jingrow/gunicorn
1
0
Fork 0
mirror of https://github.com/frappe/gunicorn.git synced 2026-01-14 11:09:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,138 Commits 1 Branch 0 Tags
Commit Graph

3138 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benoit Chesneau
ad7c1de132
Merge pull request #3080 from odyfatouros/Fix-#3079-worker_class-parameter-accepts-class 
Fix for issue #3079, worker_class parameter accepts a class
 2024-08-07 08:47:20 +02:00
Benoit Chesneau
52234e7b32
Merge pull request #2688 from StarfishStorage/fix_2684 
Fix problem that may happen after interrupted chunk-encoding request
 2024-08-07 00:24:46 +02:00
Benoit Chesneau
c5727ac92c
Merge pull request #3089 from pataquets/patch-1 
news.rst: fix minor typo
 2024-08-07 00:20:17 +02:00
Benoit Chesneau
5f820ce37c
Merge pull request #3167 from tbascoul/tiny-example-config-fix 
update example_config with latest settings
 2024-08-07 00:19:34 +02:00
Benoit Chesneau
ff2109e759
Merge pull request #3260 from benoitc/fix-te 
don't tolerate wrong te headers
 2024-08-07 00:15:56 +02:00
benoitc
555d2fa27f don't tolerate wrong te headers 
changes:

- Just follow the new TE specification (https://datatracker.ietf.org/doc/html/rfc9112#name-transfer-encoding)
 here and accept to introduce a breaking change.
- gandle multiple TE on one line

** breaking changes ** : invalid  headers and position will now return
an error.
 2024-08-06 23:47:01 +02:00
Benoit Chesneau
9a96e75808
Merge pull request #3253 from pajod/patch-rfc9110-section5.5 
Refuse requests with invalid and dangerous CR/LF/NUL in header field value, as demanded by rfc9110 section 5.5
 2024-08-06 22:25:12 +02:00
Benoit Chesneau
cefa314c62
Merge pull request #3257 from pajod/patch-no-docs-build-in-sdist 
exclude generate html files from source tarballs (sdist)
 2024-08-06 19:38:26 +02:00
Benoit Chesneau
5c0e1571dc
Merge pull request #3255 from pajod/patch-refuse-empty-request-target 
refuse empty request-target in HTTP request
 2024-08-06 18:26:47 +02:00
Benoit Chesneau
26c22af2e7
Merge pull request #2336 from elendiastarman/gevent-statsd-fix 
Fixed two bugs related to gevent + gunicorn + statsd.
 2024-08-06 18:08:18 +02:00
Benoit Chesneau
5e39f88622
Update tornadoapp.py 2024-08-06 17:50:16 +02:00
Benoit Chesneau
7f559886cb
Merge pull request #3258 from pajod/patch-empty-chunksize 
gracefully handle chunked encoding missing size
 2024-08-06 13:20:52 +02:00
Paul J. Dorn
cabc666277 chunked encoding: example invalid requests 2024-07-31 19:21:07 +02:00
Paul J. Dorn
a3d130ae51 gracefully handle chunked encoding missing size 
Treat it the same as invalid characters where size should be.
 2024-07-31 18:32:02 +02:00
Paul J. Dorn
70a1e437b5 forbid lone CR/LF and NUL in headers (docs) 2024-07-31 17:39:13 +02:00
Paul J. Dorn
7c3e9c9c2b docs: clarify Makefile is generated 2024-07-31 04:18:20 +02:00
Paul J. Dorn
2669016abe docs: https-capable sphinx homepage entry point 2024-07-31 04:18:20 +02:00
Paul J. Dorn
4b48ebe86b no docs/build in sdist 
alternate spelling _build covers new defaults of regenerated sphinx Makefile
 2024-07-31 04:18:15 +02:00
Paul J. Dorn
9ca4f1fdfc refuse empty request-target in HTTP request 
A single slash is valid, but nothing at all can be safely refused.

Python stdlib explicitly tells us it will not perform validation.
https://docs.python.org/3/library/urllib.parse.html#url-parsing-security
There are *four* `request-target` forms in rfc9112, none of them can be empty.
 2024-07-31 02:14:35 +02:00
Paul J. Dorn
eda9d456d3 forbid lone CR/LF and NUL in headers 
New parser rule: refuse HTTP requests where a header field value
contains characters that
a) should never appear there in the first place,
b) might have lead to incorrect treatment in a proxy in front, and
c) might lead to unintended behaviour in applications.

