clear BUILDLINK_INCDIRS.heimdal. Otherwise -I/usr/include/krb5 appears
in CFLAGS, which breaks the build because the compiler finds krb5's
base64.h instead of Amaya's. krb5 is pulled in by curl, which is a
several-times-indirect dependency, and nothing in this package uses
it, or apparently anything that needs it, directly.
what I did is going to work... or that the code that was here previously
ever worked or actually did what anyone upstream intended. C++ is fun
that way.
* django-mptt now a proper dependency
* Django 1.3 support
* View permissions
* django-sekizai instead of PluginMedia
* Toolbar must be enabled explicitly in templates
* Static files moved to /static/
* Dropped support for django-dbgettext
look at blocks. With django-sekizai you can define placeholders where your
blocks get rendered and at different places in your templates append to those
blocks. This is especially useful for css and javascript. Your subtemplates can
now define css and javscript files to be included, and the css will be nicely
put at the top and the javascript to the bottom, just like you should. Also
sekizai will ignore any duplicate content in a single block.
Django Models and working with trees of Model instances.
MPTT is a technique for storing hierarchical data in a database. The aim is to
make retrieval operations very efficient.
The trade-off for this efficiency is that performing inserts and moving
items around the tree is more involved, as there's some extra work
required to keep the tree structure in a good state at all times.
= 1.3.2 / 2011-12-30
* Don't automatically add `Rack::CommonLogger` if `Rack::Server` is adding it,
too. (Konstantin Haase)
* Setting `logging` to `nil` will avoid setting up `Rack::NullLogger`.
(Konstantin Haase)
* Route specific params are now available in the block passed to #stream.
(Konstantin Haase)
* Fix bug where rendering a second template in the same request, after the
first one raised an exception, skipped the default layout. (Nathan Baum)
* Fix bug where parameter escaping got enabled when disabling a different
protection. (Konstantin Haase)
* Fix regression: Filters without a pattern may now again manipulate the params
hash. (Konstantin Haase)
* Added examples directory. (Konstantin Haase)
* Improved documentation. (Gabriel Andretta, Markus Prinz, Erick Zetta, Just
Lest, Adam Vaughan, Aleksander Dąbrowski)
* Improved MagLev support. (Tim Felgentreff)
Changes:
* Show warnings for JsonCsrtf attacks.
* do not enable parameter escaping by default, fixes#8.
* Use more specific namespace declaration in Rack::Builder configuration.
* NotimpelentedError typo fix
* add test that makes sure passingin on :track option works. related to #6.
* deal with PATH_INFO being nil, fixes#7.
* do not track HTTP_VERSION, fixes#6.
These patches enable optimizations that allow video play w/o stuttering.
Other i386 and x86_64 platforms need the same optimizations, so this is
only a partial fix of the PR.
Version 2.10.4 (2011-12-30)
---------------------------
- Fixed: the Environment class did not always return the correct script name
(#3603)
- Fixed: close the connection after sending a file to the browser (#3602)
- Fixed: the new Ajax cron trigger did not work in IE8 due to missing
Date.now() support (#3681)
- Fixed: do not block ressources required by the Google website preview in the
robots.txt file (#3688)
- Fixed: correctly update the cache after a new template has been created
(#3676)
- Fixed: correctly handle HTML comments in inline JavaScripts (#3696)
- Fixed: get the next autoincrement ID when importing a theme so deleted
themes can be restored (#3604)
- Fixed a few minor issues
* Consume all stdin when rcs_receive short-circuits, to avoid git SIGPIPE race.
* Add path and path_natural sort orders (smcv)
* Test coverage can be checked with make coverage (smcv)
* tag: encode categories using numeric values. (tango)
Fixed in Firefox 3.6.24
MFSA 2011-49 Memory corruption while profiling using Firebug
MFSA 2011-47 Potential XSS against sites using Shift-JIS
MFSA 2011-46 loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch)
Fixed in Firefox 3.6.23
MFSA 2011-40 Code installation through holding down Enter
MFSA 2011-39 Defense against multiple Location headers due to CRLF Injection
MFSA 2011-38 XSS via plugins and shadowed window.location object
MFSA 2011-37 Integer underflow when using JavaScript RegExp
MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23)
* let DISTNAME to sync with base pkg version.
* DISTINFO_FILE is not overwrite by php/ext.mk, so no need to set here.
* reset DIST_SUBDIR, to share DISTFILES with base package.
3.1.12
* Compatibility with the mathn library (thanks to Thomas Walpole).
* Fix some infinite loops with mixins that were previously uncaught.
* Catch infinite @import loops.
* Fix a deprecation warning in sass --update and --watch (thanks to Marcel
Köppen).
* Don’t make $important a special pre-initialized variable.
* Fix exponential parsing time of certain complex property values and
selectors.
* Properly merge @media directives with comma-separated queries.
E.g.
@media foo, bar { @media baz { ... } } now becomes
@media foo and baz, bar and baz { ... }.
Drop ${PHP_BASE_VARS} from PKGVERSION by default.
It used to be required to support multiple php version.
But after PHP version based ${PHP_PKG_PREFIX} was introduced,
such trick is not required anymore.
In addition to this, such version name schme invokes unwanted version bump
when base php version is bumped, plus, such version scheme is hard to
use for DEPENDS pattern.
To avoid downgrading of package using such legacy version scheme,
PECL_LEGACY_VERSION_SCHEME is introduced.
If it is defined, current version scheme is still used for currently
supported PHP version (5 and 53), but instead of ${PHP_BASE_VARS},
current fixed PHP base version in pkgsrc is used to avoid unwanted version bump
from update of PHP base package.
With newer PHP (54, or so on), new version scheme will be used if
it is defined.
This trick will not be required and should be removed after php5 and php53 will
be gone away from pkgsrc.
Changes from previous:
----------------------
1.3090 13.12.2011
** Codename: Hornburg of Hannover // Stefan Hornburg (racke) **
[ BUG FIXES ]
* GH #685: Set VERSION for Dancer::Plugin::Ajax.
(Sawyer X, Naveed Massjouni)
[ DOCUMENTATION ]
* GH #694: Typo fix. (Yanick Champoux)
* GH #698: Document further TT init options. (Dennis Lichtenthaeler)
* GH #709: Update POD documentation regarding hook. (Stefan Hornburg)
1.3089_01 26.11.2011
[ BUG FIXES ]
* Fix bug that made system() fail with -1 under Dancer (felixdo).
* Support for 'content_type' option on send_file when sending a
system wide file (Emmanuel Rodriguez).
* Support HTTP_X_FORWARDED_HOST in behing proxy (Ipaponov).
* Deserialize PATCH requests (Sam Kington).
* Encode log messages properly if charset UTF-8 is set (David Precious,
thanks to Penfold for the fix & MiklerGM for reporting).
[ ENHANCEMENTS ]
* Continuations-style exception system! (Damien Krotkine).
* The ability for dancer_response to send file contents for file uploads
as a scalar, instead of reading from file on disk (Squeeks).
[ DOCUMENTATION ]
* Clean up "plack_middlewares" example in docs (Richard Simões).
Changes from previous:
----------------------
2.37 2011-12-10 00:00:00
- Welcome to the Mojolicious core team Marcus Ramberg, Glen Hinkle
and Abhijit Menon-Sen.
- Removed cleanup_interval attribute from Mojo::IOLoop.
- Deprecated Mojo::IOLoop->timeout in favor of
Mojo::IOLoop::Stream->timeout.
- Added EXPERIMENTAL timeout event to Mojo::IOLoop::Stream.
- Added EXPERIMENTAL timeout attribute to Mojo::IOLoop::Stream.
- Changed default keep alive timeout of Mojo::UserAgent from 15 to 20
seconds.
- Improved documentation.
- Improved unicode tests.
- Fixed inline template double encoding bug.
2.36 2011-12-05 00:00:00
- Changed default heartbeat timeout of Hypnotoad from 5 to 10
seconds.
- Improved documentation.
- Fixed default keep alive timeout of Hypnotoad.
2.35 2011-12-01 00:00:00
- Added EXPERIMENTAL etag method to Mojo::Headers.
- Improved documentation.
- Fixed one-byte payload bug in Mojo::Transaction::WebSocket. (tinx)
- Fixed body event in Mojo::Content to work more reliably in CGI
environments.
- Fixed small portability issue in loader test.
2.34 2011-11-28 00:00:00
- Added "websocket.pl" to example scripts.
- Improved documentation.
- Fixed small bugs in example scripts.
2.33 2011-11-28 00:00:00
- Improved Mojo::EventEmitter performance slightly.
- Improved documentation.
- Fixed a few small inline template issues.
- Fixed small WebSocket handshake bug.
2.32 2011-11-24 00:00:00
- Added EXPERIMENTAL error event to Mojo::IOWatcher.
- Updated jQuery to version 1.7.1.
- Improved Mojo::IOLoop performance by changing the default cleanup
interval from 0 to 0.025 seconds.
- Improved documentation.
2.31 2011-11-21 00:00:00
- Improved stacktraces by making them a lot simpler.
- Improved documentation.
- Improved tests.
2.30 2011-11-20 00:00:00
- Deprecated Mojo::IOLoop->on_lock in favor of Mojo::IOLoop->lock.
- Deprecated Mojo::IOLoop->on_unlock in favor of
Mojo::IOLoop->unlock.
2.29 2011-11-19 00:00:00
- Deprecated Mojolicious->on_process in favor of around_dispatch
hook.
- Added EXPERIMENTAL emit_chain method to Mojolicious::Plugins.
(Akron, sri)
- Added EXPERIMENTAL around_dispatch hook.
- Fixed small bug in boundary and charset methods of Mojo::Content.
2.28 2011-11-18 00:00:00
- Improved documentation.
- Fixed small IPv6 portabilty issue in Mojo::IOLoop::Client.
2.27 2011-11-16 00:00:00
- Deprecated Mojo::IOLoop->connect in favor of Mojo::IOLoop->client.
- Deprecated Mojo::IOLoop->listen in favor of Mojo::IOLoop->server.
- Deprecated Mojo::IOLoop->connection_timeout in favor of
Mojo::IOLoop->timeout.
- Deprecated Mojo::IOLoop->write in favor of
Mojo::IOLoop::Stream->write.
- Deprecated Mojo::IOLoop->connect_timeout in favor of timeout
argument.
- Deprecated on_* methods in Mojo::IOLoop.
- Removed Mojo::IOLoop::Resolver.
- Added EXPERIMENTAL connect_timeout attribute to Mojo::UserAgent.
- Added EXPERIMENTAL is_readable method to Mojo::IOLoop::Stream.
- Added EXPERIMENTAL charset method to Mojo::Content.
- Added EXPERIMENTAL write event to Mojo::IOLoop::Stream.
- Added EXPERIMENTAL connection event to Mojo::Transaction.
- Improved documentation.
- Improved CSS of some built-in templates.
- Fixed many small memory leaks.
- Fixed multiple drain callback bugs.
- Fixed small attribute selector bug in Mojo::DOM::CSS. (tladesignz)
2.26 2011-11-10 00:00:00
- Added EXPERIMENTAL upgrade event to Mojo::Asset::Memory.
- Added EXPERIMENTAL upgrade event to Mojo::Transaction::HTTP.
- Added EXPERIMENTAL auto_upgrade attribute to Mojo::Asset::Memory.
- Improved Mojo::Content::Single and Mojo::Content::MultiPart parsers
to reuse events.
- Improved documentation.
- Fixed small route caching bug.
2.25 2011-11-08 00:00:00
- Removed canonicalize method from Mojo::URL.
- Improved documentation.
