The Zope publisher publishes Python objects on the web.
zope.publisher allows you to publish Python objects on the web. It has support for plain HTTP/WebDAV clients, web browsers as well as XML-RPC and FTP clients. Input and output streams are represented by request and response objects which allow for easy client interaction from Python. The behaviour of the publisher is geared towards WSGI compatibility.
- Added & used LenientCookie, which avoids dropping cookies simply because one uses an invalid key.
- Added trusted support for Redirect exception
- Support UTF-8-encoding application/json responses returned as Unicode.
- Wrap with interaction() in try/finally.
- Fix error when no charset matches form data and HTTP_ACCEPT_CHARSET contains a *.
- Add test convenience helper create_interaction and with interaction().
- Uploading a non-CRLF version to pypi.
- Renamed the tests extra to test.
- Added a test for our own configure.zcml.
- As per W3C spec UTF-8 will be the charset if the browser does not set a header.
- LP #131460: Make principal logging unicode safe.
- Remove use of string exceptions in tests, http://bugs.debian.org/585343
- Add IStartRequestEvent and StartRequestEvent for using in zope.app.publication (matching up with IEndRequestEvent and EndRequestEvent). This included refactoring to produce one definition of ‘event with a request’ - IRequestEvent.
- LP #209440: Don’t obscure original exception when handling retries in publish.publish() with handleErrors == False. This change makes debugging such exception in unit tests easier. Thanks to James Henstridge for the patch.
- LP #98395: allow unicode output of XML content whose mimetype does not begin with text/, per RFC 3023 as well as for content types ending in +xml such as Mozilla XUL’s application/vnd+xml. Thanks to Justin Ryan for the patch.
- Removed use of ‘zope.testing.doctestunit’ in favor of stdlib’s ‘doctest’.
- Fixed bug where xml-rpc requests would hang when served using paster.httpserver.
- BaseRequest.traverse should not call traversal hooks on elements previously traversed but wrapped in a security Proxy.
- Reverted change done in 3.6.2. The zope.authentication dependency has been removed again. The BasicAuthAdapter and FTPAuth adapters are now found in the new zope.login package.
- Moved EndRequestEvent and IEndRequestEvent from zope.app.publication into this package.
- Version 3.10.0 needs at least version 3.5 of zope.contenttype but it did not declare it.
- Moved the implementation of zope.publisher.contenttype to zope.contenttype.parse, leaving BBB imports and moving tests along. zope.contenttype is a new but light-weight dependency of this package.
- Supported Python 2.6 by keeping QUERY_STRING out of request.form if the method is a POST. The original QUERY_STRING is still available if further processing is needed.
- Better supported the zcml defaultSkin directive’s behavior (registering an interface as a default skin) in the setDefaultSkin function.
- Fixed the check for untrusted redirects introduced in 3.9.0 so it works with virtual hosting.
- Make redirect validation works without HTTP_HOST variable.
- Add DoNotReRaiseException adapter that can be registered for exceptions to flag that they should not be re-raised by publisher when handle_errors parameter of the publish method is False.
- Convert a location, passed to a redirect method of HTTPRequest to string before checking for trusted host redirection, because a location object may be some non-string convertable to string, like URLGetter.
Some parts of zope.app.publisher packages was moved into this package during zope.app.publisher refactoring:
- IModifiableUserPreferredLanguages adapter for requests
- browser:defaultView and browser:defaultSkin ZCML directives
- IHTTPView, IXMLRPCView and like interfaces
- security ZCML declarations for some of zope.publisher classes
Introduced IReRaiseException interface. If during publishing an exception occurs and for this exception an adapter is available that returns False on being called, the exception won’t be reraised by the publisher. This happens only if handle_errors parameter of the publish() method is set to False. Fixes problems when acting in a WSGI pipeline with a debugger middleware enabled.
See https://bugs.launchpad.net/grok/+bug/332061 for details.
Fix #98471: Restrict redirects to current host. This causes a ValueError to be raised in the case of redirecting to a different host. If this is intentional, the parameter trusted can be given.
Moved dependency on zope.testing from install_requires to tests_require.
Removed behavior of doing a time.sleep in the supportsRetry http request.
Add a fix for Internet Explorer versions that upload files will full filesystem paths as filenames.
- Moved IHTTPException, IMethodNotAllowed, and MethodNotAllowed from zope.app.http to zope.publisher.interfaces.http, fixing dependency cycles involving zope.app.http.
- Moved the DefaultViewName API from zope.app.publisher.browser to zope.publisher.defaultview, making it accessible to other packages that need it.
- Move IView and IBrowserView interfaces into zope.browser.interfaces, leaving BBB imports.
- Added some BBB code to setDefaultSkin to allow IBrowserRequest’s to continue to work without configuring any special adapter for IDefaultSkin.
- Move getDefaultSkin to the skinnable module next to the setDefaultSkin method, leaving a BBB import in place. Mark IDefaultBrowserLayer as a IBrowserSkinType in code instead of relying on the ZCML to be loaded.
- Mark HTTPRequest as IAttributeAnnotatable if zope.annotation is available, this was previously done by zope.app.i18n.
- Register IHTTPRequest -> IUserPreferredCharsets adapter in ZCML configuration. This was also previously done by zope.app.i18n.
Add an adapter from zope.security.interfaces.IPrincipal to zope.publisher.interfaces.logginginfo.ILoggingInfo. It was moved from zope.app.security as a part of refactoring process.
Add adapters from HTTP and FTP request to zope.authentication.ILoginPassword interface. They are moved from zope.app.security as a part of refactoring process. This change adds a dependency on the zope.authentication package, but it’s okay, since it’s a tiny contract definition-only package.
See http://mail.zope.org/pipermail/zope-dev/2009-March/035325.html for reasoning.
- Fix: remove IBrowserRequest dependency in http implementation based on condition for setDefaultSkin. Use ISkinnable instead of IBrowserRequest.
Clean-up: Move skin related code from zope.publisher.interfaces.browser and zope.publisher.browser to zope.publihser.interfaces and zope.publisher.skinnable and provide BBB imports. See skinnable.txt for more information.
Fix: ensure that we only apply skin interface in setDefaultSkin which also provide IBrowserSkinType. This will ensure that we find a skin if the applySkin method will lookup for a skin based on this type interface.
Fix: Make it possible to use adapters and not only interfaces as skins from the adapter registry. Right now the defaultSkin directive registers simple interfaces as skin adapters which will run into a TypeError if someone tries to adapter such a skin adapter. Probably we should change the defaultSkin directive and register real adapters instead of using the interfaces as fake adapters where we expect adapter factories.
Feature: allow to use applySkin with different skin types using the optional argument skinType which is by default set to IBrowserSkinType
Feature: implemented the default skin pattern within adapters. This allows us to register default skins for other requests then only IBrowserRequest using IDefaultSkin adapters.
Note, ISkinnable and ISkinType and the skin implementation should be moved out of the browser request modules. Packages like z3c.jsonrpc do not depend on IBrowserRequest but they are skinnable.
Feature: added ISkinnable interface which allows us to implement the apply skin pattern not only for IBrowserRequest
Fix: Don’t cause warnings on Python 2.6
Fix: Make IBrowserPage inherit IBrowserView.
Move IView and IDefaultViewName from zope.component.interfaces to zope.publisher.interfaces. Stop inheriting from deprecated (for years) interfaces defined in zope.component.
Remove deprecated code.
Clean-up: Move “zope.testing” from extras to dependencies, per Zope Framework policy. Remove zope.app.testing as a dependency: tests run fine without it.
- An untested code path that incorrectly attempted to construct a NotFound was fixed, with a test.
- LP #322486: setStatus() now allows any int()-able status value.
- LP #98440: interfaces lost on retried request
- LP #273296: dealing more nicely with malformed HTTP_ACCEPT_LANGUAGE headers within getPreferredLanguages().
- LP #253362: dealing more nicely with malformed HTTP_ACCEPT_CHARSET headers within getPreferredCharsets().
- LP #98284: Pass the size argument to readline, as the version of twisted used in zope.app.twisted supports it.
- Fix the LP #98284 fix: do not pass size argument of None that causes cStringIO objects to barf with a TypeError.
- It turns out that some Web servers (Paste for example) do not send the EOF character after the data has been transmitted and the read() of the cached stream simply hangs if no expected content length has been specified.
A previous fix to handle posting of non-form data broke handling of form data with extra information in the content type, as in:
When posting non-form (and non-multipart) data, the request body was consumed and discarded. This makes it impossible to deal with other post types, like xml-rpc or json without resorting to overly complex “request factory” contortions.
The zope.publisher.http.HTTPCharsets was confused by the Zope 2 publisher, which gives missleading information about which headers it has.
- Added a PasteDeploy app_factory implementation. This should make it easier to integrate Zope 3 applications with PasteDeploy. It also makes it easier to control the publication used, giving far greater control over application policies (e.g. whether or not to use the ZODB).
- Made segmentation of URLs not strip (trailing) whitespace from path segments to allow URLs ending in %20 to be handled correctly. (#172742)
No changes since 3.4.1b2.
- zope.publisher now works on Python 2.5.
- Fix a problem with request.get() when the object that’s to be retrieved is the request itself.
- Fix https://bugs.launchpad.net/zope3/+bug/122054: HTTPInputStream understands both the CONTENT_LENGTH and HTTP_CONTENT_LENGTH environment variables. It is also now tolerant of empty strings and will treat those as if the variable were absent.
- Fix caching issue. The input stream never got cached in a temp file because of a wrong content-length header lookup. Added CONTENT_LENGTH header check in addition to the previous used HTTP_CONTENT_LENGTH. The HTTP_ prefix is sometimes added by some CGI proxies, but CONTENT_LENGTH is the right header info for the size.
- Fix https://bugs.launchpad.net/zope3/+bug/98413: HTTPResponse.handleException should set the content type
Initial release as a separate project, corresponds to zope.publisher from Zope 3.4.0a1