Permalink
Commits on Feb 29, 2012
Commits on Feb 23, 2012
Commits on Feb 22, 2012
Commits on Feb 17, 2012
  1. Simplified some code.

    defnull committed Feb 17, 2012
  2. Merge pull request #286 from iurisilvio/master

    Encoding definition improved in SimpleTemplate
    defnull committed Feb 17, 2012
Commits on Feb 16, 2012
Commits on Feb 13, 2012
  1. Fix: Missing response.environ on router errors.

    Thanks yjost from IRC
    defnull committed Feb 13, 2012
Commits on Feb 11, 2012
  1. fix: py3k bug in test case.

    defnull committed Feb 11, 2012
Commits on Feb 9, 2012
Commits on Feb 7, 2012
  1. docstrings

    defnull committed Feb 7, 2012
  2. LocalRequest and LocalResponse are now thread-bound singletons.

    This should not affect applications, but it does change undocumented behaviour.
    Two instances of the same class are no longer independant.
    defnull committed Feb 7, 2012
Commits on Feb 2, 2012
  1. fix #278: Undefined lockfile variable after failed mkstemp() call.

    Thanks Iuri de Silvio
    defnull committed Feb 2, 2012
Commits on Feb 1, 2012
  1. docs. Typo in changelog.rst

    defnull committed Feb 1, 2012
  2. fix #275: Python 3.x "dictionary changed size during iteration" error…

    … in FileCheckerThread
    defnull committed Feb 1, 2012
Commits on Jan 26, 2012
  1. Merge pull request #274 from nayuki/master

    Fixed: Unwanted exception
    defnull committed Jan 26, 2012
Commits on Jan 25, 2012
  1. Fixed unwanted exception being thrown.

    The problem can only happen when reloading is enabled and a reload is triggered.
    It's caused by exc_type being None when the "with" block (located in run()) exits normally.
    (Cite: http://effbot.org/pyref/__exit__.htm)
    nayuki committed Jan 25, 2012
Commits on Jan 13, 2012
  1. docs: typo in code example

    defnull committed Jan 13, 2012
Commits on Jan 12, 2012
  1. Merge pull request #271 from little-arhat/feature-quiet-eventlet

    Allow to use 'quiet' arg to disable eventletserver output
    defnull committed Jan 12, 2012
  2. Merge pull request #272 from eka/master

    Print version number when running server
    defnull committed Jan 12, 2012
Commits on Jan 11, 2012
  1. fixed version position

    eka committed Jan 11, 2012
Commits on Jan 10, 2012
Commits on Dec 30, 2011
  1. Added BaseRequest.app property.

    defnull committed Dec 30, 2011
Commits on Dec 28, 2011
  1. fix: Workaround for a hash collision DoS vulnerability in CPython dicts.

    If the language does not provide a randomized hash function or the
    application server does not recognize attacks using multi-collisions,
    an attacker can degenerate the hash table by sending lots of colliding
    keys. The algorithmic complexity of inserting n elements into the table
    then goes to O(n**2), making it possible to exhaust hours of CPU time
    using a single HTTP request.
    
    This workaround limits the number of GET, POST and cookie parameters to
    a reasonable maximum of 100 key/value pairs per request, reducing the
    effectiveness of such attacks. Normal web applications should not need
    to process more than 100 parameters per request, but this limit can be
    changed by setting Request.MAX_PARAMS to a different value.
    
    Some links:
    https://cryptanalysis.eu/blog/2011/12/28/effective-dos-attacks-against-web-application-plattforms-hashdos/
    http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html
    http://www.nruns.com/_downloads/advisory28122011.pdf
    defnull committed Dec 28, 2011