Tue, 15 Jul 2014 16:07:59 +0200 |
Julien Cristau |
[web] add support for HttpOnly cookie flag
|
file |
diff |
annotate
|
Fri, 18 Jul 2014 17:35:25 +0200 |
Julien Cristau |
merge 3.19.3 into 3.20 branch
|
file |
diff |
annotate
|
Fri, 18 Jul 2014 12:23:01 +0200 |
Julien Cristau |
[web] Fix expiry of anonymous sessions (closes #4154479)
|
file |
diff |
annotate
|
Wed, 02 Jul 2014 12:52:50 +0200 |
Julien Cristau |
[web] restore query logging functionality (closes #3972561)
|
file |
diff |
annotate
|
Thu, 13 Mar 2014 17:03:15 +0100 |
Julien Cristau |
[web/ajax] Always return a json dict with a 'reason' key in case of ajax errors
|
file |
diff |
annotate
|
Thu, 13 Mar 2014 17:01:58 +0100 |
Julien Cristau |
[web/ajax] don't override any status code with 500 in ajax_error_handler
|
file |
diff |
annotate
|
Thu, 13 Mar 2014 16:57:22 +0100 |
Julien Cristau |
[web] return 403 for Unauthorized, not 401
|
file |
diff |
annotate
|
Mon, 24 Mar 2014 11:57:23 +0100 |
Julien Cristau |
Move entity cache from web.request.ConnectionCubicWebRequestBase to repoapi.ClientConnection
|
file |
diff |
annotate
|
Fri, 14 Mar 2014 11:20:53 +0100 |
Nicolas Chauvat |
[web] implement cross origin resource sharing (CORS) (closes #2491768)
|
file |
diff |
annotate
|
Mon, 27 Jan 2014 16:19:49 +0100 |
Julien Cristau |
merge 3.18.2 into 3.19 branch
|
file |
diff |
annotate
|
Fri, 17 Jan 2014 09:07:20 +0100 |
Sylvain Thénault |
[web error] exception may not have a 'status' attribute, generating an AttributeError that hides the original error. Closes #3381670
stable
|
file |
diff |
annotate
|
Mon, 13 Jan 2014 13:47:47 +0100 |
Julien Cristau |
merge 3.18.0 in 3.19 branch
|
file |
diff |
annotate
|
Tue, 12 Nov 2013 17:10:16 +0100 |
Julien Cristau |
Fix use of vreg.config.anonymous_user()
stable
|
file |
diff |
annotate
|
Thu, 29 Aug 2013 16:20:33 +0200 |
Sylvain Thénault |
[deprecation] add (approximate) version number to deprecation message and set proper stacklevel
stable
|
file |
diff |
annotate
|
Mon, 22 Jul 2013 14:57:37 +0200 |
Julien Cristau |
fix typos in docstring, doc and comments
stable
|
file |
diff |
annotate
|
Thu, 27 Jun 2013 18:21:04 +0200 |
Pierre-Yves David |
Use new repoapi for the web stack
|
file |
diff |
annotate
|
Mon, 24 Jun 2013 18:33:41 +0200 |
Pierre-Yves David |
[web/application] drop unused import
|
file |
diff |
annotate
|
Fri, 21 Jun 2013 16:28:16 +0200 |
Pierre-Yves David |
[webrequest] set DBAPISession without cnx at initialisation time
|
file |
diff |
annotate
|
Mon, 24 Jun 2013 12:00:03 +0200 |
Pierre-Yves David |
[auth] pass `repo` instead of `vreg` to SessionManager and AuthenticationManager
|
file |
diff |
annotate
|
Fri, 23 Nov 2012 16:12:19 +0100 |
Pierre-Yves David |
web/application: instantiate the repository outside of CubicWebPublisher
|
file |
diff |
annotate
|
Fri, 07 Dec 2012 17:23:04 +0100 |
Pierre-Yves David |
remove vreg argument to CWPublisher
|
file |
diff |
annotate
|
Fri, 14 Jun 2013 13:43:29 +0200 |
Pierre-Yves David |
[application] call req.set_session in application.main_handle_request
|
file |
diff |
annotate
|
Thu, 13 Jun 2013 18:46:39 +0200 |
Pierre-Yves David |
[session-handler] use session directly to update last usage
|
file |
diff |
