req.register_input_filter()methods. These allows the dynamic registration of filters and the attaching of filters to the current request.
httponlyattribute, an extension originally created by Microsoft, but now getting more widespread use in the battle against cross site-scripting attacks.
PythonImportdirective to specify the name of a function contained in the module to be called once the designated module has been imported.
req.auth_type()methods. These return the values associated with the AuthName and AuthType directives respectively. The
req.ap_auth_typehas now also been made writable so that it can be set by an authentication handler.
req.update_mtime()functions as wrappers for similar functions provided by Apache C API. These are required to effectively use the
req.meets_condition()function. The documentation for
req.meets_condition()has also been updated as what it previously described probably wouldn't actually work.
req.construct_url()method. Used to construct a fully qualified URI string incorporating correct scheme, server and port.
req.discard_request_body()function as wrapper for similar function provided by Apache C API. The function tests for and reads any message body in the request, simply discarding whatever it receives.
req.register_output_filter()methods can now take a direct reference to a callable object as well a string which refers to a module or module::function combination by name.
conn._conn_recsemi private members for getting accessing to underlying Apache struct as a Python CObject. These can be used for use in implementing SWIG bindings for lower level APIs of Apache. These members should be regarded as experimental and there are no guarantees that they will remain present in this specific form in the future.
req.hlist.location. For a handler executed directly as the result of a handler directive within a
Locationdirective, this will be set to the value of the
LocationMatch, or wildcards or regular expressions are used with
Location, the value will be the matched value in the URL and not the pattern.
__access__()functions and the
__auth_realm__string can now be nested within a class method as a well a normal function.
PythonEnablePdbconfiguration option will now be ignored if Apache hasn't been started up in single process mode.
Nonebeing returned with a subsequent error complaining about the handler returning an invalid value.
util.FieldStorageefficiency and made the interface more dictionary like.
Nonebut is otherwise not callable. Previously an exception would not be generated if the handler evaluated to
req.handlerattribute is now writable. This allows a handler executing in a phase prior to the response phase to specify which Apache module will be responsible for generating the content.
req.canonical_filenameattribute writable. Changed the
req.finfoattribute from being a tuple to an actual object. For backwards compatibility the attributes of the object can still be accessed as if they were a tuple. New code however should access the attributes as member data. The
req.finfoattribute is also now writable and can be assigned to using the result of calling the new function
apache.stat(). This function is a wrapper for
apache.OK, this is no longer the case and what happens is dependent on the phase. Specifically, a handler returning
apache.DECLINEDno longer causes the execution of subsequent handlers for the phase to be skipped. Instead, it will move to the next of the stacked handlers. In the case of
PythonTypeHandler, as soon as
apache.OKis returned, subsequent handlers for the phase will be skipped, as the result indicates that any processing pertinent to that phase has been completed. For other phases, stacked handlers will continue to be executed if
apache.OKis returned as well as when
apache.DECLINEDis returned. This new interpretation of the status returned also applies to stacked content handlers listed against the
PythonHandlerdirective even though Apache notionally only ever calls at most one content handler. Where all stacked content handlers in that phase run, the status returned from the last handler becomes the overall status from the content phase.
req.uriattributes are now writable. This allows a handler to setup these values and trigger proxying of the current request to a remote server.
req.no_local_copyattributes are now writable.
PythonImportdirectives. The module importer is still able to be used directly using the
apache.import_module()function. The new module importer no longer supports automatic reloading of packages/modules that appear on the standard Python module search path as defined by the
PythonPathdirective or within an application by direct changes to
sys.path. Automatic module reloading is however still performed on file based modules (not packages) which are located within the document tree where handlers are located. Locations within the document tree are however no longer added to the standard Python module search path automatically as they are maintained within a distinct importer search path. The
PythonPathdirective MUST not be used to point at directories within the document tree. To have additional directories be searched by the module importer, they should be listed in the
mod_python.importer.pathoption using the
PythonOptiondirective. This is a path similar to how
PythonPathargument is supplied, but MUST not reference
sys.pathnor contain any directories also listed in the standard Python module search path. If an application does not appear to work under the module importer, the old module importer can be reenabled by setting the
mod_python.legacy.importeroption using the
PythonOptiondirective to the value '
*'. This option must be set in the global Apache configuration.
