Hey all, As a new years gift, I have just released a beta version of waitress 1.2.0, hopefully with a bit of luck this will be the only beta release with minimal or no changes and 1.2.0 should follow shortly.
This release has some major changes to the proxy handling in Waitress, which will be of note for those of you that use Waitress behind a reverse proxy such as NGINX/HAProxy/Apache or others. Waitress is now able to manipulate and change the WSGI environment to match what the proxy headers are sending, and has full support for the new Forwarded header. Documentation is available here: https://docs.pylonsproject.org/projects/waitress/en/latest/reverse-proxy.html <https://docs.pylonsproject.org/projects/waitress/en/latest/reverse-proxy.html> Please note that in the future Waitress is going to be more secure by default, and will strip known proxy headers before forwarding them on in the WSGI environ to help protect WSGI applications from accidentally using attacker provider proxy headers and their values. Waitress will warn if you don't explicitly opt-in to the following: If trusted_proxy is set, trusted_proxy_headers should be set to the values you explicitly want Waitress to use (and are known valid from an upstream proxy), and clear_untrusted_proxy_headers should be set to either True or False. See https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html <https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html> for more information on what these knobs are and valid values. I am hoping to get some feedback from testing, if you can, deploy this and remove any middleware you may have that is manipulating the environ and test if waitress matches expectations. https://pypi.org/project/waitress/1.2.0b1/ <https://pypi.org/project/waitress/1.2.0b1/> pip install waitress=1.2.0b1 Thank you, Bert JW Regeer -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-devel+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. Visit this group at https://groups.google.com/group/pylons-devel. For more options, visit https://groups.google.com/d/optout.