* Bug fixed: property preventing to set upstream and diazo_rules (53, 54) [vdemin] * Security issue fixed: when colon is present at URL path urljoin ignores the upstream and the request is redirected to the path itself allowing content injection
0.9.6
Not secure
==================
* Fixed connections pools * Use wsgiref to check for hop-by-hop headers [50] * Refactored tests * Fixed security issue that allowed remote-user header injection
0.9.5
Not secure
==================
* Added extras_require to make easier diazo installation
0.9.4
Not secure
==================
* Alow to send context dict to transformation template. [chaws, macartur]
0.9.3
Not secure
==================
* Use StringIO intead of BytesIO on theme compilation (transformation)
0.9.2
Not secure
==================
Thanks rafamanzo for the reports.
* Append a backslash on upstream when needed * Validate upstream URL to make sure it has a scheme * Added branch test coverage