| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-04-30 | restore the ``ICSRFStoragePolicy.check_csrf_token`` api | Michael Merickel | |
| 2017-04-29 | final cleanup of csrf decoupling in #2854 | Michael Merickel | |
| - Renamed `SessionCSRFStoragePolicy` to `LegacySessionCSRFStoragePolicy` for the version that uses the legacy `ISession.get_csrf_token` and `ISession.new_csrf_token` apis and set that as the default. - Added new `SessionCSRFStoragePolicy` that stores data in the session similar to how the `SessionAuthenticationPolicy` works. - `CookieCSRFStoragePolicy` did not properly return the newly generated token from `get_csrf_token` after calling `new_csrf_token`. It needed to cache the new value since the response callback does not affect the current request. - `CookieCSRFStoragePolicy` was not forwarding the `domain` value to the `CookieProfile` causing that setting to be ignored. - Removed `check_csrf_token` from the `ICSRFStoragePolicy` interface to simplify implementations of storage policies. - Added an introspectable item for the configured storage policy so that it appears on the debugtoolbar. - Added a change note on `ISession` that it no longer required the csrf methods. - Leave deprecated shims in ``pyramid.session`` for ``check_csrf_origin`` and ``check_csrf_token``. | |||
| 2017-04-26 | Move CSRF storage policy registration out of PHASE_1 config and simplify ↵ | Matthew Wilkes | |
| tests given previous improvements to CSRF. | |||
| 2017-04-26 | Apply drafting changes to documentation. | Matthew Wilkes | |
| 2017-04-12 | Use the webob CookieProfile in the Cookie implementation, rename some ↵ | Matthew Wilkes | |
| implemenations based on feedback, split CSRF implementation and option configuration and make the csrf token function exposed as a system default rather than a renderer event. | |||
| 2017-04-12 | Fix a bug where people that didn't configure CSRF protection but did ↵ | Matthew Wilkes | |
| configure a session and set explicit checks would see an exception | |||
| 2017-04-12 | Rename implementation to ICSRFStoragePolicy | Matthew Wilkes | |
| 2017-04-12 | add to contributors list | Jure Cerjak | |
| 2017-04-12 | Fix tests and documentation in various places, and feedback following review | Jure Cerjak | |
| regarding naming of variables and code cleanup. | |||
| 2017-04-12 | Create a new ICSRF implementation for getting CSRF tokens, split out from ↵ | Matthew Wilkes | |
| the session machinery. Adds configuration of this to the csrf_options configurator commands. Make the default implementation a fallback to the old one. Documentation patches for new best practices given updates CSRF implementation. | |||
| 2017-04-10 | Merge pull request #2993 from stevepiercy/master | Michael Merickel | |
| add execution policy to pyramid request processing diagrams | |||
| 2017-04-10 | add execution policy to pyramid request processing diagrams | Steve Piercy | |
| 2017-04-08 | Merge pull request #2990 from stevepiercy/master | Steve Piercy | |
| grammar fix | |||
| 2017-04-08 | grammar fix | Steve Piercy | |
| 2017-04-02 | Merge pull request #2989 from mmerickel/threadlocal-include | Michael Merickel | |
| push threadlocals while executing config.include functions | |||
| 2017-04-02 | add changelog for #2989 | Michael Merickel | |
| 2017-04-02 | push the threadlocal registry while config.include executes | Michael Merickel | |
| 2017-04-02 | add a failing test checking whether the threadlocal registry is active ↵ | Michael Merickel | |
| during config.include | |||
| 2017-03-29 | Merge pull request #2984 from mmerickel/pserve-open-url | Michael Merickel | |
| pserve open_url config setting | |||
