summaryrefslogtreecommitdiff
path: root/waitress
Commit message (Collapse)AuthorAgeFilesLines
* error if trusted_proxy_count is set without trusted_proxyMichael Merickel2019-01-032-5/+28
|
* simplify conditional when clearing untrusted headersMichael Merickel2019-01-031-1/+1
|
* allow clear_untrusted_proxy_headers when trusted_proxy is NoneMichael Merickel2019-01-032-11/+4
| | | | fixes #227
* Only warn/fake bytes written if there is dataBert JW Regeer2019-01-021-1/+1
|
* changed any to * as any could potentially be a valid remote_peerGerhard Schmidt2018-12-131-1/+1
|
* added any as valid value for the trusted_proxy adjustableGerhard Schmidt2018-12-121-1/+1
| | | | | | | | | | | Backgound is when waitress is running inside a container, any request is originates from the gateway of the container network, not from the outside ip. The container network changes every time the container is restarted to a random new network number. So setting one IP as trusted_proxy isn't possible but still needed as most of the time an reverse proxy is between the client an the container. So if it's ensured that only requests from the reverse proxy can reach the container, trusting any host is not a problem.
* clear untrusted headers if trusted_proxy is set but does not matchMichael Merickel2018-12-022-109/+128
|
* Try harder at getting the WSGI environ rightBert JW Regeer2018-12-022-4/+62
| | | | When facing the possibility of a proxy that is sending wacky values
* If no trusted_proxy, don't allow other variablesBert JW Regeer2018-12-022-6/+28
| | | | | This way we don't accidentally mislead users into thinking those settings are doing anything when they are not.
* Define PROXY_HEADERS onceBert JW Regeer2018-12-023-19/+14
|
* Add tests for adjustments: trusted_proxy_headersBert JW Regeer2018-12-021-0/+50
|
* Add test for X-Forwarded-ByBert JW Regeer2018-12-021-0/+1
| | | | It shouldn't be removed from headers if trusted
* Don't accidentally remove X-Forwarded-By if trustedBert JW Regeer2018-12-021-0/+5
|
* Add new tests for proxy header parsingBert JW Regeer2018-12-021-14/+475
|
* Add new adjustmentsBert JW Regeer2018-12-021-0/+86
|
* addr should be a tuple of (ip, port)Bert JW Regeer2018-12-021-1/+1
|
* Use Forwarded/X-Forwarded-{For,Host,By,Port,Proto} to fixup environBert JW Regeer2018-12-022-20/+277
| | | | | | | | | This will trust the proxy provided information and override the default provided by waitress. This is useful when using Waitress behind nginx or some other proxy to make sure the WSGI environment contains all of the appropriate settings/updates.
* Add Forwarded namedtupleBert JW Regeer2018-12-011-1/+5
|
* Add undquote utility functionBert JW Regeer2018-12-012-0/+76
|
* Merge pull request #215 from ↵Bert JW Regeer2018-11-144-19/+285
|\ | | | | | | | | Frank-Krick/feature/allow_passing_of_sockets_for_socket_activation Allow passing of sockets for socket activation
| * Fixed error in check_sockets method in adjustments when using WindowsFrank Krick2018-11-131-1/+3
| |
| * Check in adjustments to prevent mixing of Internet and UNIX sockets as well ↵Frank Krick2018-11-133-2/+48
| | | | | | | | as the use of unsupported sockets
| * Implemented checks in adjustments for issue #217Frank Krick2018-11-132-3/+22
| |
| * Changes for pull request reviewFrank Krick2018-11-131-1/+1
| |
| * Changed error messageFrank Krick2018-10-291-1/+1
| |
| * Signed CONTRIBUTORS.txt and changes for reviewFrank Krick2018-10-292-2/+2
| |
| * Undo changes for getsocknameFrank Krick2018-10-281-15/+18
| |
| * Fixed commentFrank Krick2018-10-281-1/+1
| |
| * Fix for test cases on WindowsFrank Krick2018-10-281-1/+4
| |
| * Added check for not mixing unix socket and sockets parametersFrank Krick2018-10-282-0/+12
| |
| * Removed bind_sockets parameter from adjustments and added autodetection if ↵Frank Krick2018-10-284-34/+7
| | | | | | | | binding the socket should be skipped.
