| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-01-05 | stop overriding request.json_body from webob | Michael Merickel | |
| 2018-11-26 | Merge pull request #3421 from mmerickel/drop-py2 | Michael Merickel | |
| remove py2 from the codebase | |||
| 2018-11-21 | Keep the localizer property from showing up twice in the docs | Karl O. Pinc | |
| 2018-11-18 | Remove `docs/api/compat.rst`. The remaining items were moved into ↵ | Steve Piercy | |
| `pyramid.util`, but we don't want to document anything in that module. | |||
| 2018-11-17 | Remove long type (should have been removed with other type aliases) | Steve Piercy | |
| 2018-11-17 | Remove native_, rename ascii_native_ to ascii_ | Steve Piercy | |
| 2018-11-17 | Remove urllib.parse shims | Steve Piercy | |
| 2018-11-17 | Remove is_nonstr_iter | Steve Piercy | |
| 2018-11-17 | Remove reraise | Steve Piercy | |
| 2018-11-17 | Remove SimpleCookie and escape shims | Steve Piercy | |
| 2018-11-17 | Remove iter*, configparser, input_, map_ | Steve Piercy | |
| 2018-11-17 | Remove pickle and exec aliases | Steve Piercy | |
| 2018-11-17 | Remove *_types per b1a257bacc1c4ac2c1401ed02c51d9c6c03685d2 | Steve Piercy | |
| - Remove Python 2 items, and remove explicit mention of Python 3. | |||
| 2018-11-03 | change to use JSONSerializer for SignedCookieSessionFactory | Michael Merickel | |
| 2018-11-01 | remove deprecated security functions | Michael Merickel | |
| 2018-10-31 | remove docs/api/scaffolds.rst | Michael Merickel | |
| 2018-10-15 | add route_prefix_context to api docs | Michael Merickel | |
| 2018-10-15 | fix whatsnew syntax | Michael Merickel | |
| 2018-10-03 | remove deprecated set_request_property | Michael Merickel | |
| 2018-09-16 | deprecate signed_serialize and signed_deserialize | Michael Merickel | |
| 2018-09-16 | deprecate pickleable sessions, recommend json | Michael Merickel | |
| 2018-08-18 | Clean up code-blocks in request | Steve Piercy | |
| 2018-06-11 | Add httpexception for status code 308 | Jason Williams | |
| 2017-06-18 | Merge branch 'master' into pr/3034 | Michael Merickel | |
| 2017-06-18 | configure resource_url to use the same logic | Michael Merickel | |
| 2017-06-14 | fix p.security.ACLPermitsResult to subclass p.security.PermitsResult | Michael Merickel | |
| The ``IAuthorizationPolicy`` is expected to return an instance of ``PermitsResult`` and the ``ACLPermitsResult`` now subclasses this to form a consistent class hierarchy. Similarly the ``ACLDenied`` subclasses ``Denied`` and ``ACLAllowed`` subclasses ``Allowed`` for consistency. | |||
| 2017-04-30 | Merge pull request #2985 from mmerickel/plaster | Michael Merickel | |
| migrate pyramid to use plaster | |||
| 2017-04-29 | final cleanup of csrf decoupling in #2854 | Michael Merickel | |
| - Renamed `SessionCSRFStoragePolicy` to `LegacySessionCSRFStoragePolicy` for the version that uses the legacy `ISession.get_csrf_token` and `ISession.new_csrf_token` apis and set that as the default. - Added new `SessionCSRFStoragePolicy` that stores data in the session similar to how the `SessionAuthenticationPolicy` works. - `CookieCSRFStoragePolicy` did not properly return the newly generated token from `get_csrf_token` after calling `new_csrf_token`. It needed to cache the new value since the response callback does not affect the current request. - `CookieCSRFStoragePolicy` was not forwarding the `domain` value to the `CookieProfile` causing that setting to be ignored. - Removed `check_csrf_token` from the `ICSRFStoragePolicy` interface to simplify implementations of storage policies. - Added an introspectable item for the configured storage policy so that it appears on the debugtoolbar. - Added a change note on `ISession` that it no longer required the csrf methods. - Leave deprecated shims in ``pyramid.session`` for ``check_csrf_origin`` and ``check_csrf_token``. | |||
