- Updating package for p5 module to 3.43
Upstream changes:
Version 3.43
1. Documentation patch from MARKSTOS@cpan.org to replace all occurrences of
"new CGI" with CGI->new()" to reflect best perl practices.
2. Patch from Stepan Kasal to fix utf-8 related problems in perl 5.10
Fixes PR#40186.
Upstream changes:
Version 3.42
1. Added patch from Renee Baecker that makes it possible to subclass
CGI::Pretty.
2. Added patch from Nicholas Clark to allow ~ characters in
temporary directories.
3. Added patch from Renee Baecker that fixes the inappropriate
escaping of fields in multipart headers.
Version 3.41
1. Fix url() returning incorrect path when query string contains
escaped newline.
2. Added additional windows temporary directories and environment
variables, courtesy patch from Renee Baecker
3. Added a handle() method to the lightweight upload
filehandles. This method returns a real IO::Handle object.
4. Added patch from Tony Vanlingen to fix deep recursion warnings
in CGI::Pretty.
to trigger/signal a rebuild for the transition 5.8.8 -> 5.10.0.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=...").
devel/rt3 in fastcgi mode.
Changes since 3.35:
- CGI::Fast no longer depends on a specific Perl version.
- Makefile.PL now depends on FCGI so that CGI::Fast installs properly.
- Fixed regression in "exists" function when using tied interface to CGI
via $q->Vars.
- Added nobr() function.
- popup_menu() allows multiple items to be selected by default.
- Patch from Renee Backer to avoid doubled <http-equiv> headers.
- Fixed documentation bug that describes what happens when a parameter
is empty.
- Fixed overlap of attribute and parameter space.
- Fix pragmas so that they persist over modperl invocations.
- Fixed handling of chunked multipart uploads.
- Fix CGI::Cookie to support cookies that are separated by "," instead of ";".
Maybe we should add a patch to handle the p5-FCGI dependency as an option
later?
Version 3.35
1. Resync with bleadperl, primarily fixing a bug in parsing semicolons in uploaded filenames.
Version 3.34
1. Handle Unicode %uXXXX escapes properly -- patch from DANKOGAI@cpan.org
2. Fix url() method to not choke on path names that contain regex characters.
Version 3.33
1. Remove uninit variable warning when calling url(-relative=>1)
2. Fix uninit variable warnings for two lc calls
3. Fixed failure of tempfile upload due to sprintf() taint failure in perl 5.10
Version 3.32
1. Patch from Miguel Santinho to prevent sending premature headers under mod_perl 2.0
Version 3.31
1. Patch from Xavier Robin so that CGI::Carp issues a 500 Status code rather than a 200 status code.
2. Patch from Alexander Klink to select correct temporary directory in OSX Leopard so that upload works.
3. Possibly fixed "wrapped pack" error on 5.10 and higher.
Version 3.30
1. Patch from Mike Barry to handle POSTDATA in the same way as PUT.
2. Patch from Rafael Garcia-Suarez to correctly reencode unicode values as byte values.
1. The position of file handles is now reset to zero when CGI->new is called.
2. uploadInfo() now works across multiple object instances. Also, the first
tests for uploadInfo() were added as part of the fix.
Changes 3.28:
1. Applied patch from Allen Day that makes Cookie parsing RFC2109 compliant
attribute/values can be separated by commas as well as semicolons).
2. Applied patch from Stephan Struckmann that allows script_name() to be set correctly.
3. Fixed problem with url(-full) in which port number appears twice.
Version 3.27
1. Applied patch from Steve Taylor that allows checkbox_groups to be
disabled with a new -disabled=> option.
Version 3.26
1. Fixed alternate stylesheet behavior so that it is insensitive to order of declarations.
2. Patch from John Binns to allow users to provide a callback to CGI::Carp.
3. Added "~" as an unreserved character in escape().
4. Patch from Chris Fedde to prevent HTTP_HOST from inhibiting SERVER_PORT in url() generation.
5. Fixed outdated documentation (and behavior) of -language in start_html -script option.
6. Fixed bug in seconds calculation in CGI::Util::expire_calc.
Version 3.25
1. Fixed the link to the Netscape frames page.
2. Added ability to specify an alternate stylesheet.
3. Add support for XForms POST submssion both as application/xml or as multipart/related
Version 3.24
1. In startform(), if request_uri() returns undef, then falls back
to self_url(). This should rarely happen except when run outside of
the CGI environment.
