Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
python-WebOb
python-WebOb.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python-WebOb.changes of Package python-WebOb
------------------------------------------------------------------- Mon Aug 19 04:47:58 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com> - Add patch CVE-2024-42353-url-redirection.patch: * The use of WebOb's Response object to redirect a request to a new location can lead to an open redirect if the Location header is not a full URI. (bsc#1229221, CVE-2024-42353) ------------------------------------------------------------------- Fri Feb 23 19:55:17 UTC 2018 - tbechtold@suse.com - Drop not needed python-pytest-cov BuildRequires ------------------------------------------------------------------- Fri Feb 23 13:57:18 UTC 2018 - tbechtold@suse.com - update to 1.7.4: - Add support for `wsgi.input_terminated` in the wsgi environ to allow for Chunked Encoding to be used with WebOb ------------------------------------------------------------------- Thu Jul 6 14:34:02 UTC 2017 - tbechtold@suse.com - update to 1.7.3: - Request.host_url, Request.host_port and Request.domain now all understand and know how to parse IPv6 Host headers sent by browsers. See https://github.com/Pylons/webob/pull/332 ------------------------------------------------------------------- Fri May 5 21:53:49 UTC 2017 - toddrme2178@gmail.com - Fix Provides/Obsoletes. ------------------------------------------------------------------- Tue Apr 4 12:47:31 UTC 2017 - tbechtold@suse.com - update to 1.7.2: - Allow unnamed fields in form data to be properly transcoded when calling request.decode with an alternate encoding. See https://github.com/Pylons/webob/pull/309 - Switch to singlespec approach ------------------------------------------------------------------- Fri Feb 10 16:14:42 UTC 2017 - tbechtold@suse.com - update to 1.7.1: - ``Response.__init__`` would discard ``app_iter`` when a ``Response`` had no body, this would cause issues when ``app_iter`` was an object that was tied to the life-cycle of a web application and had to be properly closed. ``app_iter`` is more advanced API for ``Response`` and thus even if it contains a body and is thus against the HTTP RFC's, we should let the users shoot themselves by returning a body. See https://github.com/Pylons/webob/issues/305 - WebOb is no longer supported on Python 2.6 and PyPy3 (due to pip no longer supporting Python 3.2 even on PyPy) - ``Response.content_type`` removes all existing Content-Type parameters, and if the new Content-Type is "texty" it adds a new charset (unless already provided) using the ``default_charset``. See https://github.com/Pylons/webob/pull/301 - ``Response.set_cookie`` no longer accepts a key argument. This was deprecated in WebOb 1.5 and as mentioned in the deprecation, is being removed in 1.7 - ``Response.__init__`` will no longer set the default Content-Type, nor Content-Length on Responses that don't have a body. This allows WebOb to return proper responses for things like `Response(status='204 No Content')`. - ``Response.text`` will no longer raise if the Content-Type does not have a charset, it will fall back to using the new ``default_body_encoding`. To get the old behaviour back please sub-class ``Response`` and set ``default_body_encoding`` to ``None``. See https://github.com/Pylons/webob/pull/287 - WebOb no longer supports Chunked Encoding, this means that if you are using WebOb and need Chunked Encoding you will be required to have a proxy that unchunks the request for you. Please read https://github.com/Pylons/webob/issues/279 for more background. - ``Response`` has a new ``default_body_encoding`` which may be used to allow getting/setting ``Response.text`` when a Content-Type has no charset. See https://github.com/Pylons/webob/pull/287 - ``webob.Request`` with any HTTP method is now allowed to have a body. This allows DELETE to have a request body for passing extra information. See https://github.com/Pylons/webob/pull/283 and https://github.com/Pylons/webob/pull/274 - Add ``tell()`` to ``ResponseBodyFile`` so that it may be used for example for zipfile support. See https://github.com/Pylons/webob/pull/117 - Allow the return from ``wsgify.middleware`` to be used as a decorator. See https://github.com/Pylons/webob/pull/228 - Fixup ``cgi.FieldStorage`` on Python 3.x to work-around issue reported in Python bug report 27777 and 24764. This is currently applied for Python versions less than 3.7. See https://github.com/Pylons/webob/pull/294 and https://github.com/Pylons/webob/pull/300 - ``Response.set_cookie`` now accepts ``datetime`` objects for the ``expires`` kwarg and will correctly convert them to UTC with no tzinfo for use in calculating the ``max_age``. See https://github.com/Pylons/webob/issues/254 and https://github.com/Pylons/webob/pull/292 - Fixes ``request.PATH_SAFE`` to contain all of the path safe characters according to RFC3986. See https://github.com/Pylons/webob/pull/291 - WebOb's exceptions will lazily read underlying variables when inserted into templates to avoid expensive computations/crashes when inserting into the template. This had a bad performance regression on Py27 because of the way the lazified class was created and returned. See https://github.com/Pylons/webob/pull/284 - ``wsgify.