Table Of Contents

• Werkzeug Changelog
  • Werkzeug Changelog
    • Version 0.5
    • Version 0.4.1
    • Version 0.4
    • Version 0.3.1
    • Version 0.3
    • Version 0.2
    • Version 0.1
  • API Changes

Werkzeug Changelog

This file lists all major changes in Werkzeug over the versions. For API breaking changes have a look at API Changes, they are listed there in detail.

Werkzeug Changelog

Version 0.5

(codename Schlagbohrer, released on April 24th 2009)

• requires Python 2.4 now
• fixed a bug in IterIO
• added MIMEAccept and CharsetAccept that work like the regular Accept but have extra special normalization for mimetypes and charsets and extra convenience methods.
• switched the serving system from wsgiref to something homebrew.
• the Client now supports cookies.
• added the fixers module with various fixes for webserver bugs and hosting setup side-effects.
• added werkzeug.contrib.wrappers
• added is_hop_by_hop_header()
• added is_entity_header()
• added remove_hop_by_hop_headers()
• added pop_path_info()
• added peek_path_info()
• added wrap_file() and FileWrapper
• moved LimitedStream from the contrib package into the regular werkzeug one and changed the default behavior to raise exceptions rather than stopping without warning. The old class will stick in the module until 0.6.
• implemented experimental multipart parser that replaces the old CGI hack.
• added dump_options_header() and parse_options_header()
• added quote_header_value() and unquote_header_value()
• url_encode() and url_decode() now accept a separator argument to switch between & and ; as pair separator. The magic switch is no longer in place.
• all form data parsing functions as well as the BaseRequest object have parameters (or attributes) to limit the number of incoming bytes (either totally or per field).
• added LanguageAccept
• request objects are now enforced to be read only for all collections.
• added many new collection classes, refactored collections in general.
• test support was refactored, semi-undocumented werkzeug.test.File was replaced by werkzeug.FileStorage.
• EnvironBuilder was added and unifies the previous distinct create_environ(), Client and BaseRequest.from_values(). They all work the same now which is less confusing.
• officially documented imports from the internal modules as undefined behavior. These modules were never exposed as public interfaces.
• removed FileStorage.__len__ which previously made the object falsy for browsers not sending the content length which all browsers do.
• SharedDataMiddleware uses wrap_file now and has a configurable cache timeout.
• added CommonRequestDescriptorsMixin
• added CommonResponseDescriptorsMixin.mimetype_params
• added werkzeug.contrib.lint
• added passthrough_errors to run_simple.
• added secure_filename
• added make_line_iter()
• MultiDict copies now instead of revealing internal lists to the caller for getlist and iteration functions that return lists.
• added follow_redirect to the open() of Client.
• added support for extra_files in make_runserver()

Version 0.4.1

(Bugfix release, released on January 11th 2009)

• werkzeug.contrib.cache.Memcached accepts now objects that implement the memcache.Client interface as alternative to a list of strings with server addresses. There is also now a GAEMemcachedCache that connects to the Google appengine cache.
• explicitly convert secret keys to bytestrings now because Python 2.6 no longer does that.
• url_encode and all interfaces that call it, support ordering of options now which however is disabled by default.
• the development server no longer resolves the addresses of clients.
• Fixed a typo in werkzeug.test that broke File.
• Map.bind_to_environ uses the Host header now if available.
• Fixed BaseCache.get_dict (#345)
• werkzeug.test.Client can now run the application buffered in which case the application is properly closed automatically.
• Fixed Headers.set (#354). Caused header duplication before.
• Fixed Headers.pop (#349). default parameter was not properly handled.
• Fixed UnboundLocalError in create_environ (#351)
• Headers is more compatible with wsgiref now.
• Template.render accepts multidicts now.
• dropped support for Python 2.3

Version 0.4

(codename Schraubenzieher, released on November 23rd 2008)

• Client supports an empty data argument now.
• fixed a bug in Response.application that made it impossible to use it as method decorator.
• the session system should work on appengine now
• the secure cookie works properly in load balanced environments with different cpu architectures now.
• CacheControl.no_cache and CacheControl.private behavior changed to reflect the possibilities of the HTTP RFC. Setting these attributes to None or True now sets the value to “the empty value”. More details in the documentation.
• fixed werkzeug.contrib.atom.AtomFeed.__call__. (#338)
• BaseResponse.make_conditional now always returns self. Previously it didn’t for post requests and such.
• fixed a bug in boolean attribute handling of html and xhtml.
• added graceful error handling to the debugger pastebin feature.
• added a more list like interface to Headers (slicing and indexing works now)
• fixed a bug with the __setitem__ method of Headers that didn’t properly remove all keys on replacing.
• added remove_entity_headers which removes all entity headers from a list of headers (or a Headers object)
• the responses now automatically call remove_entity_headers if the status code is 304.
• fixed a bug with Href query parameter handling. Previously the last item of a call to Href was not handled properly if it was a dict.
• headers now support a pop operation to better work with environ properties.

Version 0.3.1

(released on June 24th 2008)

• fixed a security problem with werkzeug.contrib.SecureCookie. More details available in the release announcement.

