pin, time::sleep};
+use actix_service::{fn_service, Service};
+use actix_utils::future::{ready, Ready};
+use bytes::{Buf, Bytes, BytesMut};
+use futures_util::future::lazy;

 use super::dispatcher::{Dispatcher, DispatcherState, DispatcherStateProj, Flags};
 use crate::{
@ -43,8 +40,8 @@ fn status_service(
    fn_service(move |_req: Request| ready(Ok::<_, Error>(Response::new(status))))
 }

-fn echo_path_service(
-) -> impl Service<Request, Response = Response<impl MessageBody>, Error = Error> {
+fn echo_path_service() -> impl Service<Request, Response = Response<impl MessageBody>, Error = Error>
+{
    fn_service(|req: Request| {
        let path = req.path().as_bytes();
        ready(Ok::<_, Error>(
@ -53,8 +50,8 @@ fn echo_path_service(
    })
 }

-fn drop_payload_service(
-) -> impl Service<Request, Response = Response<&'static str>, Error = Error> {
+fn drop_payload_service() -> impl Service<Request, Response = Response<&'static str>, Error = Error>
+{
    fn_service(|mut req: Request| async move {
        let _ = req.take_payload();
        Ok::<_, Error>(Response::with_body(StatusCode::OK, "payload dropped"))
--- a/actix-http/src/h1/encoder.rs
+++ b/actix-http/src/h1/encoder.rs
@ -310,10 +310,10 @@ impl MessageType for RequestHeadType {
                Version::HTTP_11 => "HTTP/1.1",
                Version::HTTP_2 => "HTTP/2.0",
                Version::HTTP_3 => "HTTP/3.0",
-                _ => return Err(io::Error::new(io::ErrorKind::Other, "unsupported version")),
+                _ => return Err(io::Error::other("Unsupported version")),
            }
        )
-        .map_err(|e| io::Error::new(io::ErrorKind::Other, e))
+        .map_err(io::Error::other)
    }
 }

@ -433,7 +433,7 @@ impl TransferEncoding {
                    buf.extend_from_slice(b"0\r\n\r\n");
                } else {
                    writeln!(helpers::MutWriter(buf), "{:X}\r", msg.len())
-                        .map_err(|e| io::Error::new(io::ErrorKind::Other, e))?;
+                        .map_err(io::Error::other)?;

                    buf.reserve(msg.len() + 2);
                    buf.extend_from_slice(msg);
--- a/actix-http/src/h1/mod.rs
+++ b/actix-http/src/h1/mod.rs
@ -17,14 +17,16 @@ mod timer;
 mod upgrade;
 mod utils;

-pub use self::client::{ClientCodec, ClientPayloadCodec};
-pub use self::codec::Codec;
-pub use self::dispatcher::Dispatcher;
-pub use self::expect::ExpectHandler;
-pub use self::payload::Payload;
-pub use self::service::{H1Service, H1ServiceHandler};
-pub use self::upgrade::UpgradeHandler;
-pub use self::utils::SendResponse;
+pub use self::{
+    client::{ClientCodec, ClientPayloadCodec},
+    codec::Codec,
+    dispatcher::Dispatcher,
+    expect::ExpectHandler,
+    payload::Payload,
+    service::{H1Service, H1ServiceHandler},
+    upgrade::UpgradeHandler,
+    utils::SendResponse,
+};

 #[derive(Debug)]
 /// Codec message
--- a/actix-http/src/h1/payload.rs
+++ b/actix-http/src/h1/payload.rs
@ -117,6 +117,7 @@ impl PayloadSender {
        }
    }

+    #[allow(clippy::needless_pass_by_ref_mut)]
    #[inline]
    pub fn need_read(&self, cx: &mut Context<'_>) -> PayloadStatus {
        // we check need_read only if Payload (other side) is alive,
@ -174,7 +175,7 @@ impl Inner {

    /// Register future waiting data from payload.
    /// Waker would be used in `Inner::wake`
-    fn register(&mut self, cx: &mut Context<'_>) {
+    fn register(&mut self, cx: &Context<'_>) {
        if self
            .task
            .as_ref()
@ -186,7 +187,7 @@ impl Inner {

    // Register future feeding data to payload.
    /// Waker would be used in `Inner::wake_io`
-    fn register_io(&mut self, cx: &mut Context<'_>) {
+    fn register_io(&mut self, cx: &Context<'_>) {
        if self
            .io_task
            .as_ref()
@ -221,7 +222,7 @@ impl Inner {

    fn poll_next(
        mut self: Pin<&mut Self>,
-        cx: &mut Context<'_>,
+        cx: &Context<'_>,
    ) -> Poll<Option<Result<Bytes, PayloadError>>> {
        if let Some(data) = self.items.pop_front() {
            self.len -= data.len();
--- a/actix-http/src/h1/service.rs
+++ b/actix-http/src/h1/service.rs
@ -15,6 +15,7 @@ use actix_utils::future::ready;
 use futures_core::future::LocalBoxFuture;
 use tracing::error;

+use super::{codec::Codec, dispatcher::Dispatcher, ExpectHandler, UpgradeHandler};
 use crate::{
    body::{BoxBody, MessageBody},
    config::ServiceConfig,
@ -23,8 +24,6 @@ use crate::{
    ConnectCallback, OnConnectData, Request, Response,
 };

-use super::{codec::Codec, dispatcher::Dispatcher, ExpectHandler, UpgradeHandler};
-
 /// `ServiceFactory` implementation for HTTP1 transport
 pub struct H1Service<T, S, B, X = ExpectHandler, U = UpgradeHandler> {
    srv: S,
@ -82,13 +81,8 @@ where
    /// Create simple tcp stream service
    pub fn tcp(
        self,
-    ) -> impl ServiceFactory<
-        TcpStream,
-        Config = (),
-        Response = (),
-        Error = DispatchError,
-        InitError = (),
-    > {
+    ) -> impl ServiceFactory<TcpStream, Config = (), Response = (), Error = DispatchError, InitError = ()>
+    {
        fn_service(|io: TcpStream| {
            let peer_addr = io.peer_addr().ok();
            ready(Ok((io, peer_addr)))
@ -99,8 +93,6 @@ where

 #[cfg(feature = "openssl")]
 mod openssl {
-    use super::*;
-
    use actix_tls::accept::{
        openssl::{
            reexports::{Error as SslError, SslAcceptor},
@ -109,6 +101,8 @@ mod openssl {
        TlsError,
    };

+    use super::*;
+
    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
    where
        S: ServiceFactory<Request, Config = ()>,
@ -158,14 +152,13 @@ mod openssl {
    }
 }

-#[cfg(feature = "rustls")]
-mod rustls {
-
+#[cfg(feature = "rustls-0_20")]
+mod rustls_0_20 {
    use std::io;

    use actix_service::ServiceFactoryExt as _;
    use actix_tls::accept::{
-        rustls::{reexports::ServerConfig, Acceptor, TlsStream},
+        rustls_0_20::{reexports::ServerConfig, Acceptor, TlsStream},
        TlsError,
    };

@ -195,7 +188,7 @@ mod rustls {
        U::Error: fmt::Display + Into<Response<BoxBody>>,
        U::InitError: fmt::Debug,
    {
-        /// Create Rustls based service.
+        /// Create Rustls v0.20 based service.
        pub fn rustls(
            self,
            config: ServerConfig,
@ -220,6 +213,189 @@ mod rustls {
    }
 }

