Tornado 2.2.1 新特性¶
Apr 23, 2012¶
Security fixes¶
- tornado.web.RequestHandler.set_header now properly sanitizes inputvalues to protect against header injection, response splitting, etc.(it has always attempted to do this, but the check was incorrect).Note that redirects, the most likely source of such bugs, are protectedby a separate check in RequestHandler.redirect.
Bug fixes¶
- Colored logging configuration in tornado.options is compatible withPython 3.2.3 (and 3.3).
原文:
https://tornado-zh-cn.readthedocs.io/zh_CN/latest/releases/v2.2.1.html