cornice 6.0.1

Define Web Services in Pyramid.

Cornice provides helpers to build & document Web Services with Pyramid.

The full documentation is available at: https://cornice.readthedocs.io

CHANGELOG

6.0.1 (2022-01-07)

Internal Changes

• Add deserializer to Cornice params (#565)

• Refactory unittest aliases for Python 3.11 compatibility

6.0.0 (2021-09-29)

Breaking changes

• Drop support of Marshmallow < 3

New features

• Add cornice.always_cors setting to force CORS headers in responses when services origins is *.

Bug fixes

• Correctly determine service with pyramid route to ensure filters are applied and apply_cors_post_request is called

5.2.0 (2021-04-06)

Internal Changes

• Support of Pyramid 2 (fixes #555)

5.1.0 (2021-02-18)

New features

• Make services with pyramid routes accessible by current_service utility method (refs #550)

• Update the generated service to look like the resource it is wrapping (#544)

Internal Changes

• Switch to Github Actions

5.0.3 (2020-08-31)

Bug fixes

• Fix missing body, headers, path, querystring when using *_validator Colander validators (#545)

Internal Changes

• Replaced mock by standard unittest.mock

• Replaced Nose test runner by pytest

5.0.2 (2020-08-12)

• Rename default renderer from cornice to cornicejson (#543)

5.0.1 (2020-05-25)

• Add setuptools python_requires check

5.0.0 (2020-05-19)

Breaking Changes

• Drop Python 2 support

• The default JSON renderer does not use simplejson.dumps() by default anymore, so the requirement has been dropped.

Please refer to upgrading docs for detailed migration instructions.

4.0.1 (2019-12-02)

Bug fixes

• Fix support of schema as class instead of instance (#523)

4.0.0 (2019-12-02)

Breaking changes

• Check for MappingSchema instance in colander_*_validator (#503)

Bug fixes

• Fix updating request.validated dict in colander_*_validator (#503)

3.6.1 (2019-11-13)

• Do not return content if response is 204 No Content (fixes #521)

3.6.0 (2019-07-24)

• Add validation support for multipart/form-data (#510)

3.5.1 (2019-01-24)

• Fix usage of localizer in Errors when l18n is deactivated. (#505)

3.5.0 (2019-01-15)

• Translate Error description field when added with request.errors.add() (#502)

3.4.4 (2018-12-12)

Internal changes

• Remove remaining usage of deprecated .best_match()

3.4.3 (2018-11-30)

Internal changes

• Remove usage of deprecated .best_match() (thanks @abk-code)

3.4.2 (2018-10-24)

Internal changes

• Fix DeprecationWarning for unrecognized backslash escapes (#491)

3.4.1 (2018-10-08)

Bug fixes

• support both marshmallow 2.x and 3.x unknown key handling (@ergo, #495)

Internal changes

• Enable support for Python 3.7

• cornice.errors and validation tests now use the builtin json module instead of simplejson (@okin, #494)

• Cleanup tests (@karantan, #488)

3.4.0 (2018-04-12)

• Add traverse support. For more information regarding Hybrid Applications see Pyramid documentation (#483).

3.3.0 (2018-04-11)

• Cornice now accepts Marshmallow schemas instead of instances (#482, @ergo)

• Marshmallow schemas get request object added to their context during validation (#482, @ergo)

3.2.0 (2018-04-03)

New features

• Add marshmallow request validation support (#475, thanks @ergo)

• Allow to reuse Pyramid existing routes in services (#477, thanks @ergo)

Documentation

• Make tutorial work for python3 users (#471, thanks @rvandegrift)

Internal changes

• Remove configuration commit (#476, thanks @ergo)

• Remove mentions of text/json in tests and docs (#478, thanks @wjehenddher)

3.1.0 (2018-02-08)

• In addition to the colander_body_validator, there are now three more similar validators: colander_headers_validator, colander_path_validator, and colander_querystring_validator.

• six is now a required dependency.

3.0.0 (2017-10-20)

Breaking changes

Please refer to upgrading docs for detailed migration instructions.

• acl and traverse parameters are not supported anymore on services

• Constructors of resource decorated classed must now be __init__(self, request, context=None)

Enhancements

• Align Cornice with Pyramid ACL pattern: Dynamic ACLs based on resource are now possible (#452, thanks @wjehenddher)

Bug fixes

• Disable CSRF check on predicate fallback view (fixes #458)

• Fix to use own validator for Header Accept (fixes #431)

2.4.0 (2017-01-19)

Enhancements

• Add support for arrays on request body top level.

2.3.0 (2016-12-15)

Enhancements

• Add support for validation with specific JSON Content-Types (i.e application/merge-patch+json).