- Fixed URL without scheme handling in Mojo::URL.
- Fixed a few small bugs in Mojo::URL.
2.24 2011-11-05 00:00:00
- Added EXPERIMENTAL canonicalize method to Mojo::URL.
- Improved documentation.
- Fixed small path canonicalization bug in Mojo::URL.
- Fixed small trailing slash bug in Mojo::Path.
2.23 2011-11-04 00:00:00
- Changed semantics of get_line function in Mojo::Util.
- Removed experimental status from Mojo::Util.
- Updated jQuery to version 1.7.
- Improved documentation.
- Improved empty path element handling in Mojo::URL.
- Fixed empty path element bug in Mojo::Path.
2.22 2011-11-03 00:00:00
- Added EXPERIMENTAL --verbose flag to routes command.
- Improved documentation.
- Fixed a few attribute without value selector bugs in
Mojo::DOM::CSS.
- Fixed template inheritance bug in Mojolicious::Renderer.
2.21 2011-11-02 00:00:00
- Removed profile helper.
- Removed CSS4 selector subject support from Mojo::DOM::CSS until we
actually know the exact semantics.
- Improved Mojo::ByteStream to generate most Mojo::Util based methods
automatically.
- Fixed route pattern bug.
- Fixed bug in "user_agent.t".
2.20 2011-11-01 00:00:00
- Changed semantics of almost all functions in Mojo::Util.
- Documentation improvements.
2.19 2011-10-31 00:00:00
- Deprecated Mojolicious::Plugins->add_hook in favor of
Mojolicious::Plugins->on.
- Deprecated Mojolicious::Plugins->run_hook in favor of
Mojolicious::Plugins->emit_hook.
- Deprecated Mojolicious::Plugins->run_hook_reverse in favor of
Mojolicious::Plugins->emit_hook_reverse.
- Improved documentation.
- Improved tests.
2.18 2011-10-30 00:00:00
- Improved documentation.
- Fixed small rendering bug.
2.17 2011-10-30 00:00:00
- Fixed bug in "user_agent.t".
2.16 2011-10-30 00:00:00
- Removed experimental status from Mojo::EventEmitter.
- Merged unsubscribe and unsubscribe_all methods in
Mojo::EventEmitter.
- Improved documentation.
2.15 2011-10-29 00:00:00
- Deprecated Mojolicious::Controller->on_finish in favor of
Mojolicious::Controller->on.
- Removed Mojolicious::Controller->on_message, you can now use
Mojolicious::Controller->on instead.
$c->on(message => sub {...})
- Added EXPERIMENTAL message event to Mojo::Log.
- Improved documentation.
2.14 2011-10-29 00:00:00
- Deprecated Mojo::DOM->new with arguments.
- Renamed Mojo::IOLoop::Trigger to Mojo::IOLoop::Delay.
- Renamed watch method in Mojo::IOWatcher to change.
- Renamed io method in Mojo::IOWatcher to watch.
- Renamed cancel method in Mojo::IOWatcher to drop_timer.
- Renamed remove method in Mojo::IOWatcher to drop_handle.
- Added EXPERIMENTAL --verbose flag to test command.
2.13 2011-10-28 00:00:00
- Removed experimental status from many classes, methods, attributes
and functions.
- Removed before_render hook.
- Removed Mojolicious::Plugin::CallbackCondition.
- Improved documentation.
2.12 2011-10-27 00:00:00
- Added EXPERIMENTAL cleanup_interval attribute to Mojo::IOLoop.
- Added EXPERIMENTAL max_leftover_size attribute to Mojo::Content.
- Replaced handle method in Mojo::IOLoop with stream method.
- Replaced writing and not_writing methods in Mojo::IOWatcher with
watch method.
- Replaced is_finished method in Mojo::IOLoop::Stream with is_writing
method.
- Replaced add method in Mojo::IOWatcher with io method.
- Reduced memory usage of Mojo::Headers significantly.
- Fixed finish event timing in Mojo::Server::Daemon.
= 1.3.1 / Not Yet Released
* Support adding more than one callback to the stream object. (Konstantin
Haase)
= 1.3.0 / 2011-09-30
* Added `stream` helper method for easily creating streaming APIs, Server
Sent Events or even WebSockets. See README for more on that topic.
(Konstantin Haase)
* If a HTTP 1.1 client is redirected from a different verb than GET, use 303
instead of 302 by default. You may still pass 302 explicitly. Fixes AJAX
redirects in Internet Explorer 9 (to be fair, everyone else is doing it
wrong and IE is behaving correct). (Konstantin Haase)
* Added support for HTTP PATCH requests. (Konstantin Haase)
* Use rack-protection to defend against common opportunistic attacks.
(Josh Lane, Jacob Burkhart, Konstantin Haase)
* Support for Creole templates, Creole is a standardized wiki markup,
supported by many wiki implementations. (Konstanin Haase)
* The `erubis` method has been deprecated. If Erubis is available, Sinatra
will automatically use it for rendering ERB templates. `require 'erb'`
explicitly to prevent that behavior. (Magnus Holm, Ryan Tomayko, Konstantin
Haase)
* Patterns now match against the escaped URLs rather than the unescaped
version. This makes Sinatra confirm with RFC 2396 section 2.2 and RFC 2616
section 3.2.3 (escaped reserved characters should not be treated like the
unescaped version), meaning that "/:name" will also match `/foo%2Fbar`, but
not `/foo/bar`. To avoid incompatibility, pattern matching has been
adjusted. Moreover, since we do no longer need to keep an unescaped version
of path_info around, we handle all changes to `env['PATH_INFO']` correctly.
(Konstantin Haase)
* `settings.app_file` now defaults to the file subclassing `Sinatra::Base` in
modular applications. (Konstantin Haase)
* Set up `Rack::Logger` or `Rack::NullLogger` depending on whether logging
was enabled or not. Also, expose that logger with the `logger` helper
method. (Konstantin Haase)
* The sessions setting may be an options hash now. (Konstantin Haase)
* Important: Ruby 1.8.6 support has been dropped. This version also depends
on at least Rack 1.3.0. This means that it is incompatible with Rails prior
to 3.1.0. Please use 1.2.x if you require an earlier version of Ruby or
Rack, which we will continue to supply with bug fixes. (Konstantin Haase)
* Renamed `:public` to `:public_folder` to avoid overriding Ruby's built-in
`public` method/keyword. `set(:public, ...)` is still possible but shows a
warning. (Konstantin Haase)
* It is now possible to use a different target class for the top level DSL
(aka classic style) than `Sinatra::Application` by setting
`Delegator.target`. This was mainly introduced to ease testing. (Konstantin
Haase)
* Error handlers defined for an error class will now also handle subclasses
of that class, unless more specific error handlers exist. (Konstantin
Haase)
* Error handling respects Exception#code, again. (Konstantin Haase)
* Changing a setting will merge hashes: `set(:x, :a => 1); set(:x :b => 2)`
will result in `{:a => 1, :b => 2}`. Use `set(:x, {:a => 1}, true)` to
avoid this behavior. (Konstantin Haase)
* Added `request.accept?` and `request.preferred_type` to ease dealing with
`Accept` headers. (Konstantin Haase)
* Added `:static_cache_control` setting to automatically set cache control
headers to static files. (Kenichi Nakamura)
* Added `informal?`, `success?`, `redirect?`, `client_error?`,
`server_error?` and `not_found?` helper methods to ease dealing with status
codes. (Konstantin Haase)
* Uses SecureRandom to generate default session secret. (Konstantin Haase)
* The `attachment` helper will set Content-Type (if it hasn't been set yet)
depending on the supplied file name. (Vasiliy Ermolovich)
* Conditional requests on `etag` helper now work properly for unsafe HTTP
methods. (Matthew Schinckel, Konstantin Haase)
* The `last_modified` helper does not stop execution and change the status code
if the status code is something different than 200. (Konstantin Haase)
* Added support for If-Unmodified-Since header. (Konstantin Haase)
* `Sinatra::Base.run!` now prints to stderr rather than stdout. (Andrew
Armenia)
* `Sinatra::Base.run!` takes a block allowing access to the Rack handler.
(David Waite)
* Automatic `app_file` detection now works in directories containing brackets
(Konstantin Haase)
* Exception objects are now passed to error handlers. (Konstantin Haase)
* Improved documentation. (Emanuele Vicentini, Peter Higgins, Takanori
Ishikawa, Konstantin Haase)
* Also specify charset in Content-Type header for JSON. (Konstantin Haase)
* Rack handler names will not be converted to lower case internally, this
allows you to run Sinatra with custom Rack handlers, like Kirk or Mongrel2.
Example: `ruby app.rb -s Mongrel2` (Konstantin Haase)
* Ignore `to_ary` on response bodies. Fixes compatibility to Rails 3.1.
(Konstantin Haase)
* Middleware setup is now distributed across multiple methods, allowing
Sinatra extensions to easily hook into the setup process. (Konstantin
Haase)
* Internal refactoring and minor performance improvements. (Konstantin Haase)
* Move Sinatra::VERSION to separate file, so it can be checked without
loading Sinatra. (Konstantin Haase)
* Command line options now complain if value passed to `-p` is not a valid
integer. (Konstantin Haase)
* Fix handling of broken query params when displaying exceptions. (Luke
Jahnke)
3.1.11
* Allow control directives (such as @if) to be nested beneath properties.
* Allow property names to begin with a hyphen followed by interpolation
(e.g. -#{...}).
* Fix a parsing error with interpolation in comma-separated lists.
* Make --cache-store with with --update.
* Properly report ArgumentErrors that occur within user-defined functions.
* Don’t crash on JRuby if the underlying Java doesn’t support every Unicode
encoding.
* Add new updated_stylesheet callback, which is run after each stylesheet has
been successfully compiled. Thanks to Christian Peters.
* Allow absolute paths to be used in an importer with a different root.
* Don’t destructively modify the options when running
Sass::Plugin.force_update.
Deprecations – Must Read!
* The updating_stylesheet is deprecated and will be removed in a future
release. Use the new updated_stylesheet callback instead.
3.1.10
* Fix another aspect of the 3.1.8 regression relating to +.
3.1.9
* Fix a regression in 3.1.8 that broke the + combinator in selectors.
* Deprecate the loud-comment flag when used with silent comments
(e.g. //!). Using it with multi-line comments (e.g. /*!) still works.
3.1.8
* Deprecate parent selectors followed immediately by identifiers
(e.g. &foo). This should never have worked, since it violates the rule of &
only being usable where an element selector would.
* Add a --force option to the sass executable which makes --update always
compile all stylesheets, even if the CSS is newer.
* Disallow semicolons at the end of @import directives in the indented syntax.
* Don’t error out when being used as a library without requiring fileutil.
* Don’t crash when Compass-style sprite imports are used with
StalenessChecker (thanks to Matthias Bauer).
* The numeric precision of numbers in Sass can now be set using the
--precision option to the command line. Additionally, the default number of
digits of precision in Sass output can now be changed by setting
Sass::Script::Number.precision to an integer (defaults to 3). Since this
value can now be changed, the PRECISION constant in Sass::Script::Number has
been deprecated. In the unlikely event that you were using it in your code,
you should now use Sass::Script::Number.precision_factor instead.
* Don’t crash when running sass-convert with selectors with two commas in a
row.
* Explicitly require Ruby >= 1.8.7 (thanks Eric Mason).
* Properly validate the nesting of elements in imported stylesheets.
* Properly compile files in parent directories with --watch and --update.
* Properly null out options in mixin definitions before caching them. This
fixes a caching bug that has been plaguing some Rails 3.1 users.
=== 2.3.2
* Bug fix
* Finish connections that were closed by Net::HTTP so they can be restarted.