2. image button alignment options were mistakenly being capitalized, causing xhtml validation to fail.
Version 3.23
1. Typo in upload() persisted, now fixed for real. Thanks to
Emanuele Zeppieri for correct patch and regression test.
Version 3.22
1. Typo in upload() function broke uploads. Now fixed (CPAN bug 21126).
Version 3.21
1. Don't try to read data at all when POST > $POST_MAX.
2. Fixed bug that caused $cgi->param('name',undef,'value') to unset param('name') entirely.
3. Fixed bug in which upload() sometimes returns empty. (CPAN bug #12694).
4. Incorporated patch from BURAK@cpan.org to support HTTPcookies (CPAN bug 21019).
Pkgsrc changes:
- none
Relevant changes since version 3.11:
====================================
Version 3.20
1. Patch from David Wheeler for CGI::Cookie->bake(). Uses mod_perl
headers_out->add() rather than headers_out->set().
2. Fixed problem identified by Andrei Voronkov in which start_form()
output was screwed up when initial argument begins with a dash and
subsequent arguments do not.
3. Quashed uninitialized variable warnings coming from script_name(),
url() and other functions that require access to the PATH_INFO
environment variable.
Version 3.19
1. Added patch from Stephen Frost that allows one to suppress use of the
temp file that is created during uploads.
2. Fixed problem noted by Martin Foster in which regular expression
meta-character terms in the path information were not quoted, causing
URL parsing to fail on URLs that contained metacharacters (such as +).
3. More fixes to the url() method.
4. Removed "hack to fix broken PATH_INFO in MSII".
Version 3.18
1. Doc typo fixes.
2. Patch from Steve Peters to default the document type to match the charset.
3. Fixed param() so that param(-name=>'foo',-values=>[]) sets the
parameter to empty list.
Version 3.17 Fri Feb 24 14:01:27 EST 2006
1. Added patch from Mike Hanafey which caused 0 arguments to
CGI::Cookie->new() to be treated as empty.
2. Patch to CGI::Carp from Peter Whaite to fix the unfixable problem of
CGI::Carp not behaving correctly in an eval() context.
3. CGI::Fast->new() calls CGI->_reset_globals to avoid contamination of
one session with another's variables.
4. Fixed upload failure on files that contain semicolons in their names.
Version 3.16 Wed Feb 8 13:29:11 EST 2006
1. header() -charset option now works even when the MIME type is not "text".
2. Fixed documentation for cookie() function and fastCGI.
3. Upload filehandles now only closed automatically on Windows systems.
4. Apache::Cookie compatibility fix from David Wheeler
5. CGI::Carp->fatalsToBrowser() does not work correctly with
mod_perl 2. No workaround is known.
6. Fixed text status code associated with 302 redirects. Should be "Found"
but was "Moved".
7. Fixed charset in start_html() and header() to be in synch.
Version 3.14 Tue Dec 6 17:12:03 EST 2005
1. Fixed broken scrolling_list() select attribute.
Version 3.14 Tue Dec 6 17:12:03 EST 2005
1. Fixed broken scrolling_list() select attribute.
Version 3.13
1. Removed extraneous empty "?" from end of self_url().
Version 3.12
1. Fixed virtual_port so that it works properly with https protocol.
2. Fixed documentation for upload_hook().
3. Added POSTDATA documentation.
4. Made upload_hook() work in function-oriented mode.
5. Fixed POST_MAX behavior so that it doesn't cause client to hang.
6. Disabled automatic tab indexes and added new -tabindex pragma to
turn automatic indexes back on.
7. The url() and self_url() methods now work better in the context of Apache
mod_rewrite. Be advised that path_info() may give you confusing results
when mod_rewrite is active because Apache calculates the path info
*after* rewriting. This is mostly worked around in url() and self_url(),
but you may notice some anomalies.
8. Removed empty (and non-validating) <div> from code emitted by end_form().
9. Fixed CGI::Carp to work correctly with Mod_perl 1.29 in an Apache 2
environment.
10. Setting $CGI::TMPDIRECTORY should now be effective.
none
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
Version 3.11
1. Killed warning in CGI::Cookie about MOD_PERL_API_VERSION
2. Fixed append() so that it works in function mode.
3. Workaround for a bug that appears in Apache2 versions through 2.0.54 in
which SCRIPT_NAME and PATH_INFO are incorrect if the additional path_info
contains a double slash. This workaround will handle the common case of
http://mysite.com/cgi-bin/log.cgi/http://www.some.other.site/args, but
will not handle the uncommon case of a ScriptAlias directive that adds
additional path information to the end of the translated URI.
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
for new apache2/modperl2.0. This will close PR #30302.
Changes says:
Version 3.10
1. Added Apache2::RequestIO, which is necessary for mp2 interoperability.
Version 3.09
1. Fixed tabindex="0" when using CGI to create forms without a prior start_html
2. Removed warning about non-numeric MOD_PERL_API_VERSION.
Version 3.08
1. update support for mod_perl 2.0. versions prior to
mod_perl 1.999_22 (2.0.0-RC5) are no longer supported.
Version 3.07
1. Fixed typo in mod_perl detection.
Version 3.06
1. Fixed bare call to script() in start_html
2. Moved Fh::DESTROY out of autoloaded functions so as to avoid
clobbering $@ when CGI functions are executed in an eval{}
context.
3. mod_perl 2.0 version detection patch in CGI::Cookie provided by
Allen Day.
4. autoEscape() flag is now respected when generating extra
attributes.
5. Tests for *tag start/end generation from Shlomi Fish.
6. Support for can() method provided by Ron Savage.
7. Fix for lang='' when outputting XHTML.
8. Added support for chunked transfer encoding, as suggested by
Hakan Ardo
9. Fixed clobbering of row and column headers in tableized radio
and checkbox groups, as reported by Nicolas Thierry-Mieg.
10. <Label> tags are now associated with form elements, as suggested
by accessibility guidelines.
11. The <?xml> directive produced by start_html is now turned off by
default and the charset is specified in a <meta> directive. Apparently
IE6 (and maybe some versions of Opera) were getting confused by this.
12. Support for tab indexes.
13. Retired the HTML docs. The POD docs are now primary documentation.
14. CGI::Carp now correctly detects and handles Apache::Dispatch.
15. CGI::Util::utf8_chr now correctly sets the UTF8 flag on 5.006 or
higher perls (fix courtesy Slaven Rezic).
module directory has changed (eg. "darwin-2level" vs.
"darwin-thread-multi-2level").
binary packages of perl modules need to be distinguishable between
being built against threaded perl and unthreaded perl, so bump the
PKGREVISION of all perl module packages and introduce
BUILDLINK_RECOMMENDED for perl as perl>=5.8.5nb5 so the correct
dependencies are registered and the binary packages are distinct.
addresses PR pkg/28619 from H. Todd Fujinaka.
Revision History
Version 3.05
1. Fixed uninitialized variable warning on start_form() when running from
command line.
2. Fixed CGI::_set_attributes so that attributes with a - are handled
correctly.
3. Fixed CGI::Carp::die() so as to avoid problems from _longmess()
clobbering @_.
4. If HTTP_X_FORWARDED_HOST is defined (i.e. running under a proxy), the
various functions that return HOST will use that instead.
5. Fix for undefined utf8() call in CGI::Util.
6. Changed the call to warningsToBrowser() in CGI::Carp::fatalsToBrowser
to call only after HTTP header is sent (thanks to Didier Lebrun for
noticing).
7. Patches from Dan Harkless to make CGI.pm validatable against HTML 3.2. 8. Fixed an extraneous "foo=bar" appearing when extra style parameters passed to start_html;
9. Fixed potential cross-site scripting bug in startform().
10. Fixed documentation to discuss list context behavior of form-element
generators explicitly.
11. Fixed incorrect results from end_form() when called in OO manner.
12. Fixed query string stripping in order to handle URLs containing
escaped newlines.
13. During server push, set NPH to 0 rather than 1. This is supposed to
fix problems with Apache.
14. Fixed incorrect processing of multipart form fields that contain
embedded quotes. There's still the issue of how to handle ones that
contain embedded semicolons, but no one has complained (yet).
15. Fixed documentation bug in -style argument to start_html()
16. Added -status argument to redirect().
Version 3.04
1. Fixed the problem with mod_perl crashing when "defaults" button
pressed.
Version 3.03
1. Fix upload hook functionality 2. Workaround for CGI->unescape_html()
3. Bumped version numbers in CGI::Fast and CGI::Util for 5.8.3-tobe
Version 3.02
1. Bring in Apache::Response just in case.
2. File upload on EBCDIC systems now works.
Version 3.01
1. No fix yet for upload failures when running on EBCDIC server.
2. Fixed uninitialized glob warnings that appeared when file uploading
under perl 5.8.2.
3. Added patch from Schlomi Fish to allow debugging of PATH_INFO from
command line.
4. Added patch from Steve Hay to correctly unlink tmp files under
mod_perl/windows
5. Added upload_hook functionality from Jamie LeTaul
6. Workarounds for mod_perl 2 IO issues. Check that file upload and state
saving still working.
7. Added code for underreads.
8. Fixed misleading description of redirect() and relative URLs in the
POD docs. 9. Workaround for weird interaction of CGI::Carp with Safe module
reported by William McKee.
10. Added patches from Ilmari Karonen to improve behavior of CGI::Carp.
11. Fixed documentation error in -style argument.
12. Added virtual_port() method for finding out what port server is
listening on in a virtual-host aware fashion.
Version 3.00
1. Patch from Randal Schwartz to fix bug introduced by cross-site
scripting vulnerability "fix."
2. Patch from JFreeman to replace UTF-8 escape constant of 0xfe with
0xfc. Hope this is right!
Version 2.99
1. Patch from Steve Hay to fix extra Content-type: appearing on browser
screen when FatalsToBrowser invoked.
2. Patch from Ewann Corvellec to fix cross-site scripting vulnerability.
3. Fixed tmpdir routine for file uploading to solve problem that occurs
under mod_perl when tmpdir is writable at startup time, but not at
session time.
- Fixed crash in Dump() function.
- Removed warning from reset() method.
- Moved <area> and <map> tags into the :html3 group. Hope this removes
undefined CGI::Area errors.
- Changed CGI::Carp to play with mod_perl2 and to (hopefully) restore
reporting of compile-time errors.
- Fixed potential deadlock between web server and CGI.pm when aborting
a read due to POST_MAX (reported by Antti Lankila).
- Fixed issue with tag-generating function not incorporating content when
first variable undef.
- Fixed cross-site scripting bug reported by obscure.
- Fixed Dump() function to return correctly formed XHTML - bug reported by
Ralph Siemsen.
- Fix to be P3P compliant submitted from MPREWITT.
- Added CGI->r() API for mod_perl1/mod_perl2.
- Fixed bug in redirect() that was corrupting cookies.
- Minor fix to behavior of reset() button to make it consistent with
submit() button (first time this has been changed in 9 years).
- Patch from Dan Kogai to handle UTF-8 correctly in 5.8 and higher.
- Patch from Steve Hay to make CGI::Carp's error messages appear on MSIE
browsers.
- Added Yair Lenga's patch for non-urlencoded postings.
- Added Stas Bekman's patches for mod_perl 2 compatibility.
- Fixed uninitialized escape behavior submitted by William Campbell.
- Fixed tied behavior so that you can pass arguments to tie()
- Fixed incorrect generation of URLs when the path_info contains + and other
odd characters.
- Fixed redirect(-cookies=>$cookie) problem.
- Fixed tag generation bug that affects -javascript passed to start_html().
- Attribute generation now correctly respects the value of autoEscape()
- Fixed endofrm() syntax error
- Fixed bug in redirect header handling
- Added P3P option to header()
- Patches to make CGI::Carp work correctly with object-oriented exceptions
- Removed inaccurate description of how to set multiple cookies from
CGI::Cookie pod file
- Patch to prevent running out of filehandles when uploading lots of files
- Documentation enhancement to note that the import_names() method
transforms the parameter names into valid Perl names
- Patch to suppress lang attribute in <html> tag if not provided explicitly
- Patch to fix broken XHTML-transitional 1.0 validation on endform()
- Custom html header fix (first letter correctly upcased now)
- Added a -verbatim option to stylesheet generation
- Faster delete() method
- Added empty charset support
- Patch to fix file upload failures when uploaded file is a multiple of 4096
- Fixed behavior of ACTION tag when POSTING to a URL that has a query
string
- Patch to handle multipart/mixed uploads from Opera
Edited list of changes (many bug fixes removed):
Version 2.87
1. Security hole patched: when processing multipart/form-data postings,
most arguments were being untainted silently. Returned arguments are
now tainted correctly. This may cause some scripts to fail that used
to work (thanks to Nick Cleaton for pointing this out and persisting
until it was fixed).
2. Update for mod_perl 2.0.
3. Pragmas such as -no_xhtml are now respected in mod_perl environment.
Version 2.84
2. HTML escaping code now replaced 0x8b and 0x9b with unicode references
< and *#8250;
Version 2.83
3. Added Max-Age to list of CGI::Cookie headers.
Version 2.82
1. Patch from Rudolf Troller to add attribute setting and option groups
to form fields.
3. Patch from Scott Gifford allows you to set the program name for
CGI::Carp.
Version 2.81
1. Removed extraneous slash from end of stylesheet tags generated by
start_html in non-XHTML mode.
2. Changed behavior of CGI::Carp with respect to eval{} contexts so that
output behaves properly in mod_perl environments.
Version 2.80
2. Changed checked="1" to checked="checked" for real XHTML compatibility.
3. Resurrected REQUEST_URI code so that url() works correctly with
multiviews.
<briggs@ninthwonder.com>. If you use CGI.pm, then this update is highly
recommended. Changes from version 2.75.2 include:
* Changes to CGI::Carp to avoid "subroutine redefined" error messages.
* Default DTD is now XHTML 1.0 Transitional
* Patches to support all HTML4 tags.
* Added ability to change encoding in <?xml> assertion.
* Fixed the old escapeHTML('CGI') ne "CGI" bug
* In accordance with XHTML requirements, there are no longer any
minimized attributes, such as "checked".
--> Patched bug which caused file uploads of exactly 4096 bytes to be
truncated to 4094 (thanks to Kevin Mahony)
* New tests and fixes to CGI::Pretty (thanks to Michael Schwern).
* New esc.t regression test for EBCDIC translations courtesy Peter
Prymmer.
* Patches from James Jurach to make compatible with FCGI-ProcManager
* Additional fields passed to header() (like -Content_disposition) now
honor initial capitalization.
* Patch from Andrew McNaughton to handle utf-8 escapes (%uXXXX codes) in
URLs.
The automatic truncation in gensolpkg doesn't work for packages which
have the same package name for the first 5-6 chars.
e.g. amanda-server and amanda-client would be named amanda and amanda.
Now, we add a SVR4_PKGNAME and use amacl for amanda-client and amase for
amanda-server.
All svr4 packages also have a vendor tag, so we have to reserve some chars
for this tag, which is normaly 3 or 4 chars. Thats why we can only use 6
or 5 chars for SVR4_PKGNAME. I used 5 for all the packages, to give the
vendor tag enough room.
All p5-* packages and a few other packages have now a SVR4_PKGNAME.
1. Fixed bug in server push boundary strings (CGI.pm and CGI::Push).
2. Fixed bug that occurs when uploading files with funny characters in
the name
3. Fixed non-XHTML-compliant attributes produced by textfield()
4. Added EPOC support.
5. Fixed minor XHTML bugs.
6. Made escape() and unescape() symmetric with respect to EBCDIC.
7. Removed uninitialized variable warning from CGI::Cookie.
8. Fixed bug in CGI::Pretty that causes it to print partial end tags when
the $INDENT global is changed.
9. Single quotes are changed to character entity ' for compatibility with
URLs.
* Quashed one-character bug that caused CGI.pm to fail on file uploads.
* Added -base to the list of arguments accepted by url().
* Fixes to XHTML support.
* POST parameters no longer show up in the Location box.