| 2017-04-12 | Use the webob CookieProfile in the Cookie implementation, rename some ↵ | Matthew Wilkes | |
| implemenations based on feedback, split CSRF implementation and option configuration and make the csrf token function exposed as a system default rather than a renderer event. | |||
| 2017-04-12 | Rename implementation to ICSRFStoragePolicy | Matthew Wilkes | |
| 2017-04-12 | Fix tests and documentation in various places, and feedback following review | Jure Cerjak | |
| regarding naming of variables and code cleanup. | |||
| 2017-04-12 | Create a new ICSRF implementation for getting CSRF tokens, split out from ↵ | Matthew Wilkes | |
| the session machinery. Adds configuration of this to the csrf_options configurator commands. Make the default implementation a fallback to the old one. Documentation patches for new best practices given updates CSRF implementation. | |||
| 2017-03-29 | rewrite low-level pyramid config functions to use plaster | Michael Merickel | |
| 2017-02-25 | add an IExecutionPolicy that can wrap the router | Michael Merickel | |
| 2016-12-24 | expose the new exception view apis | Michael Merickel | |
| 2016-11-24 | comment out autodoc of TranslationString to get docs to build on Travis-CI | Steve Piercy | |
| https://travis-ci.org/Pylons/pyramid/jobs/178536008#L406 | |||
| 2016-08-31 | rename the credentials class | Michael Merickel | |
| 2016-08-10 | Add docs & explict tests | Dariusz Górecki | |
| 2016-05-15 | fix headings and suffices | Steve Piercy | |
| 2016-05-10 | expose the IRequestFactory interface | Michael Merickel | |
| 2016-04-19 | replace pyramid.require_default_csrf setting with ↵ | Michael Merickel | |
| config.set_default_csrf_options | |||
| 2016-04-16 | In addition to CSRF token, verify the origin too | Donald Stufft | |
| Add an additional layer of protection against CSRF by verifying the actual origin of the request in addition to the CSRF token. We only do this check on sites hosted behind HTTPS because only HTTPS sites have evidence to show that the Referrer header is not being spuriously removed by random middleware boxes. | |||
| 2016-04-10 | Add API docs for BeforeTraversal | Bert JW Regeer | |
| 2016-04-10 | Merge pull request #2021 from Pylons/feature/configurable-view-deriver | Michael Merickel | |
| configurable view deriver | |||
| 2016-04-08 | update constraints for derivers as well as docs | Michael Merickel | |
| 2016-04-07 | separate the viewderiver module and allow overriding the mapper | Michael Merickel | |
| 2016-04-06 | Pass vars to logging.config.fileConfig | Marc Abramowitz | |
| This allows one to set up a logging configuration that is parameterized based on variables specified on the command-line. e.g.: the application .ini file could have: ```ini [logger_root] level = %(LOGGING_LOGGER_ROOT_LEVEL)s handlers = console [handler_console] class = StreamHandler args = (sys.stderr,) level = %(LOGGING_HANDLER_CONSOLE_LEVEL)s formatter = generic ``` This app could be launched with: ``` pserve development.ini LOGGING_LOGGER_ROOT_LEVEL=DEBUG LOGGING_HANDLER_CONSOLE_LEVEL=DEBUG ``` | |||
| 2016-03-14 | add a docstring for add_view_deriver and expose the method to the api docs | Michael Merickel | |
| 2016-03-09 | add options support to view derivers | Michael Merickel | |
| exposed a new IViewDeriver api with an optional ``options`` list to expose support for new kwargs that may be passed to config.add_view | |||
| 2016-03-03 | link invoke_exception_view to api docs | Michael Merickel | |
 |
index : pyramid | |
| Pyramid web framework (fork of https://github.com/Pylons/pyramid). | Daniel |
| summaryrefslogtreecommitdiff |