Version 0.3

(codename EUR325CAT6, released on June 14th 2008)

• added support for redirecting in url routing.
• added Authorization and AuthorizationMixin
• added WWWAuthenticate and WWWAuthenticateMixin
• added parse_list_header
• added parse_dict_header
• added parse_authorization_header
• added parse_www_authenticate_header
• added _get_current_object method to LocalProxy objects
• added parse_form_data
• MultiDict, CombinedMultiDict, Headers, and EnvironHeaders raise special key errors now that are subclasses of BadRequest so if you don’t catch them they give meaningful HTTP responses.
• added support for alternative encoding error handling and the new HTTPUnicodeError which (if not caught) behaves like a BadRequest.
• added BadRequest.wrap.
• added ETag support to the SharedDataMiddleware and added an option to disable caching.
• fixed is_xhr on the request objects.
• fixed error handling of the url adapter’s dispatch method. (#318)
• fixed bug with SharedDataMiddleware.
• fixed Accept.values.
• EnvironHeaders contain content-type and content-length now
• url_encode treats lists and tuples in dicts passed to it as multiple values for the same key so that one doesn’t have to pass a MultiDict to the function.
• added validate_arguments
• added BaseRequest.application
• improved Python 2.3 support
• run_simple accepts use_debugger and use_evalex parameters now, like the make_runserver factory function from the script module.
• the environ_property is now read-only by default
• it’s now possible to initialize requests as “shallow” requests which causes runtime errors if the request object tries to consume the input stream.

Version 0.2

(codename Faustkeil, released Feb 14th 2008)

• Added AnyConverter to the routing system.
• Added werkzeug.contrib.securecookie
• Exceptions have a get_response() method that return a response object
• fixed the path ordering bug (#293), thanks Thomas Johansson
• BaseReporterStream is now part of the werkzeug contrib module. From Werkzeug 0.3 onwards you will have to import it from there.
• added DispatcherMiddleware.
• RequestRedirect is now a subclass of HTTPException and uses a 301 status code instead of 302.
• url_encode and url_decode can optionally treat keys as unicode strings now, too.
• werkzeug.script has a different caller format for boolean arguments now.
• renamed lazy_property to cached_property.
• added import_string.
• added is_* properties to request objects.
• added empty() method to routing rules.
• added werkzeug.contrib.profiler.
• added extends to Headers.
• added dump_cookie and parse_cookie.
• added as_tuple to the Client.
• added werkzeug.contrib.testtools.
• added werkzeug.unescape
• added BaseResponse.freeze
• added werkzeug.contrib.atom
• the HTTPExceptions accept an argument description now which overrides the default description.
• the MapAdapter has a default for path info now. If you use bind_to_environ you don’t have to pass the path later.
• the wsgiref subclass werkzeug uses for the dev server does not use direct sys.stderr logging any more but a logger called “werkzeug”.
• implemented Href.
• implemented find_modules
• refactored request and response objects into base objects, mixins and full featured subclasses that implement all mixins.
• added simple user agent parser
• werkzeug’s routing raises MethodNotAllowed now if it matches a rule but for a different method.
• many fixes and small improvements

Version 0.1

(codename Wictorinoxger, released Dec 9th 2007)

• Initial release

API Changes

0.5

• Werkzeug switched away from wsgiref as library for the builtin webserver.
• The encoding parameter for Templates is now called charset. The older one will work for another two versions but warn with a DeprecationWarning.
• The Client has cookie support now which is enabled by default.
• BaseResponse._get_file_stream() is now passed more parameters to make the function more useful. In 0.6 the old way to invoke the method will no longer work. To support both newer and older Werkzeug versions you can add all arguments to the signature and provide default values for each of them.
• url_decode() no longer supports both & and ; as separator. This has to be specified explicitly now.
• The request object is now enforced to be read-only for all attributes. If your code relies on modifications of some values makes sure to create copies of them using the mutable counterparts!
• Some data structures that were only used on request objects are now immutable as well. (Authorization / Accept and subclasses)
• CacheControl was splitted up into RequestCacheControl and ResponseCacheControl, the former being immutable. The old class will go away in 0.6
• undocumented werkzeug.test.File was replaced by FileWrapper.
• it’s not longer possible to pass dicts inside the data dict in Client. Use tuples instead.
• It’s save to modify the return value of MultiDict.getlist() and methods that return lists in the MultiDict now. The class creates copies instead of revealing the internal lists. However MultiDict.setlistdefault still (and intentionally) returns the internal list for modifications.

0.3

• Werkzeug 0.3 will be the last release with Python 2.3 compatibility.
• The environ_property is now read-only by default. This decision was made because the request in general should be considered read-only.

0.2

• The BaseReporterStream is now part of the contrib module, the new module is werkzeug.contrib.reporterstream. Starting with 0.3, the old import will not work any longer.
• RequestRedirect now uses a 301 status code. Previously a 302 status code was used incorrectly. If you want to continue using this 302 code, use response = redirect(e.new_url, 302).
• lazy_property is now called cached_property. The alias for the old name will disappear in Werkzeug 0.3.
• match can now raise MethodNotAllowed if configured for methods and there was no method for that request.
• The response_body attribute on the response object is now called data. With Werkzeug 0.3 the old name will not work any longer.
• The file-like methods on the response object are deprecated. If you want to use the response object as file like object use the Response class or a subclass of BaseResponse and mix the new ResponseStreamMixin class and use response.stream.