Change

I propose that we add a new keyLog property to HttpClient with a signature like:

void keyLog=(
  void f(String line)?
)

This would allow users to log TLS keys for use with Wireshark and other analysis tools.

The approach was discussed in this code review

The non-breaking alternative would be to make keyLog an argument to the HttpClient constructor but that is not symmetrical with the HttpClient API (i.e. onBadCertificateCallback).

See related discussing on Add a new connectionFactory property to HttpClient.

Rationale

The HttpClient API already has multiple attributes that accept functions e.g.

void findProxy=(
  String f(Uri url)?)

void badCertificateCallback=(
  bool callback(
    X509Certificate cert,
    String host,
    int port
  )?
)

and implementing this as a constructor argument would be inconsistent with the rest of the API. Also, parameterizing all future functionality as constructor arguments does not seem scalable.

Impact

All classes that implements HttpClient (without extends Mock or equivalent noSuchMethod implementation) will need to be updated.

I suspect that there are not many implementations of HttpClient outside of mocks.

Mitigation

Users must implement the keyLog property.