delta/bottle.git - github.com: defnull/bottle.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix fapws3 linkrelease-0.10	Marcel Hellkamp	2022-09-05	2	-2/+2
\|
*	Added 3.4 test environment to travis config	Marcel Hellkamp	2014-04-29	1	-0/+1
\|
*	Release of 0.10.12 (Security fix)0.10.12	Marcel Hellkamp	2014-04-29	1	-1/+1
\|
*	fix #616: Json content-type not restrictive enough	Marcel Hellkamp	2014-04-29	2	-1/+11
\| \| \| \|	Possible security issue. See https://github.com/defnull/bottle/issues/616 for details.
*	Added travis configuration	Marcel Hellkamp	2014-02-07	2	-0/+35
\|
*	Makefile: A release always pushes to public repository now.	Marcel Hellkamp	2012-10-11	1	-1/+5
\|
*	Release of 0.10.110.10.11	Marcel Hellkamp	2012-06-26	1	-1/+1
\|
*	fix: Fixes unicode problems with request.query and request.forms (fix #342 ↵	Marcel Hellkamp	2012-06-26	2	-7/+30
\| \| \| \|	fix #344 fix #339)
*	Release of 0.10.100.10.10	Marcel Hellkamp	2012-06-25	1	-1/+1
\|
*	fix: Unicode errors with Python 3.2+ POST parameters. (fix #344, fix #349)	Marcel Hellkamp	2012-06-25	3	-16/+31
\|
*	Release of 0.10.9 (bugfix release)0.10.9	Marcel Hellkamp	2012-02-11	1	-1/+1
\|
*	fix: Subtile bug in stpl parser. '.%' was recognized as code line.	Marcel Hellkamp	2012-02-11	1	-1/+2
\|
*	Release of 0.10.8 (bugfix release)0.10.8	Marcel Hellkamp	2012-02-10	1	-1/+1
\|
*	fix #281: DeprecationWarning in Botle.mount() and typo.	Marcel Hellkamp	2012-02-10	1	-2/+2
\| \| \| \|	Thanks chicha
*	Release of 0.10.70.10.7	Marcel Hellkamp	2011-12-28	1	-1/+1
\|
*	fix: Workaround for a hash collision DoS vulnerability in CPython dicts.	Marcel Hellkamp	2011-12-28	2	-8/+27
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	If the language does not provide a randomized hash function or the application server does not recognize attacks using multi-collisions, an attacker can degenerate the hash table by sending lots of colliding keys. The algorithmic complexity of inserting n elements into the table then goes to O(n**2), making it possible to exhaust hours of CPU time using a single HTTP request. This workaround limits the number of GET, POST and cookie parameters to a reasonable maximum of 100 key/value pairs per request, reducing the effectiveness of such attacks. Normal web applications should not need to process more than 100 parameters per request, but this limit can be changed by setting Request.MAX_PARAMS to a different value. Some links: https://cryptanalysis.eu/blog/2011/12/28/effective-dos-attacks-against-web-application-plattforms-hashdos/ http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html http://www.nruns.com/_downloads/advisory28122011.pdf
*	Fixing release target in Makefile.	Marcel Hellkamp	2011-12-23	1	-3/+3
\|
*	Release of 0.10.60.10.6	Marcel Hellkamp	2011-12-22	1	-1/+1
\|
*	Fixed a bug in HTTPError.__repr__. The repr() builtin breaks for non-ascii	Marcel Hellkamp	2011-12-22	2	-1/+6
\| \| \| \|	unicode strings.
*	Release of 0.10.50.10.5	Marcel Hellkamp	2011-12-22	1	-1/+1
\|
*	fix #268: Bug in backported code (NameError: _e)	Marcel Hellkamp	2011-12-22	1	-1/+1
\| \| \| \|	Thanks to Bender Rodriges and John R. Isidore
*	Release of 0.10.40.10.4	Marcel Hellkamp	2011-12-17	1	-1/+1
\|
*	fix #267: Possible XSS vulnerability on internal server errors.	Marcel Hellkamp	2011-12-17	1	-5/+7
\|
*	Release of 0.10.30.10.3	Marcel Hellkamp	2011-12-14	1	-1/+1
\|
*	Solving float_filter bug and testing it.	Iuri de Silvio	2011-12-14	2	-2/+11
\|
*	Release of 0.10.20.10.2	Marcel Hellkamp	2011-12-02	1	-1/+1
\|
*	docs: Command-line interface	Marcel Hellkamp	2011-12-01	2	-1/+48
\|
*	Print CLI help if called without parameters.	Marcel Hellkamp	2011-12-01	1	-1/+3
\|
*	docs: New stable release.	Marcel Hellkamp	2011-11-26	1	-2/+2
\|
*	Release of 0.10.10.10.1	Marcel Hellkamp	2011-11-26	1	-1/+1
\|
*	Added git-commit to "make release".	Marcel Hellkamp	2011-11-26	1	-0/+1
\|
*	docs: changelog and contributor list.	Marcel Hellkamp	2011-11-26	1	-13/+71
\|
*	docs: Typo	Marcel Hellkamp	2011-11-26	1	-0/+1
\|
*	docs: Merging 0.11 doc layout changes.	Marcel Hellkamp	2011-11-24	5	-21/+42
\|
*	fix: Workaround for bug in functools.update_wrapper() (fixes #223 #224)	Marcel Hellkamp	2011-11-22	2	-1/+15
\| \| \| \|	Thanks to Brian Wickman
*	First release candidate for 0.10	Marcel Hellkamp	2011-11-16	1	-1/+1
\|
*	fix: load_app now returns any callable, not only Bottle instances.	Marcel Hellkamp	2011-11-16	1	-1/+1
\|
*	Micro optimizations :)	Marcel Hellkamp	2011-11-16	1	-4/+3
\|
*	Addd G+ link to homepage.	Marcel Hellkamp	2011-11-16	1	-0/+1
\|
*	Added --version command-line argument.	Marcel Hellkamp	2011-11-16	1	-3/+9
\|
*	fix #240: run(reloader=True) now handles SyntaxError and ImportError ↵	Marcel Hellkamp	2011-11-15	1	-87/+86
\| \| \| \|	exceptions raised by a dynamically loaded application, plugin or server adapter.
*	Code cleanup.	Marcel Hellkamp	2011-11-15	1	-10/+8
\|
*	Fixed Makefile target: release	Marcel Hellkamp	2011-11-15	2	-2/+3
\|
*	docs: Explained FormsDict	Marcel Hellkamp	2011-11-15	1	-6/+9
\|
*	fix: I broke "bottle.py --help" some commits ago.	Marcel Hellkamp	2011-11-15	1	-12/+13
\|
*	Added Python 2.5 deprecation warning.	Marcel Hellkamp	2011-11-15	1	-0/+6
\|
*	fix: Python 3.x only bug in SimpleTemplate. Templates with an encoding other ↵	Marcel Hellkamp	2011-11-15	1	-1/+1
\| \| \| \|	than the system default raised UnicodeError.
*	Cleanup.	Marcel Hellkamp	2011-11-15	1	-14/+9
\|
*	fix #247: Correcting set_cookie docstring.	Marcel Hellkamp	2011-11-15	1	-1/+1
\|
*	fix #251: Undefined start_response variable in Bottle.mount()	Marcel Hellkamp	2011-11-15	1	-3/+3
\| \| \| \|	fix: Support for huge body iterators returned by mounted apps.