Aiohttp

Latest version: v3.9.5

Safety actively analyzes 630217 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 15 of 29

1.3.0

Not secure
==================

- Multipart writer validates the data on append instead of on a
request send (`920 <https://github.com/aio-libs/aiohttp/pull/920>`_)

- Multipart reader accepts multipart messages with or without their epilogue
to consistently handle valid and legacy behaviors (`1526 <https://github.com/aio-libs/aiohttp/pull/1526>`_) (`#1581 <https://github.com/aio-libs/aiohttp/pull/1581>`_)

- Separate read + connect + request timeouts 1523

- Do not swallow Upgrade header (`1587 <https://github.com/aio-libs/aiohttp/pull/1587>`_)

- Fix polls demo run application (`1487 <https://github.com/aio-libs/aiohttp/pull/1487>`_)

- Ignore unknown 1XX status codes in client (`1353 <https://github.com/aio-libs/aiohttp/pull/1353>`_)

- Fix sub-Multipart messages missing their headers on serialization (`1525 <https://github.com/aio-libs/aiohttp/pull/1525>`_)

- Do not use readline when reading the content of a part
in the multipart reader (`1535 <https://github.com/aio-libs/aiohttp/pull/1535>`_)

- Add optional flag for quoting `FormData` fields (`916 <https://github.com/aio-libs/aiohttp/pull/916>`_)

- 416 Range Not Satisfiable if requested range end > file size (`1588 <https://github.com/aio-libs/aiohttp/pull/1588>`_)

- Having a `:` or `` in a route does not work (`1552 <https://github.com/aio-libs/aiohttp/pull/1552>`_)

- Added `receive_timeout` timeout for websocket to receive complete
message. (`1325 <https://github.com/aio-libs/aiohttp/pull/1325>`_)

- Added `heartbeat` parameter for websocket to automatically send
`ping` message. (`1024 <https://github.com/aio-libs/aiohttp/pull/1024>`_) (`#777 <https://github.com/aio-libs/aiohttp/pull/777>`_)

- Remove `web.Application` dependency from `web.UrlDispatcher` (`1510 <https://github.com/aio-libs/aiohttp/pull/1510>`_)

- Accepting back-pressure from slow websocket clients (`1367 <https://github.com/aio-libs/aiohttp/pull/1367>`_)

- Do not pause transport during set_parser stage (`1211 <https://github.com/aio-libs/aiohttp/pull/1211>`_)

- Lingering close does not terminate before timeout (`1559 <https://github.com/aio-libs/aiohttp/pull/1559>`_)

- `setsockopt` may raise `OSError` exception if socket is closed already (`1595 <https://github.com/aio-libs/aiohttp/pull/1595>`_)

- Lots of CancelledError when requests are interrupted (`1565 <https://github.com/aio-libs/aiohttp/pull/1565>`_)

- Allow users to specify what should happen to decoding errors
when calling a responses `text()` method (`1542 <https://github.com/aio-libs/aiohttp/pull/1542>`_)

- Back port std module `http.cookies` for python3.4.2 (`1566 <https://github.com/aio-libs/aiohttp/pull/1566>`_)

- Maintain url's fragment in client response (`1314 <https://github.com/aio-libs/aiohttp/pull/1314>`_)

- Allow concurrently close WebSocket connection (`754 <https://github.com/aio-libs/aiohttp/pull/754>`_)

- Gzipped responses with empty body raises ContentEncodingError (`609 <https://github.com/aio-libs/aiohttp/pull/609>`_)

- Return 504 if request handle raises TimeoutError.

- Refactor how we use keep-alive and close lingering timeouts.

- Close response connection if we can not consume whole http
message during client response release

- Abort closed ssl client transports, broken servers can keep socket
open un-limit time (`1568 <https://github.com/aio-libs/aiohttp/pull/1568>`_)

- Log warning instead of `RuntimeError` is websocket connection is closed.

