Path to this page:
Subject: CVS commit: pkgsrc/www/py-h2
From: Leonardo Taccari
Date: 2017-04-14 15:10:13
Message id: 20170414131013.40064FBE4@cvs.NetBSD.org
Log Message:
Update www/py-h2 to 2.5.2
Changes:
2.5.2 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
upgrade that was emitted by ``initiate_upgrade_connection`` included the
*entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
than have those settings applied appropriately.
2.4.3 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
upgrade that was emitted by ``initiate_upgrade_connection`` included the
*entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
than have those settings applied appropriately.
2.3.4 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
upgrade that was emitted by ``initiate_upgrade_connection`` included the
*entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
than have those settings applied appropriately.
2.5.1 (2016-12-17)
------------------
Bugfixes
~~~~~~~~
- Remote peers are now allowed to send zero or any positive number as a value
for ``SETTINGS_MAX_HEADER_LIST_SIZE``, where previously sending zero would
raise a ``InvalidSettingsValueError``.
2.5.0 (2016-10-25)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new ``H2Configuration`` object that allows rich configuration of
a ``H2Connection``. This object supersedes the prior keyword arguments to the
``H2Connection`` object, which are now deprecated and will be removed in 3.0.
- Added support for automated window management via the
``acknowledge_received_data`` method. See the documentation for more details.
- Added a ``DenialOfServiceError`` that is raised whenever a behaviour that
looks like a DoS attempt is encountered: for example, an overly large
decompressed header list. This is a subclass of ``ProtocolError``.
- Added support for setting and managing ``SETTINGS_MAX_HEADER_LIST_SIZE``.
This setting is now defaulted to 64kB.
- Added ``h2.errors.ErrorCodes``, an enum that is used to store all the HTTP/2
error codes. This allows us to use a better printed representation of the
error code in most places that it is used.
- The ``error_code`` fields on ``ConnectionTerminated`` and ``StreamReset``
events have been updated to be instances of ``ErrorCodes`` whenever they
correspond to a known error code. When they are an unknown error code, they
are instead ``int``. As ``ErrorCodes`` is a subclass of ``int``, this is
non-breaking.
- Deprecated the other fields in ``h2.errors``. These will be removed in 3.0.0.
Bugfixes
~~~~~~~~
- Correctly reject request header blocks with neither :authority nor Host
headers, or header blocks which contain mismatched :authority and Host
headers, per RFC 7540 Section 8.1.2.3.
- Correctly expect that responses to HEAD requests will have no body regardless
of the value of the Content-Length header, and reject those that do.
- Correctly refuse to send header blocks that contain neither :authority nor
Host headers, or header blocks which contain mismatched :authority and Host
headers, per RFC 7540 Section 8.1.2.3.
- Hyper-h2 will now reject header field names and values that contain leading
or trailing whitespace.
- Correctly strip leading/trailing whitespace from header field names and
values.
- Correctly refuse to send header blocks with a TE header whose value is not
``trailers``, per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks with connection-specific headers,
per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks that contain duplicate pseudo-header
fields, or with pseudo-header fields that appear after ordinary header fields,
per RFC 7540 Section 8.1.2.1.
This may cause passing a dictionary as the header block to ``send_headers``
to throw a ``ProtocolError``, because dictionaries are unordered and so they
may trip this check. Passing dictionaries here is deprecated, and callers
should change to using a sequence of 2-tuples as their header blocks.
- Correctly reject trailers that contain HTTP/2 pseudo-header fields, per RFC
7540 Section 8.1.2.1.
- Correctly refuse to send trailers that contain HTTP/2 pseudo-header fields,
per RFC 7540 Section 8.1.2.1.
- Correctly reject responses that do not contain the ``:status`` header field,
per RFC 7540 Section 8.1.2.4.
- Correctly refuse to send responses that do not contain the ``:status`` header
field, per RFC 7540 Section 8.1.2.4.
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.4.2 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.3.3 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.2.7 (2016-10-25)
------------------
*Final 2.2.X release*
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
that setting. Prior to this release, if the user updated the maximum frame
size hyper-h2 would ignore the update, preventing the remote peer from using
the higher frame sizes.
2.4.1 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
of the value of the Content-Length header, and reject those that do.
2.3.2 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
of the value of the Content-Length header, and reject those that do.
2.4.0 (2016-07-01)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Adds ``additional_data`` to ``H2Connection.close_connection``, allowing the
user to send additional debug data on the GOAWAY frame.
- Adds ``last_stream_id`` to ``H2Connection.close_connection``, allowing the
user to manually control what the reported last stream ID is.
- Add new method: ``prioritize``.
- Add support for emitting stream priority information when sending headers
frames using three new keyword arguments: ``priority_weight``,
``priority_depends_on``, and ``priority_exclusive``.
- Add support for "related events": events that fire simultaneously on \
a single
frame.
2.3.1 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
of CONTINUATION frames on a given connection.
2.2.5 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
of CONTINUATION frames on a given connection.
2.3.0 (2016-04-26)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new flag to the ``H2Connection`` constructor: ``header_encoding``,
that controls what encoding is used (if any) to decode the headers from bytes
to unicode. This defaults to UTF-8 for backward compatibility. To disable the
decode and use bytes exclusively, set the field to False, None, or the empty
string. This affects all headers, including those pushed by servers.
- Bumped the minimum version of HPACK allowed from 2.0 to 2.2.
- Added support for advertising RFC 7838 Alternative services.
- Allowed users to provide ``hpack.HeaderTuple`` and
``hpack.NeverIndexedHeaderTuple`` objects to all methods that send headers.
- Changed all events that carry headers to emit ``hpack.HeaderTuple`` and
``hpack.NeverIndexedHeaderTuple`` instead of plain tuples. This allows users
to maintain header indexing state.
- Added support for plaintext upgrade with the ``initiate_upgrade_connection``
method.
Bugfixes
~~~~~~~~
- Automatically ensure that all ``Authorization`` and ``Proxy-Authorization``
headers, as well as short ``Cookie`` headers, are prevented from being added
to encoding contexts.
2.2.4 (2016-04-25)
------------------
Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.
2.1.5 (2016-04-25)
------------------
*Final 2.1.X release*
Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.
Files: