• Deliverance now follows HTTP redirects when trying to fetch the theme document and when fetching external content via href attributes on rule tags.
  • Add support for matching on namespace-prefixed attributes (malthe)


  • Fixed runtime error when handling a 302 response with a “text/html” type but an empty body.

  • Added a subpath matcher, which lets you match URLs against a subpath, so <match path="subpath:/foo" /> will match requests to “/foo/bar” and “/foo/bar/baz” but requests to “/foobar” or “/foo” will not match.

    a URL

  • Made the DeliveranceMiddleware factory used in deliverance-proxy configurable through a middleware-factory directive in the server-settings section of deliverance.xml. You can use a pyref to point to any callable which returns an instance of DeliveranceMiddleware or a subclass. The signature of the callable factory must conform to (app, rule_getter, **kwargs); keyword arguments can be provided with pyarg-foo="bar" attributes in the configuration. For example:


    [..] <middleware-factory

    pyref=”libopencore.deliverance_middleware:CustomDeliveranceMiddleware” pyarg-default_theme=”” pyarg-other_custom_setting=”1” />



  • Factored out method DeliveranceMiddleware.use_internal_subrequest which is called to determine whether Deliverance should get a resource via an internal subrequest to the WSGI callable wrapped by Deliverance. Subclasses can customize this to control when Deliverance should make full HTTP subrequests.


  • Added to ensure necessary static files are installed alongside code (paster templates, templates + media for editarea.js, client-side theming scripts)

    These were lost somehow when the code moved from SVN to Git, because of some setuptools magic that I don’t understand.


  • Removed reference to changes_on_trunk.txt file in so that code can install without that file present.


  • Added a response-status matcher, for matching against the status code of the response. Use like <match response-status=”404” class=”notfounds” /> (esanchez) (#39)

  • Added a ReverseMatcher, which allows you to prefix a match statement with not: to reverse the result. Use like <match path=”not:/bad-path” /> (esanchez) (#39)

  • Added a boolean collapse-sources attribute on TransformActions (append, prepend, replace) which can signal that elements moved from the content to the theme should be “fully collapsed” into the theme immediately, allowing subsequent actions to act on those elements within the theme.

  • Added support for mounting WSGI applications directly in the proxy, as an alternative to HTTP proxy endpoints. (#48)

  • Fixed error when trying to move or copy HTML comment nodes (#69)

  • Fixed error in deliverance-proxy when proxying HEAD requests (#66)

  • Factored out method DeliveranceMiddleware.default_theme(self, environ) so that subclasses can implement custom logic for calculating the global default theme per request based on the WSGI environment and the value of self._default_theme which is set by the theme_uri parameter in the paste.deploy configuration.

    The default implementation returns the raw string self._default_theme directly.

  • Factored out method DeliveranceMiddleware.build_external_subrequest which is called when Deliverance is getting a resource via an external subrequest (as opposed to a file:// URL or an internal subrequest to the application being wrapped by Deliverance)

    The method returns a webob.Request object; the default implementation returns a blank Request with only the header x-deliverance-theme-subrequest set. Subclasses can override this behavior, e.g. to preserve certain headers from the original request into subrequests.

  • Factored out method DeliveranceMiddleware.notheme_request(self, request) so that subclasses can customize the logic to determine which requests should never be themed by Deliverance.

    The default implementation checks for “deliv_notheme” in the querystring.

  • Moved tests from test_middleware.txt to, and converted to WebTest, to improve clarity of tests and ease of adding new tests.


  • Compatible with WebOb 1.0 (or 0.9.8)
  • Remove dependency_link for unpinned trunk of DevAuth


  • Pass open file objects to lxml instead of filenames. Apparently lxml can segfault in some circumstances if you pass a filename for it to open multiple times. (kiorky)
  • Reorganized pyref documentation into a single document for easier reference.
  • Added a document on configuring Deliverance with Paste Deploy.


  • Characters <, >, and & are no longer escaped when they appear within a CDATA section in XHTML output mode.
  • The theme’s doctype is now given priority over the content doctype, to give users more control over the output format.


  • The paste.deploy configuration and middleware factory now accept a theme_uri parameter.

    If used, this will be the global default theme uri. It will be used if no theme is defined within the ruleset.

  • Internal subrequests that return non-200 response codes are now retried as external HTTP requests. (#16)

  • Request/response matching in <rule> elements now work. (#6)

  • <meta http-equiv=”Content-Type”> tags are no longer stripped from documents. Instead, they are always included in the output of Deliverance, with a default charset of ASCII. (#34)

  • CDATA sections in XHTML documents are left as-is instead of being incorrectly escaped. (#36)

  • Before applying the rules, Deliverance now moves the <meta> tag with a charset declaration to be the first child of the <head> element, if both are present. This ensures that non-ASCII characters in the <head> are converted to the correct HTML sequences. (#12)

  • There is now a garbage-collecting WSGI middleware deliverance.garbagecollect, disabled by default, which calls gc.collect() after every request. This was added after a report (unconfirmed) of potential memory leaks when using some versions of lxml. (#22)

    You can use it with deliverance-proxy –garbage-collect or, in paste.deploy configurations, filter your app with use = egg:Deliverance#garbagecollect.


  • FileRuleGetter now reloads the rules file on every request if Deliverance is initialized with debug=true.
  • If the content document declares an XHTML doctype, then the output will be valid XML. (#28)
  • If the content document declares any doctype, that doctype will be preserved in the output. Otherwise, the theme’s doctype will be used if present. If neither document has a doctype, the default is HTML 4.0 Transitional. (#28)
  • rule_uri can now be a file:// URI
  • You can now set execute_pyref=true in Paste Deploy .ini file to allow pyrefs in the rules when using the Deliverance middleware directly.
  • Fixed “join_attributes tries to join on list and set which is not valid” (#18)
  • Fixed util.filetourl breakage on Windows. (#13)
  • Added XInclude support in rules file.
  • Empty links in the theme like <a href=”“> both work now; in the last release Deliverance would throw an error when trying to parse these. (#31)
  • When fetching the content document, responses with Content-Length:0 will be passed through to the client. Previously these would cause an error. (#25)

0.3 prerelease

  • Add a monkeypatch for Paste to work around a long unsolved robustness bug.
  • Correctly handle in-document links in the theme. Patch from Michael Dunstan. This fixes #19 and #31.
  • Added deliverance.middleware:FileRuleGetter
  • Added Paste Deploy entry point (egg:Deliverance).
  • Plenty more

Table Of Contents

Previous topic

deliverance.util – miscellaneous functions

Next topic


This Page