Overview Repositories Revisions Requests Users Attributes Meta

python-mohawk

Edit Package python-mohawk
No description set
  • Developed at devel:languages:python
  • Sources inherited from project openSUSE:Factory
  • 2 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory:Rebuild/python-mohawk && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
mohawk-1.0.0.tar.gz 0000017593 17.2 KB
python-mohawk.changes 0000001604 1.57 KB
python-mohawk.spec 0000001877 1.83 KB
Revision 3 (latest revision is 8)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 664544 from Antoine Belvire's avatar Antoine Belvire (1Antoine1) (revision 3) 
- Update to version 1.0.0:
  * Security related: Bewit MACs were not compared in constant time
    and were thus possibly circumventable by an attacker.
  * Breaking change: Escape characters in header values (such as a
    back slash) are no longer allowed, potentially breaking clients
    that depended on this behavior.
  * A sender is allowed to omit the content hash as long as their
    request has no content. The `mohawk.Receiver` will skip the
    content hash check in this situation, regardless of the value
    of accept_untrusted_content.
  * Introduced max limit of 4096 characters in the Authorization
    header.
  * Changed default values of content and content_type arguments to
    `mohawk.base.EmptyValue` in order to differentiate between
    misconfiguration and cases where these arguments are explicitly
    given as None (as with some web frameworks).
  * Failing to pass content and content_type arguments to
    `mohawk.Receiver` or `mohawk.Sender.accept_response` without
    specifying accept_untrusted_content=True will now raise
    `mohawk.exc.MissingContent` instead of `ValueError`.
Comments 0
openSUSE Build Service is sponsored by
Places