- Deprecated: `aiohttp.protocol.HttpPrefixParser`
will be removed in 1.4 (`1590 <https://github.com/aio-libs/aiohttp/pull/1590>`_)

- Deprecated: Servers response's `.started`, `.start()` and
`.can_start()` method will be removed in 1.4 (`1591 <https://github.com/aio-libs/aiohttp/pull/1591>`_)

- Deprecated: Adding `sub app` via `app.router.add_subapp()` is deprecated
use `app.add_subapp()` instead, will be removed in 1.4 (`1592 <https://github.com/aio-libs/aiohttp/pull/1592>`_)

- Deprecated: aiohttp.get(), aiohttp.options(), aiohttp.head(), aiohttp.post(),
aiohttp.put(), aiohttp.patch(), aiohttp.delete(), and aiohttp.ws_connect()
will be removed in 1.4 (`1593 <https://github.com/aio-libs/aiohttp/pull/1593>`_)

- Deprecated: `Application.finish()` and `Application.register_on_finish()`
will be removed in 1.4 (`1602 <https://github.com/aio-libs/aiohttp/pull/1602>`_)

1.2.0

Not secure
==================

- Extract `BaseRequest` from `web.Request`, introduce `web.Server`
(former `RequestHandlerFactory`), introduce new low-level web server
which is not coupled with `web.Application` and routing (`1362 <https://github.com/aio-libs/aiohttp/pull/1362>`_)

- Make `TestServer.make_url` compatible with `yarl.URL` (`1389 <https://github.com/aio-libs/aiohttp/pull/1389>`_)

- Implement range requests for static files (`1382 <https://github.com/aio-libs/aiohttp/pull/1382>`_)

- Support task attribute for StreamResponse (`1410 <https://github.com/aio-libs/aiohttp/pull/1410>`_)

- Drop `TestClient.app` property, use `TestClient.server.app` instead
(BACKWARD INCOMPATIBLE)

- Drop `TestClient.handler` property, use `TestClient.server.handler` instead
(BACKWARD INCOMPATIBLE)

- `TestClient.server` property returns a test server instance, was
`asyncio.AbstractServer` (BACKWARD INCOMPATIBLE)

- Follow gunicorn's signal semantics in `Gunicorn[UVLoop]WebWorker` (`1201 <https://github.com/aio-libs/aiohttp/pull/1201>`_)

- Call worker_int and worker_abort callbacks in
`Gunicorn[UVLoop]WebWorker` (`1202 <https://github.com/aio-libs/aiohttp/pull/1202>`_)

- Has functional tests for client proxy (`1218 <https://github.com/aio-libs/aiohttp/pull/1218>`_)

- Fix bugs with client proxy target path and proxy host with port (`1413 <https://github.com/aio-libs/aiohttp/pull/1413>`_)

- Fix bugs related to the use of unicode hostnames (`1444 <https://github.com/aio-libs/aiohttp/pull/1444>`_)

- Preserve cookie quoting/escaping (`1453 <https://github.com/aio-libs/aiohttp/pull/1453>`_)

- FileSender will send gzipped response if gzip version available (`1426 <https://github.com/aio-libs/aiohttp/pull/1426>`_)

- Don't override `Content-Length` header in `web.Response` if no body
was set (`1400 <https://github.com/aio-libs/aiohttp/pull/1400>`_)

- Introduce `router.post_init()` for solving (`1373 <https://github.com/aio-libs/aiohttp/pull/1373>`_)

- Fix raise error in case of multiple calls of `TimeServive.stop()`

- Allow to raise web exceptions on router resolving stage (`1460 <https://github.com/aio-libs/aiohttp/pull/1460>`_)

- Add a warning for session creation outside of coroutine (`1468 <https://github.com/aio-libs/aiohttp/pull/1468>`_)

- Avoid a race when application might start accepting incoming requests
but startup signals are not processed yet e98e8c6

- Raise a `RuntimeError` when trying to change the status of the HTTP response
after the headers have been sent (`1480 <https://github.com/aio-libs/aiohttp/pull/1480>`_)

- Fix bug with https proxy acquired cleanup (`1340 <https://github.com/aio-libs/aiohttp/pull/1340>`_)

- Use UTF-8 as the default encoding for multipart text parts (`1484 <https://github.com/aio-libs/aiohttp/pull/1484>`_)

1.1.6

Not secure
==================

- Fix `BodyPartReader.read_chunk` bug about returns zero bytes before
`EOF` (`1428 <https://github.com/aio-libs/aiohttp/pull/1428>`_)

1.1.5

Not secure
==================

- Fix static file serving in fallback mode (`1401 <https://github.com/aio-libs/aiohttp/pull/1401>`_)

1.1.4

Not secure
==================

- Make `TestServer.make_url` compatible with `yarl.URL` (`1389 <https://github.com/aio-libs/aiohttp/pull/1389>`_)

- Generate informative exception on redirects from server which
does not provide redirection headers (`1396 <https://github.com/aio-libs/aiohttp/pull/1396>`_)

1.1.3

Not secure
==================

- Support *root* resources for sub-applications (`1379 <https://github.com/aio-libs/aiohttp/pull/1379>`_)

Page 15 of 29

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.