tornado/docs/releases/v1.2.0.rst

What's new in Tornado 1.2
=========================

Feb 20, 2011
------------

::

    We are pleased to announce the release of Tornado 1.2, available from
    https://github.com/downloads/facebook/tornado/tornado-1.2.tar.gz

    Backwards compatibility notes:
    * This release includes the backwards-incompatible security change from
      version 1.1.1.  Users upgrading from 1.1 or earlier should read the
      release notes from that release:
      http://groups.google.com/group/python-tornado/browse_thread/thread/b36191c781580cde
    * StackContexts that do something other than catch exceptions may need to
      be modified to be reentrant.
      https://github.com/facebook/tornado/commit/7a7e24143e77481d140fb5579bc67e4c45cbcfad
    * When XSRF tokens are used, the token must also be present on PUT and
      DELETE requests (anything but GET and HEAD)

    New features:
    * A new HTTP client implementation is available in the module
      tornado.simple_httpclient.  This HTTP client does not depend on pycurl.
      It has not yet been tested extensively in production, but is intended
      to eventually replace the pycurl-based HTTP client in a future release of
      Tornado.  To transparently replace tornado.httpclient.AsyncHTTPClient with
      this new implementation, you can set the environment variable
      USE_SIMPLE_HTTPCLIENT=1 (note that the next release of Tornado will
      likely include a different way to select HTTP client implementations)
    * Request logging is now done by the Application rather than the
      RequestHandler.  Logging behavior may be customized by either overriding
      Application.log_request in a subclass or by passing log_function
      as an Application setting
    * Application.listen(port): Convenience method as an alternative to
      explicitly creating an HTTPServer
    * tornado.escape.linkify(): Wrap urls in <a> tags
    * RequestHandler.create_signed_value(): Create signatures like the
      secure_cookie methods without setting cookies.
    * tornado.testing.get_unused_port(): Returns a port selected in the same
      way as inAsyncHTTPTestCase
    * AsyncHTTPTestCase.fetch(): Convenience method for synchronous fetches
    * IOLoop.set_blocking_signal_threshold(): Set a callback to be run when
      the IOLoop is blocked.
    * IOStream.connect(): Asynchronously connect a client socket
    * AsyncHTTPClient.handle_callback_exception(): May be overridden
      in subclass for custom error handling
    * httpclient.HTTPRequest has two new keyword arguments, validate_cert and
      ca_certs. Setting validate_cert=False will disable all certificate checks
      when fetching https urls.  ca_certs may be set to a filename containing
      trusted certificate authorities (defaults will be used if this is
      unspecified)
    * HTTPRequest.get_ssl_certificate(): Returns the client's SSL certificate
      (if client certificates were requested in the server's ssl_options
    * StaticFileHandler can be configured to return a default file (e.g.
      index.html) when a directory is requested
    * Template directives of the form "{% from x import y %}" are now
      supported (in addition to the existing support for "{% import x
      %}"
    * FacebookGraphMixin.get_authenticated_user now accepts a new
      parameter 'extra_fields' which may be used to request additional
      information about the user

    Bug fixes:
    * auth: Fixed KeyError with Facebook offline_access
    * auth: Uses request.uri instead of request.path as the default redirect
      so that parameters are preserved.
    * escape: xhtml_escape() now returns a unicode string, not
      utf8-encoded bytes
    * ioloop: Callbacks added with add_callback are now run in the order they
      were added
    * ioloop: PeriodicCallback.stop can now be called from inside the callback.
    * iostream: Fixed several bugs in SSLIOStream
    * iostream: Detect when the other side has closed the connection even with
      the select()-based IOLoop
    * iostream: read_bytes(0) now works as expected
    * iostream: Fixed bug when writing large amounts of data on windows
    * iostream: Fixed infinite loop that could occur with unhandled exceptions
    * httpclient: Fix bugs when some requests use proxies and others don't
    * httpserver: HTTPRequest.protocol is now set correctly when using the
      built-in SSL support
    * httpserver: When using multiple processes, the standard library's
      random number generator is re-seeded in each child process
    * httpserver: With xheaders enabled, X-Forwarded-Proto is supported as an
      alternative to X-Scheme
    * httpserver: Fixed bugs in multipart/form-data parsing
    * locale: format_date() now behaves sanely with dates in the future
    * locale: Updates to the language list
    * stack_context: Fixed bug with contexts leaking through reused IOStreams
    * stack_context: Simplified semantics and improved performance
    * web: The order of css_files from UIModules is now preserved
    * web: Fixed error with default_host redirect
    * web: StaticFileHandler works when os.path.sep != '/' (i.e. on Windows)
    * web: Fixed a caching-related bug in StaticFileHandler when a file's
      timestamp has changed but its contents have not.
    * web: Fixed bugs with HEAD requests and e.g. Etag headers
    * web: Fix bugs when different handlers have different static_paths
    * web: @removeslash will no longer cause a redirect loop when applied to the
      root path
    * websocket: Now works over SSL
    * websocket: Improved compatibility with proxies

    Many thanks to everyone who contributed patches, bug reports, and feedback
    that went into this release!

    -Ben