| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2011-01-12 | improved AuthDigestMiddleware doc string | Helmut Grohne | |
| 2011-01-12 | scgi.asynchronous catches more errors now | Helmut Grohne | |
| This addresses a disputed denial of service condition described in http://bugs.python.org/issue6706. Note that wsgitools is not hit as hard as pyftplib. | |||
| 2011-01-12 | bug fix for StaticContent and CachingMiddleware | Helmut Grohne | |
| PEP333 says that the headers list passed to start_response may be modified by servers or middlewares. In fact this happens in DigestAuthMiddleware. The StaticContent and CachingMiddleware classes did not take this into account and returned the same headers list multiple times which is wrong and can lead to denial of service. | |||
| 2010-09-04 | added note about ContentLengthMiddleware's wsgi conformance | Helmut Grohne | |
| 2010-09-04 | CachingMiddleware: automatic cache pruning implemented | Helmut Grohne | |
| 2010-09-04 | middlewares.CachingMiddleware: include request method in key | Helmut Grohne | |
| 2010-09-02 | improved digest documentation | Helmut Grohne | |
| 2010-08-31 | bugfix: io module from py2.6 provides incompatible StringIO | Helmut Grohne | |
| 2010-06-04 | flush log file in RequestLogWSGIFilter by default | Helmut Grohne | |
| 2010-05-29 | security fix: filters.RequestLogWSGIFilter must escape strings | Helmut Grohne | |
| 2010-05-25 | bugfix: endless loop for closed connection in scgi.forkpool | Helmut Grohne | |
| 2010-01-31 | fix shared default argument to parse_digest_response | Helmut Grohne | |
| 2009-10-25 | observed SocketFileWrapper bug fixed | Helmut Grohne | |
| 2009-10-25 | more SocketFileWrapper (forkpool) bugs | Helmut Grohne | |
| 2009-10-25 | SocketFileWrapper from forkpool contained more bugs | Helmut Grohne | |
| 2009-10-25 | socket.socket.recv requires a parameter | Helmut Grohne | |
| 2009-10-25 | extended application.StaticContent | Helmut Grohne | |
| It gained the capability to server content to unknown methods. For a backwards-compatible API this has to be enabled by an optional boolean. | |||
| 2009-08-25 | added enable_sighandler for scgi.forkpool | Helmut Grohne | |
| 2009-07-04 | two new digest doctests | Helmut Grohne | |
| 2009-07-04 | more docstring/epydoc improvements | Helmut Grohne | |
| 2009-06-24 | fixed an epydoc comment in digest | Helmut Grohne | |
| 2009-06-24 | added doctest for DBAPI2NonceStore | Helmut Grohne | |
| 2009-06-24 | added dbapi2 (sql) backed noncestore! yeah :-) | Helmut Grohne | |
| 2009-06-24 | except ImportError in filters on imports | Helmut Grohne | |
| 2009-06-24 | documented potential overflow in digest | Helmut Grohne | |
| 2009-06-24 | auth_response should not return ValueError in digest | Helmut Grohne | |
| 2009-06-24 | fixed RequestLogMiddleware to work at all | Helmut Grohne | |
| 2009-06-23 | made RequestLogWSGIFilter define attrs in __init__ | Helmut Grohne | |
| 2009-03-29 | improve digest module (killed isnonce method) | Helmut Grohne | |
| Prior to this change the digest module would check whether a nonce looks like a nonce, verify the response and then verify the nonce. This left a bit more room for brute forcing passwords, as the same nonce could be used in arbitrary many tries and a stale response would indicate an authentication success. Now authentication is only tried for valid nonces. This also makes the NonceStoreBase.isnonce method superfluous. | |||
| 2009-03-29 | get rid of old builtin long | Helmut Grohne | |
| Even Py2.4 can handle large parameters to int, so long is not needed. | |||
| 2009-03-29 | quite some changes for py3 | Helmut Grohne | |
| These changes introduce some compatibility code. They don't make wsgitools usable with Python 3.0, but they also don't break compatibility with Python 2.5. | |||
| 2009-03-29 | make digest.gen_rand_str forward compatible (py3) | Helmut Grohne | |
| 2009-02-27 | except binascii.Error instead of Exception in middlewares | Helmut Grohne | |
| 2009-02-27 | extract common code to gen_rand_str in digest | Helmut Grohne | |
| 2009-02-27 | added more doctests for digest module | Helmut Grohne | |
| 2009-02-27 | fixed bug in digest.MemoryNonceStore.checknonce | Helmut Grohne | |
| 2009-02-26 | made scgi.forkpool wsgi compliant in handling exc_info | Helmut Grohne | |
| 2009-02-01 | wsgi compliance: scgi.asynchronous no longer holds data | Helmut Grohne | |
| 2009-02-01 | added config parameter (for environ) to scgi.forkpool | Helmut Grohne | |
| 2009-02-01 | added config parameter (for environ) to scgi.asynchronous | Helmut Grohne | |
| 2009-01-31 | GzipWSGIFilter removes Content-length header if compressing | Helmut Grohne | |
| 2009-01-31 | StaticFile uses wsgi.file_wrapper from environ if possible | Helmut Grohne | |
| 2008-10-14 | added some kind of main documentation | Helmut Grohne | |
| 2008-10-14 | update docstring: DigestAuth now partly works with forkpool | Helmut Grohne | |
| 2008-10-14 | small digest cleanup | Helmut Grohne | |
| 2008-10-14 | extended digest.NonceStoreBase interface | Helmut Grohne | |
| The methods now take an optional last parameter called ident. It can be used to bind nonces to specific uses within one NonceStore. | |||
| 2008-10-14 | added epydoc markup to doc strings | Helmut Grohne | |
| 2008-09-24 | RequestLogWSGIFilter can also log QUERY_STRING | Helmut Grohne | |
| 2008-09-22 | improve comments | Helmut Grohne | |
| 2008-09-22 | make limits in scgi.asynchronous configurable | Helmut Grohne | |
 |
index : ~helmut/wsgitools.git | |
| See http://subdivi.de/~helmut/wsgitools/ | Helmut Grohne |
| summaryrefslogtreecommitdiff |