EVOLUTION-MANAGER

Edit File: version-4.4.9.html

<!DOCTYPE html> <!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]--> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Version 4.4.9 &mdash; mod_wsgi 4.7.1 documentation</title> <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" /> <link rel="top" title="mod_wsgi 4.7.1 documentation" href="../index.html"/> <link rel="up" title="Release Notes" href="../release-notes.html"/> <link rel="next" title="Version 4.4.8" href="version-4.4.8.html"/> <link rel="prev" title="Version 4.4.10" href="version-4.4.10.html"/> <script src="../_static/js/modernizr.min.js"></script> </head> <body class="wy-body-for-nav" role="document"> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search"> <a href="../index.html" class="icon icon-home"> mod_wsgi </a> <div class="version"> 4.7 </div> <div role="search"> <form id="rtd-search-form" class="wy-form" action="../search.html" method="get"> <input type="text" name="q" placeholder="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div> <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../project-status.html">Project Status</a></li> <li class="toctree-l1"><a class="reference internal" href="../security-issues.html">Security Issues</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started.html">Getting Started</a></li> <li class="toctree-l1"><a class="reference internal" href="../requirements.html">Requirements</a></li> <li class="toctree-l1"><a class="reference internal" href="../installation.html">Installation</a></li> <li class="toctree-l1"><a class="reference internal" href="../troubleshooting.html">Troubleshooting</a></li> <li class="toctree-l1"><a class="reference internal" href="../user-guides.html">User Guides</a></li> <li class="toctree-l1"><a class="reference internal" href="../configuration.html">Configuration</a></li> <li class="toctree-l1"><a class="reference internal" href="../finding-help.html">Finding Help</a></li> <li class="toctree-l1"><a class="reference internal" href="../reporting-bugs.html">Reporting Bugs</a></li> <li class="toctree-l1"><a class="reference internal" href="../contributing.html">Contributing</a></li> <li class="toctree-l1"><a class="reference internal" href="../source-code.html">Source Code</a></li> <li class="toctree-l1 current"><a class="reference internal" href="../release-notes.html">Release Notes</a><ul class="current"> <li class="toctree-l2"><a class="reference internal" href="version-4.7.0.html">Version 4.7.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.7.1.html">Version 4.7.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.8.html">Version 4.6.8</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.7.html">Version 4.6.7</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.6.html">Version 4.6.6</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.5.html">Version 4.6.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.4.html">Version 4.6.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.3.html">Version 4.6.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.2.html">Version 4.6.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.1.html">Version 4.6.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.6.0.html">Version 4.6.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.24.html">Version 4.5.24</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.23.html">Version 4.5.23</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.22.html">Version 4.5.22</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.21.html">Version 4.5.21</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.20.html">Version 4.5.20</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.19.html">Version 4.5.19</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.18.html">Version 4.5.18</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.17.html">Version 4.5.17</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.16.html">Version 4.5.16</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.15.html">Version 4.5.15</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.14.html">Version 4.5.14</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.13.html">Version 4.5.13</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.12.html">Version 4.5.12</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.11.html">Version 4.5.11</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.10.html">Version 4.5.10</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.9.html">Version 4.5.9</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.8.html">Version 4.5.8</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.7.html">Version 4.5.7</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.6.html">Version 4.5.6</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.5.html">Version 4.5.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.4.html">Version 4.5.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.3.html">Version 4.5.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.2.html">Version 4.5.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.1.html">Version 4.5.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.5.0.html">Version 4.5.