=== 2.3.1 / 2011-10-26
* Bug fix
* If a request object already contains a Connection header it will no longer
be overridden. This allows keep-alive connections to be disabled on a
per-request basis.
=== 2.3 / 2011-10-25
* Minor Enhancement
* The time since last use for a connection is now recorded in error
messages for the connection.
=== 2.2 / 2011-10-24
* Minor Enhancements
* Added timeouts for idle connections which are set through #idle_timeout.
The default timeout is 5 seconds. Reducing the idle timeout is preferred
over setting #retry_change_requests to true if you wish to avoid the "too
many connection resets" error when POSTing data.
* Documented tunables and settings in one place in Net::HTTP::Persistent
=== 2.1 / 2011-09-19
* Minor Enhancement
* For HTTPS connections, SSL sessions are now reused avoiding the extra
round trips and computations of extra SSL handshakes. If you have
problems with SSL session reuse it can be disabled by
Net::HTTP::Persistent#reuse_ssl_sessions
* Bug Fixes
* The default certificate store is now used even if #verify_mode was not
set. Issue #7, Pull Request #8 by Matthew M. Boedicker
## 2.3.0
* Several speed/memory improvements
* Numerous bug fixes
* Added support for MRI 1.9, Rubinius, and JRuby
* Added support for integer drop parameters
* Added epoch support to `date` filter
* New `raw` tag that suppresses parsing
* Added `else` option to `for` tag
* New `increment` tag
* New `split` filter
## 2.2.1 / 2010-08-23
* Added support for literal tags
This is current stable release of Drupal.
Drupal is software that allows an individual or a community of users to easily
publish, manage and organize a great variety of content on a website. Tens of
thousands of people and organizations have used Drupal to set up scores of
different kinds of web sites, including
* community web portals and discussion sites
* corporate web sites/intranet portals
* personal web sites
* aficionado sites
* e-commerce applications
* resource directories
Drupal includes features to enable:
* content management systems
* blogs
* collaborative authoring environments
* forums
* newsletters
* picture galleries
* file uploads and download
== 1.3.1 Triple Espresso
* Fix service not working pre 1.9.
== 1.3.0 Double Espresso
* BREAKING CHANGE: Thin no longer ships with fat Windows binaries.
From now on, to install on Windows, install https://github.com/oneclick/rubyinstaller/wiki/Development-Kit.
* BREAKING CHANGE: Remove automatic Content-Length setting.
It is now the responsibility of the app (or a middleware) to set the Content-Length.
* Log errors to STDERR [textgoeshere]
* Shut down gracefully when receiving SIGTERM [ddollar]
Processes are allowed a chance to shut down gracefully when receiving
SIGTERM (http://en.wikipedia.org/wiki/SIGTERM).
On Heroku, when shutting down a process, we send a SIGTERM followed 10
seconds later with a SIGKILL, similar to the behavior of the init daemon
on most Unix systems. This patch will allow Heroku apps to shut down
gracefully when they need to be terminated / moved.
## Rails 3.1.1 (October 7, 2011) ##
* No changes
## Rails 3.1.0 (August 30, 2011) ##
* The default format has been changed to JSON for all requests. If you want to continue to use XML you will need to set `self.format = :xml` in the class. eg.
class User < ActiveResource::Base
self.format = :xml
end
## Rails 3.1.3 (unreleased) ##
* Downgrade sprockets to ~> 2.0.3. Using 2.1.0 caused regressions.
* Fix using `tranlate` helper with a html translation which uses the `:count` option for
pluralization.
*Jon Leighton*
## Rails 3.1.2 (unreleased) ##
* Fix XSS security vulnerability in the `translate` helper method. When using interpolation
in combination with HTML-safe translations, the interpolated input would not get HTML
escaped. *GH 3664*
Before:
translate('foo_html', :something => '<script>') # => "...<script>..."
After:
translate('foo_html', :something => '<script>') # => "...<script>..."
*Sergey Nartimov*
* Upgrade sprockets dependency to ~> 2.1.0
* Ensure that the format isn't applied twice to the cache key, else it becomes impossible
to target with expire_action.
*Christopher Meiklejohn*
* Swallow error when can't unmarshall object from session.
*Bruno Zanchet*
* Implement a workaround for a bug in ruby-1.9.3p0 where an error would be raised
while attempting to convert a template from one encoding to another.
Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.
The workaround is to load all conversions into memory ahead of time, and will
only happen if the ruby version is *exactly* 1.9.3p0. The hope is obviously that
the underlying problem will be resolved in the next patchlevel release of
1.9.3.
*Jon Leighton*
* Ensure users upgrading from 3.0.x to 3.1.x will properly upgrade their flash object in session (issues #3298 and #2509)
## Rails 3.1.1 (October 7, 2011) ##
* stylesheet_link_tag('/stylesheets/application') and similar helpers doesn't
throw Sprockets::FileOutsidePaths exception anymore *Santiago Pastorino*
* Ensure default_asset_host_protocol is respected, closes#2980. *Jos«± Valim*
Changing rake db:schema:dump to run :environment as well as :load_config,
as running :load_config alone will lead to the dumper being run without
including extensions such as those included in foreigner and
spatial_adapter.
This reverses a change made here:
5df72a238e (L0L324)
I'm assuming here that :load_config needs to be invoked
separately from :environment, as it is elsewhere in the
file for db operations, if not the alternative is to go
back to "task :dump => :environment do".
*Ben Woosley*
* Update to rack-cache 1.1.
Versions prior to 1.1 delete the If-Modified-Since and If-Not-Modified
headers when config.action_controller.perform_caching is true. This has two
problems:
* unexpected inconsistent behaviour between development &
production environments
* breaks applications that use of these headers
*Brendan Ribera*
* Ensure that enhancements to assets:precompile task are only run once *Sam Pohlenz*
* TestCase should respect the view_assigns API instead of pulling variables on
its own. *Jos«± Valim*
* javascript_path and stylesheet_path now refer to /assets if asset pipelining
is on. *Santiago Pastorino*
* button_to support form option. Now you're able to pass for example
'data-type' => 'json'. *ihower*
* image_path and image_tag should use /assets if asset pipelining is turned
on. Closes#3126 *Santiago Pastorino and christos*
* Avoid use of existing precompiled assets during rake assets:precompile run.
Closes#3119 *Guillermo Iguaran*
* Copy assets to nondigested filenames too *Santiago Pastorino*
* Give precedence to `config.digest = false` over the existence of
manifest.yml asset digests *christos*
* escape options for the stylesheet_link_tag method *Alexey Vakhov*
* Re-launch assets:precompile task using (Rake.)ruby instead of Kernel.exec so
it works on Windows *cablegram*
* env var passed to process shouldn't be modified in process method. [Santiago
Pastorino]
* `rake assets:precompile` loads the application but does not initialize
it.
To the app developer, this means configuration add in
config/initializers/* will not be executed.
Plugins developers need to special case their initializers that are
meant to be run in the assets group by adding :group => :assets. *Jos«± Valim*
* Sprockets uses config.assets.prefix for asset_path *asee*
* FileStore key_file_path properly limit filenames to 255 characters. *phuibonhoa*
* Fix Hash#to_query edge case with html_safe strings. *brainopia*
* Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
Useful for linking assets from static html files or from emails when the user
could probably look at an older html email with an older asset. *Santiago Pastorino*
* Don't mount Sprockets server at config.assets.prefix if config.assets.compile is false. *Mark J. Titorenko*
* Set relative url root in assets when controller isn't available for Sprockets (eg. Sass files using asset_path). Fixes#2435 *Guillermo Iguaran*
* Fix basic auth credential generation to not make newlines. GH #2882
* Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn't precompiled.
Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. *Guillermo Iguaran*
* CookieJar is now Enumerable. Fixes#2795
* Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763#2765#2805 *Guillermo Iguaran*
* Manifest is correctly placed in assets path when default assets prefix is changed. Fixes#2776 *Guillermo Iguaran*
* Fixed stylesheet_link_tag and javascript_include_tag to respect additional options passed by the users when debug is on. *Guillermo Iguaran*
* Fix ActiveRecord#exists? when passsed a nil value
* Fix assert_select_email to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.
## Rails 3.1.0 (August 30, 2011) ##
* Param values are `paramified` in controller tests. *David Chelimsky*
* x_sendfile_header now defaults to nil and config/environments/production.rb doesn't set a particular value for it. This allows servers to set it through X-Sendfile-Type. *Santiago Pastorino*
* The submit form helper does not generate an id "object_name_id" anymore. *fbrusatti*
* Make sure respond_with with :js tries to render a template in all cases *Jos«± Valim*
* json_escape will now return a SafeBuffer string if it receives SafeBuffer string *tenderlove*
* Make sure escape_js returns SafeBuffer string if it receives SafeBuffer string *Prem Sichanugrist*
* Fix escape_js to work correctly with the new SafeBuffer restriction *Paul Gallagher*
* Brought back alternative convention for namespaced models in i18n *thoefer*
Now the key can be either "namespace.model" or "namespace/model" until further deprecation.
* It is prohibited to perform a in-place SafeBuffer mutation *tenderlove*
The old behavior of SafeBuffer allowed you to mutate string in place via
method like `sub!`. These methods can add unsafe strings to a safe buffer,
and the safe buffer will continue to be marked as safe.
An example problem would be something like this:
<%= link_to('hello world', @user).sub!(/hello/, params[:xss]) %>
In the above example, an untrusted string (`params[:xss]`) is added to the
safe buffer returned by `link_to`, and the untrusted content is successfully
sent to the client without being escaped. To prevent this from happening
`sub!` and other similar methods will now raise an exception when they are called on a safe buffer.
In addition to the in-place versions, some of the versions of these methods which return a copy of the string will incorrectly mark strings as safe. For example:
<%= link_to('hello world', @user).sub(/hello/, params[:xss]) %>
The new versions will now ensure that *all* strings returned by these methods on safe buffers are marked unsafe.
You can read more about this change in http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2e516e7acc96c4fb
* Warn if we cannot verify CSRF token authenticity *Jos«± Valim*
* Allow AM/PM format in datetime selectors *Aditya Sanghi*
* Only show dump of regular env methods on exception screen (not all the rack crap) *DHH*
* auto_link has been removed with no replacement. If you still use auto_link
please install the rails_autolink gem:
http://github.com/tenderlove/rails_autolink
*tenderlove*
* Added streaming support, you can enable it with: *Jos«± Valim*
class PostsController < ActionController::Base
stream :only => :index
end
Please read the docs at `ActionController::Streaming` for more information.