+#[cfg(feature = "rustls-0_21")]
+mod rustls_0_21 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_21::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>>,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>>,
+
+        B: MessageBody,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.21 based service.
+        pub fn rustls_021(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_22")]
+mod rustls_0_22 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_22::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>>,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>>,
+
+        B: MessageBody,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.22 based service.
+        pub fn rustls_0_22(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_23")]
+mod rustls_0_23 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_23::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>>,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>>,
+
+        B: MessageBody,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.23 based service.
+        pub fn rustls_0_23(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
 impl<T, S, B, X, U> H1Service<T, S, B, X, U>
 where
    S: ServiceFactory<Request, Config = ()>,
@ -304,15 +480,15 @@ where
        let cfg = self.cfg.clone();

        Box::pin(async move {
-            let expect = expect
-                .await
-                .map_err(|e| error!("Init http expect service error: {:?}", e))?;
+            let expect = expect.await.map_err(|err| {
+                tracing::error!("Initialization of HTTP expect service error: {err:?}");
+            })?;

            let upgrade = match upgrade {
                Some(upgrade) => {
-                    let upgrade = upgrade
-                        .await
-                        .map_err(|e| error!("Init http upgrade service error: {:?}", e))?;
+                    let upgrade = upgrade.await.map_err(|err| {
+                        tracing::error!("Initialization of HTTP upgrade service error: {err:?}");
+                    })?;
                    Some(upgrade)
                }
                None => None,
@ -320,7 +496,7 @@ where

            let service = service
                .await
-                .map_err(|e| error!("Init http service error: {:?}", e))?;
+                .map_err(|err| error!("Initialization of HTTP service error: {err:?}"))?;

            Ok(H1ServiceHandler::new(
                cfg,
@ -365,6 +541,6 @@ where

    fn call(&self, (io, addr): (T, Option<net::SocketAddr>)) -> Self::Future {
        let conn_data = OnConnectData::from_io(&io, self.on_connect_ext.as_deref());
-        Dispatcher::new(io, self.flow.clone(), self.cfg.clone(), addr, conn_data)
+        Dispatcher::new(io, Rc::clone(&self.flow), self.cfg.clone(), addr, conn_data)
    }
 }
--- a/actix-http/src/h2/dispatcher.rs
+++ b/actix-http/src/h2/dispatcher.rs
@ -4,7 +4,7 @@ use std::{
    future::Future,
    marker::PhantomData,
    net,
-    pin::Pin,
+    pin::{pin, Pin},
    rc::Rc,
    task::{Context, Poll},
 };
@ -20,7 +20,6 @@ use h2::{
    Ping, PingPong,
 };
 use pin_project_lite::pin_project;
-use tracing::{error, trace, warn};

 use crate::{
    body::{BodySize, BoxBody, MessageBody},
@ -127,7 +126,7 @@ where
                    head.headers = parts.headers.into();
                    head.peer_addr = this.peer_addr;

-                    req.conn_data = this.conn_data.as_ref().map(Rc::clone);
+                    req.conn_data.clone_from(&this.conn_data);

                    let fut = this.flow.service.call(req);
                    let config = this.config.clone();
@ -147,11 +146,13 @@ where
                        if let Err(err) = res {
                            match err {
                                DispatchError::SendResponse(err) => {
-                                    trace!("Error sending HTTP/2 response: {:?}", err)
+                                    tracing::trace!("Error sending response: {err:?}");
+                                }
+                                DispatchError::SendData(err) => {
+                                    tracing::warn!("Send data error: {err:?}");
                                }
-                                DispatchError::SendData(err) => warn!("{:?}", err),
                                DispatchError::ResponseBody(err) => {
-                                    error!("Response payload stream error: {:?}", err)
+                                    tracing::error!("Response payload stream error: {err:?}");
                                }
                            }
                        }
@ -228,9 +229,9 @@ where
        return Ok(());
    }

-    // poll response body and send chunks to client
-    actix_rt::pin!(body);
+    let mut body = pin!(body);

+    // poll response body and send chunks to client
    while let Some(res) = poll_fn(|cx| body.as_mut().poll_next(cx)).await {
        let mut chunk = res.map_err(|err| DispatchError::ResponseBody(err.into()))?;

--- a/actix-http/src/h2/mod.rs
+++ b/actix-http/src/h2/mod.rs
@ -23,8 +23,7 @@ use crate::{
 mod dispatcher;
 mod service;

-pub use self::dispatcher::Dispatcher;
-pub use self::service::H2Service;
+pub use self::{dispatcher::Dispatcher, service::H2Service};

 /// HTTP/2 peer stream.
 pub struct Payload {
@ -58,10 +57,7 @@ impl Stream for Payload {
    }
 }

-pub(crate) fn handshake_with_timeout<T>(
-    io: T,
-    config: &ServiceConfig,
-) -> HandshakeWithTimeout<T>
+pub(crate) fn handshake_with_timeout<T>(io: T, config: &ServiceConfig) -> HandshakeWithTimeout<T>
 where
    T: AsyncRead + AsyncWrite + Unpin,
 {
--- a/actix-http/src/h2/service.rs
+++ b/actix-http/src/h2/service.rs
@ -16,6 +16,7 @@ use actix_utils::future::ready;
 use futures_core::{future::LocalBoxFuture, ready};
 use tracing::{error, trace};

+use super::{dispatcher::Dispatcher, handshake_with_timeout, HandshakeWithTimeout};
 use crate::{
    body::{BoxBody, MessageBody},
    config::ServiceConfig,
@ -24,8 +25,6 @@ use crate::{
    ConnectCallback, OnConnectData, Request, Response,
 };

-use super::{dispatcher::Dispatcher, handshake_with_timeout, HandshakeWithTimeout};
-
 /// `ServiceFactory` implementation for HTTP/2 transport
 pub struct H2Service<T, S, B> {
    srv: S,
@ -141,8 +140,8 @@ mod openssl {
    }
 }

-#[cfg(feature = "rustls")]
-mod rustls {
+#[cfg(feature = "rustls-0_20")]
+mod rustls_0_20 {
    use std::io;

    use actix_service::ServiceFactoryExt as _;
@ -163,7 +162,7 @@ mod rustls {

        B: MessageBody + 'static,
    {
-        /// Create Rustls based service.
+        /// Create Rustls v0.20 based service.
        pub fn rustls(
            self,
            mut config: ServerConfig,
@ -192,6 +191,159 @@ mod rustls {
    }
 }

+#[cfg(feature = "rustls-0_21")]
+mod rustls_0_21 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_21::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+    {
+        /// Create Rustls v0.21 based service.
+        pub fn rustls_021(
+            self,
+            mut config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = S::InitError,
+        > {
+            let mut protos = vec![b"h2".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_22")]
+mod rustls_0_22 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_22::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+    {
+        /// Create Rustls v0.22 based service.
+        pub fn rustls_0_22(
+            self,
+            mut config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = S::InitError,
+        > {
+            let mut protos = vec![b"h2".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_23")]
+mod rustls_0_23 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_23::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+    {
+        /// Create Rustls v0.23 based service.
+        pub fn rustls_0_23(
+            self,
+            mut config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = S::InitError,
+        > {
+            let mut protos = vec![b"h2".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            Acceptor::new(config)
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .map(|io: TlsStream<TcpStream>| {
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    (io, peer_addr)
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
 impl<T, S, B> ServiceFactory<(T, Option<net::SocketAddr>)> for H2Service<T, S, B>
 where
    T: AsyncRead + AsyncWrite + Unpin + 'static,
@ -282,7 +434,7 @@ where

