~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Support for secure cookies written by pre-1.0 releases of Tornado has
- been removed. The `RequestHandler.get_secure_cookie` method no longer
+ been removed. The `.RequestHandler.get_secure_cookie` method no longer
takes an ``include_name`` parameter.
* The ``debug`` application setting now causes stack traces to be displayed
in the browser on uncaught exceptions. Since this may leak sensitive
~~~~~~~~~~~~~~
* Diginotar has been removed from the default CA certificates file used
- by `SimpleAsyncHTTPClient`.
+ by ``SimpleAsyncHTTPClient``.
New modules
~~~~~~~~~~~
* `tornado.process`: Multi-process mode has been improved, and can now restart
crashed child processes. A new entry point has been added at
`tornado.process.fork_processes`, although
- `tornado.httpserver.HTTPServer.start` is still supported.
+ ``tornado.httpserver.HTTPServer.start`` is still supported.
``tornado.web``
~~~~~~~~~~~~~~~
argument to set the ``max-age`` cookie attribute (note underscore vs dash)
* `tornado.web.RequestHandler.set_default_headers` may be overridden to set
headers in a way that does not get reset during error handling.
-* `RequestHandler.add_header` can now be used to set a header that can
+* `.RequestHandler.add_header` can now be used to set a header that can
appear multiple times in the response.
-* `RequestHandler.flush` can now take a callback for flow control.
+* `.RequestHandler.flush` can now take a callback for flow control.
* The ``application/json`` content type can now be gzipped.
* The cookie-signing functions are now accessible as static functions
- `tornado.web.create_signed_value` and `tornado.web.decode_signed_value`.
+ ``tornado.web.create_signed_value`` and ``tornado.web.decode_signed_value``.
``tornado.httpserver``
~~~~~~~~~~~~~~~~~~~~~~
* The ``cookies`` property is now available on `tornado.httpserver.HTTPRequest`
(it is also available in its old location as a property of
`~tornado.web.RequestHandler`)
-* `tornado.httpserver.HTTPServer.bind` now takes a backlog argument with the
+* ``tornado.httpserver.HTTPServer.bind`` now takes a backlog argument with the
same meaning as ``socket.listen``.
* `~tornado.httpserver.HTTPServer` can now be run on a unix socket as well
as TCP.
* `~tornado.iostream.IOStream` performance has been improved, especially for
small synchronous requests.
-* New methods `tornado.iostream.IOStream.read_until_close` and
- `tornado.iostream.IOStream.read_until_regex`.
-* `IOStream.read_bytes` and `IOStream.read_until_close` now take a
+* New methods ``tornado.iostream.IOStream.read_until_close`` and
+ ``tornado.iostream.IOStream.read_until_regex``.
+* ``IOStream.read_bytes`` and ``IOStream.read_until_close`` now take a
``streaming_callback`` argument to return data as it is received rather
than all at once.
-* `IOLoop.add_timeout` now accepts `datetime.timedelta` objects in addition
+* `.IOLoop.add_timeout` now accepts `datetime.timedelta` objects in addition
to absolute timestamps.
* `~tornado.ioloop.PeriodicCallback` now sticks to the specified period
instead of creeping later due to accumulated errors.
* `tornado.ioloop.IOLoop` and `tornado.httpclient.HTTPClient` now have
``close()`` methods that should be used in applications that create
and destroy many of these objects.
-* `IOLoop.install` can now be used to use a custom subclass of IOLoop
+* `.IOLoop.install` can now be used to use a custom subclass of IOLoop
as the singleton without monkey-patching.
* `~tornado.iostream.IOStream` should now always call the close callback
instead of the connect callback on a connection error.
-* The `IOStream` close callback will no longer be called while there
+* The `.IOStream` close callback will no longer be called while there
are pending read callbacks that can be satisfied with buffered data.
* The ``allow_nonstandard_methods`` flag on HTTP client requests now
permits methods other than ``POST`` and ``PUT`` to contain bodies.
* Fixed file descriptor leaks and multiple callback invocations in
- `SimpleAsyncHTTPClient`
+ ``SimpleAsyncHTTPClient``
* No longer consumes extra connection resources when following redirects.
* Now works with buggy web servers that separate headers with ``\n`` instead
of ``\r\n\r\n``.