• Add X-Content-Type-Options: nosniff headers to responses (fixes #102)

• Add a request.current_service attribute (fixes #105)

Bug fixes

• Fix cornice.cors.get_cors_preflight_view to make it parse Access-Control-Request-Headers header correctly event if its value contains zero number of white spaces between commas (#422)

Internal changes

• Clean-up an inconsistency in cornice.service.decorate_view() function where acl and factory were expected as view arguments (whereas deprecated since 1.0)

2.2.0 (2016-11-25)

Enhancements

• Add support of custom predicates in resources (#344, thanks @VDigitall!)

Internal changes

• Assert proper behaviour of UTF-8 content JSON body (#366, thanks @thruflo!)

2.1.0 (2016-10-28)

Enhancements

• Cornice.validators.colander_validator and cornice.validators.colander_body_validator now accept colander schema node instances. Previously only schema classes were accepted. For some discussion see #412.

Deprecations

• Passing schema classes to Cornice.validators.colander_validator and cornice.validators.colander_body_validator is now deprecated. (See above.)

Bug fixes

• To maintain consistency with cornice 1.2 as to the semantics of location='path', change cornice.validators.extract_cstruct so that it places request.matchdict (rather than request.path) into cstruct['path']. (#411)

• Fix cornice.validators.colander_validator so that it does nothing if schema is unset (or set to None.) Previously (contrary to its docstring) it was raising a TypeError.

Internal changes

• Raised test coverage to 100% (#417)

Huge thanks to @dairiki for his help on this release!

2.0.2 (2016-10-25)

Bug fixes

• Exclude tests from install (#407, thanks @doctaweeks!)

Internal changes

• Deprecate cornice.util.extract_json_data() and cornice.util.extract_form_urlencoded_data() in favor of cornice.validators.extract_cstruct() (#409)

2.0.1 (2016-10-24)

Bug fixes

• Fix Colander imports to make sure it remains optional (#400)

• Fix truncated JSON validation error message when request body does not contain valid JSON (#401)

• Fix docs about upgrading deserializers (#402)

2.0.0 (2016-10-20)

Breaking changes

Please refer to upgrading docs for detailed migration instructions.

• Dropped Python 2.6 support (#368)

• Got rid of Buildout files (#369)

• Got rid of Spore extension (#379)

• Moved Sphinx extension to dedicated repo (#379)

• Moved project scaffold to dedicated repo (#238, #390)

• Completely rework the schema validation features (#376, #386)

• Moved examples to dedicated repo (#392)

• Custom error_handler now receives the request instead of errors (#381)

• Errors list request.errors has no request anymore (#372, #378)

• request.errors.add() now only accepts one of header, body, url, path, querystring, cookies or method as first argument (#374)

• Remove deprecated features (#382)

Internal changes

• Take __version__ from setup.py (#358)

• Remove duplicated list of test deps in tox file (#371)

1.2.1 (2016-03-15)

Bug fixes

• Properly handle content_type callables returning a single internet media type as scalar. Thanks @amotl (#343)

• Do not raise a 415 error when no content-type and no body (#354)

Documentation

• Improve documentation regarding content type negotiation and media type validation. Thanks @amotl (#91, #343, #350)

• Fix typo in testing docs. Thanks peletiah (#348)

• Clarify docs for deferred colander validator. Thanks @antoineleclair (#352)

1.2.0 (2016-01-18)

• Adding the ability to define services imperatively. (#335)

• Clean cornice/statics/ files. (#345)

Bug fixes

• Convert None to colander.null before calling colander’s deserialize function. (#342)

• Allow i18n of colander error messages (#206)

1.1.0 (2015-09-29)

• Warn if resource collection and record paths are not distinct. Thanks @circlingthesun (#292)

Bug fixes

• Fix duplicated CORS exposed headers (#301)

• Fix setup.py in template. Thanks @areski (#296)

• Make resource test less dependent on Pyramid version (#312)

• Fix reload in sphinx extension for Python 3. Thanks @JohnBrodie (#295)

• Fix usage of Colander schema_type() and schema.typ. Thanks @tisdall (#309)

• Fix check for CORS Allow Credentials. Thanks @treerao (#320)

• Fix Access-Control-Max-Age value if undefined on service (#338)

Documentation

• Fix typos in documentation. Thanks @robvdl, @tisdall (#306, #313)

• Rewrite quickstart documentation (#305)

• Huge set of documentation improvements. Thanks @areski (#297)

1.0.0 (2015-04-15)

Breaking changes:

• ACLs are now handled per route and not per view. Thanks @circlingthesun (#287)

Other changes:

• Display default values in the sphinx documentation extension, Thanks @MikaYuoadas (#284)

• Add an option to disable Colander schema request binding. (#288)

0.20.0 (2015-03-17)

• Service.cors_supported_headers are now filtered by method and CORS options are now handled in a more consistent way (#281).