        H2ServiceHandlerResponse {
            state: State::Handshake(
-                Some(self.flow.clone()),
+                Some(Rc::clone(&self.flow)),
                Some(self.cfg.clone()),
                addr,
                on_connect_data,
--- a/actix-http/src/header/common.rs
+++ b/actix-http/src/header/common.rs
@ -18,6 +18,14 @@ pub const CACHE_STATUS: HeaderName = HeaderName::from_static("cache-status");
 // TODO(breaking): replace with http's version
 pub const CDN_CACHE_CONTROL: HeaderName = HeaderName::from_static("cdn-cache-control");

+/// Response header field that sends a signal to the user agent that it ought to remove all data of
+/// a certain set of types.
+///
+/// See the [W3C Clear-Site-Data spec] for full semantics.
+///
+/// [W3C Clear-Site-Data spec]: https://www.w3.org/TR/clear-site-data/#header
+pub const CLEAR_SITE_DATA: HeaderName = HeaderName::from_static("clear-site-data");
+
 /// Response header that prevents a document from loading any cross-origin resources that don't
 /// explicitly grant the document permission (using [CORP] or [CORS]).
 ///
--- a/actix-http/src/header/into_pair.rs
+++ b/actix-http/src/header/into_pair.rs
@ -1,7 +1,5 @@
 //! [`TryIntoHeaderPair`] trait and implementations.

-use std::convert::TryFrom as _;
-
 use super::{
    Header, HeaderName, HeaderValue, InvalidHeaderName, InvalidHeaderValue, TryIntoHeaderValue,
 };
--- a/actix-http/src/header/into_value.rs
+++ b/actix-http/src/header/into_value.rs
@ -1,7 +1,5 @@
 //! [`TryIntoHeaderValue`] trait and implementations.

-use std::convert::TryFrom as _;
-
 use bytes::Bytes;
 use http::{header::InvalidHeaderValue, Error as HttpError, HeaderValue};
 use mime::Mime;
--- a/actix-http/src/header/map.rs
+++ b/actix-http/src/header/map.rs
@ -2,7 +2,7 @@

 use std::{borrow::Cow, collections::hash_map, iter, ops};

-use ahash::AHashMap;
+use foldhash::{HashMap as FoldHashMap, HashMapExt as _};
 use http::header::{HeaderName, HeaderValue};
 use smallvec::{smallvec, SmallVec};

@ -13,8 +13,9 @@ use super::AsHeaderName;
 /// `HeaderMap` is a "multi-map" of [`HeaderName`] to one or more [`HeaderValue`]s.
 ///
 /// # Examples
+///
 /// ```
-/// use actix_http::header::{self, HeaderMap, HeaderValue};
+/// # use actix_http::header::{self, HeaderMap, HeaderValue};
 ///
 /// let mut map = HeaderMap::new();
 ///
@ -29,9 +30,24 @@ use super::AsHeaderName;
 ///
 /// assert!(!map.contains_key(header::ORIGIN));
 /// ```
+///
+/// Construct a header map using the [`FromIterator`] implementation. Note that it uses the append
+/// strategy, so duplicate header names are preserved.
+///
+/// ```
+/// use actix_http::header::{self, HeaderMap, HeaderValue};
+///
+/// let headers = HeaderMap::from_iter([
+///     (header::CONTENT_TYPE, HeaderValue::from_static("text/plain")),
+///     (header::COOKIE, HeaderValue::from_static("foo=1")),
+///     (header::COOKIE, HeaderValue::from_static("bar=1")),
+/// ]);
+///
+/// assert_eq!(headers.len(), 3);
+/// ```
 #[derive(Debug, Clone, Default)]
 pub struct HeaderMap {
-    pub(crate) inner: AHashMap<HeaderName, Value>,
+    pub(crate) inner: FoldHashMap<HeaderName, Value>,
 }

 /// A bespoke non-empty list for HeaderMap values.
@ -100,7 +116,7 @@ impl HeaderMap {
    /// ```
    pub fn with_capacity(capacity: usize) -> Self {
        HeaderMap {
-            inner: AHashMap::with_capacity(capacity),
+            inner: FoldHashMap::with_capacity(capacity),
        }
    }

@ -368,8 +384,8 @@ impl HeaderMap {
    /// let removed = map.insert(header::ACCEPT, HeaderValue::from_static("text/html"));
    /// assert!(!removed.is_empty());
    /// ```
-    pub fn insert(&mut self, key: HeaderName, val: HeaderValue) -> Removed {
-        let value = self.inner.insert(key, Value::one(val));
+    pub fn insert(&mut self, name: HeaderName, val: HeaderValue) -> Removed {
+        let value = self.inner.insert(name, Value::one(val));
        Removed::new(value)
    }

@ -636,10 +652,34 @@ impl<'a> IntoIterator for &'a HeaderMap {
    }
 }

-/// Convert `http::HeaderMap` to our `HeaderMap`.
+impl FromIterator<(HeaderName, HeaderValue)> for HeaderMap {
+    fn from_iter<T: IntoIterator<Item = (HeaderName, HeaderValue)>>(iter: T) -> Self {
+        iter.into_iter()
+            .fold(Self::new(), |mut map, (name, value)| {
+                map.append(name, value);
+                map
+            })
+    }
+}
+
+/// Convert a `http::HeaderMap` to our `HeaderMap`.
 impl From<http::HeaderMap> for HeaderMap {
-    fn from(mut map: http::HeaderMap) -> HeaderMap {
-        HeaderMap::from_drain(map.drain())
+    fn from(mut map: http::HeaderMap) -> Self {
+        Self::from_drain(map.drain())
+    }
+}
+
+/// Convert our `HeaderMap` to a `http::HeaderMap`.
+impl From<HeaderMap> for http::HeaderMap {
+    fn from(map: HeaderMap) -> Self {
+        Self::from_iter(map)
+    }
+}
+
+/// Convert our `&HeaderMap` to a `http::HeaderMap`.
+impl From<&HeaderMap> for http::HeaderMap {
+    fn from(map: &HeaderMap) -> Self {
+        map.to_owned().into()
    }
 }

@ -790,7 +830,7 @@ impl<'a> Drain<'a> {
    }
 }

-impl<'a> Iterator for Drain<'a> {
+impl Iterator for Drain<'_> {
    type Item = (Option<HeaderName>, HeaderValue);

    fn next(&mut self) -> Option<Self::Item> {
@ -1120,9 +1160,7 @@ mod tests {
        assert!(vals.next().is_none());
    }

-    fn owned_pair<'a>(
-        (name, val): (&'a HeaderName, &'a HeaderValue),
-    ) -> (HeaderName, HeaderValue) {
+    fn owned_pair<'a>((name, val): (&'a HeaderName, &'a HeaderValue)) -> (HeaderName, HeaderValue) {
        (name.clone(), val.clone())
    }
 }
--- a/actix-http/src/header/mod.rs
+++ b/actix-http/src/header/mod.rs
@ -3,33 +3,30 @@
 // declaring new header consts will yield this error
 #![allow(clippy::declare_interior_mutable_const)]