Other modules
~~~~~~~~~~~~~
-* `tornado.auth.OpenIDMixin` now uses the correct realm when the
+* `tornado.auth.OpenIdMixin` now uses the correct realm when the
callback URI is on a different domain.
* `tornado.autoreload` has a new command-line interface which can be used
to wrap any script. This replaces the ``--autoreload`` argument to
`tornado.testing.main` and is more robust against syntax errors.
* `tornado.autoreload.watch` can be used to watch files other than
the sources of imported modules.
-* `tornado.database.Connection` has new variants of ``execute`` and
+* ``tornado.database.Connection`` has new variants of ``execute`` and
``executemany`` that return the number of rows affected instead of
the last inserted row id.
* `tornado.locale.load_translations` now accepts any properly-formatted
and unquoted.
* Multi-line headers are now supported.
* Repeated Content-Length headers (which may be added by certain proxies)
- are now supported in `HTTPServer`.
+ are now supported in `.HTTPServer`.
* Unicode string literals now work in template expressions.
* The template ``{% module %}`` directive now works even if applications
use a template variable named ``modules``.
Security fixes
~~~~~~~~~~~~~~
-* `tornado.simple_httpclient` now disables SSLv2 in all cases. Previously
+* ``tornado.simple_httpclient`` now disables SSLv2 in all cases. Previously
SSLv2 would be allowed if the Python interpreter was linked against a
pre-1.0 version of OpenSSL.
processes exit cleanly rather than returning ``None``. The old behavior
was surprising and inconsistent with most of the documented examples
of this function (which did not check the return value).
-* On Python 2.6, `tornado.simple_httpclient` only supports SSLv3. This
+* On Python 2.6, ``tornado.simple_httpclient`` only supports SSLv3. This
is because Python 2.6 does not expose a way to support both SSLv3 and TLSv1
without also supporting the insecure SSLv2.
* `tornado.websocket` no longer supports the older "draft 76" version
``tornado.httpclient``
~~~~~~~~~~~~~~~~~~~~~~
-* `SimpleAsyncHTTPClient` no longer hangs on ``HEAD`` requests,
+* ``SimpleAsyncHTTPClient`` no longer hangs on ``HEAD`` requests,
responses with no content, or empty ``POST``/``PUT`` response bodies.
-* `SimpleAsyncHTTPClient` now supports 303 and 307 redirect codes.
-* `tornado.curl_httpclient` now accepts non-integer timeouts.
-* `tornado.curl_httpclient` now supports basic authentication with an
+* ``SimpleAsyncHTTPClient`` now supports 303 and 307 redirect codes.
+* ``tornado.curl_httpclient`` now accepts non-integer timeouts.
+* ``tornado.curl_httpclient`` now supports basic authentication with an
empty password.
``tornado.httpserver``
~~~~~~~~~~~~~~~~~~~~~~
-* `HTTPServer` with ``xheaders=True`` will no longer accept
+* `.HTTPServer` with ``xheaders=True`` will no longer accept
``X-Real-IP`` headers that don't look like valid IP addresses.
-* `HTTPServer` now treats the ``Connection`` request header as
+* `.HTTPServer` now treats the ``Connection`` request header as
case-insensitive.
``tornado.ioloop`` and ``tornado.iostream``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-* `IOStream.write` now works correctly when given an empty string.
-* `IOStream.read_until` (and ``read_until_regex``) now perform better
+* ``IOStream.write`` now works correctly when given an empty string.
+* ``IOStream.read_until`` (and ``read_until_regex``) now perform better
when there is a lot of buffered data, which improves peformance of
- `SimpleAsyncHTTPClient` when downloading files with lots of
+ ``SimpleAsyncHTTPClient`` when downloading files with lots of
chunks.
-* `SSLIOStream` now works correctly when ``ssl_version`` is set to
+* `.SSLIOStream` now works correctly when ``ssl_version`` is set to
a value other than ``SSLv23``.
* Idle ``IOLoops`` no longer wake up several times a second.
* `tornado.ioloop.PeriodicCallback` no longer triggers duplicate callbacks
~~~~~~~~~~~~~~~
* Now behaves better when given malformed ``Cookie`` headers
-* `RequestHandler.redirect` now has a ``status`` argument to send
+* `.RequestHandler.redirect` now has a ``status`` argument to send
status codes other than 301 and 302.
-* New method `RequestHandler.on_finish` may be overridden for post-request
- processing (as a counterpart to `RequestHandler.prepare`)
-* `StaticFileHandler` now outputs ``Content-Length`` and ``Etag`` headers
+* New method `.RequestHandler.on_finish` may be overridden for post-request
+ processing (as a counterpart to `.RequestHandler.prepare`)
+* `.StaticFileHandler` now outputs ``Content-Length`` and ``Etag`` headers
on ``HEAD`` requests.
-* `StaticFileHandler` now has overridable ``get_version`` and
+* `.StaticFileHandler` now has overridable ``get_version`` and
``parse_url_path`` methods for use in subclasses.
-* `RequestHandler.static_url` now takes an ``include_host`` parameter
- (in addition to the old support for the `RequestHandler.include_host`
+* `.RequestHandler.static_url` now takes an ``include_host`` parameter
+ (in addition to the old support for the ``RequestHandler.include_host``
attribute).
``tornado.websocket``
* `tornado.websocket` no longer supports the older "draft 76" version
of the websocket protocol by default, although this version can
be enabled by overriding `tornado.websocket.WebSocketHandler.allow_draft76`.
-* `WebSocketHandler.write_message` now accepts a ``binary`` argument
+* `.WebSocketHandler.write_message` now accepts a ``binary`` argument
to send binary messages.
* Subprotocols (i.e. the ``Sec-WebSocket-Protocol`` header) are now supported;
- see the `WebSocketHandler.select_subprotocol` method for details.
-* `WebSocketHandler.get_websocket_scheme` can be used to select the
+ see the `.WebSocketHandler.select_subprotocol` method for details.
+* `.WebSocketHandler.get_websocket_scheme` can be used to select the
appropriate url scheme (``ws://`` or ``wss://``) in cases where
- `HTTPRequest.protocol` is not set correctly.
+ ``HTTPRequest.protocol`` is not set correctly.
Other modules
~~~~~~~~~~~~~
* `tornado.testing.main` supports a new flag ``--exception_on_interrupt``,
which can be set to false to make ``Ctrl-C`` kill the process more
reliably (at the expense of stack traces when it does so).
-* `tornado.version_info` is now a four-tuple so official releases can be
+* ``tornado.version_info`` is now a four-tuple so official releases can be
distinguished from development branches.
values to protect against header injection, response splitting, etc.
(it has always attempted to do this, but the check was incorrect).
Note that redirects, the most likely source of such bugs, are protected
- by a separate check in `RequestHandler.redirect`.
+ by a separate check in `.RequestHandler.redirect`.
Bug fixes
~~~~~~~~~
~~~~~~~~~~~~
* `tornado.httpclient.HTTPClient` now supports the same constructor
- keyword arguments as `AsyncHTTPClient`.
-* The ``max_clients`` keyword argument to `AsyncHTTPClient.configure` now works.
-* `tornado.simple_httpclient` now supports the ``OPTIONS`` and ``PATCH``
+ keyword arguments as `.AsyncHTTPClient`.
+* The ``max_clients`` keyword argument to `.AsyncHTTPClient.configure` now works.
+* ``tornado.simple_httpclient`` now supports the ``OPTIONS`` and ``PATCH``
HTTP methods.
-* `tornado.simple_httpclient` is better about closing its sockets
+* ``tornado.simple_httpclient`` is better about closing its sockets
instead of leaving them for garbage collection.
-* `tornado.simple_httpclient` correctly verifies SSL certificates for
+* ``tornado.simple_httpclient`` correctly verifies SSL certificates for
URLs containing IPv6 literals (This bug affected Python 2.5 and 2.6).
-* `tornado.simple_httpclient` no longer includes basic auth credentials
+* ``tornado.simple_httpclient`` no longer includes basic auth credentials
in the ``Host`` header when those credentials are extracted from the URL.
-* `tornado.simple_httpclient` no longer modifies the caller-supplied header
+* ``tornado.simple_httpclient`` no longer modifies the caller-supplied header
dictionary, which caused problems when following redirects.
-* `tornado.curl_httpclient` now supports client SSL certificates (using
+* ``tornado.curl_httpclient`` now supports client SSL certificates (using
the same ``client_cert`` and ``client_key`` arguments as
- `tornado.simple_httpclient`)
+ ``tornado.simple_httpclient``)
HTTP Server
~~~~~~~~~~~
-* `HTTPServer` now works correctly with paths starting with ``//``
-* `HTTPHeaders.copy` (inherited from `dict.copy`) now works correctly.