0.19.0 (2015-03-02)

• Keep fields when colander schema set “unknown=preserve”

0.18.1 (2015-02-26)

• Fix CORS protocol that was sometimes returning Access-Control-Expose-Headers on preflight request.

0.18 - 2015-02-24

• Fix CORS OPTIONS permission when using default_permission (#273)

• Ensure Colander schemas are a Mapping (#271)

• Use the tox matrix with Travis. (#272)

• Improve Sphinx documentation for schema attributes (#270)

• Set CORS headers when an exception is raised (#261)

• Remove Cornice warning when returning string or array instead of JSON (#256)

• Fix add_view decorator (#215)

• Handle per view permissions (#248)

• Handle CORS credentials origin (#263)

• Let the user choose the default content_type (#262)

• Fix spore documentation (#255)

• Handle default values in colander schemas (#253)

0.17 - 2014-08-28

• Use a string for the version number (cornice.__version__);

• Fix handling of invalid JSON input;

• Fix pyramid configurator route_prefix;

• Fix CORS behavior when using “*”;

• Support strict validation of querystring and body;

• Add support for unflatted in querystring;

• If colander defines a default value, put it in request.validated;

• Do not require a permission for the fallback view.

0.16.1 - 2013-11-12

• Added the license in the distribution tarball

• Updated the license headers of the files (to MPL v2.0)

0.16 - 2013-11-12

• Added venusion depth support to cornice.resource #187

• Add support for validation of input content other than JSON against Colander schemas: built-in support of form-urlencoded and configuration hooks for other content types #192

• Add support for pyramid traversal. #196

• bugfix: schema was only being bound to the first request #197

• bugfix: can now pass the decorator add_view parameter to the Service class #198

0.15 - 2013-10-09

• Add support for dynamic validation schemas for resources.

• Add support for context factory.

• Manually commit configuration changes.

• Add support for Colander’s drop object

• Update sphinxext to not display HEAD.

• Allow for explicitely named services created for resources.

• Raise exceptions as-is if they are not subclasses of HTTPException.

• Add a way to opt-out of the exception handling.

0.14 - 2013-06-06

• Add validation of the Content-Type header sent in requests against a list of allowed ingress content types

• Handle HTTPNotFound and HTTPForbidden in Cornice. Fix some wrong behaviour with CORS support.

• implement “415 Unsupported Media Type”

• Allow Colander schemas with sequence fields in querystring

• Remove PasteScript from the Cornice template.

• Support imperative colander schemas

• Update JSON CSRF warning filter with a better regex

0.13 - 2013-02-12

• Added Cross-Origin Resource Sharing (CORS) support.

0.12 - 2012-11-21

• Fix auto-define of HEAD views from GET views.

• Support for Colander inheritance (introduced in new versions of Colander)

• Check for errors in the body of the view and in validators (was only checking in validators previously)

• Add a __version__ utility in cornice/__init__.py

0.11 - 2012-10-22

• the sphinx extension is now provided by the cornice.ext.sphinxext module [not backward-compatible]

• Add support for SPORE

• add an optional ‘error_handler’ to view declarations.

• Services.default_{validators, filters} is now used. (Fix #75)

0.10 - 2012-08-29

• use pcreate rather than paster create.

• make it possible to add custom values to errors.

0.9 - 2012-07-26

• default schema values are assumed to be in the body

• refactored the internal APIs so we are not using decorators anymore. The service definition is now separated from the service registration in the routing mechanism.

• added class-level validators and filters

• added documentation about cornice internals

• deprecated the service.schema attribute. Use service.definitions instead.

0.8 - 2012-04-06

• added support for the ‘OPTIONS’ HTTP Verb

• allow multiple accept definitions for a service.

• get validator’s docstring for the automatic doc generation

• fixed non-ascii documentation problems

• add a way to ignore some modules when scanning with venusian.scan.

0.7 - 2012-03-12

• update license to MPL 2.0.

• renamed cornice.schemas to cornice.errors

• Added get_view_wrapper method to Service class to support subclasses wrapping the view callables w/ decorators

• added buildout support

• added class-based views and the resource decorator

• make sure we use Pyramid’s exceptions. Not Webob’s.

• added filters support

• added schema support

• added json xsrf support

• now errors status can be different from 400.

0.6 - 2011-12-21

• various fixes in MANIFEST

0.5 - 2011-12-21

• added a tutorial

• stacked @api decorator are now allowed

• added a Paster template for a quick start

0.4 - 2011-12-07

• Added a way to plug validators easily.

• Fixed documentation

• Added a way to automatically document Cornice web services

• Fixed license

• Added a way to specify the accepted Content-Type values. A 406 is raised if needed

0.3 - 2011-11-23

• remove singleton “_defined” state from Service class; this allows service definitions to be loaded into more than one Configurator.

0.2 - 2011-11-05

• Fixed the MANIFEST

0.1 - 2011-11-03

• Initial release