-use percent_encoding::{AsciiSet, CONTROLS};
-
 // re-export from http except header map related items
 pub use ::http::header::{
    HeaderName, HeaderValue, InvalidHeaderName, InvalidHeaderValue, ToStrError,
 };
-
 // re-export const header names, list is explicit so that any updates to `common` module do not
 // conflict with this set
 pub use ::http::header::{
    ACCEPT, ACCEPT_CHARSET, ACCEPT_ENCODING, ACCEPT_LANGUAGE, ACCEPT_RANGES,
-    ACCESS_CONTROL_ALLOW_CREDENTIALS, ACCESS_CONTROL_ALLOW_HEADERS,
-    ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN, ACCESS_CONTROL_EXPOSE_HEADERS,
-    ACCESS_CONTROL_MAX_AGE, ACCESS_CONTROL_REQUEST_HEADERS, ACCESS_CONTROL_REQUEST_METHOD, AGE,
-    ALLOW, ALT_SVC, AUTHORIZATION, CACHE_CONTROL, CONNECTION, CONTENT_DISPOSITION,
-    CONTENT_ENCODING, CONTENT_LANGUAGE, CONTENT_LENGTH, CONTENT_LOCATION, CONTENT_RANGE,
-    CONTENT_SECURITY_POLICY, CONTENT_SECURITY_POLICY_REPORT_ONLY, CONTENT_TYPE, COOKIE, DATE,
-    DNT, ETAG, EXPECT, EXPIRES, FORWARDED, FROM, HOST, IF_MATCH, IF_MODIFIED_SINCE,
-    IF_NONE_MATCH, IF_RANGE, IF_UNMODIFIED_SINCE, LAST_MODIFIED, LINK, LOCATION, MAX_FORWARDS,
-    ORIGIN, PRAGMA, PROXY_AUTHENTICATE, PROXY_AUTHORIZATION, PUBLIC_KEY_PINS,
-    PUBLIC_KEY_PINS_REPORT_ONLY, RANGE, REFERER, REFERRER_POLICY, REFRESH, RETRY_AFTER,
-    SEC_WEBSOCKET_ACCEPT, SEC_WEBSOCKET_EXTENSIONS, SEC_WEBSOCKET_KEY, SEC_WEBSOCKET_PROTOCOL,
-    SEC_WEBSOCKET_VERSION, SERVER, SET_COOKIE, STRICT_TRANSPORT_SECURITY, TE, TRAILER,
-    TRANSFER_ENCODING, UPGRADE, UPGRADE_INSECURE_REQUESTS, USER_AGENT, VARY, VIA, WARNING,
-    WWW_AUTHENTICATE, X_CONTENT_TYPE_OPTIONS, X_DNS_PREFETCH_CONTROL, X_FRAME_OPTIONS,
-    X_XSS_PROTECTION,
+    ACCESS_CONTROL_ALLOW_CREDENTIALS, ACCESS_CONTROL_ALLOW_HEADERS, ACCESS_CONTROL_ALLOW_METHODS,
+    ACCESS_CONTROL_ALLOW_ORIGIN, ACCESS_CONTROL_EXPOSE_HEADERS, ACCESS_CONTROL_MAX_AGE,
+    ACCESS_CONTROL_REQUEST_HEADERS, ACCESS_CONTROL_REQUEST_METHOD, AGE, ALLOW, ALT_SVC,
+    AUTHORIZATION, CACHE_CONTROL, CONNECTION, CONTENT_DISPOSITION, CONTENT_ENCODING,
+    CONTENT_LANGUAGE, CONTENT_LENGTH, CONTENT_LOCATION, CONTENT_RANGE, CONTENT_SECURITY_POLICY,
+    CONTENT_SECURITY_POLICY_REPORT_ONLY, CONTENT_TYPE, COOKIE, DATE, DNT, ETAG, EXPECT, EXPIRES,
+    FORWARDED, FROM, HOST, IF_MATCH, IF_MODIFIED_SINCE, IF_NONE_MATCH, IF_RANGE,
+    IF_UNMODIFIED_SINCE, LAST_MODIFIED, LINK, LOCATION, MAX_FORWARDS, ORIGIN, PRAGMA,
+    PROXY_AUTHENTICATE, PROXY_AUTHORIZATION, PUBLIC_KEY_PINS, PUBLIC_KEY_PINS_REPORT_ONLY, RANGE,
+    REFERER, REFERRER_POLICY, REFRESH, RETRY_AFTER, SEC_WEBSOCKET_ACCEPT, SEC_WEBSOCKET_EXTENSIONS,
+    SEC_WEBSOCKET_KEY, SEC_WEBSOCKET_PROTOCOL, SEC_WEBSOCKET_VERSION, SERVER, SET_COOKIE,
+    STRICT_TRANSPORT_SECURITY, TE, TRAILER, TRANSFER_ENCODING, UPGRADE, UPGRADE_INSECURE_REQUESTS,
+    USER_AGENT, VARY, VIA, WARNING, WWW_AUTHENTICATE, X_CONTENT_TYPE_OPTIONS,
+    X_DNS_PREFETCH_CONTROL, X_FRAME_OPTIONS, X_XSS_PROTECTION,
 };
+use percent_encoding::{AsciiSet, CONTROLS};

 use crate::{error::ParseError, HttpMessage};

@ -43,23 +40,22 @@ mod utils;

 pub use self::{
    as_name::AsHeaderName,
+    // re-export list is explicit so that any updates to `http` do not conflict with this set
+    common::{
+        CACHE_STATUS, CDN_CACHE_CONTROL, CLEAR_SITE_DATA, CROSS_ORIGIN_EMBEDDER_POLICY,
+        CROSS_ORIGIN_OPENER_POLICY, CROSS_ORIGIN_RESOURCE_POLICY, PERMISSIONS_POLICY,
+        X_FORWARDED_FOR, X_FORWARDED_HOST, X_FORWARDED_PROTO,
+    },
    into_pair::TryIntoHeaderPair,
    into_value::TryIntoHeaderValue,
    map::HeaderMap,
    shared::{
-        parse_extended_value, q, Charset, ContentEncoding, ExtendedValue, HttpDate,
-        LanguageTag, Quality, QualityItem,
+        parse_extended_value, q, Charset, ContentEncoding, ExtendedValue, HttpDate, LanguageTag,
+        Quality, QualityItem,
    },
    utils::{fmt_comma_delimited, from_comma_delimited, from_one_raw_str, http_percent_encode},
 };

-// re-export list is explicit so that any updates to `http` do not conflict with this set
-pub use self::common::{
-    CACHE_STATUS, CDN_CACHE_CONTROL, CROSS_ORIGIN_EMBEDDER_POLICY, CROSS_ORIGIN_OPENER_POLICY,
-    CROSS_ORIGIN_RESOURCE_POLICY, PERMISSIONS_POLICY, X_FORWARDED_FOR, X_FORWARDED_HOST,
-    X_FORWARDED_PROTO,
-};
-
 /// An interface for types that already represent a valid header.
 pub trait Header: TryIntoHeaderValue {
    /// Returns the name of the header field.
--- a/actix-http/src/header/shared/content_encoding.rs
+++ b/actix-http/src/header/shared/content_encoding.rs
@ -1,4 +1,4 @@
-use std::{convert::TryFrom, str::FromStr};
+use std::str::FromStr;

 use derive_more::{Display, Error};
 use http::header::InvalidHeaderValue;
@ -11,7 +11,7 @@ use crate::{