-* `HTTPConnection.address` is now always the socket address, even for non-IP
- sockets. `HTTPRequest.remote_ip` is still always an IP-style address
+* `.HTTPServer` now works correctly with paths starting with ``//``
+* ``HTTPHeaders.copy`` (inherited from `dict.copy`) now works correctly.
+* ``HTTPConnection.address`` is now always the socket address, even for non-IP
+ sockets. `.HTTPRequest.remote_ip` is still always an IP-style address
(fake data is used for non-IP sockets)
* Extra data at the end of multipart form bodies is now ignored, which fixes
a compatibility problem with an iOS HTTP client library.
``IOLoop`` and ``IOStream``
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-* `IOStream` now has an ``error`` attribute that can be used to determine
+* `.IOStream` now has an ``error`` attribute that can be used to determine
why a socket was closed.
-* `tornado.iostream.IOStream.read_until` and ``read_until_regex`` are much
+* ``tornado.iostream.IOStream.read_until`` and ``read_until_regex`` are much
faster with large input.
-* `IOStream.write` performs better when given very large strings.
-* `IOLoop.instance()` is now thread-safe.
+* ``IOStream.write`` performs better when given very large strings.
+* `.IOLoop.instance()` is now thread-safe.
``tornado.options``
~~~~~~~~~~~~~~~~~~~
* `tornado.options` options with ``multiple=True`` that are set more than
once now overwrite rather than append. This makes it possible to override
- values set in `parse_config_file` with `parse_command_line`.
+ values set in ``parse_config_file`` with ``parse_command_line``.
* `tornado.options` ``--help`` output is now prettier.
* `tornado.options.options` now supports attribute assignment.
``RequestHandler`` subclasses will need to be renamed.
* `tornado.web.addslash` and ``removeslash`` decorators now send permanent
redirects (301) instead of temporary (302).
-* `RequestHandler.flush` now invokes its callback whether there was any data
+* `.RequestHandler.flush` now invokes its callback whether there was any data
to flush or not.
-* Repeated calls to `RequestHandler.set_cookie` with the same name now
+* Repeated calls to `.RequestHandler.set_cookie` with the same name now
overwrite the previous cookie instead of producing additional copies.
-* `tornado.web.OutputTransform.transform_first_chunk` now takes and returns
+* ``tornado.web.OutputTransform.transform_first_chunk`` now takes and returns
a status code in addition to the headers and chunk. This is a
backwards-incompatible change to an interface that was never technically
private, but was not included in the documentation and does not appear
to have been used outside Tornado itself.
-* Fixed a bug on python versions before 2.6.5 when `URLSpec` regexes
+* Fixed a bug on python versions before 2.6.5 when `.URLSpec` regexes
are constructed from unicode strings and keyword arguments are extracted.
* The ``reverse_url`` function in the template namespace now comes from
- the `RequestHandler` rather than the `Application`. (Unless overridden,
- `RequestHandler.reverse_url` is just an alias for the `Application`
+ the `.RequestHandler` rather than the `.Application`. (Unless overridden,
+ `.RequestHandler.reverse_url` is just an alias for the `.Application`
method).
* The ``Etag`` header is now returned on 304 responses to an ``If-None-Match``
request, improving compatibility with some caches.
in the url.
* The ``extra_params`` argument to `tornado.escape.linkify` may now be
a callable, to allow parameters to be chosen separately for each link.
-* `tornado.gen` no longer leaks `StackContexts` when a ``@gen.engine`` wrapped
+* `tornado.gen` no longer leaks ``StackContexts`` when a ``@gen.engine`` wrapped
function is called repeatedly.
* `tornado.locale.get_supported_locales` no longer takes a meaningless
``cls`` argument.
-* `StackContext` instances now have a deactivation callback that can be
+* `.StackContext` instances now have a deactivation callback that can be
used to prevent further propagation.
* `tornado.testing.AsyncTestCase.wait` now resets its timeout on each call.
* `tornado.wsgi.WSGIApplication` now parses arguments correctly on Python 3.