__call__`` raised a ``TypeError`` with an unhelpful message, it will now return the ``repr`` for the wrapped function: https://github.com/Pylons/webob/issues/119 - ``Response.json``'s ``json.dumps``/``json.loads`` are now always UTF-8. It no longer tries to use the charset. - The ``Response.__init__`` will by default no longer set the Content-Type to the default if a ``headerlist`` is provided. This fixes issues whereby ``Request.get_response()`` would return a Response that didn't match the actual response. See https://github.com/Pylons/webob/pull/261 and https://github.com/Pylons/webob/issues/205 - Cleans up the remainder of the issues with the updated WebOb exceptions that were taught to return JSON in version 1.6. See https://github.com/Pylons/webob/issues/237 and https://github.com/Pylons/webob/issues/236 - ``Response.from_file`` now parses the status line correctly when the status line contains an HTTP with version, as well as a status text that contains multiple white spaces (e.g HTTP/1.1 404 Not Found). See https://github.com/Pylons/webob/issues/250 - ``Response`` now has a new property named ``has_body`` that may be used to interrogate the ``Response`` to find out if ``Response.body`` is or isn't set. This is used in the exception handling code so that if you use a WebOb HTTP Exception and pass a generator to ``app_iter`` WebOb won't attempt to read the whole thing and instead allows it to be returned to the WSGI server. See https://github.com/Pylons/webob/pull/259 ------------------------------------------------------------------- Sat Oct 15 09:37:15 UTC 2016 - dmueller@suse.com - update to 1.6.2: * WebOb's exceptions will lazily read underlying variables when inserted into templates to avoid expensive computations/crashes when inserting into the template. This had a bad performance regression on Py27 because of the way the lazified class was created and returned. See https://github.com/Pylons/webob/pull/284 ------------------------------------------------------------------- Mon Jun 6 12:55:50 UTC 2016 - dmueller@suse.com - fix download url ------------------------------------------------------------------- Fri Jun 3 16:30:52 UTC 2016 - tbechtold@suse.com - update to 1.6.1: - Response.from_file now parses the status line correctly when the status line contains an HTTP with version, as well as a status text that contains multiple white spaces (e.g 404 Not Found). See https://github.com/Pylons/webob/issues/250 - Python 3.2 is no longer supported by WebOb - Request.decode attempted to read from the an already consumed stream, it has now been redirected to another stream to read from. See https://github.com/Pylons/webob/pull/183 - The application/json media type does not allow for a charset as discovery of the encoding is done at the JSON layer. Upon initialization of a Response WebOb will no longer add a charset if the content-type is set to JSON. See https://github.com/Pylons/webob/pull/197 and https://github.com/Pylons/pyramid/issues/1611 - Lazily HTML escapes environment keys in HTTP Exceptions so that those keys in the environ that are not used in the output of the page don't raise an exception due to inability to be properly escaped. See https://github.com/Pylons/webob/pull/139 - MIMEAccept now accepts comparisons against wildcards, this allows one to match on just the media type or sub-type, without having to explicitly match on both the media type and sub-type at the same time. See https://github.com/Pylons/webob/pull/185 - Add the ability to return a JSON body from an exception. Using the Accept information in the request, the exceptions will now automatically return a JSON version of the exception instead of just HTML or text. See https://github.com/Pylons/webob/pull/230 and https://github.com/Pylons/webob/issues/209 - exc._HTTPMove and any subclasses will now raise a ValueError if the location field contains a line feed or carriage return. These values may lead to possible HTTP Response Splitting. The header_getter descriptor has also been modified to no longer accept headers with a line feed or carriage return. See: https://github.com/Pylons/webob/pull/229 and https://github.com/Pylons/webob/issues/217 ------------------------------------------------------------------- Mon Dec 14 14:38:13 UTC 2015 - aplanas@suse.com - updateto version 1.5.1: * (Bug Fixes) The exceptions HTTPNotAcceptable, HTTPUnsupportedMediaType and HTTPNotImplemented will now correctly use the sub-classed template rather than the default error template. See https://github.com/Pylons/webob/issues/221 * (Bug Fixes) Response’s from_file now correctly deals with a status line that contains an HTTP version identifier. HTTP/1.1 200 OK is now correctly parsed, whereas before this would raise an error upon setting the Response.status in from_file. See https://github.com/Pylons/webob/issues/121 - 1.5.0 * (Bug Fixes) The cookie API functions will now make sure that max_age is an integer or an string that can convert to an integer. Previously passing in max_age=’test’ would have silently done the wrong thing. - 1.5.0b0 * (Bug Fixes) Unbreak req.POST when the request method is PATCH. Instead of returning something cmpletely unrelated we return NoVar. See: https://github.com/Pylons/webob/pull/215 * (Features) HTTP Status Code 308 is now supported as a Permanent Redirect. See https://github.com/Pylons/webob/pull/207 - 1.5.0a1 * (Backwards Incompatibilities) Response.set_cookie renamed the only required parameter from “key” to “name”. The code will now still accept “key” as a keyword argument, and will issue a DeprecationWarning until WebOb 1.7. * (Backwards Incompatibilities) The status attribute of a Response object no longer takes a string like None None and allows that to be set as the status. It now has to at least match the pattern of <integer status code> <explenation of status code>. Invalid status strings will now raise a ValueError. - 1.5.0a0 * (Backwards Incompatibilities) Morsel will no longer accept a cookie value that does not meet RFC6265’s cookie-octet specification. Upon calling Morsel.serialize a warning will be issued, in the future this will raise a ValueError, please update your cookie handling code. See https://github.com/Pylons/webob/pull/172 * (Backwards Incompatibilities) Response.set_cookie now uses the internal make_cookie API, which will issue warnings if cookies are set with invalid bytes. See https://github.com/Pylons/webob/pull/172 * (Features) Add support for some new caching headers, stale-while-revalidate and stale-if-error that can be used by reverse proxies to cache stale responses temporarily if the backend disappears. From RFC5861. See https://github.com/Pylons/webob/pull/189 * (Bug Fixes) Response.status now uses duck-typing for integers, and has also learned to raise a ValueError if the status isn’t an integer followed by a space, and then the reason. See https://github.com/Pylons/webob/pull/191 * (Bug Fixes) Fixed a bug in webob.multidict.GetDict which resulted in the QUERY_STRING not being updated when changes were made to query params using Request.GET.extend(). * (Bug Fixes) Read the body of a request if we think it might have a body. This fixes PATCH to support bodies. See https://github.com/Pylons/webob/pull/184 * (Bug Fixes) Response.from_file returns HTTP headers as latin1 rather than UTF-8, this fixes the usage on Google AppEngine. See https://github.com/Pylons/webob/issues/99 and https://github.com/Pylons/webob/pull/150 * (Bug Fixes) Fix a bug in parsing the auth parameters that contained bad white space. This makes the parsing fall in line with what’s required in RFC7235. See https://github.com/Pylons/webob/issues/158 * (Bug Fixes) Use ‘rn’ line endings in Response.__str__. See: https://github.com/Pylons/webob/pull/146 * (Documentation Changes) response.set_cookie now has proper documentation for max_age and expires. The code has also been refactored to use cookies.make_cookie instead of duplicating the code. This fixes https://github.com/Pylons/webob/issues/166 and https://github.com/Pylons/webob/issues/171 * (Documentation Changes) Documentation didn’t match the actual code for the wsgify function signature. See https://github.com/Pylons/webob/pull/167 * (Documentation Changes) Remove the WebDAV only from certain HTTP Exceptions, these exceptions may also be used by REST services for example. ------------------------------------------------------------------- Mon Sep 15 05:01:59 UTC 2014 - tbechtold@suse.com - update to version 1.4: * Remove ``webob.__version__``, the version number had not been kept in sync with the official pkg version. To obtain the WebOb version number, use ``pkg_resources.get_distribution('webob').version`` instead. * Fix a bug in ``EmptyResponse`` that prevents it from setting self.close as appropriate due to testing truthiness of object rather than if it is something other than ``None``. * Fix a bug in ``SignedSerializer`` preventing secrets from containing higher-order characters. See https://github.com/Pylons/webob/issues/136 * Use the ``hmac.compare_digest`` method when available for constant-time comparisons. * Fix a bug in ``SignedCookieProfile`` whereby we didn't keep the original serializer around, this would cause us to have ``SignedSerializer`` be added on top of a ``SignedSerializer`` which would cause it to be run twice when attempting to verify a cookie. See https://github.com/Pylons/webob/pull/127 * Backwards Incompatible change: When ``CookieProfile.get_value`` and ``SignedCookieProfile.get_value`` fails to deserialize a badly encoded value, we now return ``None`` as if the cookie was never set in the first place instead of allowing a ``ValueError`` to be raised to the calling code. See https://github.com/Pylons/webob/pull/126 * Added a read-only ``domain`` property to ``BaseRequest``. This property returns the domain portion of the host value. For example, if the environment contains an ``HTTP_HOST`` value of ``foo.example.com:8000``, ``request.domain`` will return ``foo.example.com``. * Added five new APIs: ``webob.cookies.CookieProfile``, ``webob.cookies.SignedCookieProfile``, ``webob.cookies.JSONSerializer`` and ``webob.cookies.SignedSerializer``, and ``webob.cookies.make_cookie``. These APIs are convenience APIs for generating and parsing cookie headers as well as dealing with signing cookies. * Cookies generated via webob.cookies quoted characters in cookie values that did not need to be quoted per RFC 6265. The following characters are no longer quoted in cookie values: ``~/=<>()[]{}?