 /// Error returned when a content encoding is unknown.
 #[derive(Debug, Display, Error)]
-#[display(fmt = "unsupported content encoding")]
+#[display("unsupported content encoding")]
 pub struct ContentEncodingParseError;

 /// Represents a supported content encoding.
--- a/actix-http/src/header/shared/http_date.rs
+++ b/actix-http/src/header/shared/http_date.rs
@ -24,8 +24,7 @@ impl FromStr for HttpDate {

 impl fmt::Display for HttpDate {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        let date_str = httpdate::fmt_http_date(self.0);
-        f.write_str(&date_str)
+        httpdate::HttpDate::from(self.0).fmt(f)
    }
 }

@ -37,7 +36,7 @@ impl TryIntoHeaderValue for HttpDate {
        let mut wrt = MutWriter(&mut buf);

        // unwrap: date output is known to be well formed and of known length
-        write!(wrt, "{}", httpdate::fmt_http_date(self.0)).unwrap();
+        write!(wrt, "{}", self).unwrap();

        HeaderValue::from_maybe_shared(buf.split().freeze())
    }
--- a/actix-http/src/header/shared/mod.rs
+++ b/actix-http/src/header/shared/mod.rs
@ -1,5 +1,7 @@
 //! Originally taken from `hyper::header::shared`.

+pub use language_tags::LanguageTag;
+
 mod charset;
 mod content_encoding;
 mod extended;
@ -7,10 +9,11 @@ mod http_date;
 mod quality;
 mod quality_item;

-pub use self::charset::Charset;
-pub use self::content_encoding::ContentEncoding;
-pub use self::extended::{parse_extended_value, ExtendedValue};
-pub use self::http_date::HttpDate;
-pub use self::quality::{q, Quality};
-pub use self::quality_item::QualityItem;
-pub use language_tags::LanguageTag;
+pub use self::{
+    charset::Charset,
+    content_encoding::ContentEncoding,
+    extended::{parse_extended_value, ExtendedValue},
+    http_date::HttpDate,
+    quality::{q, Quality},
+    quality_item::QualityItem,
+};
--- a/actix-http/src/header/shared/quality.rs
+++ b/actix-http/src/header/shared/quality.rs
@ -1,7 +1,4 @@
-use std::{
-    convert::{TryFrom, TryInto},
-    fmt,
-};
+use std::fmt;

 use derive_more::{Display, Error};

@ -128,7 +125,7 @@ pub fn itoa_fmt<W: fmt::Write, V: itoa::Integer>(mut wr: W, value: V) -> fmt::Re
 }

 #[derive(Debug, Clone, Display, Error)]
-#[display(fmt = "quality out of bounds")]
+#[display("quality out of bounds")]
 #[non_exhaustive]
 pub struct QualityOutOfBounds;

--- a/actix-http/src/header/shared/quality_item.rs
+++ b/actix-http/src/header/shared/quality_item.rs
@ -1,8 +1,7 @@
-use std::{cmp, convert::TryFrom as _, fmt, str};
-
-use crate::error::ParseError;
+use std::{cmp, fmt, str};

 use super::Quality;
+use crate::error::ParseError;

 /// Represents an item with a quality value as defined
 /// in [RFC 7231 §5.3.1](https://datatracker.ietf.org/doc/html/rfc7231#section-5.3.1).
--- a/actix-http/src/header/utils.rs
+++ b/actix-http/src/header/utils.rs
@ -80,18 +80,18 @@ mod tests {

    #[test]
    fn comma_delimited_parsing() {
-        let headers = vec![];
+        let headers = [];
        let res: Vec<usize> = from_comma_delimited(headers.iter()).unwrap();
        assert_eq!(res, vec![0; 0]);

-        let headers = vec![
+        let headers = [
            HeaderValue::from_static("1, 2"),
            HeaderValue::from_static("3,4"),
        ];
        let res: Vec<usize> = from_comma_delimited(headers.iter()).unwrap();
        assert_eq!(res, vec![1, 2, 3, 4]);

-        let headers = vec![
+        let headers = [
            HeaderValue::from_static(""),
            HeaderValue::from_static(","),
            HeaderValue::from_static("  "),
--- a/actix-http/src/helpers.rs
+++ b/actix-http/src/helpers.rs
@ -61,7 +61,7 @@ pub fn write_content_length<B: BufMut>(n: u64, buf: &mut B, camel_case: bool) {
 /// perform a remaining length check before writing.
 pub(crate) struct MutWriter<'a, B>(pub(crate) &'a mut B);

-impl<'a, B> io::Write for MutWriter<'a, B>
+impl<B> io::Write for MutWriter<'_, B>
 where
    B: BufMut,
 {
--- a/actix-http/src/http_message.rs
+++ b/actix-http/src/http_message.rs
@ -61,9 +61,7 @@ pub trait HttpMessage: Sized {
    fn encoding(&self) -> Result<&'static Encoding, ContentTypeError> {
        if let Some(mime_type) = self.mime_type()? {
            if let Some(charset) = mime_type.get_param("charset") {
-                if let Some(enc) =
-                    Encoding::for_label_no_replacement(charset.as_str().as_bytes())
-                {
+                if let Some(enc) = Encoding::for_label_no_replacement(charset.as_str().as_bytes()) {
                    Ok(enc)
                } else {
                    Err(ContentTypeError::UnknownEncoding)
@ -105,7 +103,7 @@ pub trait HttpMessage: Sized {
    }
 }

-impl<'a, T> HttpMessage for &'a mut T
+impl<T> HttpMessage for &mut T
 where
    T: HttpMessage,
 {
@ -146,7 +144,7 @@ mod tests {
            .finish();
        assert_eq!(req.content_type(), "text/plain");
        let req = TestRequest::default()
-            .insert_header(("content-type", "application/json; charset=utf=8"))
+            .insert_header(("content-type", "application/json; charset=utf-8"))
            .finish();
        assert_eq!(req.content_type(), "application/json");
        let req = TestRequest::default().finish();
--- a/actix-http/src/lib.rs
+++ b/actix-http/src/lib.rs
@ -1,11 +1,15 @@
-//! HTTP primitives for the Actix ecosystem.
+//! HTTP types and services for the Actix ecosystem.
 //!
 //! ## Crate Features
+//!
 //! | Feature             | Functionality                               |
 //! | ------------------- | ------------------------------------------- |
 //! | `http2`             | HTTP/2 support via [h2].                    |
 //! | `openssl`           | TLS support via [OpenSSL].                  |
-//! | `rustls`            | TLS support via [rustls].                   |
+//! | `rustls-0_20`       | TLS support via rustls 0.20.                |
+//! | `rustls-0_21`       | TLS support via rustls 0.21.                |
+//! | `rustls-0_22`       | TLS support via rustls 0.22.                |
+//! | `rustls-0_23`       | TLS support via [rustls] 0.23.              |
 //! | `compress-brotli`   | Payload compression support: Brotli.        |
 //! | `compress-gzip`     | Payload compression support: Deflate, Gzip. |
 //! | `compress-zstd`     | Payload compression support: Zstd.          |
@ -16,20 +20,16 @@
 //! [rustls]: https://crates.io/crates/rustls
 //! [trust-dns]: https://crates.io/crates/trust-dns