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.23.html">Version 4.4.23</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.22.html">Version 4.4.22</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.21.html">Version 4.4.21</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.20.html">Version 4.4.20</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.19.html">Version 4.4.19</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.18.html">Version 4.4.18</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.17.html">Version 4.4.17</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.16.html">Version 4.4.16</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.15.html">Version 4.4.15</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.14.html">Version 4.4.14</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.13.html">Version 4.4.13</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.12.html">Version 4.4.12</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.11.html">Version 4.4.11</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.10.html">Version 4.4.10</a></li> <li class="toctree-l2 current"><a class="current reference internal" href="">Version 4.4.9</a><ul> <li class="toctree-l3"><a class="reference internal" href="#features-changed">Features Changed</a></li> <li class="toctree-l3"><a class="reference internal" href="#new-features">New Features</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.8.html">Version 4.4.8</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.7.html">Version 4.4.7</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.6.html">Version 4.4.6</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.5.html">Version 4.4.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.4.html">Version 4.4.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.3.html">Version 4.4.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.2.html">Version 4.4.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.1.html">Version 4.4.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.4.0.html">Version 4.4.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.3.2.html">Version 4.3.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.3.1.html">Version 4.3.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.3.0.html">Version 4.3.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.8.html">Version 4.2.8</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.7.html">Version 4.2.7</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.6.html">Version 4.2.6</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.5.html">Version 4.2.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.4.html">Version 4.2.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.3.html">Version 4.2.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.2.html">Version 4.2.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.1.html">Version 4.2.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.2.0.html">Version 4.2.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.1.3.html">Version 4.1.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.1.2.html">Version 4.1.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.1.1.html">Version 4.1.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.1.0.html">Version 4.1.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-4.0.html">Version 4.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-3.5.html">Version 3.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-3.4.html">Version 3.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-3.3.html">Version 3.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-3.2.html">Version 3.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-3.1.html">Version 3.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-3.0.html">Version 3.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.8.html">Version 2.8</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.7.html">Version 2.7</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.6.html">Version 2.6</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.5.html">Version 2.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.4.html">Version 2.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.3.html">Version 2.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.2.html">Version 2.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.1.html">Version 2.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-2.0.html">Version 2.0</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.6.html">Version 1.6</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.5.html">Version 1.5</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.4.html">Version 1.4</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.3.html">Version 1.3</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.2.html">Version 1.2</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.1.html">Version 1.1</a></li> <li class="toctree-l2"><a class="reference internal" href="version-1.0.html">Version 1.0</a></li> </ul> </li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"> <nav class="wy-nav-top" role="navigation" aria-label="top navigation"> <i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="../index.html">mod_wsgi</a> </nav> <div class="wy-nav-content"> <div class="rst-content"> <div role="navigation" aria-label="breadcrumbs navigation"> <ul class="wy-breadcrumbs"> <li><a