Fri, 16 Mar 2012 17:59:48 +0100 [security] use a stronger encryption algorythm for password, keeping bw compat stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 16 Mar 2012 17:59:48 +0100] rev 8317
[security] use a stronger encryption algorythm for password, keeping bw compat Administrator should ask their users to reenter new password so they benefit from the new encryption. Also, new encryption is cross-platform compatible, eg you may now move an instance from windows to linux painlessly
Thu, 15 Mar 2012 17:59:27 +0100 [cache] factorize _validate_cache() logic implemented in wsgi and twisted handlers
Adrien Di Mascio <Adrien.DiMascio@logilab.fr> [Thu, 15 Mar 2012 17:59:27 +0100] rev 8316
[cache] factorize _validate_cache() logic implemented in wsgi and twisted handlers
Thu, 15 Mar 2012 17:57:40 +0100 [fake-request] support `http_method()`
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 15 Mar 2012 17:57:40 +0100] rev 8315
[fake-request] support `http_method()`
Thu, 15 Mar 2012 18:34:59 +0100 [Web-Request] Use rich header (closes #2204164)
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 15 Mar 2012 18:34:59 +0100] rev 8314
[Web-Request] Use rich header (closes #2204164) Unify header management. All web request use the Headers class now (imported from twisted). Code dedicated to header management have been merged into the base WebRequest class.
Thu, 15 Mar 2012 17:54:40 +0100 http-header: support __contains__ in Headers
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 15 Mar 2012 17:54:40 +0100] rev 8313
http-header: support __contains__ in Headers You can now use:: >>> 'expires" in headers True
Thu, 15 Mar 2012 17:48:20 +0100 [web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 15 Mar 2012 17:48:20 +0100] rev 8312
[web] Move request handling logic into cubicweb application. (closes #2200684) We improve http status handling in the process: ``application.publish`` have been renamed to ``application.handle`` to better reflect it's roles. The request object gain a status_out attribute to convey the HTTP status of the response. WSGI and etwist code have been updated. Exception gain status attribute
Thu, 15 Mar 2012 17:42:31 +0100 [login] split authentication logic from post authentication logic (closes #2200755)
Pierre-Yves David <pierre-yves.david@logilab.fr> [Thu, 15 Mar 2012 17:42:31 +0100] rev 8311
[login] split authentication logic from post authentication logic (closes #2200755) * The Session manager is now only in charge of providing a valid session. * LoginControllers are now used in all case but wrong credential. * The LoginControllers are in charge of redirecting the user to the page wanted to see in the first place, expected to see. * The login form is now always submitted to the login controller with an extra argument pointing to the url we should redirect too after successful authentication. The ``"log out first logic"`` logic on login controller is removed because: 1. Other web actor do not do that. 2. Removed code do not need to be reimplemented. 3. We can only get it to work again in a single case: use do a GET request on http://www.my-cw-stuff.io/login 4. I do not see it's purpose.
(0) -3000 -1000 -300 -100 -30 -10 -7 +7 +10 +30 +100 +300 +1000 +3000 tip