* Exception handling on Python 3 has been improved; previously some exceptions
- such as `UnicodeDecodeError` would generate `TypeErrors`
-
+ such as `UnicodeDecodeError` would generate ``TypeErrors``
* Removed ``max_simultaneous_connections`` argument from `tornado.httpclient`
(both implementations). This argument hasn't been useful for some time
(if you were using it you probably want ``max_clients`` instead)
-* `tornado.simple_httpclient` now accepts and ignores HTTP 1xx status
+* ``tornado.simple_httpclient`` now accepts and ignores HTTP 1xx status
responses.
`tornado.ioloop` and `tornado.iostream`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-* Fixed a bug introduced in 2.3 that would cause `IOStream` close callbacks
+* Fixed a bug introduced in 2.3 that would cause `.IOStream` close callbacks
to not run if there were pending reads.
-* Improved error handling in `SSLIOStream` and SSL-enabled `TCPServer`.
-* `SSLIOStream.get_ssl_certificate` now has a ``binary_form`` argument
+* Improved error handling in `.SSLIOStream` and SSL-enabled `.TCPServer`.
+* ``SSLIOStream.get_ssl_certificate`` now has a ``binary_form`` argument
which is passed to ``SSLSocket.getpeercert``.
-* `SSLIOStream.write` can now be called while the connection is in progress,
- same as non-SSL `IOStream` (but be careful not to send sensitive data until
+* ``SSLIOStream.write`` can now be called while the connection is in progress,
+ same as non-SSL `.IOStream` (but be careful not to send sensitive data until
the connection has completed and the certificate has been verified).
-* `IOLoop.add_handler` cannot be called more than once with the same file
+* `.IOLoop.add_handler` cannot be called more than once with the same file
descriptor. This was always true for ``epoll``, but now the other
implementations enforce it too.
-* On Windows, `TCPServer` uses `SO_EXCLUSIVEADDRUSER` instead of `SO_REUSEADDR`.
+* On Windows, `.TCPServer` uses ``SO_EXCLUSIVEADDRUSER`` instead of ``SO_REUSEADDR``.
`tornado.template`
~~~~~~~~~~~~~~~~~~
`tornado.testing`
~~~~~~~~~~~~~~~~~
-* New class `tornado.testing.AsyncHTTPSTestCase` is like `AsyncHTTPTestCase`.
+* New class `tornado.testing.AsyncHTTPSTestCase` is like `.AsyncHTTPTestCase`.
but enables SSL for the testing server (by default using a self-signed
testing certificate).
* `tornado.testing.main` now accepts additional keyword arguments and forwards
`tornado.web`
~~~~~~~~~~~~~
-* New method `RequestHandler.get_template_namespace` can be overridden to
+* New method `.RequestHandler.get_template_namespace` can be overridden to
add additional variables without modifying keyword arguments to
- `render_string`.
-* `RequestHandler.add_header` now works with `WSGIApplication`.
-* `RequestHandler.get_secure_cookie` now handles a potential error case.
-* `RequestHandler.__init__` now calls ``super().__init__`` to ensure that
+ ``render_string``.
+* `.RequestHandler.add_header` now works with `.WSGIApplication`.
+* `.RequestHandler.get_secure_cookie` now handles a potential error case.
+* ``RequestHandler.__init__`` now calls ``super().__init__`` to ensure that
all constructors are called when multiple inheritance is used.
* Docs have been updated with a description of all available
:py:attr:`Application settings <tornado.web.Application.settings>`
Other modules
~~~~~~~~~~~~~
-* `OAuthMixin` now accepts ``"oob"`` as a ``callback_uri``.
-* `OpenIDMixin` now also returns the ``claimed_id`` field for the user.
+* `.OAuthMixin` now accepts ``"oob"`` as a ``callback_uri``.
+* `.OpenIdMixin` now also returns the ``claimed_id`` field for the user.
* `tornado.platform.twisted` shutdown sequence is now more compatible.
* The logging configuration used in `tornado.options` is now more tolerant
of non-ascii byte strings.
* Fixed a memory leak in `tornado.stack_context` that was especially likely
with long-running ``@gen.engine`` functions.
* `tornado.auth.TwitterMixin` now works on Python 3.
-* Fixed a bug in which `IOStream.read_until_close` with a streaming callback
+* Fixed a bug in which ``IOStream.read_until_close`` with a streaming callback
would sometimes pass the last chunk of data to the final callback instead
of the streaming callback.
projects / thirdparty / tornado.git / commitdiff