annotate
|
Thu, 13 Jun 2013 18:50:19 +0200 |
Pierre-Yves David |
[application/connect] simplify connection logic
|
file |
diff |
annotate
|
Thu, 30 May 2013 14:46:32 +0200 |
Pierre-Yves David |
[web/application] add some minimal documentation
|
file |
diff |
annotate
|
Fri, 22 Feb 2013 12:20:59 +0100 |
Sylvain Thénault |
[web publish] in case of error, ensure proper http status is set and Content-disposition header is reseted. Closes #2553066
stable
|
file |
diff |
annotate
|
Fri, 08 Mar 2013 18:43:42 +0100 |
Pierre-Yves David |
merge with stable
|
file |
diff |
annotate
|
Fri, 08 Mar 2013 18:04:40 +0100 |
Vincent Michel |
[web application] Fix missing self. in error_handler
stable
|
file |
diff |
annotate
|
Thu, 14 Feb 2013 16:01:24 +0100 |
Nicolas Chauvat |
[toward py3k] rewrite dict.keys() and dict.values() (part of #2711624)
|
file |
diff |
annotate
|
Thu, 14 Feb 2013 15:38:25 +0100 |
Nicolas Chauvat |
[toward-py3k] rewrite to "except AnException as exc:" (part of #2711624)
|
file |
diff |
annotate
|
Thu, 14 Feb 2013 15:39:23 +0100 |
Nicolas Chauvat |
[toward-py3k] remove import with_statement (part of #2711624)
|
file |
diff |
annotate
|
Mon, 03 Dec 2012 00:03:03 +0100 |
Nicolas Chauvat |
merge fixes from stable
|
file |
diff |
annotate
|
Tue, 27 Nov 2012 12:24:56 +0100 |
David Douard |
[web] add a Forbidden exception
stable
|
file |
diff |
annotate
|
Fri, 16 Nov 2012 11:41:38 +0100 |
Sylvain Thénault |
[validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59
|
file |
diff |
annotate
|
Mon, 10 Sep 2012 16:25:48 +0200 |
Sylvain Thénault |
[web app] move set of status_out into validation_error_handler to ease readability
|
file |
diff |
annotate
|
Mon, 17 Sep 2012 17:48:55 +0200 |
Sylvain Thénault |
[validation error] refactor validation error handling so translation is done on the web side
|
file |
diff |
annotate
|
Wed, 18 Jul 2012 15:58:20 +0200 |
Sylvain Thénault |
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
stable
|
file |
diff |
annotate
|
Fri, 13 Jul 2012 14:29:52 +0200 |
Sylvain Thénault |
[web app] only log tb when explicitly asked
stable
|
file |
diff |
annotate
|
Thu, 14 Jun 2012 15:55:03 +0200 |
Pierre-Yves David |
[web/application] declare default 'content' value sooner (closes #2406560)
|
file |
diff |
annotate
|
Wed, 09 May 2012 16:23:21 +0200 |
Aurelien Campeas |
[app] turn these info into debug logs (this being too chatty for .info)
|
file |
diff |
annotate
|
Thu, 15 Mar 2012 17:48:20 +0100 |
Pierre-Yves David |
[web] Move request handling logic into cubicweb application. (closes #2200684)
|
file |
diff |
annotate
|
Thu, 15 Mar 2012 17:42:31 +0100 |
Pierre-Yves David |
[login] split authentication logic from post authentication logic (closes #2200755)
|
file |
diff |
annotate
|
Mon, 27 Feb 2012 11:51:09 +0100 |
Pierre-Yves David |
[web application] move default path logic inside url publisher
|
file |
diff |
annotate
|
Mon, 27 Feb 2012 10:03:31 +0100 |
Anthony Truchet |
[web] Exposes the undo feature to user through a undo-history view (closes #893940)
|
file |
diff |
annotate
|
Mon, 23 Jan 2012 13:25:02 +0100 |
Sylvain Thénault |
[vreg] move base registry implementation to logilab.common. Closes #1916014
|
file |
diff |
