- 21 Dec, 2016 2 commits
-
-
Maurits van Rees authored
-
Maurits van Rees authored
-
- 08 Dec, 2016 1 commit
-
-
Maurits van Rees authored
From Products.PloneHotfix20161129.
-
- 30 Oct, 2016 6 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
- 26 Oct, 2016 2 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
This reverts part of commit dbb476e6.
-
- 23 Oct, 2016 3 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
This removes the mechanize dependency.
-
Hanno Schlichting authored
-
- 30 Sep, 2016 1 commit
-
-
Michael Howitz authored
* Add a hint to the next step. * Add a hint how to create content for the default page. * There will be no 2.x version after 2.7.
-
- 23 Sep, 2016 1 commit
-
-
Hanno Schlichting authored
-
- 15 Sep, 2016 2 commits
-
-
Cédric Le Ninivin authored
-
Cédric Le Ninivin authored
As described in the definition document by the ietf: https://tools.ietf.org/html/draft-west-first-party-cookies-07 "The 'SameSite' attribute allows servers to assert that a cookie ought not to be sent along with cross-site requests. This assertion allows user agents to mitigate the risk of cross-origin information leakage, and provides some protection against cross-site request forgery attacks."
-
- 13 Sep, 2016 2 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
- 12 Sep, 2016 3 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
- 09 Sep, 2016 5 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
- 08 Sep, 2016 6 commits
-
-
Hanno Schlichting authored
Remove unused klass_args argument and avoid aborting transactions if none is active. The publisher should always commit or abort the transaction, so the Cleanup instance in `REQUEST._hold` shouldn't need to abort anything. This gets rids of debug log messages, where each request opens and aborts a secondary transaction.
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
Split a common base class out of them and move ZServer specific logic onto HTTPResponse without impacting WSGIResponse. Also change the error generating methods on WSGIResponse to raise exceptions rather than returning responses. It's the publishers job to turn them into responses and now they get treated in the same way as when they get raised directly.
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
- 07 Sep, 2016 3 commits
-
-
Hanno Schlichting authored
Quote variable in manage_tabs to avoid XSS [master]
-
Maurits van Rees authored
From Products.PloneHotfix20160830.
-
Maurits van Rees authored
-
- 06 Sep, 2016 3 commits
-
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-
Hanno Schlichting authored
-