| 2017-03-28 | changelog for #2984 | Michael Merickel | |
| 2017-03-28 | support opening the browser via pserve.open_url config setting | Michael Merickel | |
| 2017-03-28 | require "open_url" setting in order to know what browser to open | Michael Merickel | |
| Parsing the port from the server section could be brought back but it would be a fallback that depends on finding a "port" variable in the [server:server_name] section of the config. | |||
| 2017-03-28 | depend on python_requires in pip 9+ to check runtime versions | Michael Merickel | |
| - The python_requires checks work when installing a wheel as well, which these checks did not affect. | |||
| 2017-03-28 | add python_requires metadata | Michael Merickel | |
| 2017-03-14 | Merge pull request #2981 from stevepiercy/master | Steve Piercy | |
| add Mako to options for pyramid-cookiecutter-starter | |||
| 2017-03-14 | add Mako to options for pyramid-cookiecutter-starter | Steve Piercy | |
| 2017-03-12 | update twitter handle | Steve Piercy | |
| 2017-03-10 | Merge pull request #2978 from stevepiercy/master | Steve Piercy | |
| add wikipedia to releasing | |||
| 2017-03-10 | add wikipedia to releasing | Steve Piercy | |
| 2017-03-10 | Merge pull request #2976 from stevepiercy/master | Steve Piercy | |
| add Chameleon as option to pyramid-cookiecutter-starter | |||
| 2017-03-10 | add Chameleon as option to pyramid-cookiecutter-starter | Steve Piercy | |
| 2017-03-05 | add changelog for #2962 | Michael Merickel | |
| 2017-03-05 | Merge pull request #2962 from Natim/2961-hupper-call-broken | Michael Merickel | |
| Pserve --reload does not keep worker arguments. Fixes #2961 | |||
| 2017-03-03 | changelog for #2967 | Michael Merickel | |
| 2017-03-03 | Merge pull request #2967 from Cykooz/fix.memory-leaks | Michael Merickel | |
| Fixed several reference cycles to prevent memory leaks. | |||
| 2017-03-03 | @mmerickel review. | Rémy HUBSCHER | |
| 2017-03-02 | Reverted useless changes in tests. | Kirill Kuzminykh | |
| 2017-03-02 | Reverted couple useless fixes of memory leaks. | Kirill Kuzminykh | |
| 2017-03-01 | Merge pull request #2969 from stevepiercy/master | Steve Piercy | |
| use correct directory name for cookiecutter generated README.txt | |||
| 2017-03-01 | use correct directory name for cookiecutter generated README.txt | Steve Piercy | |
| (cherry picked from commit 40dd034) Refs: https://github.com/Pylons/pyramid-cookiecutter-starter/pull/22 | |||
| 2017-03-01 | The memory leaks test skipped for platform 'pypy'. | Kirill Kuzminykh | |
| 2017-03-01 | Added a new contributor into the CONTRIBUTORS.txt | Kirill Kuzminykh | |
| 2017-03-01 | Fixed several reference cycles to prevent memory leaks. Added simple test ↵ | Kirill Kuzminykh | |
| for detect memory leaks after application closing. | |||
| 2017-02-28 | cache pip wheels in travis builds | Michael Merickel | |
| 2017-02-28 | Merge pull request #2965 from stevepiercy/master | Steve Piercy | |
| update pyramid-cookiecutter-starter prompts and reformat presentation… | |||
| 2017-02-28 | add changelog for #2964 | Michael Merickel | |
| 2017-02-28 | Merge pull request #2964 from mmerickel/execution-policy | Michael Merickel | |
| add an IExecutionPolicy | |||
| 2017-02-28 | update pyramid-cookiecutter-starter prompts and reformat presentation of all ↵ | Steve Piercy | |
| cookiecutter prompts | |||
| 2017-02-27 | Rewrite test without mock. | Rémy HUBSCHER | |
| 2017-02-25 | Merge pull request #4 from bertjwregeer/execution-policy | Michael Merickel | |
| Add newline to make docs happy | |||
 |
index : pyramid | |
| Pyramid web framework (fork of https://github.com/Pylons/pyramid). | Daniel |
| summaryrefslogtreecommitdiff |