From RFC 9110 section 5.5:
"Field values containing CR, LF, or NUL characters are invalid and
dangerous, due to the varying ways that implementations might parse
and interpret those characters; a recipient of CR, LF, or NUL within
a field value MUST either reject the message or replace each of those
characters with SP before further processing or forwarding of that
message."
 2024-07-31 01:28:30 +02:00
Paul J. Dorn
e3fa50d1c5 update docs 2024-07-31 01:21:01 +02:00
Benoit Chesneau
79b9a52cc8
Merge pull request #3196 from washeck/3195-http-version-error 
Fix InvalidHTTPVersion exception str method
 2024-07-04 15:13:43 +02:00
Benoit Chesneau
405c3ca35e
Merge pull request #3211 from pajod/patch-macos14-no-eol-python 
CI: revert macos-14 runners, migrate to tox v4-exclusive settings, add Python 3.13
 2024-07-04 15:11:57 +02:00
Benoit Chesneau
9802e21f77
Merge pull request #3214 from boxydog/doc_prefork 
Document server hooks in a custom application
 2024-05-22 04:21:04 +02:00
boxydog
0f20019113
Document server hooks in a custom application 2024-05-18 14:20:42 -05:00
Paul J. Dorn
8fe034ef7c CI: run entry point tests without deps, run lint without package build steps 2024-05-13 01:09:16 +02:00
Paul J. Dorn
9949e34e96 CI: also try Python 3.13 (at this time beta 1) 2024-05-13 01:04:50 +02:00
Paul J. Dorn
3d00696397 CI: revert macos-14 for Github runners 2024-05-13 00:50:20 +02:00
Vaclav Rehak
97f87ec13e Fix InvalidHTTPVersion exception str method 
Fixes: #3195
 2024-04-26 13:58:10 +02:00
benoitc
5b68c17b17 fix license year 2024-04-17 01:13:23 +02:00
benoitc
f63d59e4d7 bump to 22.0 2024-04-17 00:44:14 +02:00
Benoit Chesneau
4ac81e0a10
Merge pull request #3175 from e-kwsm/typo 
chore: fix typos
 2024-04-17 00:34:39 +02:00
Benoit Chesneau
401cecfaed
Merge pull request #3179 from dhdaines/exclude-eventlet-0360 
fix(deps): exclude eventlet 0.36.0 to avoid WebSocket bug
 2024-04-17 00:26:51 +02:00
David Huggins-Daines
0243ec39ef fix(deps): exclude eventlet 0.36.0 2024-03-26 10:15:11 -04:00
Eisuke Kawashima
628a0bcb61
chore: fix typos 2024-03-25 08:31:59 +09:00
Theo Bascoul
1954fb63f1 update example_config with latest settings 2024-03-18 16:14:14 +01:00
Benoit Chesneau
88fc4a4315
Merge pull request #3131 from pajod/patch-py12-rebased 
CI: add CPython 3.12 and PyPy3.10, stop promising untested versions
 2024-01-05 09:24:01 +01:00
Odysseas Fatouros
08364f0365 Issue #3079, add unit test 2024-01-02 14:21:26 +01:00
Paul J. Dorn
deae2fc4c5 CI: back off the agressive timeout 
Precise number does not matter that much, so lets not stop potentially working tests.
The point was to cut off well before 6 hours, so any small number will do.
 2023-12-29 05:35:32 +01:00
Paul J. Dorn
f4703824c3 docs: promise 3.12 compat 2023-12-29 05:12:08 +01:00
Thomas Grainger
5e30bfa6b1 add changelog to project.urls (updated for PEP621) 2023-12-29 05:12:08 +01:00
Paul J. Dorn
481c3f9522 remove setup.cfg - overridden by pyproject.toml 2023-12-29 05:12:08 +01:00
Paul J. Dorn
89dcc5c578 CI: stop testing EoL PyPy 2023-12-29 05:12:07 +01:00
Paul J. Dorn
184e36f9da skip eventlet, not yet supported on python 3.12 
will work again,
should still be reverted when stdlib conflict resolved in eventlet
 2023-12-29 05:11:18 +01:00
Paul J. Dorn
b39c5b7ebb CI: style 2023-12-29 05:11:17 +01:00
Paul J. Dorn
0bb96d17c5 CI: tests may hang on PyPy 2023-12-29 05:10:44 +01:00
Paul J. Dorn
c2e48b3014 Merge #3085 2023-12-29 05:10:42 +01:00
Paul J. Dorn
09ee579f44 Merge #3083 2023-12-29 05:09:19 +01:00
Randall Leeds
660fd8d850 Fix references to non-existent 20.2 version in configuration settings 
Close #3043.
 2023-12-28 19:57:14 -08:00
Randall Leeds
f9e61b11c7
Merge pull request #3108 from pajod/patch-githubactions 
restore, and from now on CI-test for entry point
 2023-12-28 18:54:52 -08:00