diff options
Diffstat (limited to 'TODO.txt')
| -rw-r--r-- | TODO.txt | 13 |
1 files changed, 8 insertions, 5 deletions
@@ -47,11 +47,9 @@ Nice-to-Have the templates chapter and elsewhere. Scan the documentation for reference to a renderer as *only* view configuration (it's a larger concept now). -- Add better docs about what-to-do-when-behind-a-proxy: paste.urlmap ("/foo = +- Add better docs about what-to-do-when-behind-a-proxy: rutter ("/foo = app1" and "domain app1.localhost = app1"), ProxyPreserveHost and the nginx - equivalent, preserving HTTPS URLs. - -- Alias the stupid long default session factory name. + proxy_params, preserving HTTPS URLs. - Debug option to print view matching decision (e.g. debug_viewlookup or so). @@ -125,7 +123,10 @@ Future - 1.7: Change ``pyramid.authentication.AuthTktAuthenticationPolicy`` default ``hashalg`` to ``sha512``. -- 1.8 Remove set_request_property. +- 1.8: Remove set_request_property. + +- 1.9: Remove extra code enabling ``pyramid.security.remember(principal=...)`` + and force use of ``userid``. Probably Bad Ideas ------------------ @@ -160,3 +161,5 @@ Probably Bad Ideas - _fix_registry should dictify the registry being fixed. +- Apply a prefix to the userid principal to avoid poisoning the principal + namespace. See https://github.com/Pylons/pyramid/issues/2060 |