Commits

Author Commit Message Labels Comments Date
Robert Brewer avatarRobert Brewer
A more inclusive, os-level check for staticfilter uplevel attacks.
Robert Brewer avatarRobert Brewer
Test for staticfilter uplevel security, plus a more-informative error if staticfilter can't obtain an absolute path.
Default avatar Remi Delon
Patch for serious security flaw in staticfilter
Robert Brewer avatarRobert Brewer
Changed camelCase "streamResponse" to lowercase "stream_response".
Robert Brewer avatarRobert Brewer
Fix for #436.
Robert Brewer avatarRobert Brewer
Fix for #434 (importing from cherrypy.lib.filter broken in trunk).
Default avatar Remi Delon
Speed optimization in sessionauthenticatefilter
Robert Brewer avatarRobert Brewer
Removed redundant test for favicon.
Robert Brewer avatarRobert Brewer
Oops. Forgot to assign cherrypy.root if missing.
Robert Brewer avatarRobert Brewer
Fix for #362 (Filters do not guarantee all methods are run (when errors occur)).
Robert Brewer avatarRobert Brewer
Fix for #145. See the ticket for details about this fix.
Robert Brewer avatarRobert Brewer
Fix for #430 (serveFile should require abs paths).
Robert Brewer avatarRobert Brewer
Fix for #425. See the ticket comments for lots of details.
Robert Brewer avatarRobert Brewer
seen_threads really should belong to the Server class.
Robert Brewer avatarRobert Brewer
Made custom Request subclasses easier to implement:
Robert Brewer avatarRobert Brewer
Changed filters._input_order to filters.input_filters. Same for "output". You can now also insert classes into those lists (not just the class name in a string).
Sylvain Hellegouarch avatarSylvain Hellegouarch
Added a clear() method to the MemoryCache class of the cache_filter. You can now clear the cache by doing cherrypy._clear_cache = True
Sylvain Hellegouarch avatarSylvain Hellegouarch
The HTTTPErrorTemplate was using XHTML but the response content-type was set to text/html which is wrong. Since many user agents can't understand XHTML when using the correct content type, I've changed the template to use regular HTML
Robert Brewer avatarRobert Brewer
Fix for #402 (staticfilter errors if .on but no .file nor .dir).
Robert Brewer avatarRobert Brewer
Fix for #361 (Misleading error message).
Robert Brewer avatarRobert Brewer
Use cPickle in sessionfilter if available.
Robert Brewer avatarRobert Brewer
Fix for #413 (Improve configuration error behavior).
Robert Brewer avatarRobert Brewer
Fix for #404, #417 (index files and staticfilter). New "static_filter.index" config entry.
Robert Brewer avatarRobert Brewer
Test for [878] (serve dynamic content alongside static).
Robert Brewer avatarRobert Brewer
Fix for #421 (Incorrect border condition in readline of SizeCheckWrapper).
Robert Brewer avatarRobert Brewer
Set WebCase.PORT in testmain.
Default avatar Remi Delon
Fix for #416. The default favicon.ico is now served by a default static_filter entry in the default config (much cleaner than making a special case for favicon.ico in the code).
Robert Brewer avatarRobert Brewer
Fix for #394 (custom filters). Well, it fixes a related problem, anyway. ;) The real fix for #394 is "don't do that".
Robert Brewer avatarRobert Brewer
helper._run_test_suite_thread didn't need to wait() or call filters.init() either.
Robert Brewer avatarRobert Brewer
server.wait now checks for server.interrupt, so start_with_callback won't hang on error in server.start.
  1. Prev
  2. Next
Help
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.