@`` . The full set of non-letter-or-digit unquoted cookie value characters is now ``!#$%&'*+-.^_`|~/: =<>()[]{}?@``. See http://tools.ietf.org/html/rfc6265#section-4.1.1 for more information. * Cookie names are now restricted to the set of characters expected by RFC 6265. Previously they could contain unsupported characters such as ``/``. * Older versions of Webob escaped the doublequote to ``\"`` and the backslash to ``\\`` when quoting cookie values. Now, instead, cookie serialization generates ``\042`` for the doublequote and ``\134`` for the backslash. This is what is expected as per RFC 6265. Note that old cookie values that do have the older style quoting in them will still be unquoted correctly, however. * Added support for draft status code 451 ("Unavailable for Legal Reasons"). See http://tools.ietf.org/html/draft-tbray-http-legally-restricted-status-00 * Added status codes 428, 429, 431 and 511 to ``util.status_reasons`` (they were already present in a previous release as ``webob.exc`` exceptions). * MIMEAccept happily parsed malformed wildcard strings like "image/pn*" at parse time, but then threw an AssertionError during matching. See https://github.com/Pylons/webob/pull/83 . * Preserve document ordering of GET and POST request data when POST data passed to Request.blank is a MultiDict. See https://github.com/Pylons/webob/pull/96 * Allow query strings attached to PATCH requests to populate request.params. See https://github.com/Pylons/webob/pull/106 * Added Python 3.3 trove classifier. ------------------------------------------------------------------- Tue Feb 18 13:36:45 CET 2014 - ro@suse.de - added license.txt as doc file ------------------------------------------------------------------- Thu Oct 24 11:17:02 UTC 2013 - speilicke@suse.com - Require python-setuptools instead of distribute (upstreams merged) ------------------------------------------------------------------- Wed Mar 27 13:26:48 UTC 2013 - speilicke@suse.com - BuildRequire python (for ssl module) and drop pyOpenSSL ------------------------------------------------------------------- Mon Jan 14 15:12:52 UTC 2013 - saschpe@suse.de - (Build)Require python-pyOpenSSL instead of M2Crypto (to get the ssl Python base module) ------------------------------------------------------------------- Fri Nov 23 09:45:17 UTC 2012 - saschpe@suse.de - Add dependency on python-M2Crypto, otherwise you won't get HTTPS ------------------------------------------------------------------- Thu Nov 22 15:05:11 UTC 2012 - saschpe@suse.de - Update to version 1.2.3: + Fix parsing of form submissions where fields have transfer-content-encoding headers. - Build HTML documentation - Run testsuite - Split of doc package ------------------------------------------------------------------- Sat Sep 22 18:48:34 UTC 2012 - os-dev@jacraig.com - Update to 1.2.2: * Fix multiple calls to ``cache_expires()`` not fully overriding the previously set headers. * Fix parsing of form submissions where fields have different encodings. - Many changes between versions 1.1.1 and 1.2.1. Please see docs/news.txt for full details. Major changes include support for only Python 3.2, 2.7, 2.6. - Removed dependency on python-Tempita and python-wsgiproxy: these are only used in example code in the documentation and not actual runtime reqs. - Removed dependency on python-nose: it is only needed to run tests. - Removed dependency on python-WebTest: it was removed as a testing requirement in 1.2a1. ------------------------------------------------------------------- Mon Nov 28 15:23:37 UTC 2011 - prusnak@opensuse.org - spec cleanup ------------------------------------------------------------------- Fri Sep 23 13:36:54 UTC 2011 - saschpe@suse.de - Update to version 1.1.1: * Fix disconnect detection being incorrect in some cases * Fix exception when calling .accept.best_match(..) on a header containing '*' (instead of '*/*') * Split Accept class into appropriate subclasses (AcceptCharset, AcceptLanguage) * Improve language matching code so that 'en' in AcceptLanguage('en-gb') (the app can now offer a generic 'en' and it will match any of the accepted dialects) and 'en_GB' in AcceptLanguage('en-gb') (normalization of the dash/underscode in language names). * Deprecate req.etag.weak_match(..) * Deprecate Response.request and Response.environ attrs. ------------------------------------------------------------------- Thu Sep 1 10:07:58 UTC 2011 - saschpe@suse.de - Initial version
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor