Hello community, here is the log from the commit of package python3-aiohttp for openSUSE:Factory checked in at 2016-08-03 11:44:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-aiohttp (Old) and /work/SRC/openSUSE:Factory/.python3-aiohttp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python3-aiohttp" Changes: -------- --- /work/SRC/openSUSE:Factory/python3-aiohttp/python3-aiohttp.changes 2016-07-28 23:46:25.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python3-aiohttp.new/python3-aiohttp.changes 2016-08-03 11:45:15.000000000 +0200 @@ -1,0 +2,11 @@ +Fri Jul 29 06:03:55 UTC 2016 - [email protected] + + +- update to version 0.22.4: + * Update CONTRIBUTORS + * Pin multidict dependecy < 2.0.0 + +- changes from version 0.22.3: + * Do not filter cookies if unsafe flag provided #1005 + +------------------------------------------------------------------- Old: ---- aiohttp-0.22.2.tar.gz New: ---- aiohttp-0.22.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-aiohttp.spec ++++++ --- /var/tmp/diff_new_pack.eOeLPr/_old 2016-08-03 11:45:16.000000000 +0200 +++ /var/tmp/diff_new_pack.eOeLPr/_new 2016-08-03 11:45:16.000000000 +0200 @@ -17,7 +17,7 @@ Name: python3-aiohttp -Version: 0.22.2 +Version: 0.22.4 Release: 0 Url: https://pypi.python.org/pypi/aiohttp Summary: Http client/server for asyncio ++++++ aiohttp-0.22.2.tar.gz -> aiohttp-0.22.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/CHANGES.txt new/aiohttp-0.22.4/CHANGES.txt --- old/aiohttp-0.22.2/CHANGES.txt 2016-07-23 15:31:40.000000000 +0200 +++ new/aiohttp-0.22.4/CHANGES.txt 2016-07-28 13:32:21.000000000 +0200 @@ -1,6 +1,12 @@ CHANGES ======= +0.22.3 (07-26-2016) +------------------- + +- Do not filter cookies if unsafe flag provided #1005 + + 0.22.2 (07-23-2016) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/CONTRIBUTORS.txt new/aiohttp-0.22.4/CONTRIBUTORS.txt --- old/aiohttp-0.22.2/CONTRIBUTORS.txt 2016-07-23 15:31:40.000000000 +0200 +++ new/aiohttp-0.22.4/CONTRIBUTORS.txt 2016-07-28 13:32:21.000000000 +0200 @@ -70,6 +70,7 @@ Matthieu Hauglustaine Michael Ihnatenko Mikhail Lukyanchenko +Misha Behersky Morgan Delahaye-Prat Moss Collum Nicolas Braem diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/PKG-INFO new/aiohttp-0.22.4/PKG-INFO --- old/aiohttp-0.22.2/PKG-INFO 2016-07-23 15:33:07.000000000 +0200 +++ new/aiohttp-0.22.4/PKG-INFO 2016-07-28 13:33:50.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: aiohttp -Version: 0.22.2 +Version: 0.22.4 Summary: http client/server for asyncio Home-page: https://github.com/KeepSafe/aiohttp/ Author: Andrew Svetlov @@ -150,6 +150,12 @@ CHANGES ======= + 0.22.3 (07-26-2016) + ------------------- + + - Do not filter cookies if unsafe flag provided #1005 + + 0.22.2 (07-23-2016) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/aiohttp/__init__.py new/aiohttp-0.22.4/aiohttp/__init__.py --- old/aiohttp-0.22.2/aiohttp/__init__.py 2016-07-23 15:31:40.000000000 +0200 +++ new/aiohttp-0.22.4/aiohttp/__init__.py 2016-07-28 13:32:21.000000000 +0200 @@ -1,9 +1,10 @@ -# This relies on each of the submodules having an __all__ variable. - -__version__ = '0.22.2' +__version__ = '0.22.4' +# Deprecated, keep it here for a while for backward compatibility. import multidict # noqa +# This relies on each of the submodules having an __all__ variable. + from multidict import * # noqa from . import hdrs # noqa from .protocol import * # noqa diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/aiohttp/helpers.py new/aiohttp-0.22.4/aiohttp/helpers.py --- old/aiohttp-0.22.2/aiohttp/helpers.py 2016-07-23 15:31:40.000000000 +0200 +++ new/aiohttp-0.22.4/aiohttp/helpers.py 2016-07-28 13:32:21.000000000 +0200 @@ -701,7 +701,7 @@ hostname = url_parsed.hostname or "" - if is_ip_address(hostname): + if not self._unsafe and is_ip_address(hostname): continue if name in self._host_only_cookies: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/aiohttp.egg-info/PKG-INFO new/aiohttp-0.22.4/aiohttp.egg-info/PKG-INFO --- old/aiohttp-0.22.2/aiohttp.egg-info/PKG-INFO 2016-07-23 15:33:06.000000000 +0200 +++ new/aiohttp-0.22.4/aiohttp.egg-info/PKG-INFO 2016-07-28 13:33:50.