8884a1eee4
While here, set LICENSE=mit. 1.7.4 ----- * Fix XSS bug (security issue) with not found handlers for :class:`paste.urlparser.StaticURLParser` and :class:`paste.urlmap.URLMap`. If you ask for a path with ``/--><script>...`` that will be inserted in the error page and can execute Javascript. Reported by Tim Wintle. * Replaced :func:`paste.util.mimeparse.desired_match` 1.7.3.1 ------- * Removed directory name from 404 errors in :class:`paste.urlparser.StaticURLParser`. * Fixed packaging to include Javascript and images for :mod:`paste.evalexception` 1.7.3 ----- * I got a fever and the only prescription is more :mod:`paste.cowbell`! * Fix :mod:`paste.httpserver` on Python 2.6. * Fix :mod:`paste.auth.cookie`, which would insert newlines for long cookies. * :mod:`paste.util.mimeparse` parses a single ``*`` in Accept headers (sent by IE 6). * Fix some problems with the ``wdg_validate`` middleware. * Improvements to :mod:`paste.auth.auth_tkt`: add httponly support, don't always aggressively set cookies without the ``wildcard_cookie`` option. Also on logout, make cookies expire. * In :class:`paste.proxy.Proxy` handle Content-Length of -1. * In :mod:`paste.httpexceptions` avoid some unicode errors. * In :mod:`paste.httpserver` handle ``.read()`` from 100 Continue properly (because of a typo it was doing a readline). * Update ``paste.util.mimeparse`` from `upstream <http://code.google.com/p/mimeparse/>`_. |
||
|---|---|---|
| .. | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| PLIST | ||