- Add X-Forwarded-For and X-Forwarded-Proto headers. Fixes #79.
- Add Django 3.2 support. Fixes #126.
- Fix add_remote_user when run without AuthenticationMiddleware. Fix #86
- Add get_encoded_query_params method
- Add support for Python 3.7 and 3.8.
- Add support for Django 2.2 and 3.0.
- Fix issues with latest urllib3. Fixes #75.
- Fix issues with parsing cookies. Fixes #84.
- Drop Python 3.3, 3.4, and PyPy support.
- Add Python 3.6 support.
- Move construction of proxied path to method [@dimrozakis]
- User.get_username() rather than User.name to support custom User models [@acordiner]
- Added support to Django 1.10 (support to 1.7 was dropped)
- Fixed error 500 caused by content with wrong encoding [@lucaskanashiro, @macartur]
- Updated urllib3 to 1.12 (at least)
- Fixed Python 3 compatibility issue (see #59 and #61). Thanks @stefanklug and @macro1!
- Reorder header prior to httplib request. Host should be always the first
request header.
- Added support to Django 1.9 (dropped support to Django 1.6)
- Added get_request_headers to make easier to set and override request headers
- Bug fixed: property preventing to set upstream and diazo_rules (#53, #54) [@vdemin]
- Security issue fixed: when colon is present at URL path urljoin ignores the upstream and the request is redirected to the path itself allowing content injection
- Fixed connections pools
- Use wsgiref to check for hop-by-hop headers [#50]
- Refactored tests
- Fixed security issue that allowed remote-user header injection
- Added extras_require to make easier diazo installation
- Alow to send context dict to transformation template. [@chaws, @macartur]
- Use StringIO intead of BytesIO on theme compilation (transformation)
Thanks @rafamanzo for the reports.
- Append a backslash on upstream when needed
- Validate upstream URL to make sure it has a scheme
- Added branch test coverage
- More permissive URL scheme (#41).
- Refactored code to allow setting custom headers by extending method (#40) [@marciomazza]
- urllib2 replaced by urllib3 (#10)
- No Diazo transformation if header X-Diazo-Off is set to true - either request or response (#15)
- Removed double memory usage when reading response body (#16)
- Fixed bug caused by many set-cookies coming from upstream (#23) - by @thiagovsk and @macartur
- Added stream support for serving big files with an acceptable memory footprint (#17 and #24). Thanks to @lucasmoura, @macartur, @carloshfoliveira and @thiagovsk.
- Moved Diazo functionalities to DiazoProxyView.
- Logging improved (#21).
- Added options for default_content_type and retries [@gldnspud].
- Sphinx docs (#25).
- 100% test coverage.