[web2py] Re: web2py 2.14.4 is OUT

Mon, 06 Jun 2016 20:14:21 -0700 


On Friday, June 3, 2016 at 9:30:10 AM UTC-7, PRACHI VAKHARIA wrote:
>
>
>
>
>
>
> *Great! 😇What are some of the major updates in 2.14.4 – that we users 
> should note or be aware of?*
>
 
## 2.14.6

- Increased test coverage (thanks Richard)
- Fixed some newly discovered security issues in admin:
  CSRF vulnerability in admin that allows disabling apps
  Brute force password attack vulnerability in admin
  (thanks Narendra and Leonel)  

## 2.14.1-5

- fixed two major security issues that caused the examples app to leak 
information
- new Auth(…,host_names=[…]) to prevent host header injection
- improved scheduler
- pep8 enhancements
- many bug fixes
- restored GAE support that was broken in 2.13.*
- improved fabfile for deployment
- refactored examples with stupid.css
- new JWT implementation (experimental)
- new gluon.contrib.redis_scheduler
- myconf.get
- LDAP groups (experimental)
- .flash -> .w2p_flash
- Updated feedparser.py 5.2.1
- Updated jQuery 1.12.2
- welcome app now checks for version number
- Redis improvements. New syntax:

    BEFORE:
    from gluon.contrib.redis_cache import RedisCache
    cache.redis = RedisCache('localhost:6379',db=None, debug=True)

    NOW:
    from gluon.contrib.redis_utils import RConn
    from gluon.contrib.redis_cache import RedisCache
    rconn = RConn()
    # or RConn(host='localhost', port=6379,
    # db=0, password=None, socket_timeout=None,
    # socket_connect_timeout=None, .....)
    # exactly as a redis.StrictRedis instance
    cache.redis = RedisCache(redis_conn=rconn, debug=True)

    BEFORE:
    from gluon.contrib.redis_session import RedisSession
    sessiondb = RedisSession('localhost:6379',db=0, session_expiry=False)
    session.connect(request, response, db = sessiondb)

    NOW:
    from gluon.contrib.redis_utils import RConn
    from gluon.contrib.redis_session import RedisSession
    rconn = RConn()
    sessiondb = RedisSession(redis_conn=rconn, session_expiry=False)
    session.connect(request, response, db = sessiondb)

Many thanks to Richard and Simone for their work and dedication.

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to