* Added `ActionDispatch::Request.ignore_accept_header` to ignore accept headers and only consider the format given as parameter *Jos«± Valim*
* Created `ActionView::Renderer` and specified an API for `ActionView::Context`, check those objects for more information *Jos«± Valim*
* Added `ActionController::ParamsWrapper` to wrap parameters into a nested hash, and will be turned on for JSON request in new applications by default *Prem Sichanugrist*
This can be customized by setting `ActionController::Base.wrap_parameters` in `config/initializer/wrap_parameters.rb`
* RJS has been extracted out to a gem. *fxn*
* Implicit actions named not_implemented can be rendered. *Santiago Pastorino*
* Wildcard route will always match the optional format segment by default. *Prem Sichanugrist*
For example if you have this route:
map '*pages' => 'pages#show'
by requesting '/foo/bar.json', your `params[:pages]` will be equals to "foo/bar" with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `:format => false` like this:
map '*pages' => 'pages#show', :format => false
* Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call *DHH*
class PostsController < ApplicationController
USER_NAME, PASSWORD = "dhh", "secret"
before_filter :authenticate, :except => [ :index ]
def index
render :text => "Everyone can see me!"
end
def edit
render :text => "I'm only accessible if you know the password"
end
private
def authenticate
authenticate_or_request_with_http_basic do |user_name, password|
user_name == USER_NAME && password == PASSWORD
end
end
end
..can now be written as
class PostsController < ApplicationController
http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index
def index
render :text => "Everyone can see me!"
end
def edit
render :text => "I'm only accessible if you know the password"
end
end
* Allow you to add `force_ssl` into controller to force browser to transfer data via HTTPS protocol on that particular controller. You can also specify `:only` or `:except` to specific it to particular action. *DHH and Prem Sichanugrist*
* Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash *DHH*
form_for(@post, remote: true, method: :delete) instead of form_for(@post, remote: true, html: { method: :delete })
* Make JavaScriptHelper#j() an alias for JavaScriptHelper#escape_javascript() -- note this then supersedes the Object#j() method that the JSON gem adds within templates using the JavaScriptHelper *DHH*
* Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. *Prem Sichanugrist, fxn*
* URL parameters which return false for to_param now appear in the query string (previously they were removed) *Andrew White*
* URL parameters which return nil for to_param are now removed from the query string *Andrew White*
* ActionDispatch::MiddlewareStack now uses composition over inheritance. It is
no longer an array which means there may be methods missing that were not
tested.
* Add an :authenticity_token option to form_tag for custom handling or to omit the token (pass :authenticity_token => false). *Jakub Ku«õma, Igor Wiedler*
* HTML5 button_tag helper. *Rizwan Reza*
* Template lookup now searches further up in the inheritance chain. *Artemave*
* Brought back config.action_view.cache_template_loading, which allows to decide whether templates should be cached or not. *Piotr Sarnacki*
* url_for and named url helpers now accept :subdomain and :domain as options, *Josh Kalderimis*
* The redirect route method now also accepts a hash of options which will only change the parts of the url in question, or an object which responds to call, allowing for redirects to be reused (check the documentation for examples). *Josh Kalderimis*
* Added config.action_controller.include_all_helpers. By default 'helper :all' is done in ActionController::Base, which includes all the helpers by default. Setting include_all_helpers to false will result in including only application_helper and helper corresponding to controller (like foo_helper for foo_controller). *Piotr Sarnacki*
* Added a convenience idiom to generate HTML5 data-* attributes in tag helpers from a :data hash of options:
tag("div", :data => {:name => 'Stephen', :city_state => %w(Chicago IL)})
# => <div data-name="Stephen" data-city-state="["Chicago","IL"]" />
Keys are dasherized. Values are JSON-encoded, except for strings and symbols. *Stephen Celis*
* Deprecate old template handler API. The new API simply requires a template handler to respond to call. *Jos«± Valim*
* :rhtml and :rxml were finally removed as template handlers. *Jos«± Valim*
* Moved etag responsibility from ActionDispatch::Response to the middleware stack. *Jos«± Valim*
* Rely on Rack::Session stores API for more compatibility across the Ruby world. This is backwards incompatible since Rack::Session expects #get_session to accept 4 arguments and requires #destroy_session instead of simply #destroy. *Jos«± Valim*
* file_field automatically adds :multipart => true to the enclosing form. *Santiago Pastorino*
* Renames csrf_meta_tag -> csrf_meta_tags, and aliases csrf_meta_tag for backwards compatibility. *fxn*
* Add Rack::Cache to the default stack. Create a Rails store that delegates to the Rails cache, so by default, whatever caching layer you are using will be used for HTTP caching. Note that Rack::Cache will be used if you use #expires_in, #fresh_when or #stale with :public => true. Otherwise, the caching rules will apply to the browser only. *Yehuda Katz, Carl Lerche*
Changes from previous:
----------------------
0.09 2011-04-29
- Fix documentation to point at the tutorial, rather than
old advent article.
- Link to Catalyst::ActionRole::ACL
- Tidy up examples to show the new authentication system
- fix check_* to always return scalar values,
even in list context (RT#66812)
Jetty provides an HTTP server, HTTP client, and javax.servlet
container. These components are open source and available for
commercial use and distribution.
Tested on NetBSD/i386 5.99.58 with lang/openjdk7
Rack::SSL
=========
Force SSL/TLS in your app.
1. Redirects all "http" requests to "https"
2. Set `Strict-Transport-Security` header
3. Flag all cookies as "secure"
* September 16, 2011: Eighteenth public release 1.2.4
* Fix a bug with MRI regex engine to prevent XSS by malformed unicode
* May 22nd, 2011: Thirteenth public release 1.3.0
* Various performance optimizations
* Various multipart fixes
* Various multipart refactors
* Infinite loop fix for multipart
* Test coverage for Rack::Server returns
* Allow files with '..', but not path components that are '..'
* rackup accepts handler-specific options on the command line
* Request#params no longer merges POST into GET (but returns the same)
* Use URI.encode_www_form_component instead. Use core methods for escaping.
* Allow multi-line comments in the config file
* Bug L#94 reported by Nikolai Lugovoi, query parameter unescaping.
* Rack::Response now deletes Content-Length when appropriate
* Rack::Deflater now supports streaming
* Improved Rack::Handler loading and searching
* Support for the PATCH verb
* env['rack.session.options'] now contains session options
* Cookies respect renew
* Session middleware uses SecureRandom.hex
* May 22nd, 2011: Fourteenth public release 1.2.3
* Pulled in relevant bug fixes from 1.3
* Fixed 1.8.6 support
* July 13, 2011: Fifteenth public release 1.3.1
* Fix 1.9.1 support
* Fix JRuby support
* Properly handle $KCODE in Rack::Utils.escape
* Make method_missing/respond_to behavior consistent for Rack::Lock,
Rack::Auth::Digest::Request and Rack::Multipart::UploadedFile
* Reenable passing rack.session to session middleware
* Rack::CommonLogger handles streaming responses correctly
* Rack::MockResponse calls close on the body object
* Fix a DOS vector from MRI stdlib backport
* July 16, 2011: Sixteenth public release 1.3.2
* Fix for Rails and rack-test, Rack::Utils#escape calls to_s
* September 16, 2011: Seventeenth public release 1.3.3
* Fix bug with broken query parameters in Rack::ShowExceptions
* Rack::Request#cookies no longer swallows exceptions on broken input
* Prevents XSS attacks enabled by bug in Ruby 1.8's regexp engine
* Rack::ConditionalGet handles broken If-Modified-Since helpers
* October 1, 2011: Nineteenth public release 1.3.4
* Backport security fix from 1.9.3, also fixes some roundtrip issues in URI
* Small documentation update
* Fix an issue where BodyProxy could cause an infinite recursion
* Add some supporting files for travis-ci
* October 17, 2011: Twentieth public release 1.3.5
* Fix annoying warnings caused by the backport in 1.3.4
- release: 2.7.0
date: 2011-04-01
enhancements:
- |
New option ':bufvar' supported to specify buffer variable name.
ex:
input = "Hello <%= name %>!"
eruby = Erubis::Eruby.new(input)
puts eruby.src
#=> _buf = ''; _buf << "Hello "; _buf << ( name ).to_s; _buf << '!';
eruby = Erubis::Eruby.new(input, :bufvar=>'@_out')
puts eruby.src
#=> @_out = ''; @_out << 'Hello '; @_out << ( name ).to_s; @_out << '!';
- |
New enhancer 'PrefixedLineEnhancer' which is a customizable version
of PercentLineEnhancer.
The difference between PrefixedLineEnhancer and PercentLineEnhancer is:
* You can indent Ruby statetment lines starting with '%'
* You can specify prefix character by :prefixchar option.
ex:
class MyEruby < Erubis::Eruby
include Erubis::PrefixedLineEnhancer
end
input = <<END
<ul>
% for item in @items
<li><%= item %></li>
% end
%% you can indent '%' lines
</ul>
END
eruby = MyEruby.new(input, :prefixchar=>'%') # default '%'
puts eruby.src
output:
_buf = ''; _buf << '<ul>
'; for item in @items
_buf << ' <li>'; _buf << ( item ).to_s; _buf << '</li>
'; end
% you can indent '%' lines
_buf << '</ul>
';
_buf.to_s
- |
Add helper CGI script. See 'public_html/README.txt' for details.
- |
Rubinius is supported as first-class Ruby implementation.
- |
C++ support. Try '-l cpp' command-line option.
changes:
- |
Remove dependency to 'abstract' library.
You don't need to install 'abstract' gem.
- |
Erubis::Eruby#load_file() now sets cache file timestamp to the same
value as original eRuby file. For example, if you restore eRuby files
from backup, Erubis::Eruby#load_file() can detect it and generate
cache file again.
## generates cache file (A.rhtml.cache).
eruby = Erubis::Eruby.load_file('A.rhtml')
p File.mtime('A.rhtml') == File.mtime('A.rhtml.cache') #=> true
TYPO3 is a free Open Source content management system for enterprise
purposes on the web and in intranets. It offers full flexibility and
extendability while featuring an accomplished set of ready-made
interfaces, functions and modules.
This is TPYO3 4.6 based stable release.
Please refer release notes http://typo3.org/download/release-notes/typo3-46/
in detail.
Changes from previous:
----------------------
3.18 2011-01-24
- remove 3.17's test skip hacks, and bump Apache::Test prerequisite to v1.35
which fixes this issue.
- fix MANIFEST.SKIP to ignore generated t/conf/mime.types
- remove dist.ini, weaver.ini from dists
- fixed t/real.t to use correct -withtestmore import syntax
- rename sample authcookie handlers to Sample::Apache and Sample::Apache2
namespaces
3.17 2011-01-19
- skip the test suite if running as root. Apache::Test 1.34 fails the test
suite if running as root instead of skipping it. By skipping, AuthCookie can
be installed via CPAN.pm as root.
3.16 2011-01-19
- require Apache::Test 1.32 - fixes ubuntu build issue
- remove mod_perl/mod_perl2 related prereq's from META.yml. The correct mod
perl version is not known until Makefile.PL is run. CPAN.pm should not
try to install either one until it is known which one is appropriate.
(RT 64926)
3.15 2010-08-27
- enable Dist::Zilla Manifest plugin
- add FAQ
- add FAQ entry on how to protect an entire site/document root
- recognize_user: return DECLINED if user is already set
- refactor P3P header generation into send_p3p($r) so subclasses can overload it
3.14 2010-04-12
- MP2: doc updates: remove beta warnings, change Apache::AuthCookie to
Apache2::Authcookie where appopriate.
- docs: change my email to my cpan address
- docs: remove POST limitations reference (handled by POST to GET conversion)
- sign dist with Module::Signature
- add signature test
- MP1: perltidy Apache::AuthCookie sources.
- update mod_perl2 prereq version (still 2.0.0 RC5, but version number was
incorrect in Makefile.PL)
- use Dist::Zilla for building the dist
Concrete5 is a content management system (CMS) that can manage Web
applications, Web sites, stores, and forums. It allows individuals
involved with Web sites to easily manage their content and their
site structure. Concrete5's in-context editing is like working with
a wiki, and the extendable block support makes editing and extending
unique Web sites easy. The goal behind Concrete5 was always to
create a toolset that could be used by anyone with basic computer
skills to edit and add pages to a Web site.