-#![deny(rust_2018_idioms, nonstandard_style)]
-#![warn(future_incompatible)]
 #![allow(
    clippy::type_complexity,
    clippy::too_many_arguments,
-    clippy::borrow_interior_mutable_const,
-    clippy::uninlined_format_args
+    clippy::borrow_interior_mutable_const
 )]
 #![doc(html_logo_url = "https://actix.rs/img/logo.png")]
 #![doc(html_favicon_url = "https://actix.rs/favicon.ico")]
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]

-pub use ::http::{uri, uri::Uri};
-pub use ::http::{Method, StatusCode, Version};
+pub use http::{uri, uri::Uri, Method, StatusCode, Version};

 pub mod body;
 mod builder;
@ -57,22 +57,24 @@ pub mod test;
 #[cfg(feature = "ws")]
 pub mod ws;

-pub use self::builder::HttpServiceBuilder;
-pub use self::config::ServiceConfig;
-pub use self::error::Error;
-pub use self::extensions::Extensions;
-pub use self::header::ContentEncoding;
-pub use self::http_message::HttpMessage;
-pub use self::keep_alive::KeepAlive;
-pub use self::message::ConnectionType;
-pub use self::message::Message;
 #[allow(deprecated)]
-pub use self::payload::{BoxedPayloadStream, Payload, PayloadStream};
-pub use self::requests::{Request, RequestHead, RequestHeadType};
-pub use self::responses::{Response, ResponseBuilder, ResponseHead};
-pub use self::service::HttpService;
-#[cfg(any(feature = "openssl", feature = "rustls"))]
+pub use self::payload::PayloadStream;
+#[cfg(feature = "__tls")]
 pub use self::service::TlsAcceptorConfig;
+pub use self::{
+    builder::HttpServiceBuilder,
+    config::ServiceConfig,
+    error::Error,
+    extensions::Extensions,
+    header::ContentEncoding,
+    http_message::HttpMessage,
+    keep_alive::KeepAlive,
+    message::{ConnectionType, Message},
+    payload::{BoxedPayloadStream, Payload},
+    requests::{Request, RequestHead, RequestHeadType},
+    responses::{Response, ResponseBuilder, ResponseHead},
+    service::HttpService,
+};

 /// A major HTTP protocol version.
 #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash)]
--- a/actix-http/src/message.rs
+++ b/actix-http/src/message.rs
@ -16,6 +16,7 @@ pub enum ConnectionType {
 }

 bitflags! {
+    #[derive(Debug, Clone, Copy)]
    pub(crate) struct Flags: u8 {
        const CLOSE       = 0b0000_0001;
        const KEEP_ALIVE  = 0b0000_0010;
@ -65,7 +66,7 @@ impl<T: Head> ops::DerefMut for Message<T> {

 impl<T: Head> Drop for Message<T> {
    fn drop(&mut self) {
-        T::with_pool(|p| p.release(self.head.clone()))
+        T::with_pool(|p| p.release(Rc::clone(&self.head)))
    }
 }

--- a/actix-http/src/notify_on_drop.rs
+++ b/actix-http/src/notify_on_drop.rs
@ -5,7 +5,7 @@
 use std::cell::RefCell;

 thread_local! {
-    static NOTIFY_DROPPED: RefCell<Option<bool>> = RefCell::new(None);
+    static NOTIFY_DROPPED: RefCell<Option<bool>> = const { RefCell::new(None) };
 }

 /// Check if the spawned task is dropped.
--- a/actix-http/src/payload.rs
+++ b/actix-http/src/payload.rs
@ -41,13 +41,31 @@ pin_project! {
 }

 impl<S> From<crate::h1::Payload> for Payload<S> {
+    #[inline]
    fn from(payload: crate::h1::Payload) -> Self {
        Payload::H1 { payload }
    }
 }

+impl<S> From<Bytes> for Payload<S> {
+    #[inline]
+    fn from(bytes: Bytes) -> Self {
+        let (_, mut pl) = crate::h1::Payload::create(true);
+        pl.unread_data(bytes);
+        self::Payload::from(pl)
+    }
+}
+
+impl<S> From<Vec<u8>> for Payload<S> {
+    #[inline]
+    fn from(vec: Vec<u8>) -> Self {
+        Payload::from(Bytes::from(vec))
+    }
+}
+
 #[cfg(feature = "http2")]
 impl<S> From<crate::h2::Payload> for Payload<S> {
+    #[inline]
    fn from(payload: crate::h2::Payload) -> Self {
        Payload::H2 { payload }
    }
@ -55,6 +73,7 @@ impl<S> From<crate::h2::Payload> for Payload<S> {

 #[cfg(feature = "http2")]
 impl<S> From<::h2::RecvStream> for Payload<S> {
+    #[inline]
    fn from(stream: ::h2::RecvStream) -> Self {
        Payload::H2 {
            payload: crate::h2::Payload::new(stream),
@ -63,13 +82,15 @@ impl<S> From<::h2::RecvStream> for Payload<S> {
 }

 impl From<BoxedPayloadStream> for Payload {
+    #[inline]
    fn from(payload: BoxedPayloadStream) -> Self {
        Payload::Stream { payload }
    }
 }

 impl<S> Payload<S> {
-    /// Takes current payload and replaces it with `None` value
+    /// Takes current payload and replaces it with `None` value.
+    #[must_use]
    pub fn take(&mut self) -> Payload<S> {
        mem::replace(self, Payload::None)
    }
--- a/actix-http/src/requests/head.rs
+++ b/actix-http/src/requests/head.rs
@ -16,7 +16,10 @@ pub struct RequestHead {
    pub uri: Uri,
    pub version: Version,
    pub headers: HeaderMap,
+
+    /// Will only be None when called in unit tests unless set manually.
    pub peer_addr: Option<net::SocketAddr>,
+
    flags: Flags,
 }

--- a/actix-http/src/requests/mod.rs
+++ b/actix-http/src/requests/mod.rs
@ -3,5 +3,7 @@
 mod head;
 mod request;

-pub use self::head::{RequestHead, RequestHeadType};
-pub use self::request::Request;
+pub use self::{
+    head::{RequestHead, RequestHeadType},
+    request::Request,
+};
--- a/actix-http/src/requests/request.rs
+++ b/actix-http/src/requests/request.rs
@ -10,8 +10,7 @@ use std::{
 use http::{header, Method, Uri, Version};

 use crate::{
-    header::HeaderMap, BoxedPayloadStream, Extensions, HttpMessage, Message, Payload,
-    RequestHead,
+    header::HeaderMap, BoxedPayloadStream, Extensions, HttpMessage, Message, Payload, RequestHead,
 };

 /// An HTTP request.
@ -174,7 +173,7 @@ impl<P> Request<P> {
    /// Peer address is the directly connected peer's socket address. If a proxy is used in front of
    /// the Actix Web server, then it would be address of this proxy.
    ///
-    /// Will only return None when called in unit tests.
+    /// Will only return None when called in unit tests unless set manually.
    #[inline]
    pub fn peer_addr(&self) -> Option<net::SocketAddr> {
        self.head().peer_addr
@ -234,7 +233,6 @@ impl<P> fmt::Debug for Request<P> {
 #[cfg(test)]
 mod tests {
    use super::*;
-    use std::convert::TryFrom;

