Mon, 10 Dec 2012 11:50:42 +0100 [ldapfeed] fix connection leak (closes #2532528) stable
David Douard <david.douard@logilab.fr> [Mon, 10 Dec 2012 11:50:42 +0100] rev 8615
[ldapfeed] fix connection leak (closes #2532528)
Tue, 04 Dec 2012 16:16:08 +0100 [zmq] add an introductive docstring on ZMQComm stable
David Douard <david.douard@logilab.fr> [Tue, 04 Dec 2012 16:16:08 +0100] rev 8614
[zmq] add an introductive docstring on ZMQComm
Tue, 11 Dec 2012 16:14:57 +0100 [server config] on quick start, system source is still activated. Closes #2535714 stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 11 Dec 2012 16:14:57 +0100] rev 8613
[server config] on quick start, system source is still activated. Closes #2535714
Tue, 11 Dec 2012 17:07:57 +0100 [web] use `inline` `Content-Disposition` by default (closes #2535734) stable
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 17:07:57 +0100] rev 8612
[web] use `inline` `Content-Disposition` by default (closes #2535734) since known time we have been serving static file with a `filename` parameter on the `Content-Disposition` header. But since d74addac92bb we explicitly serve file as attachment if a filename is provided. However this is valid to have `inline` disposition and `filename` parameter. This changeset revert this part of d74addac92bb, going back to `inlined` by default. `IDownloadable` code explicitly request `attachment` content to preserve expected behavior.
Tue, 11 Dec 2012 16:57:18 +0100 [web] allow configuration of the Content-disposition value stable
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 16:57:18 +0100] rev 8611
[web] allow configuration of the Content-disposition value The `set_content_type` function now takes and optional `disposition` parameter to control the value of this HTTP header. Use of `Content-disposition: inline` with a filename parameter are valid, so the presence of filename does not allows to choose between `attachment` and `inline`
Tue, 11 Dec 2012 17:17:40 +0100 [downloadable] fix filename HTTP header for simple name with space (closes #2535715) stable
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 11 Dec 2012 17:17:40 +0100] rev 8610
[downloadable] fix filename HTTP header for simple name with space (closes #2535715) Since d74addac92bb, we export simple ascii filename without any encoding in the `filename` parameter of the `Content-Disposition` header. If this name contains space this will fails, the parameter value will be truncated at the space position. (eg. `filename=jungle babar.txt` read as `jungle`) We need to quote the filename to prevent this (eg. `filename="jungle babar.txt"`). Then literal quote and backslash needs to be escaped too. The new escaping is correct according this extensive test case data base: http://greenbytes.de/tech/tc2231/
Mon, 03 Dec 2012 00:03:03 +0100 merge fixes from stable
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Mon, 03 Dec 2012 00:03:03 +0100] rev 8609
merge fixes from stable
Fri, 30 Nov 2012 21:19:36 +0100 Added tag cubicweb-debian-version-3.15.6-1 for changeset b05e156b8fe7 stable
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:19:36 +0100] rev 8608
Added tag cubicweb-debian-version-3.15.6-1 for changeset b05e156b8fe7
Fri, 30 Nov 2012 21:19:35 +0100 Added tag cubicweb-version-3.15.6 for changeset 0163bd9f4880 stable cubicweb-debian-version-3.15.6-1
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:19:35 +0100] rev 8607
Added tag cubicweb-version-3.15.6 for changeset 0163bd9f4880
Fri, 30 Nov 2012 21:18:05 +0100 prepare 3.15.6 stable cubicweb-version-3.15.6
David Douard <david.douard@logilab.fr> [Fri, 30 Nov 2012 21:18:05 +0100] rev 8606
prepare 3.15.6
Tue, 27 Nov 2012 14:48:03 +0100 [web] add a digital signature to error form (closes #2522526) stable
David Douard <david.douard@logilab.fr> [Tue, 27 Nov 2012 14:48:03 +0100] rev 8605
[web] add a digital signature to error form (closes #2522526) Simple (and quite weak) implementation of a digital signature of the content to be submited by email in the error report view generated by ErrorView. The signature is a simple hmac hash computed using a secret key (generated at repository startup) and the "secret" form content to be included in the notification email. The controller can then check this content has not been modified or forged by a malicious user.
Wed, 28 Nov 2012 11:44:15 +0100 [web/views] bugfix: the mime type is text/plain, not text/txt (closes #2526345) stable
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Wed, 28 Nov 2012 11:44:15 +0100] rev 8604
[web/views] bugfix: the mime type is text/plain, not text/txt (closes #2526345)
Tue, 27 Nov 2012 17:16:23 +0100 [doc] fix of personnal etc directory in book stable
Arthur Lutz <arthur.lutz@logilab.fr> [Tue, 27 Nov 2012 17:16:23 +0100] rev 8603
[doc] fix of personnal etc directory in book
Tue, 27 Nov 2012 12:24:56 +0100 [web] add a Forbidden exception stable
David Douard <david.douard@logilab.fr> [Tue, 27 Nov 2012 12:24:56 +0100] rev 8602
[web] add a Forbidden exception This is similar to the Unauthorized exception, but generates a 403 error instead of a 401 (Unauthorized)
Tue, 27 Nov 2012 11:38:03 +0100 [web] add a ``anonymize-jsonp-queries`` option in file configuration (closes #2465388) stable
Katia Saurfelt <katia.saurfelt@logilab.fr> [Tue, 27 Nov 2012 11:38:03 +0100] rev 8601
[web] add a ``anonymize-jsonp-queries`` option in file configuration (closes #2465388) This option controls connection anonymizing before executing any query for CSRF / safety reason.
Tue, 27 Nov 2012 11:27:49 +0100 [downloadable] fix filename in HTTP header (closes #2522325, #2522324) stable
Pierre-Yves David <pierre-yves.david@logilab.fr> [Tue, 27 Nov 2012 11:27:49 +0100] rev 8600
[downloadable] fix filename in HTTP header (closes #2522325, #2522324) Before this changeset we use the `filename` header with utf8 encoded filename all the time. However RFC6266 says: The parameters "filename" and "filename*" differ only in that "filename*" uses the encoding defined in [RFC5987], allowing the use of characters not present in the ISO-8859-1 character set ([ISO-8859-1]). Therefore, we alter the code to: 1. Use `filename` and `ascii` encoding whenever possible, 2. use `filename*` with `utf8` encoding otherwise (with a filename fallback for old browser) We also switch the `content-disposition` value to attachement if filename is specified, this will result as a mandatory download according to RFC6266. This mandatory download is the expected behavior. We changes the filename encoding to RFC5987 which is simpler, supported by all and modern browser (including IE from version 6) and does not suffer from the continuation issue. (see ticket #2522324 for details)
Tue, 27 Nov 2012 11:18:42 +0100 docstring typo stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 27 Nov 2012 11:18:42 +0100] rev 8599
docstring typo
Thu, 22 Nov 2012 16:13:43 +0100 [facet] make BitFieldFacet allow special 0 value. Closes #2522697 stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Thu, 22 Nov 2012 16:13:43 +0100] rev 8598
[facet] make BitFieldFacet allow special 0 value. Closes #2522697
Fri, 16 Nov 2012 12:28:30 +0100 [doc] ubuntu LTS is now Precise Pangolin stable
Nicolas Chauvat <nicolas.chauvat@logilab.fr> [Fri, 16 Nov 2012 12:28:30 +0100] rev 8597
[doc] ubuntu LTS is now Precise Pangolin
Fri, 16 Nov 2012 11:53:17 +0100 backport stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 16 Nov 2012 11:53:17 +0100] rev 8596
backport stable
Fri, 16 Nov 2012 11:52:06 +0100 [server] implement base_url with secure=True (closes #2508638)
Arthur Lutz <arthur.lutz@logilab.fr> [Fri, 16 Nov 2012 11:52:06 +0100] rev 8595
[server] implement base_url with secure=True (closes #2508638)
Fri, 16 Nov 2012 11:41:38 +0100 [validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59
Sylvain Thénault <sylvain.thenault@logilab.fr> [Fri, 16 Nov 2012 11:41:38 +0100] rev 8594
[validation api] properly use yams 0.36 validation error api and update message catalog. Follows bbe0d6985e59 the creation of the `translate` method in the 23a10f049447 yams commit.
Fri, 09 Nov 2012 15:27:40 +0100 [wsgi] saner use of `self.config` instead of `config`
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 09 Nov 2012 15:27:40 +0100] rev 8593
[wsgi] saner use of `self.config` instead of `config`
Fri, 09 Nov 2012 17:14:18 +0100 [server] fix repository initialisation
Pierre-Yves David <pierre-yves.david@logilab.fr> [Fri, 09 Nov 2012 17:14:18 +0100] rev 8592
[server] fix repository initialisation Changeset d753d6a6798f was breaking database creation. Dropping the `config.creating` clause lead to trying to load the schema from database even in creation mode. Conditional are a bit altered and reordered to prevent this to happen.
Wed, 24 Oct 2012 09:56:52 +0200 [web test] make unittest_viewselectors work if rdflib isn't available stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 24 Oct 2012 09:56:52 +0200] rev 8591
[web test] make unittest_viewselectors work if rdflib isn't available
Tue, 23 Oct 2012 12:12:43 +0200 [js/ajax] documentation of 'reload' is missing an argument stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 23 Oct 2012 12:12:43 +0200] rev 8590
[js/ajax] documentation of 'reload' is missing an argument
Tue, 23 Oct 2012 12:12:22 +0200 [ldapfeed] move docstring to the class instead of the module stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Tue, 23 Oct 2012 12:12:22 +0200] rev 8589
[ldapfeed] move docstring to the class instead of the module
Wed, 14 Nov 2012 11:12:13 +0100 [hook] fix hook base class so access to __registries__ doesn't call check_event, only call it in registered callback. Closes #2517748 stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 14 Nov 2012 11:12:13 +0100] rev 8588
[hook] fix hook base class so access to __registries__ doesn't call check_event, only call it in registered callback. Closes #2517748
(0) -3000 -1000 -300 -100 -50 -28 +28 +50 +100 +300 +1000 +3000 tip