1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
CHANGES
=======
3.9.4 (unreleased)
------------------
- Nothing changed yet.
3.9.3 (2010-09-25)
------------------
- Added test extra to declare test dependency on ``zope.testing``.
- Using Python's ``doctest`` module instead of depreacted
``zope.testing.doctest``.
3.9.2 (2009-11-23)
------------------
- Fix Python 2.4 hmac compatibility issue by only using hashlib in
Python versions 2.5 and above.
- Use the CookieClientIdManager's secret as the hmac key instead of the
message when constructing and verifying client ids.
- Make it possible to construct CookieClientIdManager passing cookie namespace
and/or secret as constructor's arguments.
- Use zope.schema.fieldproperty.FieldProperty for "namespace" attribute of
CookieClientIdManager, just like for other attributes in its interface.
Also, make ICookieClientIdManager's "namespace" field an ASCIILine, so
it accepts only non-unicode strings for cookie names.
3.9.1 (2009-04-20)
------------------
- Restore compatibility with Python 2.4.
3.9.0 (2009-03-19)
------------------
- Don't raise deprecation warnings on Python 2.6.
- Drop dependency on ``zope.annotation``. Instead, we make classes implement
`IAttributeAnnotatable` in ZCML configuration, only if ``zope.annotation``
is available. If your code relies on annotatable `CookieClientIdManager`
and `PersistentSessionDataContainer` and you don't include the zcml classes
configuration of this package, you'll need to use `classImplements` function
from ``zope.interface`` to make those classes implement `IAttributeAnnotatable`
again.
- Drop dependency on zope.app.http, use standard date formatting function
from the ``email.utils`` module.
- Zope 3 application bootstrapping code for session utilities was moved into
zope.app.appsetup package, thus drop dependency on zope.app.appsetup in this
package.
- Drop testing dependencies, as we don't need anything behind zope.testing and
previous dependencies was simply migrated from zope.app.session before.
- Remove zpkg files and zcml slugs.
- Update package's description a bit.
3.8.1 (2009-02-23)
------------------
- Add an ability to set cookie effective domain for CookieClientIdManager.
This is useful for simple cases when you have your application set up on
one domain and you want your identification cookie be active for subdomains.
- Python 2.6 compatibility change. Encode strings before calling hmac.new()
as the function no longer accepts the unicode() type.
3.8.0 (2008-12-31)
------------------
- Add missing test dependency on ``zope.site`` and
``zope.app.publication``.
3.7.1 (2008-12-30)
------------------
- Specify i18n_domain for titles in apidoc.zcml
- ZODB 3.9 no longer contains
ZODB.utils.ConflictResolvingMappingStorage, fixed tests, so they
work both with ZODB 3.8 and 3.9.
3.7.0 (2008-10-03)
------------------
New features:
- Added a 'postOnly' option on CookieClientIdManagers to only allow setting
the client id cookie on POST requests. This is to further reduce risk from
broken caches handing the same client id out to multiple users. (Of
course, it doesn't help if caches are broken enough to cache POSTs.)
3.6.0 (2008-08-12)
------------------
New features:
- Added a 'secure' option on CookieClientIdManagers to cause the secure
set-cookie option to be used, which tells the browser not to send the
cookie over http.
This provides enhanced security for ssl-only applications.
- Only set the client-id cookie if it isn't already set and try to
prevent the header from being cached. This is to minimize risk from
broken caches handing the same client id out to multiple users.
3.5.2 (2008-06-12)
------------------
- Remove ConflictErrors caused on SessionData caused by setting
``lastAccessTime``.
3.5.1 (2008-04-30)
------------------
- Split up the ZCML to make it possible to re-use more reasonably.
3.5.0 (2008-03-11)
------------------
- Change the default session "resolution" to a sane value and document/test it.
3.4.1 (2007-09-25)
------------------
- Fixed some meta data and switch to tgz release.
3.4.0 (2007-09-25)
------------------
- Initial release
- Moved parts from ``zope.app.session`` to this packages
|