href="../index.html">Docs</a> &raquo;</li> <li><a href="../release-notes.html">Release Notes</a> &raquo;</li> <li>Version 4.4.9</li> <li class="wy-breadcrumbs-aside"> <a href="../_sources/release-notes/version-4.4.9.txt" rel="nofollow"> View page source</a> </li> </ul> <hr/> </div> <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <div class="section" id="version-4-4-9"> <h1>Version 4.4.9<a class="headerlink" href="#version-4-4-9" title="Permalink to this headline">¶</a></h1> <p>Version 4.4.9 of mod_wsgi can be obtained from:</p> <blockquote> <div><a class="reference external" href="https://codeload.github.com/GrahamDumpleton/mod_wsgi/tar.gz/4.4.9">https://codeload.github.com/GrahamDumpleton/mod_wsgi/tar.gz/4.4.9</a></div></blockquote> <p>For details on the availability of Windows binaries see:</p> <blockquote> <div><a class="reference external" href="https://github.com/GrahamDumpleton/mod_wsgi/tree/master/win32">https://github.com/GrahamDumpleton/mod_wsgi/tree/master/win32</a></div></blockquote> <div class="section" id="features-changed"> <h2>Features Changed<a class="headerlink" href="#features-changed" title="Permalink to this headline">¶</a></h2> <p>1. The <tt class="docutils literal"><span class="pre">--proxy-url-alias</span></tt> option of <tt class="docutils literal"><span class="pre">mod_wsgi-express</span></tt> has been superseded by the <tt class="docutils literal"><span class="pre">--proxy-mount-point</span></tt> option. This option now should only be used to proxy to a whole site or sub site and not individual file resources. If the mount point URL for what should be proxied doesn&#8217;t have a trailing slash, the trailing slash redirection will first be performed on the proxy for the mount point rather than simply passing it through to the backend.</p> <p>2. The signal handler intercept will now be removed automatically from a Python child process forked from either an Apache child process or a daemon process. This avoids the requirement of setting <tt class="docutils literal"><span class="pre">WSGIRestrictSignal</span></tt> to <tt class="docutils literal"><span class="pre">Off</span></tt> if wanting to setup new signal handlers from a forked child process.</p> <p>3. The signal handler registrations setup in daemon processes to manage process shutdown, will now revert to exiting the process when invoked from a Python process forked from a daemon process. This avoids the need to set new signal handlers in forked processes to override what was inherited.</p> <p>Note that this only applies to processes forked from daemon mode processes. If you are forking processes when your WSGI application is running in embedded mode, it is still a good idea to set signal handles for <tt class="docutils literal"><span class="pre">SIGINT</span></tt>, <tt class="docutils literal"><span class="pre">SIGTERM</span></tt> and <tt class="docutils literal"><span class="pre">SIGUSR1</span></tt> back to <tt class="docutils literal"><span class="pre">SIG_DFL</span></tt> using <tt class="docutils literal"><span class="pre">signal.signal()</span></tt> if you want to avoid the possibility of strange behaviour due to the inherited Apache child worker process signal registrations.</p> </div> <div class="section" id="new-features"> <h2>New Features<a class="headerlink" href="#new-features" title="Permalink to this headline">¶</a></h2> <p>1. Added <tt class="docutils literal"><span class="pre">--hsts-policy</span></tt> option to <tt class="docutils literal"><span class="pre">mod_wsgi-express</span></tt> to allow a HSTS (<tt class="docutils literal"><span class="pre">Strict-Transport-Security</span></tt>) policy response header to be specified which should be included when the <tt class="docutils literal"><span class="pre">--https-only</span></tt> option is used to ensure that the site only accepts HTTPS connections.</p> <p>2. Added <tt class="docutils literal"><span class="pre">WSGITrustedProxyHeaders</span></tt> directive. This allows you to specify a space separated list of inbound HTTP headers used to transfer client connection information from a proxy to a backend server, that are trusted. When the specified headers are seen in a request, the values passed via them will be used to fix up the values in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary to reflect client information as was seen by the proxy.</p> <p>Only the specific headers you are expecting and which is guaranteed to have only been set by the proxy should be listed. Whether it exists or not, all other headers in a category will be removed so as to avoid an issue with a forged header getting through to a WSGI middleware which is looking for a different header and subsequently overriding whatever the trusted header specified. This applies to the following as well when more than one convention is used for the header name.</p> <p>The header names which are accepted for specifying the HTTP scheme used are <tt class="docutils literal"><span class="pre">X-Forwarded-Proto</span></tt>, <tt class="docutils literal"><span class="pre">X-Forwarded-Scheme</span></tt> and <tt class="docutils literal"><span class="pre">X-Scheme</span></tt>. It is expected that the value these supply will be <tt class="docutils literal"><span class="pre">http</span></tt> or <tt class="docutils literal"><span class="pre">https</span></tt>. When it is <tt class="docutils literal"><span class="pre">https</span></tt>, the <tt class="docutils literal"><span class="pre">wsgi.url_scheme</span></tt> value in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary will be overridden to be <tt class="docutils literal"><span class="pre">https</span></tt>.