Flask Version 0.10 to Version 1.0
2021-08-11 21:33 更新
Version 0.10
Released on June 13nd 2013, codename Limoncello.
- Changed default cookie serialization format from pickle to JSON to limit the impact an attacker can do if the secret key leaks. See Version 0.10 for more information.
- Added template_test methods in addition to the already existing template_filter method family.
- Added template_global methods in addition to the already existing template_filter method family.
- Set the content-length header for x-sendfile.
- tojson filter now does not escape script blocks in HTML5 parsers.
- tojson used in templates is now safe by default due. This was allowed due to the different escaping behavior.
- Flask will now raise an error if you attempt to register a new function on an already used endpoint.
- Added wrapper module around simplejson and added default serialization of datetime objects. This allows much easier customization of how JSON is handled by Flask or any Flask extension.
- Removed deprecated internal flask.session module alias. Use flask.sessions instead to get the session module. This is not to be confused with flask.session the session proxy.
- Templates can now be rendered without request context. The behavior is slightly different as the request, session and g objects will not be available and blueprint’s context processors are not called.
- The config object is now available to the template as a real global and not through a context processor which makes it available even in imported templates by default.
- Added an option to generate non-ascii encoded JSON which should result in less bytes being transmitted over the network. It’s disabled by default to not cause confusion with existing libraries that might expect flask.json.dumps to return bytestrings by default.
- flask.g is now stored on the app context instead of the request context.
- flask.g now gained a get() method for not erroring out on non existing items.
- flask.g now can be used with the in operator to see what’s defined and it now is iterable and will yield all attributes stored.
- flask.Flask.request_globals_class got renamed to flask.Flask.app_ctx_globals_class which is a better name to what it does since 0.10.
- request, session and g are now also added as proxies to the template context which makes them available in imported templates. One has to be very careful with those though because usage outside of macros might cause caching.
- Flask will no longer invoke the wrong error handlers if a proxy exception is passed through.
- Added a workaround for chrome’s cookies in localhost not working as intended with domain names.
- Changed logic for picking defaults for cookie values from sessions to work better with Google Chrome.
- Added message_flashed signal that simplifies flashing testing.
- Added support for copying of request contexts for better working with greenlets.
- Removed custom JSON HTTP exception subclasses. If you were relying on them you can reintroduce them again yourself trivially. Using them however is strongly discouraged as the interface was flawed.
- Python requirements changed: requiring Python 2.6 or 2.7 now to prepare for Python 3.3 port.
- Changed how the teardown system is informed about exceptions. This is now more reliable in case something handles an exception halfway through the error handling process.
- Request context preservation in debug mode now keeps the exception information around which means that teardown handlers are able to distinguish error from success cases.
- Added the JSONIFY_PRETTYPRINT_REGULAR configuration variable.
- Flask now orders JSON keys by default to not trash HTTP caches due to different hash seeds between different workers.
- Added appcontext_pushed and appcontext_popped signals.
- The builtin run method now takes the SERVER_NAME into account when picking the default port to run on.
- Added flask.request.get_json() as a replacement for the old flask.request.json property.
Version 0.10.1
(bugfix release, released on June 14th 2013)
- Fixed an issue where |tojson was not quoting single quotes which made the filter not work properly in HTML attributes. Now it’s possible to use that filter in single quoted attributes. This should make using that filter with angular.js easier.
- Added support for byte strings back to the session system. This broke compatibility with the common case of people putting binary data for token verification into the session.
- Fixed an issue where registering the same method twice for the same endpoint would trigger an exception incorrectly.
Version 0.10.2
(bugfix release, release date to be announced)
- Fixed broken test_appcontext_signals() test case.
- Raise an AttributeError in flask.helpers.find_package() with a useful message explaining why it is raised when a PEP 302 import hook is used without an is_package() method.
Version 1.0
(release date to be announced, codename to be selected)
- Added SESSION_REFRESH_EACH_REQUEST config key that controls the set-cookie behavior. If set to True a permanent session will be refreshed each request and get their lifetime extended, if set to False it will only be modified if the session actually modifies. Non permanent sessions are not affected by this and will always expire if the browser window closes.
以上内容是否对您有帮助:
更多建议: