=== 2.7.5
* New Features
* All 4xx responses and RedirectLimitReachedError when fetching robots.txt are treated as full allow just like Googlebot does.
* Enable support for mime-types > 3.
* Bug fix
* Don't cause infinite loop when `GET /robots.txt` redirects. (#457)
* Fix basic authentication for a realm that contains uppercase characters. (#458, #459)
* Fix encoding error when uploading a file which name is non-ASCII. (#333)
=== 2.7.4
* New Features
* Accept array-like and hash-like values as query/parameter value.
A new utility method Mechanize::Util.each_parameter is added, and Mechanize::Util.build_query_string is enhanced
for this feature.
* Allow passing a `Form::FileUpload` instance to `#post`. #350 by Sam
Rawlins.
* Capture link when scheme is unsupported. #362 by Jon Rowe.
* Pre-defined User-Agent stings are updated to those of more recent versions, and new aliases for IE 10/11 and Edge are added.
* Support for mime-types 1.x is restored while keeping compatible with mime-types 2.x and adding support for 3.0.
* Mechanize::Page now responds to #xpath, #css, #at_xpath, #at_css, and #%.
* element(s)_with methods now accept :xpath and :css options for doing xpath/css
selector searching.
* Pass URI information to Nokogiri where applicable. #405 @lulalala
* Bug fix
* Don't raise an exception if a connection has set a {read,open}_timeout and
a `file://` request is made. (#397)
* Fix whitespace bug in WWW-Authenticate. #451, #450, by Rasmus Bergholdt
* Don't allow redirect from a non-file URL to a file URL for security reasons. (#455)
=== 2.7.3
* New Features
* Allow net-http-persistent instance to be named. #324, John Weir.
* #save and #save! return filename #340
* Updated mime-types requirement to 2.x versions. #348 by Jeff Nyman.
* Bug fix
* Ensure Download#save! defaults back to original filename if
none is provided (#300)
=== 2.5.1
* Bug fix
* Mechanize no longer copies POST requests during a redirect which was
introduced by #215. Pull request #229 by Godfrey Chan.
=== 2.5
* Minor enhancement
* Added Mechanize#ignore_bad_chunking for working around servers that don't
terminate chunked transfer-encoding properly. Enabling this may cause
data loss. Issue #116
* Removed content-type check from Mechanize::Page allowing forced parsing
of incorrect or missing content-types. Issue #221 by GarthSnyder
* Bug fixes
* Fixed typos in EXAMPLES and GUIDES. Pull Request #213 by Erkan Yilmaz.
* Fixed handling of a quoted content-disposition size. Pull Request #220 by
Jason Rust
* Mechanize now ignores a missing gzip footer like browsers do. Issue #224
by afhbl
* Mechanize handles saving of files with the same name better now. Pull
Request #223 by Godfrey Chan, Issue #219 by Jon Hart
* Mechanize now sends headers across redirects. Issue #215 by Chris Gahan
* Mechanize now raises Mechanize::ResponseReadError when the server does not
terminate chunked transfer-encoding properly. Issue #116
* Mechanize no longer raises an exception when multiple identical
radiobuttons are checked. Issue #214 by Matthias Guenther
* Fixed documentation for pre_connect_hooks and post_connect_hooks. Issue
#226 by Robert Poor
* Worked around ruby 1.8 run with -Ku and ISO-8859-1 encoded characters in
URIs. Issue #228 by Stanislav O.Pogrebnyak
=== 2.4
* Security fix:
Mechanize#auth and Mechanize#basic_auth allowed disclosure of passwords to
malicious servers and have been removed.
In prior versions of mechanize only one set of HTTP authentication
credentials were allowed for all connections. If a mechanize instance
connected to more than one server then a malicious server detecting
mechanize could ask for HTTP Basic authentication. This would expose the
username and password intended only for one server.
Mechanize#auth and Mechanize#basic_auth now warn when used.
To fix the warning switch to Mechanize#add_auth which requires at the URI
the credentials are intended for, the username and the password.
Optionally an HTTP authentication realm or NTLM domain may be provided.
* Minor enhancement
* Improved exception messages for 401 Unauthorized responses. Mechanize now
tells you if you were missing credentials, had an incorrect password, etc.
Changes:
* Add support for the Max-Age attribute in the Set-Cookie header.
* Added Mechanize::Download#body for compatibility with Mechanize::File when
using Mechanize#get_file with Mechanize::Image or other Download-based
pluggable parser. Issue #202 by angas
* Mechanize#max_file_buffer may be set to nil to disable creation of
Tempfiles.
* MetaRefresh#href is not normalized to an absolute URL, but set to the
original value and resolved later. It is even set to nil when the
Refresh URL is unspecified or empty.
* Expose ssl_version from net-http-persistent. Patch by astera.
* SSL parameters and proxy may now be set at any time. Issue #194 by
dsisnero.
* Improved Mechanize::Page with #image_with and #images_with and
Mechanize::Page::Image various img element attribute accessors, #caption,
#extname, #mime_type and #fetch. Pull request #173 by kitamomonga
* Added MIME type parsing for content-types in Mechanize::PluggableParser
for fine-grained parser choices. Parsers will be chosen based on exact
match, simplified type or media type in that order. See
Mechanize::PluggableParser#[]=.
* Added Mechanize#download which downloads a response body to an IO-like or
filename.
* Added Mechanize::DirectorySaver which saves responses in a single
directory. Issue #187 by yoshie902a.
* Added Mechanize::Page::Link#noreferrer?
* The documentation for Mechanize::Page#search and #at now show that both
XPath and CSS expressions are allowed. Issue #199 by Shane Becker.
* Mechanize now depends on net-http-persistent 2.3+. This new version
brings idle timeouts to help with the dreaded "too many connection resets"
issue when POSTing to a closed connection. Issue #123
* SSL connections will be verified against the system certificate store by
default.
* Added Mechanize#retry_change_requests to allow mechanize to retry POST and
other non-idempotent requests when you know it is safe to do so. Issue
#123
* Mechanize can now stream files directly to disk without loading them into
memory first through Mechanize::Download, a pluggable parser for
downloading files.
* Bug fixes.
=== 2.0.1 / 2011-06-28
Mechanize now uses minitest to avoid 1.9 vs 1.8 assertion availability in
test/unit
* Bug Fixes
* Restored Mechanize#set_proxy. Issue #117, #118, #119
* Mechanize::CookieJar#load now lazy-loads YAML. Issue #118
* Mechanize#keep_alive_time no longer crashes but does nothing as
net-http-persistent does not support HTTP/1.0 keep-alive extensions.
=== 2.0 / 2011-06-27
Mechanize is now under the MIT license
* API changes
* WWW::Mechanize has been removed. Use Mechanize.
* Pre connect hooks are now called with the agent and the request. See
Mechanize#pre_connect_hooks.
* Post connect hooks are now called with the agent and the response. See
Mechanize#post_connect_hooks.
* Mechanize::Chain is gone, as an internal API this should cause no problems.
* Mechanize#fetch_page no longer accepts an options Hash.
* Mechanize#put now accepts headers instead of an options Hash as the last
argument
* Mechanize#delete now accepts headers instead of an options Hash as the
last argument
* Mechanize#request_with_entity now accepts headers instead of an options
Hash as the last argument
* Mechanize no longer raises RuntimeError directly, Mechanize::Error or
ArgumentError are raised instead.
* The User-Agent header has changed. It no longer includes the WWW- prefix
and now includes the ruby version. The URL has been updated as well.
* Mechanize now requires ruby 1.8.7 or newer.
* Hpricot support has been removed as webrobots requires nokogiri.
* Mechanize#get no longer accepts the referer as the second argument.
* Mechanize#get no longer allows the HTTP method to be changed (:verb
option).
* Mechanize::Page::Meta is now Mechanize::Page::MetaRefresh to accurately
depict its responsibilities.
* Mechanize::Page#meta is now Mechanize::Page#meta_refresh as it only
contains meta elements with http-equiv of "refresh"
* Mechanize::Page#charset is now Mechanize::Page::charset. GH #112, patch
by Godfrey Chan.
* Deprecations
* Mechanize#get with an options hash is deprecated and will be removed after
October, 2011.
* Mechanize::Util::to_native_charset is deprecated as it is no longer used
by Mechanize.
* New Features
* Add header reference methods to Mechanize::File so that a reponse
object gets compatible with Net::HTTPResponse.
* Mechanize#click accepts a regexp or string to click a button/link in the
current page. It works as expected when not passed a string or regexp.
* Provide a way to only follow permanent redirects (301)
automatically: <tt>agent.redirect_ok = :permanent</tt> GH #73
* Mechanize now supports HTML5 meta charset. GH #113
* Documented various Mechanize accessors. GH #66
* Mechanize now uses net-http-digest_auth. GH #31
* Mechanize now implements session cookies. GH #78
* Mechanize now implements deflate decoding. GH #40
* Mechanize now allows a certificate and key to be passed directly. GH #71
* Mechanize::Form::MultiSelectList now implements #option_with and
#options_with. GH #42
* Add Mechanize::Page::Link#rel and #rel?(kind) to read and test the rel
attribute.
* Add Mechanize::Page#canonical_uri to read a </tt><link
rel="canonical"></tt> tag.
* Add support for Robots Exclusion Protocol (i.e. robots.txt) and
nofollow/noindex in meta tags and the rel attribute. Automatic
exclusion can be turned on by setting:
agent.robots = true
* Manual robots.txt test can be performed with
Mechanize#robots_allowed? and #robots_disallowed?.
* Mechanize::Form now supports the accept-charset attribute. GH #96
* Mechanize::ResponseReadError is raised if there is an exception while
reading the response body. This allows recovery from broken HTTP servers
(or connections). GH #90
* Mechanize#follow_meta_refresh set to :anywhere will follow meta refresh
found outside of a document's head. GH #99
* Add support for HTML5's rel="noreferrer" attribute which indicates
no "Referer" information should be sent when following the link.
* A frame will now load its content when #content is called. GH #111
* Added Mechanize#default_encoding to provide a default for pages with no
encoding specified. GH #104
* Added Mechanize#force_default_encoding which only uses
Mechanize#default_encoding for parsing HTML. GH #104
* Bug Fixes:
* Fixed a bug where Referer is not sent when accessing a relative
URI starting with "http".
* Fix handling of Meta Refresh with relative paths. GH #39
* Mechanize::CookieJar now supports RFC 2109 correctly. GH #85
* Fixed typo in EXAMPLES.rdoc. GH #74
* The base element is now handled correctly for images. GH #72
* Image buttons with no name attribute are now included in the form's button
list. GH#56
* Improved handling of non ASCII-7bit compatible characters in links (only
an issue on ruby 1.8). GH #36, GH #75
* Loading cookies.txt is faster. GH #38
* Mechanize no longer sends cookies for a.b.example to axb.example. GH #41
* Mechanize no longer sends the button name as a form field for image
buttons. GH #45
* Blank cookie values are now skipped. GH #80
* Mechanize now adds a '.' to cookie domains if no '.' was sent. This is
not allowed by RFC 2109 but does appear in RFC 2965. GH #86
* file URIs are now read in binary mode. GH #83
* Content-Encoding: x-gzip is now treated like gzip per RFC 2616.
* Mechanize now unescapes URIs for meta refresh. GH #68
* Mechanize now has more robust HTML charset detection. GH #43
* Mechanize::Form::Textarea is now created from a textarea element. GH #94
* A meta content-type now overrides the HTTP content type. GH #114
* Mechanize::Page::Link#uri now handles both escaped and unescaped hrefs.
GH #107
* Use lang/ruby/gem.mk instead of misc/rubygems/rubygem.mk.
* Remove default value of GEM_BUILD.
* Ajust new ruby package's framework.
= Mechanize CHANGELOG
=== 1.0.0
* New Features:
* An optional verb may be passed to Mechanize#get GH #26
* The WWW constant is deprecated. Switch to the top level constant Mechanize
* SelectList#option_with and options_with for finding options
* Bug Fixes:
* Rescue errors from bogus encodings
* 7bit content-encoding support. Thanks sporkmonger! GH #2
* Fixed a bug with iconv conversion. Thanks awesomeman! GH #9
* meta redirects outside the head are not followed. GH #13
* Form submissions work with nil page encodings. GH #25
* Fixing default values with serialized cookies. GH #3
* Checkboxes and fields are sorted by page appearance before submitting. #11
Deprecations:
* WWW::Mechanize::List is gone!
* Use Nokogiri as the default HTML parser (you may switch to Hpricot by using WWW::Mechanize.html_parser =
Hpricot)
See full list of changes since 0.7.5:
http://mechanize.rubyforge.org/mechanize/CHANGELOG_rdoc.html
include:
+ Install as a Ruby gem.
* Fixed a bug when fetching files and not pages.
* WWW::Mechanize#get now takes hash arguments for uri parameters.
* Handling gzipped responses with no Content-Length header
* Fixed a bug with EOF errors in net/http. [#17570]
* Handling 0 length gzipped responses. [#17471]
* Changed parser to lazily parse links
* Lazily parsing document
* Updating UTF-8 support for urls
* Adding AREA tags to the links list.
* WWW::Mechanize#follow_meta_refresh will allow you to automatically follow
meta refresh tags. [#10032]
* Adding x-gzip to accepted content-encoding.
* Added Digest Authentication support.
* Many bug fixes.
The Mechanize library is used for automating interaction with
websites. Mechanize automatically stores and sends cookies, follows
redirects, can follow links, and submit forms. Form fields can be
populated and submitted. Mechanize also keeps track of the sites that
you have visited as a history.
