Tornado 3.2.1 新特性¶

    • The signed-value format used by RequestHandler.set_secure_cookieand has changed to be more secure.This is a disruptive change. The secure_cookie functionstake new version parameters to support transitions between cookieformats.
    • To minimize disruption, cookies in the older format will be acceptedby default until they expire. Applications that may be vulnerablecan reject all cookies in the older format by passing min_version=2to RequestHandler.get_secure_cookie.
    • Thanks to Joost Pol of for reporting this issue.
    • The C extension used to speed up the websocket module now compilescorrectly on Windows with MSVC and 64-bit mode. The fallback tothe pure-Python alternative now works correctly on Mac OS X machineswith no C compiler installed.