annotate
|
Fri, 16 Dec 2011 12:30:12 +0100 |
Adrien Di Mascio |
[controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
|
file |
diff |
annotate
|
Fri, 21 Oct 2011 14:32:37 +0200 |
Sylvain Thénault |
[diet] drop pre 3.6 API compatibility (but attempt to keep data cmopatibility). Closes #2017916
|
file |
diff |
annotate
|
Tue, 27 Sep 2011 18:47:11 +0200 |
Adrien Di Mascio |
[views] implement json / jsonp export views (closes #1942658)
|
file |
diff |
annotate
|
Fri, 23 Sep 2011 12:16:29 +0200 |
Sylvain Thénault |
[web request] fix cookie 'expires' formating (closes #1953945)
stable
|
file |
diff |
annotate
|
Wed, 21 Sep 2011 17:38:00 +0200 |
Sylvain Thénault |
[exceptions] stop catching any exception in various places (closes #1942716)
stable
|
file |
diff |
annotate
|
Thu, 30 Jun 2011 16:26:25 +0200 |
Sylvain Thénault |
[web session] fix bad cleanup of session without a connection set. Closes #1772125
stable
|
file |
diff |
annotate
|
Wed, 25 May 2011 10:58:43 +0200 |
Sylvain Thénault |
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
stable
|
file |
diff |
annotate
|
Tue, 10 May 2011 07:57:52 +0200 |
Pierre-Yves David |
[web server] #1642893 issue a 403 instead of a 500 on Unauthorized exception
oldstable
|
file |
diff |
annotate
|
Wed, 16 Mar 2011 09:37:46 +0100 |
Alexandre Fayolle |
help pylint by explicitely defining some attributes
oldstable
|
file |
diff |
annotate
|
Fri, 07 Jan 2011 13:14:40 +0100 |
Sylvain Thénault |
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
stable
|
file |
diff |
annotate
|
Fri, 05 Nov 2010 11:58:16 +0100 |
Sylvain Thénault |
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
stable
|
file |
diff |
annotate
|
Fri, 22 Oct 2010 09:15:35 +0200 |
Sylvain Thénault |
[pylint] fix a bug of pylint detected errors and i18n pb (calling builtins._ instead of req._)
|
file |
diff |
annotate
|
Thu, 21 Oct 2010 08:23:38 +0200 |
Sylvain Thénault |
#1346310: Add `Secure` attribute to cookie when navigating on https
|
file |
diff |
annotate
|
Sat, 09 Oct 2010 00:05:52 +0200 |
Sylvain Thénault |
[schema / sources] store data sources as cubicweb entities
|
file |
diff |
annotate
|
Thu, 23 Sep 2010 23:28:58 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Thu, 23 Sep 2010 10:49:05 +0200 |
Sylvain Thénault |
[publisher] add session id when logging published path
stable
|
file |
diff |
annotate
|
Thu, 16 Sep 2010 18:56:35 +0200 |
Sylvain Thénault |
backport stable into default
|
file |
diff |
annotate
|
Thu, 16 Sep 2010 18:39:35 +0200 |
Sylvain Thénault |
[publisher] avoid extra Name error on unexpected error
stable
|
file |
diff |
annotate
|
Thu, 16 Sep 2010 18:39:16 +0200 |
Sylvain Thénault |
[publisher] with python>=2.5, we should catch BaseException here
stable
|
file |
diff |
annotate
|
Wed, 25 Aug 2010 09:43:12 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Fri, 13 Aug 2010 08:23:14 +0200 |
Sylvain Thénault |
integrate Celso's work on translation file: proper/complete spanish translation, fixed some typos in french translation, occured -> occurred fix in various places
stable
|
file |
diff |
annotate
|
Mon, 26 Jul 2010 12:08:24 +0200 |
Sylvain Thénault |
[session] cleanup session-time / cleanup-session-time...
