From d4c44a7d8c1554dfafc240f6a1714bc58fdc05f5 Mon Sep 17 00:00:00 2001 From: Dag Odenhall Date: Mon, 25 Oct 2010 15:38:39 +0200 Subject: [PATCH 01/10] BaseConverter is in werkzeug.routing Signed-off-by: Armin Ronacher --- flask/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flask/app.py b/flask/app.py index aa6371d6..f2ec45e9 100644 --- a/flask/app.py +++ b/flask/app.py @@ -276,7 +276,7 @@ class Flask(_PackageBoundObject): #: this to change the routing converters after the class was created #: but before any routes are connected. Example:: #: - #: from werkzeug import BaseConverter + #: from werkzeug.routing import BaseConverter #: #: class ListConverter(BaseConverter): #: def to_python(self, value): From 94a7312d5ac5e2f949c4e27ecf2a273cec3d8c0c Mon Sep 17 00:00:00 2001 From: Daniel Haaker Date: Fri, 29 Oct 2010 10:55:10 +0200 Subject: [PATCH 02/10] Add missing semicolon to test Signed-off-by: Armin Ronacher --- docs/testing.rst | 2 +- examples/flaskr/flaskr_tests.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/testing.rst b/docs/testing.rst index 790eddf6..b9f0806b 100644 --- a/docs/testing.rst +++ b/docs/testing.rst @@ -173,7 +173,7 @@ like this:: text='HTML allowed here' ), follow_redirects=True) assert 'No entries here so far' not in rv.data - assert '<Hello>' in rv.data + assert '<Hello>' in rv.data assert 'HTML allowed here' in rv.data Here we check that HTML is allowed in the text but not in the title, diff --git a/examples/flaskr/flaskr_tests.py b/examples/flaskr/flaskr_tests.py index 07e702c4..06bf1035 100644 --- a/examples/flaskr/flaskr_tests.py +++ b/examples/flaskr/flaskr_tests.py @@ -66,7 +66,7 @@ class FlaskrTestCase(unittest.TestCase): text='HTML allowed here' ), follow_redirects=True) assert 'No entries here so far' not in rv.data - assert '<Hello>' in rv.data + assert '<Hello>' in rv.data assert 'HTML allowed here' in rv.data From d8f521e1ff200918e2bdeb526e535252763e653a Mon Sep 17 00:00:00 2001 From: Daniel Haaker Date: Thu, 28 Oct 2010 22:41:27 +0200 Subject: [PATCH 03/10] Add missing period Signed-off-by: Armin Ronacher --- docs/tutorial/setup.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/tutorial/setup.rst b/docs/tutorial/setup.rst index 9f762c84..64bf3b66 100644 --- a/docs/tutorial/setup.rst +++ b/docs/tutorial/setup.rst @@ -56,7 +56,7 @@ execute code on the server! We also add a method to easily connect to the database specified. That can be used to open a connection on request and also from the interactive -Python shell or a script. This will come in handy later +Python shell or a script. This will come in handy later. :: From ce4f81f1c235dad3667885398794112690fa0462 Mon Sep 17 00:00:00 2001 From: Daniel Haaker Date: Thu, 28 Oct 2010 22:30:07 +0200 Subject: [PATCH 04/10] Correct capitalization SQLite Signed-off-by: Armin Ronacher --- docs/tutorial/introduction.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/tutorial/introduction.rst b/docs/tutorial/introduction.rst index ff7cdcab..00fe3a00 100644 --- a/docs/tutorial/introduction.rst +++ b/docs/tutorial/introduction.rst @@ -14,7 +14,7 @@ less web-2.0-ish name ;) Basically we want it to do the following things: 3. the page shows all entries so far in reverse order (newest on top) and the user can add new ones from there if logged in. -We will be using SQlite3 directly for that application because it's good +We will be using SQLite3 directly for that application because it's good enough for an application of that size. For larger applications however it makes a lot of sense to use `SQLAlchemy`_ that handles database connections in a more intelligent way, allows you to target different From 693b3b7621f7bf1a1aa5eaae90fc48179c0d3088 Mon Sep 17 00:00:00 2001 From: Daniel Haaker Date: Thu, 28 Oct 2010 22:22:17 +0200 Subject: [PATCH 05/10] Tricker -> trickier Signed-off-by: Armin Ronacher --- docs/installation.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installation.rst b/docs/installation.rst index a9dc5c28..eb645bdc 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -147,7 +147,7 @@ To just get the development version without git, do this instead:: `easy_install` on Windows ------------------------- -On Windows, installation of `easy_install` is a little bit tricker because +On Windows, installation of `easy_install` is a little bit trickier because slightly different rules apply on Windows than on Unix-like systems, but it's not difficult. The easiest way to do it is to download the `ez_setup.py`_ file and run it. The easiest way to run the file is to From 60177639f4ec207b43e94cd59c5bad1a7a67938b Mon Sep 17 00:00:00 2001 From: Daniel Haaker Date: Thu, 28 Oct 2010 22:10:50 +0200 Subject: [PATCH 06/10] There is no database abstraction layer Signed-off-by: Armin Ronacher --- docs/foreword.