Releases: encode/starlette
Releases Β· encode/starlette
Version 0.41.2
Version 0.41.1
What's Changed
- Change
python-multipart
import topython_multipart
by @Kludex in #2733 - Bump minimum
python-multipart
version to 0.0.13 by @Kludex in #2734
Full Changelog: 0.41.0...0.41.1
Version 0.41.0
Added
- Allow to raise
HTTPException
beforewebsocket.accept()
#2725
Version 0.40.0
This release fixes a Denial of service (DoS) via multipart/form-data
requests.
You can view the full security advisory:
GHSA-f96h-pmfr-66vw
Fixed
- Add
max_part_size
toMultiPartParser
to limit the size of parts inmultipart/form-data
requests fd038f3.
Version 0.39.2
Fixed
- Allow use of
request.url_for
when only "app" scope is available #2672. - Fix internal type hints to support
python-multipart==0.0.12
#2708.
Full Changelog: 0.39.1...0.39.2
Version 0.39.1
Fixed
- Avoid regex re-compilation in
responses.py
andschemas.py
#2700. - Improve performance of
get_route_path
by removing regular expression usage #2701. - Consider
FileResponse.chunk_size
when handling multiple ranges #2703. - Use
token_hex
for generating multipart boundary strings #2702.
Full Changelog: 0.39.0...0.39.1
Version 0.39.0
Version 0.38.6
Version 0.38.5
Fixed
- Schedule
BackgroundTasks
from withinBaseHTTPMiddleware
#2688.
This behavior was removed in 0.38.3, and is now restored.
Full Changelog: 0.38.4...0.38.5
Version 0.38.4
Fixed
- Ensure accurate
root_path
removal inget_route_path
function #2600
Full Changelog: 0.38.3...0.38.4