req.nextmembers now correctly return a reference to the original Python request object wrapper first created for the specific
request_recinstance rather than creating a new distinct Python request object. This means that any data added explicitly to a request object can be passed between such requests.
apache.HTTP_NOT_FOUNDserver error is now returned to the client rather than raising a
ValueErrorexception which results in a 500 internal server error. Note that if using
SetHandlerand the request is against the directory and no
DirectoryIndexdirective is specified which lists a valid PSP index file, then the same
apache.HTTP_NOT_FOUNDserver error is returned to the client.
req.connection.log_error(). The latter wraps
ap_log_cerror()(when available), allowing client information to be logged along with message from a connection handler.
req.used_path_infois now modifiable and can be set from within handlers. This is equivalent to having used the
req.argsis now modifiable and can be set from within handlers.
FieldStorageobject instance cached as
req.formleft there by preceding code.
__auth__()functions in mod_python.publisher now execute in context of globals from the file the function is in and not that of mod_python.publisher itself.
DirectoryMatchdirectives where wildcards or regular expressions are used, the handler directory will be set to the shortest directory matched by the directory pattern. Handler directives can now also be used within
FilesMatchdirectives and the handler directory will correctly resolve to the directory corresponding to the enclosing
DirectoryMatchdirective, or the directory the
.htaccessfile is contained in.
FilterDispatchcallback should not flush the filter if it has already been closed.
req.sendfile()was causing problems on Win32, plus code needed to be changed to work with APR 1.2.7.
SERVER_RETURNexception was used to return an
OKstatus for that handler, any following handlers weren't being run if appropriate for the phase.
Py_Finalize()function was being called on child process shutdown. This was being done though from within the context of a signal handler, which is generally unsafe and would cause the process to lock up. This function is no longer called on child process shutdown.
req.phaseattribute is no longer overwritten by an input or output filter. The
filter.is_inputmember should be used to determine if a filter is an input or output filter.
PythonImportdirective now uses the
apache.import_module()function to import modules to avoid reloading problems when same module is imported from a handler.
PythonPathdirective is being used as well as problems with infinite extension of path.
localhostdoesn't resolve to
127.0.0.1but the actual IP address of the host.
Python*Filterdirective is used inside of a
Filesdirective container, the handler/filter directory value will now correctly resolve to the directory corresponding to any parent
Directorydirective or the location of the
Filesdirective is contained in.
req.server.get_config()was not being populated correctly to be the state of directives set at global scope for the server.
Off, wasn't overriding
Onsetting in parent scope.
util.redirect()function should be returning server status of
apache.OKotherwise it will not give desired result if used in non content handler phase or where there are stacked content handlers.
sys.pathmultiple times when
apache.HTTP_UPGRADE_REQUIRED. Also added new constants for Apache magic mime types and values for interpreting the
apache.init()function could be called more than once for a specific interpreter instance whereas it should only be called once.
PythonInterpPerDirectorywas enabled and request was against a directory but client didn't provide the trailing slash.
FieldStorageclass so that it can handle multiline headers.
PythonInterpPerDirectivewhen setting content handler to run dynamically with
req.add_handler()would cause Apache to crash.
req.add_handler()is canonicalized and a trailing slash added automatically. This is needed to ensure that the directory is always in POSIX path style as used by Apache and that convention where directories associated with directives always have trailing slash is adhered to. If this is not done, a different interpreter can be chosen to that expected when the
PythonHandlerModulewas not setting up registration of the
PythonAuthenHandler. For the latter this meant that using
PythonHandlerModulewould cause a 500 error and complaint in error log about "No groups file".
Onand and exception occurred, the response to the client had a status of
200when it really should have been a
500error status indicating that an internal error occurred. A
500error status was correctly being returned when
req.sendfile()used and data not flushed, and then published function returned
apache.make_table(). This was used by
util.FieldStorageclass so affected all code using forms.
req.subprocess_envtable was accessed in the post read request handler phase.
repr()on a table object.