    #[test]
    fn test_basics() {
--- a/actix-http/src/responses/builder.rs
+++ b/actix-http/src/responses/builder.rs
@ -93,7 +93,7 @@ impl ResponseBuilder {
                Ok((key, value)) => {
                    parts.headers.insert(key, value);
                }
-                Err(e) => self.err = Some(e.into()),
+                Err(err) => self.err = Some(err.into()),
            };
        }

@ -119,7 +119,7 @@ impl ResponseBuilder {
        if let Some(parts) = self.inner() {
            match header.try_into_pair() {
                Ok((key, value)) => parts.headers.append(key, value),
-                Err(e) => self.err = Some(e.into()),
+                Err(err) => self.err = Some(err.into()),
            };
        }

@ -193,7 +193,7 @@ impl ResponseBuilder {
                Ok(value) => {
                    parts.headers.insert(header::CONTENT_TYPE, value);
                }
-                Err(e) => self.err = Some(e.into()),
+                Err(err) => self.err = Some(err.into()),
            };
        }
        self
@ -351,12 +351,9 @@ mod tests {
        assert_eq!(resp.headers().get(CONTENT_TYPE).unwrap(), "text/plain");

        let resp = Response::build(StatusCode::OK)
-            .content_type(mime::APPLICATION_JAVASCRIPT_UTF_8)
+            .content_type(mime::TEXT_JAVASCRIPT)
            .body(Bytes::new());
-        assert_eq!(
-            resp.headers().get(CONTENT_TYPE).unwrap(),
-            "application/javascript; charset=utf-8"
-        );
+        assert_eq!(resp.headers().get(CONTENT_TYPE).unwrap(), "text/javascript");
    }

    #[test]
--- a/actix-http/src/responses/mod.rs
+++ b/actix-http/src/responses/mod.rs
@ -5,7 +5,5 @@ mod head;
 #[allow(clippy::module_inception)]
 mod response;

-pub use self::builder::ResponseBuilder;
 pub(crate) use self::head::BoxedResponseHead;
-pub use self::head::ResponseHead;
-pub use self::response::Response;
+pub use self::{builder::ResponseBuilder, head::ResponseHead, response::Response};
--- a/actix-http/src/service.rs
+++ b/actix-http/src/service.rs
@ -30,9 +30,9 @@ use crate::{
 ///
 /// # Automatic HTTP Version Selection
 /// There are two ways to select the HTTP version of an incoming connection:
-/// - One is to rely on the ALPN information that is provided when using a TLS (HTTPS); both
-///   versions are supported automatically when using either of the `.rustls()` or `.openssl()`
-///   finalizing methods.
+/// - One is to rely on the ALPN information that is provided when using TLS (HTTPS); both versions
+///   are supported automatically when using either of the `.rustls()` or `.openssl()` finalizing
+///   methods.
 /// - The other is to read the first few bytes of the TCP stream. This is the only viable approach
 ///   for supporting H2C, which allows the HTTP/2 protocol to work over plaintext connections. Use
 ///   the `.tcp_auto_h2c()` finalizing method to enable this behavior.
@ -200,13 +200,8 @@ where
    /// The resulting service only supports HTTP/1.x.
    pub fn tcp(
        self,
-    ) -> impl ServiceFactory<
-        TcpStream,
-        Config = (),
-        Response = (),
-        Error = DispatchError,
-        InitError = (),
-    > {
+    ) -> impl ServiceFactory<TcpStream, Config = (), Response = (), Error = DispatchError, InitError = ()>
+    {
        fn_service(|io: TcpStream| async {
            let peer_addr = io.peer_addr().ok();
            Ok((io, Protocol::Http1, peer_addr))
@ -219,13 +214,8 @@ where
    #[cfg(feature = "http2")]
    pub fn tcp_auto_h2c(
        self,
-    ) -> impl ServiceFactory<
-        TcpStream,
-        Config = (),
-        Response = (),
-        Error = DispatchError,
-        InitError = (),
-    > {
+    ) -> impl ServiceFactory<TcpStream, Config = (), Response = (), Error = DispatchError, InitError = ()>
+    {
        fn_service(move |io: TcpStream| async move {
            // subset of HTTP/2 preface defined by RFC 9113 §3.4
            // this subset was chosen to maximize likelihood that peeking only once will allow us to
@ -251,13 +241,13 @@ where
 }

 /// Configuration options used when accepting TLS connection.
-#[cfg(any(feature = "openssl", feature = "rustls"))]
+#[cfg(feature = "__tls")]
 #[derive(Debug, Default)]
 pub struct TlsAcceptorConfig {
    pub(crate) handshake_timeout: Option<std::time::Duration>,
 }

-#[cfg(any(feature = "openssl", feature = "rustls"))]
+#[cfg(feature = "__tls")]
 impl TlsAcceptorConfig {
    /// Set TLS handshake timeout duration.
    pub fn handshake_timeout(self, dur: std::time::Duration) -> Self {
@ -362,13 +352,13 @@ mod openssl {
    }
 }

-#[cfg(feature = "rustls")]
-mod rustls {
+#[cfg(feature = "rustls-0_20")]
+mod rustls_0_20 {
    use std::io;

    use actix_service::ServiceFactoryExt as _;
    use actix_tls::accept::{
-        rustls::{reexports::ServerConfig, Acceptor, TlsStream},
+        rustls_0_20::{reexports::ServerConfig, Acceptor, TlsStream},
        TlsError,
    };

@ -399,7 +389,7 @@ mod rustls {
        U::Error: fmt::Display + Into<Response<BoxBody>>,
        U::InitError: fmt::Debug,
    {
-        /// Create Rustls based service.
+        /// Create Rustls v0.20 based service.
        pub fn rustls(
            self,
            config: ServerConfig,
@ -413,7 +403,7 @@ mod rustls {
            self.rustls_with_config(config, TlsAcceptorConfig::default())
        }

-        /// Create Rustls based service with custom TLS acceptor configuration.
+        /// Create Rustls v0.20 based service with custom TLS acceptor configuration.
        pub fn rustls_with_config(
            self,
            mut config: ServerConfig,
@ -458,6 +448,294 @@ mod rustls {
    }
 }

