diff options
| author | Michael Merickel <michael@merickel.org> | 2024-01-28 22:47:14 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-28 22:47:14 -0700 |
| commit | 8de7b1f2b5df9a9225c514b2cfc5e5e0919daac2 (patch) | |
| tree | 29c66d19e18b4293f4afece13d8afbf14d6819cf /CHANGES.rst | |
| parent | 55f9eb0bb0b72fe60ecde7529edbc27aceade187 (diff) | |
| parent | 3cd85f13c9d4ee2baacd0996694a749bd32cd29f (diff) | |
| download | pyramid-8de7b1f2b5df9a9225c514b2cfc5e5e0919daac2.tar.gz pyramid-8de7b1f2b5df9a9225c514b2cfc5e5e0919daac2.tar.bz2 pyramid-8de7b1f2b5df9a9225c514b2cfc5e5e0919daac2.zip | |
Merge pull request #3741 from Pylons/fix-authdebug-view
fix secured views to avoid being applied to exception views
Diffstat (limited to 'CHANGES.rst')
| -rw-r--r-- | CHANGES.rst | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/CHANGES.rst b/CHANGES.rst index b4a62f94e..cb82607cb 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -36,6 +36,14 @@ Bug Fixes Thanks to Masashi Yamane of LAC Co., Ltd for reporting this issue. +- Fix issues where permissions may be checked on exception views. This is not + supposed to happen in normal circumstances. + + This also prevents issues where a ``request.url`` fails to be decoded when + logging info when ``pyramid.debug_authorization`` is enabled. + + See https://github.com/Pylons/pyramid/pull/3741/files + Backward Incompatibilities -------------------------- |