| * Added sockets and bind_sockets parameters for server creationFrank Krick2018-10-284-34/+242
| |
* | Update adjustments.pyTed Wong2018-10-311-1/+1
|/ | | Fixed spelling mistake
* Merge pull request #206 from Pylons/doc_transloggerBert JW Regeer2018-09-223-3/+3
|\ | | | | Add translogger docs, reorganize, and clean up
| * run linkcheck and fix redirects, broken linksSteve Piercy2018-09-063-3/+3
| |
* | Avoid doing work for UNIX sockets, just return localhostbugfix/ipv6_server_nameBert JW Regeer2018-09-051-0/+3
| |
* | Change get_server_name logic to be more correctBert JW Regeer2018-09-052-4/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In case of wildcard INADDR_ANY or INADDR6_ANY, we try and get the hostname of the machine we are running on, since it is arguably the most correct response for a daemon listening on all addresses. However if that fails, we fall back to returning `localhost`. If we have an IP address other than the wildcard, we try to get the hostname by doing a reverse DNS lookup, if this fails we just set the server_name to the IP address directly. For IPv6, we MUST wrap the IP address in `[]` so that it is a valid IPv6 literal address. We also catch the UnicodeDecodeError exception and make sure to ignore it, this is due to Windows and gethostbyaddr doing the wrong thing internally. Closes #186, #201, #168
* | get_server_name requires an IP, passing empty is invalidBert JW Regeer2018-09-052-11/+6
|/
* Merge pull request #202 from Pylons/body-less-304Bert JW Regeer2018-09-053-16/+110
|\ | | | | Ignore response body if status code doesn't allow a body
| * Rewrite removal of item from response_headersBert JW Regeer2018-09-052-8/+25
| | | | | | | | We don't want to delete items from a list while iterating over the list.
| * Ignore body for status codes that don't have a bodybody-less-304Bert JW Regeer2018-08-311-3/+26
| | | | | | | | | | | | | | | | For responses that should not include a message body, we now explicitly ignore the body from the application and no longer send it on to the requesting client. We also log a warning to let developers/users know.
| * Make sure wasyncore tests don't fail on MacOSBert JW Regeer2018-08-311-3/+4
| |
| * Test that sending message body on HTTP code 204/304Bert JW Regeer2018-08-311-0/+28
| | | | | | | | This shouldn't be allowed.
| * Add test for 304 Not ModifiedBert JW Regeer2018-08-311-0/+17
| |
| * Add new has_body propertyBert JW Regeer2018-08-311-3/+11
| | | | | | | | | | This is used to test if a response should have a message body or not. 1xx, 204 and 304 should not have message bodies.
* | Fix tests that verify WSGI environmentset-input-terminatedBert JW Regeer2018-08-311-4/+6
| |
* | Set wsgi.input_terminated in the WSGI environBert JW Regeer2018-08-311-0/+1
|/ | | | | | This is a no-op because Waitress already buffers the entire request if it is chunked and will correctly set the CONTENT_LENGTH, but it may allow optimizations in certain WSGI applications/libraries.
* Merge pull request #166 from alexanderlukanin13/http_204Bert JW Regeer2018-08-312-2/+40
|\ | | | | MUST NOT send Transfer-Encoding or Content-Length for 1xx or 204
| * Test for HTTP 100 without Content-LengthAlexander Lukanin2017-08-171-0/+17
| |
| * MUST NOT send Transfer-Encoding or Content-Length for 1xx or 204Alexander Lukanin2017-06-062-2/+23
| |
View Lorry Controller Status