|
file |
diff |
annotate
|
Fri, 02 Jul 2010 14:47:44 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Fri, 02 Jul 2010 14:46:09 +0200 |
Sylvain Thénault |
[publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free
stable
|
file |
diff |
annotate
|
Fri, 11 Jun 2010 14:59:08 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Thu, 10 Jun 2010 18:28:12 +0200 |
Sylvain Thénault |
[iprogress] move adapter to entities.adapters
|
file |
diff |
annotate
|
Thu, 10 Jun 2010 17:25:38 +0200 |
Alexandre Fayolle |
fix wrong calculation of clean_session_interval
stable
|
file |
diff |
annotate
|
Thu, 03 Jun 2010 10:17:44 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Tue, 01 Jun 2010 17:03:28 +0200 |
Julien Jehannet |
[web] cleanup use of config in web application initialisation
stable
|
file |
diff |
annotate
|
Wed, 26 May 2010 14:37:32 +0200 |
Sylvain Thénault |
[web] update to 3.9 Entity api
|
file |
diff |
annotate
|
Wed, 26 May 2010 12:33:48 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Wed, 26 May 2010 12:31:40 +0200 |
Sylvain Thénault |
[web] dont attempt to update last login time on ldap users, avoiding spurious tb in logs (closes #914464)
stable
|
file |
diff |
annotate
|
Wed, 26 May 2010 12:31:34 +0200 |
Sylvain Thénault |
[web] disallow authenticated users to access to the login form (closes #914873)
stable
|
file |
diff |
annotate
|
Mon, 10 May 2010 16:59:32 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Thu, 06 May 2010 14:26:47 +0200 |
Sylvain Thénault |
[web session] fix potential key error on logout (occurs once the session has been transparently reconnected, hence session.sessionid and session.cnx.sessionid differs)
stable
|
file |
diff |
annotate
|
Thu, 29 Apr 2010 14:21:57 +0200 |
Sylvain Thénault |
[webconfig] refactor/cleanup debug mode management on startup: simply use config.debugmode instead of debug argument everywhere...
|
file |
diff |
annotate
|
Wed, 28 Apr 2010 12:24:20 +0200 |
Sylvain Thénault |
backport oldstable changes
stable
|
file |
diff |
annotate
|
Wed, 28 Apr 2010 12:15:52 +0200 |
Sylvain Thénault |
replace logilab-common by CubicWeb in disclaimer
oldstable
|
file |
diff |
annotate
|
Wed, 28 Apr 2010 12:14:22 +0200 |
Sylvain Thénault |
backport default into stable: stable is now cw 3.8
|
file |
diff |
annotate
|
Wed, 28 Apr 2010 10:06:01 +0200 |
Sylvain Thénault |
proper licensing information (LGPL-2.1). Hope I get it right this time.
stable
|
file |
diff |
annotate
|
Fri, 23 Apr 2010 12:42:53 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Thu, 22 Apr 2010 19:48:04 +0000 |
Alexandre Fayolle |
[python2.6] prefer python2.6's builtin json module over simplejson
stable
|
file |
diff |
annotate
|
Mon, 19 Apr 2010 13:52:55 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Mon, 19 Apr 2010 13:38:46 +0200 |
Sylvain Thénault |
[config] properly use time type for options representing a time.
stable
|
file |
diff |
annotate
|
Mon, 19 Apr 2010 13:37:32 +0200 |
Sylvain Thénault |
[web] consistent cleanup session interval time
stable
|
file |
diff |
annotate
|
Thu, 15 Apr 2010 19:39:55 +0200 |
Sylvain Thénault |
backport stable
|
file |
diff |
annotate
|
Thu, 15 Apr 2010 15:17:18 +0200 |
Sylvain Thénault |
[config] better *-session-time documentation and usage in session handler
stable
|
file |
diff |
annotate
|
Wed, 14 Apr 2010 10:29:38 +0200 |
Sylvain Thénault |
[web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that)
|
file |
diff |
annotate
|
Tue, 13 Apr 2010 12:19:24 +0200 |
Sylvain Thénault |
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
|
file |
diff |
annotate
|
Wed, 07 Apr 2010 14:26:35 +0200 |
