Skip to main content

WSGI, Celery and CLI applications for Invenio flavours.

Project description

https://img.shields.io/github/license/inveniosoftware/invenio-app.svg https://img.shields.io/travis/inveniosoftware/invenio-app.svg https://img.shields.io/coveralls/inveniosoftware/invenio-app.svg https://img.shields.io/pypi/v/invenio-app.svg

WSGI, Celery and CLI applications for Invenio flavours.

Further documentation is available on https://invenio-app.readthedocs.io/

Changes

Version 1.1.1 (released 2019-07-15)

  • Fixes a security issue where APP_ALLOWED_HOSTS was not always being checked, and thus could allow host header injection attacks.

    NOTE: you should never route requests to your application with a wrong host header. The APP_ALLOWED_HOSTS exists as an extra protective measure, because it is easy to misconfigure your web server.

    The root cause was that Werkzeug’s trusted host feature only works when request.host is being evaluated. This means that for instance when only url_for (part of the routing system) is used, then the host header check is not performed.

Version 1.1.0 (released 2018-12-14)

  • The Flask-DebugToolbar extension is now automatically registered if installed.

Version 1.0.5 (released 2018-12-05)

  • Add health check view

  • Fix response headers assertion in tests

Version 1.0.4 (released 2018-10-11)

  • Fix Content Security Policy headers when set empty in DEBUG mode.

Version 1.0.3 (released 2018-10-08)

  • Fix Content Security Policy headers when running in DEBUG mode.

Version 1.0.2 (released 2018-08-24)

  • Allows use of Flask-DebugToolbar when running in DEBUG mode.

Version 1.0.1 (released 2018-06-29)

  • Pin Flask-Talisman.

Version 1.0.0 (released 2018-03-23)

  • Initial public release.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

invenio-app-1.1.1.tar.gz (25.7 kB view hashes)

Uploaded Source

Built Distribution

invenio_app-1.1.1-py2.py3-none-any.whl (15.5 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page