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/foreword.rst b/docs/foreword.rst index 308de9c5..bdb6a10d 100644 --- a/docs/foreword.rst +++ b/docs/foreword.rst @@ -32,7 +32,7 @@ static files are in subdirectories within the Python source tree of the application. The main reason however why Flask is called a "microframework" is the idea -to keep the core simple but extensible. There is database abstraction +to keep the core simple but extensible. There is no database abstraction layer, no form validation or anything else where different libraries already exist that can handle that. However Flask knows the concept of extensions that can add this functionality into your application as if it From 1c24b62727704016813a44d7c677ead0b6638c91 Mon Sep 17 00:00:00 2001 From: Francisco Souza Date: Sun, 31 Oct 2010 01:55:06 -0200 Subject: [PATCH 07/10] Minor on docs (fixes #133) Signed-off-by: Armin Ronacher --- docs/signals.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/signals.rst b/docs/signals.rst index 73a0c744..356bfcb2 100644 --- a/docs/signals.rst +++ b/docs/signals.rst @@ -179,8 +179,8 @@ The following signals exist in Flask: template.name or 'string template', context) - from flask import request_started - request_started.connect(log_template_renders, app) + from flask import template_rendered + template_rendered.connect(log_template_renders, app) .. data:: flask.request_started :noindex: From 4f1b086218437870c0d36b4b9b36c5376cad9206 Mon Sep 17 00:00:00 2001 From: "Daniel D. Beck" Date: Sat, 30 Oct 2010 20:55:41 -0400 Subject: [PATCH 08/10] Fixed: incorrect indentation level for session's permanent attribute Signed-off-by: Armin Ronacher --- docs/api.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/api.rst b/docs/api.rst index 00b5105e..5de90d01 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -187,12 +187,12 @@ To access the current session you can use the :class:`session` object: # so mark it as modified yourself session.modified = True - .. attribute:: permanent + .. attribute:: permanent - If set to `True` the session life for - :attr:`~flask.Flask.permanent_session_lifetime` seconds. The - default is 31 days. If set to `False` (which is the default) the - session will be deleted when the user closes the browser. + If set to `True` the session life for + :attr:`~flask.Flask.permanent_session_lifetime` seconds. The + default is 31 days. If set to `False` (which is the default) the + session will be deleted when the user closes the browser. Application Globals From 67f483bf647549d6f3a6a3b5f73a2bf913a0b25c Mon Sep 17 00:00:00 2001 From: doobeh Date: Wed, 3 Nov 2010 12:10:44 -0700 Subject: [PATCH 09/10] Typo. Signed-off-by: Armin Ronacher --- docs/security.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/security.rst b/docs/security.rst index 24a4ceb2..a8a0afcf 100644 --- a/docs/security.rst +++ b/docs/security.rst @@ -11,7 +11,7 @@ Cross-Site Scripting (XSS) -------------------------- Cross site scripting is the concept of injecting arbitrary HTML (and with -it JavaScript) into the context of a website. To rememdy this, developers +it JavaScript) into the context of a website. To remedy this, developers have to properly escape text so that it cannot include arbitrary HTML tags. For more information on that have a look at the Wikipedia article on `Cross-Site Scripting From 858806da69f9f46eb4abaf67bf78d864ea104760 Mon Sep 17 00:00:00 2001 From: Georg Brandl Date: Mon, 8 Nov 2010 18:02:39 +0100 Subject: [PATCH 10/10] Hint for positioning file pointer correctly before calling send_file(). Signed-off-by: Armin Ronacher --- flask/helpers.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/flask/helpers.py b/flask/helpers.py index 18eb6d0e..33aa7ee2 100644 --- a/flask/helpers.py +++ b/flask/helpers.py @@ -287,7 +287,9 @@ def send_file(filename_or_fp, mimetype=None, as_attachment=False, relative path is specified. Alternatively a file object might be provided in which case `X-Sendfile` might not work and - fall back to the traditional method. + fall back to the traditional method. Make sure + that the file pointer is positioned at the start + of data to send before calling :func:`send_file`. :param mimetype: the mimetype of the file if provided, otherwise auto detection happens. :param as_attachment: set to `True` if you want to send this file with