Sylvain Thénault |
#759035: Automate addition of eid cachekey in RQL analysis
|
file |
diff |
annotate
|
Wed, 24 Mar 2010 15:40:57 +0100 |
Sylvain Thénault |
[test] don't try to reset session manager during test,
stable
|
file |
diff |
annotate
|
Tue, 16 Mar 2010 16:32:36 +0100 |
Sylvain Thénault |
backport stable into default
|
file |
diff |
annotate
|
Mon, 01 Mar 2010 11:26:14 +0100 |
Katia Saurfelt |
server/web api for accessing to deleted_entites
|
file |
diff |
annotate
|
Tue, 16 Mar 2010 12:40:59 +0100 |
Sylvain Thénault |
#750055: make it easier to change post logout url
stable
|
file |
diff |
annotate
|
Fri, 12 Mar 2010 15:05:33 +0100 |
Sylvain Thénault |
[web] start a new message system based on id of message stored in session's data
|
file |
diff |
annotate
|
Fri, 26 Feb 2010 07:44:18 +0100 |
Adrien Di Mascio |
[web] fix #724769: Use RemoteCallFailed in the publisher's error_handler
stable
|
file |
diff |
annotate
|
Wed, 24 Feb 2010 10:37:37 +0100 |
Sylvain Thénault |
remove #<formid> from url used to redirect after a validation error
stable
|
file |
diff |
annotate
|
Thu, 18 Feb 2010 14:27:00 +0100 |
Sylvain Thénault |
cleanup internal forms parameters in postlogin
stable
|
file |
diff |
annotate
|
Mon, 08 Feb 2010 11:08:55 +0100 |
Sylvain Thénault |
backport stable branch and some vreg cleanups:
|
file |
diff |
annotate
|
Sat, 06 Feb 2010 10:31:27 +0100 |
Sylvain Thénault |
fix duplicated vregistry initialization during tests
stable
|
file |
diff |
annotate
|
Thu, 21 Jan 2010 10:21:09 +0100 |
Sylvain Thénault |
when the vregistry is initialized, no need to call vreg.set_schema (else we trigger appobjects registration twice. This allows significant startup speedup.
|
file |
diff |
annotate
|
Mon, 18 Jan 2010 19:21:30 +0100 |
Sylvain Thénault |
backport stable branch
|
file |
diff |
annotate
|
Wed, 13 Jan 2010 15:54:07 +0100 |
Sylvain Thénault |
refactor form error handling:
|
file |
diff |
annotate
|
Thu, 07 Jan 2010 16:52:32 +0100 |
Adrien Di Mascio |
update copyright: welcome 2010
stable
|
file |
diff |
annotate
|
Wed, 23 Sep 2009 11:13:39 +0200 |
Adrien Di Mascio |
[api] use __regid__ instead of deprecated id
|
file |
diff |
annotate
|
Mon, 17 Aug 2009 19:21:45 +0200 |
Sylvain Thénault |
give vreg where we need it (eg no bound request)
|
file |
diff |
annotate
|
Sun, 16 Aug 2009 20:27:28 +0200 |
Nicolas Chauvat |
backport stable branch
|
file |
diff |
annotate
|
Fri, 14 Aug 2009 15:34:49 +0200 |
Sylvain Thénault |
dont bind set_authmanager on registry reloading event, it's not necesary since the session manager itself is reinstatiated
stable
|
file |
diff |
annotate
|
Wed, 12 Aug 2009 18:40:52 +0200 |
Nicolas Chauvat |
R put version info in deprecation warnings
|
file |
diff |
annotate
|
Wed, 05 Aug 2009 18:56:22 +0200 |
Sylvain Thénault |
[web session] proper reloading of the session manager on vreg update
|
file |
diff |
annotate
|
Wed, 05 Aug 2009 18:18:12 +0200 |
Adrien Di Mascio |
[events] renamed source-reload into registry-reload to avoid potential confusions with datasources
|
file |
diff |
annotate
|
Tue, 04 Aug 2009 18:44:24 +0200 |
Adrien Di Mascio |
[autoreload] recompute urlresolver / urlrewriter after autoreload
|
file |
diff |
annotate
|
Mon, 03 Aug 2009 17:32:42 +0200 |
Sylvain Thénault |
[webapp] missing renaming
|
file |
diff |
annotate
|
Mon, 03 Aug 2009 10:50:57 +0200 |
Sylvain Thénault |
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
|
file |
diff |
annotate
|
Fri, 31 Jul 2009 22:37:28 +0200 |
Nicolas Chauvat |
R [all] logilab.common 0.44 provides only deprecated
|
file |
diff |
annotate
|