</p> <p>Alternate headers accepted are <tt class="docutils literal"><span class="pre">X-Forwarded-HTTPS</span></tt>, <tt class="docutils literal"><span class="pre">X-Forwarded-SSL</span></tt> and <tt class="docutils literal"><span class="pre">X-HTTPS</span></tt>. If these are passed, the value needs to be <tt class="docutils literal"><span class="pre">On</span></tt>, <tt class="docutils literal"><span class="pre">true</span></tt> or <tt class="docutils literal"><span class="pre">1</span></tt>. A case insensitive match is performed. When matched, the <tt class="docutils literal"><span class="pre">wsgi.url_scheme</span></tt> value in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary will be overridden to be <tt class="docutils literal"><span class="pre">https</span></tt>.</p> <p>The header names which are accepted for specifying the target host are <tt class="docutils literal"><span class="pre">X-Forwarded-Host</span></tt> and <tt class="docutils literal"><span class="pre">X-Host</span></tt>. When found, the value will be used to override the <tt class="docutils literal"><span class="pre">HTTP_HOST</span></tt> value in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary.</p> <p>The sole header name accepted for specifying the front end proxy server name is <tt class="docutils literal"><span class="pre">X-Fowarded-Server</span></tt>. When found, the value will be used to override the <tt class="docutils literal"><span class="pre">SERVER_NAME</span></tt> value in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary.</p> <p>The sole header name accepted for specifying the front end proxy server port is <tt class="docutils literal"><span class="pre">X-Fowarded-Port</span></tt>. When found, the value will be used to override the <tt class="docutils literal"><span class="pre">SERVER_PORT</span></tt> value in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary.</p> <p>The header names accepted for specifying the client IP address are <tt class="docutils literal"><span class="pre">X-Forwarded-For</span></tt> and <tt class="docutils literal"><span class="pre">X-Real-IP</span></tt>. When <tt class="docutils literal"><span class="pre">X-Forwarded-For</span></tt> is used then the first IP address listed in the header value will be used. For <tt class="docutils literal"><span class="pre">X-Real-IP</span></tt> only one IP address should be given. When found, the value will be used to override the <tt class="docutils literal"><span class="pre">REMOTE_ADDR</span></tt> value in the WSGI <tt class="docutils literal"><span class="pre">environ</span></tt> dictionary.</p> <p>Note that at present there is no facility for specifying a list of trusted IP addresses to be specified for front end proxies. This will be a feature added in a future version. When that is available and <tt class="docutils literal"><span class="pre">X-Forwarded-For</span></tt> is used, then the IP address preceding the furthest away trusted proxy IP address will instead be used, even if not the first in the list.</p> <p>The header names accepted for specifying the application mount point are <tt class="docutils literal"><span class="pre">X-Script-Name</span></tt> and <tt class="docutils literal"><span class="pre">X-Forwarded-Script-Name</span></tt>. When found, the value will override the <tt class="docutils literal"><span class="pre">SCRIPT_NAME</span></tt> value in the <tt class="docutils literal"><span class="pre">WSGI</span></tt> environ dictionary.</p> <p>When using <tt class="docutils literal"><span class="pre">mod_wsgi-express</span></tt> the equivalent command line option is <tt class="docutils literal"><span class="pre">--trust-proxy-header</span></tt>. The option can be used multiple times to specify more than one header.</p> </div> </div> </div> <div class="articleComments"> </div> </div> <footer> <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation"> <a href="version-4.4.8.html" class="btn btn-neutral float-right" title="Version 4.4.8" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a> <a href="version-4.4.10.html" class="btn btn-neutral" title="Version 4.4.10" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a> </div> <hr/> <div role="contentinfo"> <p> &copy; Copyright 2007-2020, Graham Dumpleton. </p> </div> Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. </footer> </div> </div> </section> </div> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT:'../', VERSION:'4.7.1', COLLAPSE_INDEX:false, FILE_SUFFIX:'.html', HAS_SOURCE: true, SOURCELINK_SUFFIX: '' }; </script> <script type="text/javascript" src="../_static/jquery.js"></script> <script type="text/javascript" src="../_static/underscore.js"></script> <script type="text/javascript" src="../_static/doctools.js"></script> <script type="text/javascript" src="../_static/js/theme.js"></script> <script type="text/javascript"> jQuery(function () { SphinxRtdTheme.StickyNav.enable(); }); </script> </body> </html>