+#[cfg(feature = "rustls-0_21")]
+mod rustls_0_21 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_21::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> HttpService<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, h1::Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.21 based service.
+        pub fn rustls_021(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            self.rustls_021_with_config(config, TlsAcceptorConfig::default())
+        }
+
+        /// Create Rustls v0.21 based service with custom TLS acceptor configuration.
+        pub fn rustls_021_with_config(
+            self,
+            mut config: ServerConfig,
+            tls_acceptor_config: TlsAcceptorConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            let mut protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            let mut acceptor = Acceptor::new(config);
+
+            if let Some(handshake_timeout) = tls_acceptor_config.handshake_timeout {
+                acceptor.set_handshake_timeout(handshake_timeout);
+            }
+
+            acceptor
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .and_then(|io: TlsStream<TcpStream>| async {
+                    let proto = if let Some(protos) = io.get_ref().1.alpn_protocol() {
+                        if protos.windows(2).any(|window| window == b"h2") {
+                            Protocol::Http2
+                        } else {
+                            Protocol::Http1
+                        }
+                    } else {
+                        Protocol::Http1
+                    };
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    Ok((io, proto, peer_addr))
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_22")]
+mod rustls_0_22 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_22::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> HttpService<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, h1::Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.22 based service.
+        pub fn rustls_0_22(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            self.rustls_0_22_with_config(config, TlsAcceptorConfig::default())
+        }
+
+        /// Create Rustls v0.22 based service with custom TLS acceptor configuration.
+        pub fn rustls_0_22_with_config(
+            self,
+            mut config: ServerConfig,
+            tls_acceptor_config: TlsAcceptorConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            let mut protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            let mut acceptor = Acceptor::new(config);
+
+            if let Some(handshake_timeout) = tls_acceptor_config.handshake_timeout {
+                acceptor.set_handshake_timeout(handshake_timeout);
+            }
+
+            acceptor
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .and_then(|io: TlsStream<TcpStream>| async {
+                    let proto = if let Some(protos) = io.get_ref().1.alpn_protocol() {
+                        if protos.windows(2).any(|window| window == b"h2") {
+                            Protocol::Http2
+                        } else {
+                            Protocol::Http1
+                        }
+                    } else {
+                        Protocol::Http1
+                    };
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    Ok((io, proto, peer_addr))
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
+#[cfg(feature = "rustls-0_23")]
+mod rustls_0_23 {
+    use std::io;
+
+    use actix_service::ServiceFactoryExt as _;
+    use actix_tls::accept::{
+        rustls_0_23::{reexports::ServerConfig, Acceptor, TlsStream},
+        TlsError,
+    };
+
+    use super::*;
+
+    impl<S, B, X, U> HttpService<TlsStream<TcpStream>, S, B, X, U>
+    where
+        S: ServiceFactory<Request, Config = ()>,
+        S::Future: 'static,
+        S::Error: Into<Response<BoxBody>> + 'static,
+        S::InitError: fmt::Debug,
+        S::Response: Into<Response<B>> + 'static,
+        <S::Service as Service<Request>>::Future: 'static,
+
+        B: MessageBody + 'static,
+
+        X: ServiceFactory<Request, Config = (), Response = Request>,
+        X::Future: 'static,
+        X::Error: Into<Response<BoxBody>>,
+        X::InitError: fmt::Debug,
+
+        U: ServiceFactory<
+            (Request, Framed<TlsStream<TcpStream>, h1::Codec>),
+            Config = (),
+            Response = (),
+        >,
+        U::Future: 'static,
+        U::Error: fmt::Display + Into<Response<BoxBody>>,
+        U::InitError: fmt::Debug,
+    {
+        /// Create Rustls v0.23 based service.
+        pub fn rustls_0_23(
+            self,
+            config: ServerConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            self.rustls_0_23_with_config(config, TlsAcceptorConfig::default())
+        }
+
+        /// Create Rustls v0.23 based service with custom TLS acceptor configuration.
+        pub fn rustls_0_23_with_config(
+            self,
+            mut config: ServerConfig,
+            tls_acceptor_config: TlsAcceptorConfig,
+        ) -> impl ServiceFactory<
+            TcpStream,
+            Config = (),
+            Response = (),
+            Error = TlsError<io::Error, DispatchError>,
+            InitError = (),
+        > {
+            let mut protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
+            protos.extend_from_slice(&config.alpn_protocols);
+            config.alpn_protocols = protos;
+
+            let mut acceptor = Acceptor::new(config);
+
+            if let Some(handshake_timeout) = tls_acceptor_config.handshake_timeout {
+                acceptor.set_handshake_timeout(handshake_timeout);
+            }
+
+            acceptor
+                .map_init_err(|_| {
+                    unreachable!("TLS acceptor service factory does not error on init")
+                })
+                .map_err(TlsError::into_service_error)
+                .and_then(|io: TlsStream<TcpStream>| async {
+                    let proto = if let Some(protos) = io.get_ref().1.alpn_protocol() {
+                        if protos.windows(2).any(|window| window == b"h2") {
+                            Protocol::Http2
+                        } else {
+                            Protocol::Http1
+                        }
+                    } else {
+                        Protocol::Http1
+                    };
+                    let peer_addr = io.get_ref().0.peer_addr().ok();
+                    Ok((io, proto, peer_addr))
+                })
+                .and_then(self.map_err(TlsError::Service))
+        }
+    }
+}
+
 impl<T, S, B, X, U> ServiceFactory<(T, Protocol, Option<net::SocketAddr>)>
    for HttpService<T, S, B, X, U>
 where
@ -497,23 +775,23 @@ where
        let cfg = self.cfg.clone();

        Box::pin(async move {
-            let expect = expect
-                .await
-                .map_err(|e| error!("Init http expect service error: {:?}", e))?;
+            let expect = expect.await.map_err(|err| {
+                tracing::error!("Initialization of HTTP expect service error: {err:?}");
+            })?;

            let upgrade = match upgrade {
                Some(upgrade) => {
-                    let upgrade = upgrade
-                        .await
-                        .map_err(|e| error!("Init http upgrade service error: {:?}", e))?;
+                    let upgrade = upgrade.await.map_err(|err| {
+                        tracing::error!("Initialization of HTTP upgrade service error: {err:?}");
+                    })?;
                    Some(upgrade)
                }
                None => None,
            };

-            let service = service
-                .await
-                .map_err(|e| error!("Init http service error: {:?}", e))?;
+            let service = service.await.map_err(|err| {
+                tracing::error!("Initialization of HTTP service error: {err:?}");
+            })?;

            Ok(HttpServiceHandler::new(
                cfg,
@ -563,10 +841,7 @@ where
        }
    }

-    pub(super) fn _poll_ready(
-        &self,
-        cx: &mut Context<'_>,
-    ) -> Poll<Result<(), Response<BoxBody>>> {
+    pub(super) fn _poll_ready(&self, cx: &mut Context<'_>) -> Poll<Result<(), Response<BoxBody>>> {
        ready!(self.flow.expect.poll_ready(cx).map_err(Into::into))?;

        ready!(self.flow.service.poll_ready(cx).map_err(Into::into))?;
@ -625,10 +900,7 @@ where
        })
    }

-    fn call(
-        &self,
-        (io, proto, peer_addr): (T, Protocol, Option<net::SocketAddr>),
-    ) -> Self::Future {
+    fn call(&self, (io, proto, peer_addr): (T, Protocol, Option<net::SocketAddr>)) -> Self::Future {
        let conn_data = OnConnectData::from_io(&io, self.on_connect_ext.as_deref());

        match proto {
@ -638,7 +910,7 @@ where
                    handshake: Some((
                        crate::h2::handshake_with_timeout(io, &self.cfg),
                        self.cfg.clone(),
-                        self.flow.clone(),
+                        Rc::clone(&self.flow),
                        conn_data,
                        peer_addr,
                    )),
@ -654,7 +926,7 @@ where
                state: State::H1 {
                    dispatcher: h1::Dispatcher::new(
                        io,
-                        self.flow.clone(),
+                        Rc::clone(&self.flow),
                        self.cfg.clone(),
                        peer_addr,
                        conn_data,
--- a/actix-http/src/test.rs
+++ b/actix-http/src/test.rs
@ -159,8 +159,8 @@ impl TestBuffer {
    #[allow(dead_code)]
    pub(crate) fn clone(&self) -> Self {
        Self {
-            read_buf: self.read_buf.clone(),
-            write_buf: self.write_buf.clone(),
+            read_buf: Rc::clone(&self.read_buf),
+            write_buf: Rc::clone(&self.write_buf),
            err: self.err.clone(),
        }
    }
--- a/Show More
+++ b/Show More