Webob

------

* Correct a caching issue introduced in WebOb 1.0.2 that was causing unnecessary reparsing
of POST requests.

* Fix a bug regarding field names escaping for forms submitted as ``multipart/form-data``.
For more infromation see `the bug report and discussion
<https://bitbucket.org/ianb/webob/issues/2>`_ and 1.0.4 notes for further fix.

* Add ``req.http_version`` attribute.

------

* Primary maintainer is now Sergey Schetinin.

* Issue tracker moved from Trac to bitbucket's `issue
tracker <https://bitbucket.org/ianb/webob/issues>`_

* WebOb 1.0.1 changed the behavior of ``MultiDict.update`` to be more in line with
other dict-like objects. We now also issue a warning when we detect that the
client code seems to expect the old, extending semantics.

* Make ``Response.set_cookie(key, None)`` set the 'delete-cookie' (same as ``.delete_cookie(key)``)

* Make ``req.upath_info`` and ``req.uscript_name`` settable

* Add :meth:``Request.as_string()`` method

* Add a ``req.is_body_seekable`` property

* Support for the ``deflate`` method with ``resp.decode_content()``

* To better conform to WSGI spec we no longer attempt to use seek on ``wsgi.input`` file
instead we assume it is not seekable unless ``env['webob.is_body_seekable']`` is set.
When making the body seekable we set that flag.

* A call to ``req.make_body_seekable()`` now guarantees that the body is seekable, is at 0 position
and that a correct ``req.content_length`` is present.

* ``req.body_file`` is always seekable. To access ``env['wsgi.input']`` without any processing,
use ``req.body_file_raw``. (Partially reverted in 1.0.4)

* Fix responses to HEAD requests with Range.

* Fix ``del resp.content_type``, ``del req.body``, ``del req.cache_control``

* Fix ``resp.merge_cookies()`` when called with an argument that is not a Response instance.

* Fix ``resp.content_body = None`` (was removing Cache-Control instead)

* Fix ``req.body_file = f`` setting ``CONTENT_LENGTH`` to ``-1`` (now removes from environ)

* Fix: make sure req.copy() leaves the original with seekable body

* Fix handling of WSGI environs with missing ``SCRIPT_NAME``

* A lot of tests were added by Mariano Mara and Danny Navarro.

-----

* As WebOb requires Python 2.4 or later, drop some compatibility modules
and update the code to use the decorator syntax.

* Implement optional on-the-fly response compression (``resp.encode_content(lazy=True)``)

* Drop ``util.safezip`` module and make ``util`` a module instead of a subpackage.
Merge ``statusreasons`` into it.

* Instead of using stdlib ``Cookie`` with monkeypatching, add a derived
but thoroughly rewritten, cleaner, safer and faster ``webob.cookies`` module.

* Fix: ``Response.merge_cookies`` now copies the headers before modification instead of
doing it in-place.

* Fix: setting request header attribute to ``None`` deletes that header.
(Bug only affected the 1.0 release).

* Use ``io.BytesIO`` for the request body file on Python 2.7 and newer.

* If a UnicodeMultiDict was used as the ``multi`` argument of another
UnicodeMultiDict, and a ``cgi.FieldStorage`` with a ``filename``
with high-order characters was present in the underlying
UnicodeMultiDict, a ``UnicodeEncodeError`` would be raised when any
helper method caused the ``_decode_value`` method to be called,
because the method would try to decode an already decoded string.

* Fix tests to pass under Python 2.4.

* Add descriptive docstrings to each exception in ``webob.exc``.

* Change the behaviour of ``MultiDict.update`` to overwrite existing header
values instead of adding new headers. The extending semantics are now available
via the ``extend`` method.

* Fix a bug in ``webob.exc.WSGIHTTPException.__init__``. If a list of
``headers`` was passed as a sequence which contained duplicate keys (for
example, multiple ``Set-Cookie`` headers), all but one of those headers
would be lost, because the list was effectively flattened into a dictionary
as the result of calling ``self.headers.update``. Fixed via calling
``self.headers.extend`` instead.

---

* 1.0, yay!

* Pull in werkzeug Cookie fix for malformed cookie bug.

* Implement :meth:`Request.from_file` and
:meth:`Response.from_file` which are kind of the inversion of
``str(req)`` and ``str(resp)``

* Add optional ``pattern`` argument to :meth:`Request.path_info_pop` that requires
the ``path_info`` segment to match the passed regexp to get popped and returned.

* Rewrite most of descriptor implementations for speed.

* Reorder descriptor declarations to group them by their semantics.

* Move code around so that there are fewer compat modules.

* Change :meth:``HTTPError.__str__`` to better conform to PEP 352.

* Make :attr:`Request.cache_control` a view on the headers.

* Correct Accept-Language and Accept-Charset matching to fully conform to the HTTP spec.

* Expose parts of :meth:`Request.blank` as :func:`environ_from_url`
and :func:`environ_add_POST`

* Fix Authorization header parsing for some corner cases.

* Fix an error generated if the user-agent sends a 'Content_Length' header
(note the underscore).

* Kill :attr:`Request.default_charset`. Request charset defaults to UTF-8.
This ensures that all values in ``req.GET``, ``req.POST`` and ``req.params``
are always unicode.

* Fix the ``headerlist`` and ``content_type`` constructor arguments priorities
for :class:`HTTPError` and subclasses.

* Add support for weak etags to conditional Response objects.

* Fix locale-dependence for some cookie dates strings.

* Improve overall test coverage.

* Rename class ``webob.datastruct.EnvironHeaders`` to ``webob.headers.EnvironHeaders``

* Rename class ``webob.headerdict.HeaderDict`` to ``webob.headers.ResponseHeaders``

* Rename class ``webob.updatedict.UpdateDict`` to ``webob.cachecontrol.UpdateDict``

-----

* Fix issue with WSGIHTTPException inadvertently generating unicode body
and failing to encode it

* WWW-Authenticate response header is accessible as
``response.www_authenticate``

* ``response.www_authenticate`` and ``request.authorization`` hold None
or tuple ``(auth_method, params)`` where ``params`` is a dictionary
(or a string when ``auth_method`` is not one of known auth schemes
and for Authenticate: Basic ...)

* Don't share response headers when getting a response like ``resp =
req.get_response(some_app)``; this can avoid some funny errors with
modifying headers and reusing Response objects.

* Add `overwrite` argument to :meth:`Response.set_cookie` that make the
new value overwrite the previously set. `False` by default.

* Add `strict` argument to :meth:`Response.unset_cookie` that controls
if an exception should be raised in case there are no cookies to unset.
`True` by default.

* Fix ``req.GET.copy()``

* Make sure that 304 Not Modified responses generated by
:meth:`Response.conditional_response_app` exclude Content-{Length/Type}
headers

* Fix ``Response.copy()`` not being an independent copy

* When the requested range is not satisfiable, return a 416 error
(was returning entire body)

* Truncate response for range requests that go beyond the end of body
(was treating as invalid).

-------

* Fix an import problem with Pylons