summaryrefslogtreecommitdiff
path: root/docs/api
AgeCommit message (Collapse)Author
2019-12-15Four spaces of indentation.Theron Luhn
2019-12-14Update docs.Theron Luhn
2019-12-14start reworking security policyÉric Araujo
2019-10-17add ISecurityPolicy to the public interface apiMichael Merickel
2019-10-02define an IPredicateInfo instead of passing the full configurator to predicatesMichael Merickel
2019-09-30Merge pull request #3465 from luhn/security-policyMichael Merickel
Security policy implementation
2019-07-13Improve authn/authz API docs.Theron Luhn
2019-06-23Deprecation notices.Theron Luhn
2019-06-23Make sure Configator.set_security_policy is in docs.Theron Luhn
2019-05-26API docs.Theron Luhn
2019-04-01Fix docs build.Theron Luhn
2019-01-05stop overriding request.json_body from webobMichael Merickel
2018-11-26Merge pull request #3421 from mmerickel/drop-py2Michael Merickel
remove py2 from the codebase
2018-11-21Keep the localizer property from showing up twice in the docsKarl O. Pinc
2018-11-18Remove `docs/api/compat.rst`. The remaining items were moved into ↵Steve Piercy
`pyramid.util`, but we don't want to document anything in that module.
2018-11-17Remove long type (should have been removed with other type aliases)Steve Piercy
2018-11-17Remove native_, rename ascii_native_ to ascii_Steve Piercy
2018-11-17Remove urllib.parse shimsSteve Piercy
2018-11-17Remove is_nonstr_iterSteve Piercy
2018-11-17Remove reraiseSteve Piercy
2018-11-17Remove SimpleCookie and escape shimsSteve Piercy
2018-11-17Remove iter*, configparser, input_, map_Steve Piercy
2018-11-17Remove pickle and exec aliasesSteve Piercy
2018-11-17Remove *_types per b1a257bacc1c4ac2c1401ed02c51d9c6c03685d2Steve Piercy
- Remove Python 2 items, and remove explicit mention of Python 3.
2018-11-03change to use JSONSerializer for SignedCookieSessionFactoryMichael Merickel
2018-11-01remove deprecated security functionsMichael Merickel
2018-10-31remove docs/api/scaffolds.rstMichael Merickel
2018-10-15add route_prefix_context to api docsMichael Merickel
2018-10-15fix whatsnew syntaxMichael Merickel
2018-10-03remove deprecated set_request_propertyMichael Merickel
2018-09-16deprecate signed_serialize and signed_deserializeMichael Merickel
2018-09-16deprecate pickleable sessions, recommend jsonMichael Merickel
2018-08-18Clean up code-blocks in requestSteve Piercy
2018-06-11Add httpexception for status code 308Jason Williams
2017-06-18Merge branch 'master' into pr/3034Michael Merickel
2017-06-18configure resource_url to use the same logicMichael Merickel
2017-06-14fix p.security.ACLPermitsResult to subclass p.security.PermitsResultMichael Merickel
The ``IAuthorizationPolicy`` is expected to return an instance of ``PermitsResult`` and the ``ACLPermitsResult`` now subclasses this to form a consistent class hierarchy. Similarly the ``ACLDenied`` subclasses ``Denied`` and ``ACLAllowed`` subclasses ``Allowed`` for consistency.
2017-04-30Merge pull request #2985 from mmerickel/plasterMichael Merickel
migrate pyramid to use plaster
2017-04-29final cleanup of csrf decoupling in #2854Michael Merickel
- Renamed `SessionCSRFStoragePolicy` to `LegacySessionCSRFStoragePolicy` for the version that uses the legacy `ISession.get_csrf_token` and `ISession.new_csrf_token` apis and set that as the default. - Added new `SessionCSRFStoragePolicy` that stores data in the session similar to how the `SessionAuthenticationPolicy` works. - `CookieCSRFStoragePolicy` did not properly return the newly generated token from `get_csrf_token` after calling `new_csrf_token`. It needed to cache the new value since the response callback does not affect the current request. - `CookieCSRFStoragePolicy` was not forwarding the `domain` value to the `CookieProfile` causing that setting to be ignored. - Removed `check_csrf_token` from the `ICSRFStoragePolicy` interface to simplify implementations of storage policies. - Added an introspectable item for the configured storage policy so that it appears on the debugtoolbar. - Added a change note on `ISession` that it no longer required the csrf methods. - Leave deprecated shims in ``pyramid.session`` for ``check_csrf_origin`` and ``check_csrf_token``.
2017-04-12Use the webob CookieProfile in the Cookie implementation, rename some ↵Matthew Wilkes
implemenations based on feedback, split CSRF implementation and option configuration and make the csrf token function exposed as a system default rather than a renderer event.
2017-04-12Rename implementation to ICSRFStoragePolicyMatthew Wilkes
2017-04-12Fix tests and documentation in various places, and feedback following reviewJure Cerjak
regarding naming of variables and code cleanup.
2017-04-12Create a new ICSRF implementation for getting CSRF tokens, split out from ↵Matthew Wilkes
the session machinery. Adds configuration of this to the csrf_options configurator commands. Make the default implementation a fallback to the old one. Documentation patches for new best practices given updates CSRF implementation.
2017-03-29rewrite low-level pyramid config functions to use plasterMichael Merickel
2017-02-25add an IExecutionPolicy that can wrap the routerMichael Merickel
2016-12-24expose the new exception view apisMichael Merickel
2016-11-24comment out autodoc of TranslationString to get docs to build on Travis-CISteve Piercy
https://travis-ci.org/Pylons/pyramid/jobs/178536008#L406
2016-08-31rename the credentials classMichael Merickel
2016-08-10Add docs & explict testsDariusz Górecki
2016-05-15fix headings and sufficesSteve Piercy
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-19 13:33:47 +0000