Highlights:
* Easier Uploading
- File Type Detection - A single upload button
- Drag-and-Drop Media Uploader
* Dashboard Design
- New Toolbar in the dashboard, combining the Admin Bar and admin
header
- Responsive design for some screens, including iPad/tablet
support
- Flyout menus, providing single-click access to any screen
* New User Experience
- New feature pointers, helping users navigate new features
- Post-update About screen
- Dashboard welcome area for new installs
* Content Tools
- Better co-editing that releases post locks immediately
- Don't lose widgets when switching themes
- Tumblr Importer
* Under the Hood improvements
- Use the postname permalink structure without a performance
penalty
- Improved Editor API
- is_main_query() function and WP_Query method
- Remove a number of funky characters from post slugs
- jQuery 1.7.1 and jQuery UI 1.8.16
- A new Screen API for adding help documentation and adapting to
screen contexts
- Improved metadata API
* Performance improvements and hundreds of bug fixes
More changes at http://codex.wordpress.org/Version_3.3
== 0.6.1 / 2011-07-27
* Bug fixes
* Fix support for params with arrays in multipart forms (Joel Chippindale)
* Add respond_to? to Rack::Test::UploadedFile to match method_missing (Josh Nichols)
* Set the Referer header on requests issued by follow_redirect! (Ryan Bigg)
== 0.6.0 / 2011-05-03
* Bug fixes
* Add support for HTTP OPTIONS verb (Paolo "Nusco" Perrotta)
* Call #finish on MockResponses if it's available (Aaron Patterson)
* Allow HTTP_HOST to be set via #header (Geoff Buesing)
Changes from previous:
----------------------
0.1503 2011-12-08
* Change docs to show $c->config('Plugin::Authentication' => {...
rather than $c->config->{authentication}. The new key, and method
rather than hash access style are both preferred and recommended.
0.1502 2011-08-24
* Switch repository to git (fREW Schmidt)
0.1501 2011-06-17
* If use_userdata_from_session isn't set, then don't store more
fields than we need in the session -- only the fields we need to
load the object from the DB again.
0.1500 2010-11-16
* Allow specifying a fully loaded DBIC result in addition to resultsets
of which only the first row is considered.
0.1401 2010-11-16
* Fix call to ->load which was not passing $c
Tomcat 6.0.35 (jfclere)
+++++++++++++++++++++++
Catalina
--------
fix Fix regression in decoding of parameters that contain spaces.
Patch by Willem Fibbe. (kkolinko)
Tomcat 6.0.34 (jfclere) not released
++++++++++++++++++++++++++++++++++++
Catalina
--------
fix 51550: Display an error page rather than an empty response
for an IllegalStateException caused by too many active sessions.
(markt)
add 51640: Improve the memory leak prevention for leaks triggered
by java.sql.DriverManager. (markt/kkolinko)
fix 51688: JreMemoryLeakPreventionListener now protects against
AWT thread creation. (schultz)
fix 51758: The digester (used for processing XML files) used
the logger name org.apache.commons.digester.Digester rather
than the expected org.apache.tomcat.util.digester.Digester.
The digester has been changed to use the expected logger name.
(kkolinko)
add 51862: Added a classesToInitialize attribute to
JreMemoryLeakPreventionListener to allow pre-loading of
configurable classes to avoid some classloader leaks. (slaurent)
fix 51872: Ensure that the access log always uses the correct
value for the remote IP address associated with the request
and that requests with multiple errors do not result in
multiple entries in the access log. (markt)
add Allow to overwrite the check for distributability of session
attributes by session implementations. (rjung)
add Provide the log format "OneLineFormatter" for JULI that
provides the same information as the default plus thread
name but on a single line. (markt/rjung)
fix Ensure the the memory leak protection for the HttpClient
keep-alive always operates even if the thread has already
stopped. (markt)
fix 51940: Do not limit saving of request bodies during FORM
authentication to POST requests since any HTTP method may
include a request body. Based on a patch by Nicholas Sushkin.
(kkolinko)
fix 52091: Address performance issues related to lock contention
in StandardWrapper. Based on patch provided by Taiki Sugawara.
(kkolinko)
update In GenericPrincipal, SerializablePrincipal: Do not sort lists
of roles that have only one element. (kkolinko)
add Make configuration issue for CsrfPreventionFilter result in
the failure of the filter rather than just a warning message.
(kkolinko)
fix Ensure changes to the configuration of RemoteAddrValve and
RemoteHostValve via JMX are thread-safe. (kkolinko)
add Make configuration issue for RemoteAddrValve and
RemoteHostValve result in the failure of the valve rather
than just a warning message. (kkolinko)
update In RequestFilterValve (RemoteAddrValve, RemoteHostValve):
refactor value matching logic into separate method and expose
this new method isAllowed through JMX. (kkolinko)
add Improve performance of parameter processing for GET and POST
requests. Also add an option to limit the maximum number of
parameters processed per request. This defaults to 10000.
Excessive parameters are ignored. Note that FailedRequestFilter
can be used to reject the request if some parameters were
ignored. (markt/kkolinko)
add New filter FailedRequestFilter that will reject a request
if there were errors during HTTP parameter parsing. (kkolinko)
Coyote
------
fix 50394: Return -1 from read operation instead of throwing an
exception when encountering an EOF with the HTTP APR connector.
(kkolinko)
fix 51698: Fix CVE-2011-3190. Prevent AJP message injection. (markt)
fix Detect incomplete AJP messages and reject the associated
request if one is found. (markt)
fix 51794: Fix race condition in NioEndpoint selector.
Patch provided by dlord. (fhanik)
fix 51905: Fix infinite loop in AprEndpoint shutdown if acceptor
unlock fails. Reduce timeout before forcefully closing the
socket from 30s to 10s. (kkolinko)
fix 52121: Fix possible output corruption when compression is
enabled for a connector and the response is flushed.
Test case provided by David Marcks. (kkolinko)
fix Replace unneeded call that iterated events queue in
NioEndpoint.Poller. (kkolinko)
fix Improve MimeHeaders.toString(). (kkolinko)
fix Allow the BIO HTTP connector to be used with SSL when
running under Java 7. (markt)
fix Improve multi-byte character handling in all connectors. (rjung)
Jasper
------
fix 51220: Correct copy/paste error in original commit for this
issue. (markt)
fix 52091: Address performance issues related to log creation
in TagHandlerPool. Patch provided by Taiki Sugawara. (markt)
Cluster
-------
add 51736: Make rpcTimeout configurable in BackupManager. (kfujino)
add New cluster manager attribute sessionAttributeFilter allows
to filter which session attributes are replicated using a
regular expression applied to the attribute name. (rjung)
fix Avoid an unnecessary session ID change notice.
Notice of changed session ID by JvmRouteBinderValve is
unnecessary to BackupManager. In BackupManager, change of
session ID is replicated by the call of a setId() method.
(kfujino)
fix Fix unneeded duplicate resetDeltaRequest() call in
DeltaSession.setId(String). (kkolinko)
add When Context manager does not exist, no context manager
message is replied in order to avoid timeout (default 60 sec)
of GET_ALL_SESSIONS sync phase. (kfujino)
Webapps
-------
fix Correct the documentation for the connectionLinger attribute
of the HTTP connector. (markt)
add Show build date and version in the header on every
documentation page. (kkolinko)
fix 52049: Improve setup instructions for running as a Windows
service: correct information on how a JRE is identified and
selected. (markt)
update 52172: Clarify Tomcat build instructions. Patch provided by
bmargulies. (kkolinko)
Other
-----
update Update the native component of the APR/native connectors
to 1.1.22. (markt)
update Update the recommended version of the native component
of the APR/native connectors to 1.1.22. (kkolinko)
update Update the Eclipse compiler (used for JSPs) to 3.7. (markt)
fix Correct two typos in the Windows installer. (kkolinko)
fix 52059: In Windows uninstaller: Do not forget to remove
Tomcat keys from 32-bit registry on deinstallation. (kkolinko)
ownCloud gives you universal access to your files through a web
interface or WebDAV. It also provides a platform to easily view &
sync your contacts, calendars and bookmarks across all your devices
and enables basic editing right on the web.
Changes from previous:
----------------------
0.09003 2011-05-12
- depend on HTML::FormFu 0.09
0.09002 2011-05-11
- fixes#67404 (Missing dependency on MooseX::ChainedAccessors)
- fixes#67571 (Minimum requirement for HTML::FormFu is 0.9002)
actually it just requires MooseX::ChainedAccessors
- hopefully fixes 539965f0-7b0f-11e0-b729-7181c0b02281
0.09001 2011-05-10
- fixed problem with build_per_context_instance that caused errors
like http://paste.scsys.co.uk/102966
0.09000 2011-03-29
- Fix mem leak
- Resolve Moose extends/runtime bug RT #55780
- fix RequestToken classes to work with new Moosified HTML-FormFu
= Changes in 2.2.4 =
Dec 08, 2011 - version 2.2.4
* Bug fixes
* Do not recycle buffer String object for yielding. When the response is
not chunked and the size of the response > 16KB, API with block style
yields recycled String object for each yields.
* Set VERSION string in User-Agent header. $Id$ didn't work long time...
Bugs are reported by Seamus Abshere. Thanks!
Changes from previous:
----------------------
1.013 2010-12-14
- Call store_digest_authorization_nonce() instead of $c->cache->set()
in authenticate_digest() (RT#63669) (rjk)
- Make Test::Exception and Test::MockObject be listed as test_requires
rather than requires (RT#54029)
- Skip WWW::Mech tests unless WWW::Mech is a new enough version (RT#55303).
- Improve documentation for authenticate_digest() (rjk)
- depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session
- reorganize and clarify
many fixes and improvements - see the ChangeLog file
one marked as security relevant:
If the redirect URL contains characters RFC 3986 doesn't permit,
they are (re)encoded. Not doing this makes Privoxy versions from
3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
attacks if the +fast-redirects{check-decoded-url} action is used.
Tiki is free, both Free Software (as in "Free Speech") and Free of
Charge (as in "Free Beer"), and for everyone! It has all the features
you need "out-of-the-box":
* Wikis (like Wikipedia)
* Forums (like phpBB)
* Blogs (like WordPress)
* Articles (like Yahoo News)
* Image Gallery (like Flickr)
* Map Server (like Google Maps)
* Link Directory (like DMOZ)
* Multilingual (like Babel Fish)
* Bug Tracker (like Bugzilla)
* RSS Feeds (like Digg)
* Free Open Source software (LGPL)
This is Long Term Support version.
Upstream highlights:
--------------------
Highlights
MDL-27037 - Wiki 2.0 respects 'visible groups' functionality
MDL-29960 - Dropbox repository now functioning with new API
Functional changes
MDL-27516 - RTL Theme fixes for Moodle 2
Security issues
MSA-11-0042 - Information leak in Wiki
MSA-11-0043 - Possible link redirect in Calendar
MSA-11-0044 - Expired identification information shown in Web services
MSA-11-0045 - Potential to masquerade through MNet
MSA-11-0047 - Possible injection attack in Calendar
MSA-11-0048 - Password loss issue
MSA-11-0050 - Backup capability issue
MSA-11-0051 - Authentication issue with Web services
MSA-11-0052 - Potential to exploit developer debugging scripts
MSA-11-0053 - Security and system administration conflict
MSA-11-0054 - Personal information leak
Fixes and improvements
MDL-28292 - Removed possibility to 'lose' a block by docking it
MDL-29542 - Lesson no longer gets corrupted after creating a new question
MDL-30010 - Core themes which have pagelayout problems when moving blocks have been fixed
MDL-27790 - Temporary course remains after restore
MDL-29529 - Fixed database error when assignments were sorted by status
MDL-30375 - Comments block no longer disappears when cancel is clicked
MDL-30398 - Lesson no longer accepts blank password
* Honour MellonProbeDiscoveryIdP order when sending probes
* Allow MellonUser variable to be translated through MellonSetEnv
* A /mellon/probeDisco endpoint replaces the builtin:get-metadata
IdP dicovery URL scheme
* New MellonCond directive to enable attribute filtering beyond
MellonRequire functionalities.
* New MellonIdPMetadataGlob directive to load mulitple IdP metadata
using a glob(3) pattern.
* Support for running behind reverse proxy.
* MellonCookieDomain and MellonCookiePath options to configure cookie
settings.
* Support for loading federation metadata files.
* Several bugfixes.
Changes from previous:
1.3080 25.10.2011
** Codename: Sawyer's Sugar Stream // Sawyer X **
[ ENHANCEMENTS ]
* No functional changes, just releasing as stable.
1.3079_05 02.10.2011
[ API CHANGES ]
* Deprecation of 'before', 'before_template' and 'after' in favor of hook
(Alberto Simões)
[ BUG FIXES ]
* Minor corrections (jamhed, felixdo)
* Log if a view and or a layout is not found (Alberto Simões, reported
by David Previous)
[ ENHANCEMENTS ]
* Add support for the HTTP 'PATCH' verb (David Precious)
1.3079_04 02.10.2011
[ ENHANCEMENTS ]
* PSGI handler code cleaned up (chromatic).
* Improved warning localizations (chromatic).
[ DOCUMENTATION ]
* Dancer::Plugins typos (Olof Johansson).
* PSGI handler documented (chromatic).
1.3079_03 10.09.2011
[ ENHANCEMENTS ]
* Support XML::Simple configuration for serializing/deserializing
(Alberto Simões)
* Hard deprecate lots of stuff (Alberto Simões)
[ BUG FIXES ]
* Don't clobber TT INCLUDE_PATH if the user set it specifically in the
config file - Issue 643 (David Precious, reported by meraxes)
* Don't require a space after semi-colon delimiting multiple name=value
cookie pairs - Issue 642 (David Precious, reported by travisbeck)
1.3079_02 28.08.2011
[ BUG FIXES ]
* Remove hard-coded version from 404.html and 500.html (Alberto Simões)
* Fix logging of UTF8-encoded strings (jamhed)
* Do not clean 'vars' during forward (Alberto Simões)
[ ENHANCEMENTS ]
* Add streaming support to send_file. (Sawyer X)
PR/45506. No new options added. Notable changes:
*) Bugfix: a segmentation fault might occur in a worker process if
resolver got a big DNS response.
*) Feature: accept filters are now supported on NetBSD.
*) Bugfix: a segmentation fault occurred on start or while
reconfiguration if the "ssl" directive was used at http level and
there was no "ssl_certificate" defined.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"down".
*) Bugfix: a segmentation fault might occur during reconfiguration if
ssl_session_cache was defined but not used in previous configuration.
*) Bugfix: a segmentation fault might occur in a worker process if many
backup servers were used in an upstream.
*) Feature: now nginx supports ECDHE key exchange ciphers.
*) Change: now default SSL ciphers are "HIGH:!aNULL:!MD5".
*) Bugfix: a segmentation fault might occur in a worker process, if a
caching was used.
*) Bugfix: worker processes may got caught in an endless loop during
reconfiguration, if a caching was used; the bug had appeared in 0.8.48.
Changes:
* w3m.el (w3m-delete-buffer): Switch to the previous emacs-w3m buffer
explicitly; bind frame-auto-delete and ignore-window-parameters while
killing the buffer.
(w3m-goto-url): Change the order of retrieving group:* urls so as to
arrange the buffer list in turn.
* w3m.el (w3m-goto-mailto-url): Pass other headers to the agent.
* w3m-ems.el (w3m-toolbar-define-keys): Work around the Emacs 24 error
"`keymap' is reserved for embedded parent maps".
* w3m.el (w3m-content-type-alist): Use functionp instead of symbolp for
the users who set their own private function to
browse-url-browser-function.
* w3m.el (w3m-content-type-alist): When selecting which external html
browser to use, handle the case where browse-url-browser-function is
an alist.
* w3m.el (w3m-goto-mailto-url): Decode entities in URL.
* img: Bugfix to width/height tags for scaled down image when only
one dimension was provided. Thanks, Per Carlson.
* editpage: Fix FormattingHelp link on Discussion pages.
* The umask setting can now be set to private, group, or public,
avoiding the need to enter octal correctly which is particularly
difficult in yaml setup files. (smcv)
* graphviz: Support urls embedded in the graph, by having graphviz
generate an imagemap.
* graphviz: Support wikilinks embedded in the graph.
(Sponsored by The TOVA Company.)
Fixed in 7.23.1 - November 17 2011
Bugfixes:
Windows: curl would fail if it found no CA cert, unless -k was used. Even if a non-SSL protocol URL was used
Fixed in 7.23.0 - November 15 2011
Changes:
Empty headers can be sent in HTTP requests by terminating with a semicolon
SSL session sharing support added to curl_share_setopt()
Added support to MAIL FROM for the optional SIZE parameter
smtp: Added support for NTLM authentication
curl tool: code split into tool_*.[ch] files
Bugfixes:
handle HTTP redirects to "//hostname/path"
SMTP without --mail-from caused segfault
prevent extra progress meter headers between multiple files
allow Content-Length to be replaced when sending HTTP requests
curl now always sets postfieldsize to allow --data-binary and --data to be mixed in the same command line
curl_multi_fdset: avoid FD_SET out of bounds
lots of MinGW build tweaks
Curl_gethostname: return un-qualified machine name
fixed the openssl version number configure check
nss: certificates from files are no longer looked up by file base names
returning abort from the progress function when using the multi interface would not properly cancel the transfer and close the connection
fix libcurl.m4 to not fail with modern gcc versions
ftp: improved the failed PORT host name resolved error message
TFTP timeout and unexpected block adjustments
HTTP and GOPHER test server-side connection closing adjustments
fix endless loop upon transport connection timeout
don't clobber errno on failed connect
typecheck: allow NULL to unset CURLOPT_ERRORBUFFER
formdata: ack read callback abort
make --show-error properly position independent
set the ipv6-connection boolean correctly on connect
SMTP: fix end-of-body string escaping
gtls: only call gnutls_transport_set_lowat with HTTP: handle multiple auths in a single WWW-Authenticate line
curl_multi_fdset: correct fdset with FTP PORT use
windbuild: fix the static build
fix builds with GnuTLS version 3
fix calling of OpenSSL's ERR_remove_state(0)
HTTP auth: fix proxy Negotiate bug when Negotiate not requested
ftp PORT: don't hang if bind() fails
-# would crash on terminals wider than 256 columns
Fixed in 7.22.0 - September 13 2011
Changes:
Added CURLOPT_GSSAPI_DELEGATION
Added support for NTLM delegation to Samba's winbind daemon helper ntlm_auth
Display notes from setup file in testcurl.pl
BSD-style lwIP TCP/IP stack experimental support on Windows
OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available
--delegation was added to set CURLOPT_GSSAPI_DELEGATION
nss: start with no database if the selected database is broken
telnet: allow programatic use on Windows
Bugfixes:
curl_getdate: detect some illegal dates better
when sending a request and an error is received before the (entire) request body is sent, stop sending the request and close the connection after having received the entire response. This is equally true if an Expect: 100-continue header was used.
When using both -J and a single -O with multiple URLs, a missing init could cause a segfault
-J fixed for escaped quotes
-J fixed for file names with semicolons
progress: reset flags at transfer start to avoid wrong CURLINFO_CONTENT_LENGTH_DOWNLOAD
curl_gssapi: Guard files with HAVE_GSSAPI and rename private header
silence picky compilers: mark unused parameters
help output: more gnu like output
libtests: stop checking for CURLM_CALL_MULTI_PERFORM
setting a non-HTTP proxy with an environment variable or with CURLOPT_PROXY / --proxy (without specifying CURLOPT_PROXYTYPE) would still make it do proxy-like HTTP requests
CURLFORM_BUFFER: insert filename as documented (regression)
SOCKS: fix the connect timeout
ftp_doing: bail out on error properly while multi interfacing
improved Content-Encoded decoding error message
asyn-thread: check for dotted addresses before thread starts
cmake: find winsock when building on windows
Curl_retry_request: check return code
cookies: handle 'secure=' as if it was 'secure'
tests: break busy loops in tests 502, 555, and 573
FTP: fix proxy connect race condition with multi interface and SOCKS proxy
RTSP: GET_PARAMETER requests have a body
fixed several memory leaks in OOM situations
bad expire(0) caused multi_socket API to hang
Avoid ftruncate() static define with mingw64
mk-ca-bundle.pl: ignore untrusted certs
builds with PolarSSL 1.0.0
Same distfile name, different contents.
Changes:
2010-06-21 (2.8.7rel.2)
* add limit-check for too-long URIs in href's (RedHat #605286) -TD
* fix a few places still referring to "2-8-6" -TD
Beautiful Soup 3.2.0 features very little new functionality, but its version
number leapfrogs the defunct 3.1 series, preventing confusion about which
version is the latest.
However, the web site also says this about our previous version:
Beautiful Soup version 3.1.0.1 was released January 6, 2009. It won't work
very well — I consider it a failed experiment.
which is required to update www/p5-Plack-Middleware-ConsoleLogger.
There are a lot of XSS, a security hole typically found in web
applications, caused by incorrect (or lack of) JavaScript
escaping. This module is aimed to provide a secure JavaScript escaping
to avoid XSS with JavaScript values.
PAM helper program. OpenPAM didn't check this, so it could be
tricked into reading arbitrary config files, allowing privilege
escalation.
Standard squid installations don't install the PAM helper SUID, but
depending on local needs, an administrator might choose to do so.
approved by pkg maintainer
bump PKGREV
=== RELEASE 2.4 ===
Sat Nov 19 01:21:25 MET 2011 mikulas:
Do not translate '\' to '/' in HTTP requests
Sat Nov 19 01:19:12 MET 2011 mikulas:
Do not test for existing strings when loading links history file
=> avoid quadratic-complexity on startup
Sat Nov 19 01:18:59 MET 2011 mikulas:
Fixed a possible memory leak on Windows
Wed Nov 16 17:59:49 MET 2011 mikulas:
Fixed a crash on systems that don't have strerror
Fri Nov 11 23:22:25 CEST 2011 mikulas:
Fixed a crash in Windows console code
Wed Oct 12 22:08:39 MET 2011 mikulas:
Fixed a possible crash if the user changes socks dns append string
while socks connection is in progress
Sun Sep 25 18:40:57 MET 2011 mikulas:
Do not send '#' in the url when downloading
Sun Sep 18 16:57:38 CEST 2011 mikulas:
Fixed crashes with libpng-1.5
Fri Sep 16 20:16:01 CEST 2011 mikulas:
Fixed bugs in the directfb driver
Fri Sep 16 18:40:41 CEST 2011 mikulas:
Workaround for icc optimization bug on framebuffer
Don't clear the whole framebuffer, clear just an used area
(fixes problems with Nvidia framebuffer)
Tue Sep 13 23:13:52 CEST 2011 mikulas:
Make it compile with OpenWatcom for Linux
Note: because of unimplemented "gethostbyname" function,
it requires installed "host" command to do name lookups
Tue Sep 13 03:53:06 cet 2011 mikulas:
Try to free internal caches when out of memory happens
Mon Sep 12 19:57:13 CEST 2011 mikulas:
Fixed a crash when cache is flushed while auth dialog is displayed
Sun Sep 11 02:02:09 MET 2011 mikulas:
Reduced memory consumption
Don't reformat plain text if window size changes
Releasing 0.9.17. -CG
Fixing return value of MHD_get_timeout if timeouts are not in use.
