python-mohawk
No description set
- Sources inherited from project devel:languages:python
- Devel package for openSUSE:Factory
- Links to openSUSE:Factory / python-mohawk
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:Tomcat42/python-mohawk && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
_link | 0000000124 124 Bytes | |
mohawk-1.0.0.tar.gz | 0000017593 17.2 KB | |
python-mohawk.changes | 0000001604 1.57 KB | |
python-mohawk.spec | 0000001877 1.83 KB |
Revision 5 (latest revision is 17)
Antoine Belvire (1Antoine1)
committed
(revision 5)
- Update to version 1.0.0: * Security related: Bewit MACs were not compared in constant time and were thus possibly circumventable by an attacker. * Breaking change: Escape characters in header values (such as a back slash) are no longer allowed, potentially breaking clients that depended on this behavior. * A sender is allowed to omit the content hash as long as their request has no content. The `mohawk.Receiver` will skip the content hash check in this situation, regardless of the value of accept_untrusted_content. * Introduced max limit of 4096 characters in the Authorization header. * Changed default values of content and content_type arguments to `mohawk.base.EmptyValue` in order to differentiate between misconfiguration and cases where these arguments are explicitly given as None (as with some web frameworks). * Failing to pass content and content_type arguments to `mohawk.Receiver` or `mohawk.Sender.accept_response` without specifying accept_untrusted_content=True will now raise `mohawk.exc.MissingContent` instead of `ValueError`.
Comments 0