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: aiohttp -Version: 0.22.2 +Version: 0.22.4 Summary: http client/server for asyncio Home-page: https://github.com/KeepSafe/aiohttp/ Author: Andrew Svetlov @@ -150,6 +150,12 @@ CHANGES ======= + 0.22.3 (07-26-2016) + ------------------- + + - Do not filter cookies if unsafe flag provided #1005 + + 0.22.2 (07-23-2016) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/aiohttp.egg-info/requires.txt new/aiohttp-0.22.4/aiohttp.egg-info/requires.txt --- old/aiohttp-0.22.2/aiohttp.egg-info/requires.txt 2016-07-23 15:33:06.000000000 +0200 +++ new/aiohttp-0.22.4/aiohttp.egg-info/requires.txt 2016-07-28 13:33:50.000000000 +0200 @@ -1,2 +1,2 @@ chardet -multidict>=1.1.0 +multidict>=1.1.0,<2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/setup.py new/aiohttp-0.22.4/setup.py --- old/aiohttp-0.22.2/setup.py 2016-07-23 15:31:40.000000000 +0200 +++ new/aiohttp-0.22.4/setup.py 2016-07-28 13:32:21.000000000 +0200 @@ -54,7 +54,7 @@ raise RuntimeError('Unable to determine version.') -install_requires = ['chardet', 'multidict>=1.1.0'] +install_requires = ['chardet', 'multidict>=1.1.0,<2'] if sys.version_info < (3, 4, 1): raise RuntimeError("aiohttp requires Python 3.4.1+") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aiohttp-0.22.2/tests/test_helpers.py new/aiohttp-0.22.4/tests/test_helpers.py --- old/aiohttp-0.22.2/tests/test_helpers.py 2016-07-23 15:31:40.000000000 +0200 +++ new/aiohttp-0.22.4/tests/test_helpers.py 2016-07-28 13:32:21.000000000 +0200 @@ -273,10 +273,41 @@ assert not helpers.is_ip_address("1200::AB00:1234::2552:7777:1313") -class TestCookieJar(unittest.TestCase): +class TestCookieJarBase(unittest.TestCase): def setUp(self): + self.loop = asyncio.new_event_loop() + asyncio.set_event_loop(None) + + # N.B. those need to be overriden in child test cases + self.jar = helpers.CookieJar(loop=self.loop) # Cookies to send from client to server as "Cookie" header + self.cookies_to_send = http.cookies.SimpleCookie() + # Cookies received from the server as "Set-Cookie" header + self.cookies_to_receive = http.cookies.SimpleCookie() + + def tearDown(self): + self.loop.close() + + def request_reply_with_same_url(self, url): + self.jar.update_cookies(self.cookies_to_send) + cookies_sent = self.jar.filter_cookies(url) + + self.jar.cookies.clear() + + self.jar.update_cookies(self.cookies_to_receive, url) + cookies_received = self.jar.cookies.copy() + + self.jar.cookies.clear() + + return cookies_sent, cookies_received + + +class TestCookieJarSafe(TestCookieJarBase): + + def setUp(self): + super().setUp() + self.cookies_to_send = http.cookies.SimpleCookie( "shared-cookie=first; " "domain-cookie=second; Domain=example.com; " @@ -300,7 +331,6 @@ " Expires=string;" ) - # Cookies received from the server as "Set-Cookie" header self.cookies_to_receive = http.cookies.SimpleCookie( "unconstrained-cookie=first; Path=/; " "domain-cookie=second; Domain=example.com; Path=/; " @@ -313,27 +343,8 @@ "wrong-path-cookie=nineth; Domain=pathtest.com; Path=somepath;" ) - self.loop = asyncio.new_event_loop() - asyncio.set_event_loop(None) - self.jar = helpers.CookieJar(loop=self.loop) - def tearDown(self): - self.loop.close() - - def request_reply_with_same_url(self, url): - self.jar.update_cookies(self.cookies_to_send) - cookies_sent = self.jar.filter_cookies(url) - - self.jar.cookies.clear() - - self.jar.update_cookies(self.cookies_to_receive, url) - cookies_received = self.jar.cookies.copy() - - self.jar.cookies.clear() - - return cookies_sent, cookies_received - def timed_request( self, url, update_time, send_time): time_func = "time.monotonic" @@ -676,3 +687,34 @@ # Invalid time self.assertEqual(parse_func("Tue, 1 Jan 1970 77:88:99 GMT"), None) + + +class TestCookieJarUnsafe(TestCookieJarBase): + + def setUp(self): + super().setUp() + self.cookies_to_send = http.cookies.SimpleCookie( + "shared-cookie=first; " + "ip-cookie=second; Domain=127.0.0.1;" + ) + + self.cookies_to_receive = http.cookies.SimpleCookie( + "shared-cookie=first; " + "ip-cookie=second; Domain=127.0.0.1;" + ) + + self.jar = helpers.CookieJar(loop=self.loop, unsafe=True) + + def test_preserving_ip_domain_cookies(self): + cookies_sent, cookies_received = ( + self.request_reply_with_same_url("http://127.0.0.1/";)) + + self.assertEqual(set(cookies_sent.keys()), { + "shared-cookie", + "ip-cookie", + }) + + self.assertEqual(set(cookies_received.keys()), { + "shared-cookie", + "ip-cookie", + })