(#1914). -rboulton
Trying to fix accidental addition of a "Connection: close" footer
under certain (rare) circumstances. -CG
Small updates to the tutorial.
Releasing 0.9.16. -CG
shutdown(RDWR) fails on OS X after shutdown(RD), so only use
shutdown(WR) if we already closed the socket for reading (otherwise
OS X might not do shutdown (WR) at all). -CG
Force adding of 'Connection: close' to the header if we (for whatever
reason) are shutting down the socket for reading (see also
#1760). -CG
Treat EAGAIN the same way as EINTR (helps on W32). -LRN
Made sockets blocking again for non-Linux platforms as non-blocking
sockets cause problems (#1824) on Cygwin but offer better performance
on Linux (see change on August 11 2011). -CG/pross
Fixed problems with testcases on W32. -LRN
Fixed MHD_CONNECTION_OPTION_TIMEOUT for HTTPS (#1811). -CG
Changes from previous:
2.4 July 20th, 2011
No functional changes.
Fixed Perl 5.12 compatibility, thanks to Nicholas Bamber. (RT#67894)
Also, some other code-cleanup.
Aipo is web-based groupware software. Currently Aipo has interface
written in Japanese only.
You can get source at http://code.google.com/p/aipo/ .
This package requires apache-tomcat and postgresql-server.
Tested only with lang/openjdk7, www/apache-tomcat7,
and databases/postgresql84-server.
(added test target)
2011-03-31 John J Lee <jjl@pobox.com>
* 0.2.5 release.
* This is essentially a no-changes release to fix easy_install
breakage caused by a SourceForge issue
* Sourceforge is returning invalid HTTP responses, make download
links point to PyPI instead
* Include cookietest.cgi in source distribution
* Note new IETF cookie standardisation effort
2010-10-28 John J Lee <jjl@pobox.com>
* 0.2.4 release.
* Fix IndexError on empty Content-type header value. (GH-18)
* Fall back to another encoding if an unknown one is declared.
Fixes traceback on unknoqn encoding in Content-type header.
(GH-30)
2010-10-16 John J Lee <jjl@pobox.com>
* 0.2.3 release.
* Fix str(ParseError()) traceback. (GH-25)
* Add equality methods to mechanize.Cookie . (GH-29)
2010-07-17 John J Lee <jjl@pobox.com>
* 0.2.2 release.
* Officially support Python 2.7 (no changes were required)
* Fix TypeError on .open()ing ftp: URL (only affects Python 2.4
and 2.5)
* Don't include HTTPSHandler in __all__ if it's not available
2010-05-16 John J Lee <jjl@pobox.com>
* 0.2.1 release.
* API change: Change argument order of
HTTPRedirectHandler.redirect_request() to match urllib2.
* Fix failure to use bundled BeautifulSoup for forms. (GH-15)
* Fix default cookie path where request path has query containing
/ character. (http://bugs.python.org/issue3704)
* Fix failure to raise on click for nonexistent label. (GH-16)
* Documentation fixes.
2010-04-22 John J Lee <jjl@pobox.com>
* 0.2.0 release.
* Behaviour change: merged upstream urllib2 change (allegedly a
"bug fix") to return a response for all 2** HTTP responses (e.g.
206 Partial Content). Previously, only 200 caused a response
object to be returned. All other HTTP response codes resulted
in a response object being raised as an exception.
* Behaviour change: Use of mechanize classes with `urllib2` (and
vice-versa) is no longer supported. However, existing classes
implementing the urllib2 Handler interface are likely to work
unchanged with mechanize. Removed RequestUpgradeProcessor,
ResponseUpgradeProcessor, SeekableProcessor.
* ClientForm has been merged into mechanize. This means that
mechanize has no dependencies other than Python itself. The
ClientForm API is still available -- to switch from ClientForm to
mechanize, just s/ClientForm/mechanize in your source code, and
ensure any use of the module logging logger named "ClientForm" is
updated to use the new logger name "mechanize.forms". I probably
won't do further standalone releases of ClientForm.
* Stop monkey-patching Python stdlib.
* Merge fixes from urllib2 trunk
* Close file objects on .read() failure in .retrieve()
* Fix a python 2.4 bug due to buggy urllib.splithost
* Fix Python 2.4 syntax error in _firefox3cookiejar
* Fix __init__.py typo that hid mechanize.seek_wrapped_response and
mechanize.str2time. Fixes
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465206
* Fix an obvious bug with experimental firefox 3 cookiejar support.
It's still experimental and not properly tested.
* Change documentation to not require a .port attribute on request
objects, since that's unused.
* Doc fixes
* Added mechanize.urljoin (RFC 3986 compliant function for joining
a base URI with a URI reference)
* Merge of ClientForm (see above).
* Moved to git (from SVN) http://github.com/jjlee/mechanize
* Created an issue tracker http://github.com/jjlee/mechanize/issues
* Docs are now in markdown format (thanks John Gabriele).
* Website rearranged. The old website has been archived at
http://wwwsearch.sourceforge.net/old/ . The new website is
essentially just the mechanize pages, rearranged and cleaned up a
bit.
* Source code rearranged for easier merging with upstream urllib2
* Fully automated release process.
* New test runner. Single test suite; tests create their own HTTP
server fixtures (server fixtures are cached where possible for
speed).
Changes from previous:
3.26
- Added 'delay' option to delay between requests
- Added --skip-identify option to oai_browser.pl
- Fixed POD for RT #64077
- Hopefully fixes#69337 (no test case given)
- Bumped XML::SAX::Base to 1.04 which should fix#68907
3.25
- Added unit test for OAI_DC metadata() parsing
- Metadata::OAI_DC now parses dc when passed as a DOM to ->metadata
Changes from previous:
0.13
* Added 'getValue' node's method as in HTML::TreeBuilder::XPath for
comment nodes in web-scraper module
* Added dummy method 'store_comments' as in HTML::TreeBuilder
for web-scraper module (for comment nodes) and for
HTML::TreeBuilder::XPath working in tests with comment nodes
* Now this module requires HTML::TreeBuilder::XPath v.0.14 (before 0.14
there getValue() didn't work for comment nodes)
Changes from previous:
0.28 Thu Jul 08 20:30:00 CEST 2010
===================================
* Upgrade the plugin for Catalyt 5.8 series
* Changes for adopting MRO::compat where not complete. Calls to next::method
instead of NEXT::...()
* Change name of paths and compiled base class properties in Cat 5.8
* Clone the result before serializing, as RPC::XML won't clone already seen
refs (thanks t0m)
* Fix the test suite (some tests were lost from 0.24->0.26)
* Don't warn about the breakage of XML::RPC, as the author has already
fixed the backcompat breakage
0.26 Fri Sep 25 13:50:41 CEST 2009
===================================
* Important notice: RPC::XML 0.69 introduced a backwards incompatible
change. For now, this module will only work with RPC::XML 0.67 or
before. See this bug report for RPC::XML for details:
https://rt.cpan.org/Ticket/Display.html?id=50013
* Address: #44995: Instruction to disable RenderView action.
Updated tutorial accordingly.
* Address: #46316: Catalyst::Plugin::Server is trying to use NEXT, which
is deprecated. We are now using MRO::compat instead.
* Address: #45709 Documentation Ambiguity leads to confusion; The use of
$c->req->xmlrpc->error is now documented in more detail.
* Add unicode tests
* Other small test improvements
Changes from previous:
==============================
2011-03-07 23:46:11 +0000 1.06
==============================
commit b19d16ab7884681490695ac7e06145c8e609a293
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date: Mon Mar 7 23:46:11 2011 +0000
Fix trailing space and bump version to 1.06
commit dd95ee1ab0da0d89e8a18e39e9b4cbebabdd4f44
Author: Paul Driver <frodwith@gmail.com>
Date: Mon Mar 7 10:54:55 2011 -0600
Depending on latest HTTP::Parser and fixing some tests
commit a3fbde85a4c52b1f9265b355a40214d4ba69b9d7
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date: Mon Mar 7 21:46:59 2011 +0000
Update dist.ini with 'Prereqs' option rather than 'Prereq'
commit 0337189987690f84435961ee29e0082a6216accf
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date: Wed Jul 28 13:13:58 2010 +0100
Removed the unnecessary tests
commit ae9689f9b53ecfdc6db670daba7db58b72c30126
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date: Wed Jul 28 13:06:43 2010 +0100
Convert distribution to Dist::Zilla
Changes from previous:
0.24 2011-10-04 Tomas Doran <bobtfish@bobtfish.net>
* Further fix to pm_wait routine to find the correct PID and remove it
(fixing logical error introduced in the last release), noted by Vadim
Dashkevich
* Document (somewhat) FCGI::ProcManager::Constrainted
0.23 2011-09-27 Tomas Doran <bobtfish@bobtfish.net>
* Fix pm_wait routine to exit without a warning
* Fix pm_wait to correctly detect child processes which have died.
* Fix to return SIGCHLD handler to it's default state in the
pm_manage loop so that loading code which sets SIGCHLD to ignore
won't interfere with normal operation.
* Add repository metadata.
0.22 2011-08-04 Tomas Doran <bobtfish@bobtfish.net>
* Ship a version of FCGI::ProcManager::Constrainted which actually
works as advertised.
0.21 2011-08-02 Tomas Doran <bobtfish@bobtfish.net>
* Ship a working dist.
0.20 2011-08-02 Gareth Kirwan <gbjk@cpan.org>
* ProcManager::Constrained: Add a new FCGI::ProcManager::Constrainted
subclass which will restart workers safely after a certain number of
requests, or at certain memory thresholds.
* ProcManager: Fix start_delay causing a permanent hang.
Changes from previous:
Thu 04 Aug 2011 14:37:21 CEST - Release 0.91
For the deserialization action class, make the HTTP methods it operates on
configurable on a per-action level (plu, rafl).
Fri 25 Feb 2011 13:56:00 GMT - Release 0.90
Remove test which is no longer applicable and fails in the latest Catalyst
release.
Mon 24 Jan 2011 21:57:42 GMT - Release 0.89
All classes are now made immutable. (Dave Rolsky)
Added a Catalyst::Action::REST::ForBrowsers class. This will try to dispatch
GET requests to a foo_GET_html method before trying foo_GET. (Dave Rolsky)
Tue 11 Jan 2011 23:07:00 GMT - Release 0.88
Fix documentation for overriding Serialize and Deserialize actions
in Catalyst::Controller::REST.
Avoid warning with empty response bodies and new Catalyst version
(>= 5.80030)
Returning a body of '' is now possible - Catalyst::Action::Serialize
acts like Catalyst::Action::RenderView (>= 0.16) by using the has_body
predicate in Catalyst::Response (>= 5.80030)
Wed 3 Nov 2010 19:46:00 GMT - Release 0.87
Fix Request class role when used with new Moose and other request
class roles.
Changes from previous:
0.08
- fixed default timeout was 10secs.
previsously it was documented as 10secs, but it is implemented as 1sec.
https://rt.cpan.org/Ticket/Display.html?id=71100
0.07
- make FCGI::Client::Connection->timeout as writable(Jonas)
0.06
- fixed large packet issue
(trunaev++)
0.05
- remove unused dependency to autodie, Try::Tiny.
- fixed bad error handler in FCGI/Client/Connection.pm.
https://rt.cpan.org/Ticket/Display.html?id=57374
(reported by mmcleric)
Changes from previous:
Version 3.58 Nov 11th, 2011
[DOCUMENTATION]
- Clarify that using query_string() only has defined behavior when using the GET method. (RT#60813)
Version 3.57 Nov 9th, 2011
[INTERNALS]
- test failure in t/fast.t introduced in 3.56 is fixed. (Thanks to zefram and chansen).
- Test::More requirement has been bumped to 0.98
Version 3.56 Nov 8th, 2011
[SECURITY]
Use public and documented FCGI.pm API in CGI::Fast
CGI::Fast was using an FCGI API that was deprecated and removed from
documentation more than ten years ago. Usage of this deprecated API with
FCGI >= 0.70 or FCGI <= 0.73 introduces a security issue.
<https://rt.cpan.org/Public/Bug/Display.html?id=68380>
<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2766>
(Thanks to chansen)
[INTERNALS]
- tmp files are now cleaned up on VMS ( RT#69210, thanks to cberry@cpan.org )
- Fixed test failure: done_testing() added to url.t (Thanks to Ryan Jendoubi)
- Clarify preferred bug submission location in docs, and note that Mark Stosberg
is the current maintainer.
Version 3.55 June 3rd, 2011
[THINGS THAT MAY BREAK YOUR CODE]
url() was fixed to return "PATH_INFO" when it is explicitly requested
with either the path=>1 or path_info=>1 flag.
If your code is running under mod_rewrite (or compatible) and you are calling self_url() or
you are calling url() and passing path_info=>1, These methods will actually be
returning PATH_INFO now, as you have explicitly requested, or has self_url()
has requested on your behalf.
The PATH_INFO has been omitted in such URLs since the issue was introduced
in the 3.12 release in December, 2005.
This bug is so old your application may have come to depend on it or
workaround it. Check for application before upgrading to this release.
Examples of affected method calls:
$q->url(-absolute => 1, -query => 1, -path_info => 1 )
$q->url(-path=>1)
$q->url(-full=>1,-path=>1)
$q->url(-rewrite=>1,-path=>1)
$q->self_url();
Changes from previous:
0.04 Thu Dec 16 11:27:29 PST 2010
- Passed $env to the callback as a second argument (blaze-x)
- Adde a documentation on using it with Apache environment
Changes from previous:
2.1 - August 29th, 2011
Fixed disable_fields option (#52667 Dirk Braun, Goro Fuji)
Add an option to clear absent checkboxes (#44101 Alex Kapranoff)
Fix incorrectly multiple escaped data in list context (#34081 Miika Pekkarinen)
Allow FIF to process the new <input> field types (URL, email, and number) as
defined in the HTML5 draft and already implemented by the iPhone.
(Michael Fisher)
Allow alternate parsing class (Mark Stosberg)
mark invalid fields (Sam Tregar)
Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages
technologies. The Java Servlet and JavaServer Pages specifications are
developed under the Java Community Process.
Apache Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Apache Tomcat is intended to
be a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project.
Apache Tomcat powers numerous large-scale, mission-critical web applications
across a diverse range of industries and organizations.
I have tested some war apps and they works. But not fully tested.
*Rails 3.0.11 (unreleased)*
* Fix XSS security vulnerability in the `translate` helper method. When using
interpolation in combination with HTML-safe translations, the interpolated
input would not get HTML escaped. *GH 3664*
Before:
translate('foo_html', :something => '<script>') # => "...<script>..."
After:
translate('foo_html', :something => '<script>') # => "...<script>..."
*Sergey Nartimov*
* Implement a workaround for a bug in ruby-1.9.3p0 where an error would be
raised while attempting to convert a template from one encoding to another.
Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.
The workaround is to load all conversions into memory ahead of time, and will
only happen if the ruby version is exactly 1.9.3p0. The hope is obviously
that the underlying problem will be resolved in the next patchlevel release
of 1.9.3.
* Fix assert_select_email to work on multipart and non-multipart emails as the
method stopped working correctly in Rails 3.x due to changes in the new mail
gem.
* Fix url_for when passed a hash to prevent additional options (eg. :host,
:protocol) from being added to the hash after calling it.
Changes from previous:
0.25 Sun Jul 3 00:28:10 CEST 2011
[ENHANCEMENTS]
- new Engine: HTTP::Proxy::Engine::Threaded, by Angelos Karageorgiou
[FIXES]
- Correctly call eod() when the response has no body
(closed RT ticket #48310)
Changes from previous:
0.09005 2011-09-06
- bump version of prereq CGI to 3.37 to make all tests pass
0.09004 2011-08-26
- skip aggregate.t on Win32
- no functional changes to HTML::FormFu
0.09003_02 2011-08-25
- disable Test::Aggregate on Win32
0.09003_01 2011-05-11
- using Test::Aggregate for the test suite if installed
tests finish now in seconds instead of minutes
0.09003 2011-05-10
- fixed regression in Model::HashRef introduced in 0.09000
0.09002 2011-03-21
- Hopefully fix IO::Interactive dependency properly
0.09001 2011-03-31
- Fix IO::Interactive dependency
0.09000 2011-03-29
- Codebase changed to use Moose - massive internal changes - any custom
Elements, Constraints, etc will require changes.
See advice on mailing list:
http://www.mail-archive.com/html-formfu@lists.scsys.co.uk/msg02325.html
Or ask for help on the mailing list:
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
- Bug fix: was a fatal error when a value was submitted for Label element
(code called delete_nested_hash_value instead of deleted_nested_hash_key).
- Bug fix: RT#65728 Filter::Split shouldn't return a value if no value was
submitted.
- Bug fix: Element::Date now uses default() in preference to
default_natural(). RT#65727
- DateTime elements, minutes and seconds have new 'interval' option.
- Now only delete submitted value if there's no other field on the form with
the same name.
- load_config_file(stem) now honours the include path order, to mimic TT
behaviour.
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
Changes from previous:
Version 1.5 (released 2011.09.17)
* Fix PSGI docroot
* Documentation improvements
Version 1.4 (released 2011.03.20)
* Make PSGI adapter be non-blocking
* Also make it use the psgi.streaming interface
* Add yield to Adapt::HttpDaemon's print (I thought it was there before?)
* Add Coro thread descriptions for better debugging
Version 1.3 (released 2010.11.22)
* Stupid version number issue
Version 1.2.0 (released 2010.11.22)
* Refactor PSGI adaptor (scrottie)
* Random documentation updates
Changes from previous:
0.16 2011-01-05 19:28:00 GMT
- Fix bug accidentally introduced in the last version with response
3xx statuses.
0.15 2011-01-04 14:19:36 CET
- Don't delegate to a view if the response body is set to `undef'.
- Make sure a Test::More with done_testing support is available.
Changes from previous:
0.11 Sun Oct 23 21:45:00 GMT 2011
- Add test to MANIFEST so it also ships
0.10 Sun Oct 23 21:10:53 GMT 2011
- Identifiers are now parsed closer to the CSS3 spec
- Certain invalid attribute selectors now raise an exception
0.09 Sun Oct 16 13:07:09 GMT 2011
- Fix bug in attribute-value-substring selectors where
the CSS attributes were wrongly assumed to be
specified with @href (Aaron Crane)
- Make test suite less verbose (Aaron Crane)
0.08 Sun Sep 18 12:31:31 PDT 2011
- Fix bug when combining selectors (p , q). Whitespace created invalid
XPath expressions there. (Corion)
- Fix bug when combining :root selectors as the second selector.
The first selector was modified. (Corion)
- :root now acts relative to the given "root" option,
not the document root (Corion)
- More css3 selectors support (Corion)
0.07 Mon Mar 7 17:07:39 PST 2011
- Added a COPYRIGHT section
0.06 Thu Feb 17 13:54:45 PST 2011
- Add CSS3 "=$" operator (Corion)
- Add CSS3 "=^" operator (Corion)
- Add complex subexpressions for :not() (Corion)
- Add :empty selector (Corion)
- Support 'root' parameters to to_xpath (JZOBEL, David Wheeler, Corion)
0.05 Thu Feb 17 09:08:06 PST 2011
- Add CSS3 "=*" operator for real substring matching (Corion)
- Add CSS3 ":first-of-type" and ":nth-of-type()" pseudo-attributes (Corion)
(but if you're using them, you're likely better off using XPath already)
- Add CSS3 "~" operator (Corion)
- Adopt tests for "~" operator from RT #61990, by Aaron Crane (Corion)
- Add :contains() selector (only immediate child nodes) (Corion)
- Support implicit selectors like "> em" (translated to "* > em") (Corion)
Fixes RT #50131 (Reported by David Wheeler)
- Fix more implicit universal selectors (fixes RT #49982)
:lang(c) as a bare selector works now (Corion, Aaron Crane)
Changes from previous:
0.03 Sun Feb 13 19:40:10 PST 2011
- Use 'sass' gem executable if installed.
0.02 Fri Feb 11 19:01:42 PST 2011
- Supported SCSS with the new option 'syntax'
Changes from previous:
0.14
- do not include '#' and the following characters in URI in PATH_INFO or QUERY_STRING
0.13
- fix compile error on GCC < 3 (RT #63074)
0.12
- fix undeclared dependency on URI::Escape (RT #62716)
- fix parsing of protocol version in the pure perl impl to exactly match that of XS
0.11
- fix build error due to the use of Module::Install::ReadmeMarkdownFromPod (RT #62589)
0.10
- support for HTTP response parsing (by gfx,mala,tokuhirom)
Changes from previous:
0.13 2011-02-12
- No functional changes in this release
- Added eg/runfcgi.pl, contributed by Paul Evans (LeoNerd)
- Added eg/server.pl
changes:
-bookmark dialog crashes are fixed
-faster, base64-based CSS support
-Speed dial received a makeover
-Cookies are stored in an sqlite3 database
-more of subtle tweaks and improvements
Changes from previous:
1.14 Tue 26 Oct 2011 19:42:00 CET
- removed benchmark test data and benchmark script for release (Torsten Raudssus [GETTY])
1.12 Sat 19 Mar 2011 19:05:17 CET
- Fixed the t/08 test
1.11 Tue 26 Oct 2010 14:10:00 UTC
- Added param_order capability (Torsten Raudssus [GETTY])
1.10 Fri 8 Oct 2010 15:50:55 UTC
- Patch for test failure ( thanks KENTNL/MITHALDU! )
Changes from previous:
0.19
- Add pluggable backends, since AnyEvent seems to be flaky on
some systems. (doy)
0.18 02/17/2010
- Fixes for RewriteLocation when used on a mounted proxy
(hiratara, rbuels)
- Ignore $ENV{http_proxy}
- Include reason for failure in 502 response
- Disabled persistent HTTP connection option in AnyEvent::HTTP
0.17 01/19/2010
- Bump version to fix some CPAN issues
0.16 01/12/2010
- Rewrite proxy code to use AnyEvent::HTTP's on_body callback.
This gets chunked and gzipped responses working.
the Perl programming language with a simple http client as dependency of
scheduled import of MetaCPAN::API (dependency of scheduled update of
Git::CPAN::Patch).
This is a very simple HTTP/1.1 client, designed for doing simple GET
requests without the overhead of a large framework like LWP::UserAgent.
It is more correct and more complete than HTTP::Lite. It supports proxies
(currently only non-authenticating ones) and redirection. It also correctly
resumes after EINTR.
Changes from previous:
2.11 Tue Aug 23 16:01:04 EDT 2011
- added parsing context, override for eof() and parse() for
memory clear on new docs or post-eof()
- fixed some long standing test warnings
Asynchronous HTTP server using EV event loop.
It doesn't load files received in the POST request in memory as most
of CGI modules does, but stores them directly to tmp files, so it's
useful for handling large files without using a lot of memory.
apache22 >= 2.2.10, and we're now on 2.2.21.
Ideally this would instead accept apache22 older than 2.2.10, but
given how old (and insecure) that is there's not much point. I guess
if anyone really really wants to do that they can revert this change
locally... but I can't say I recommend it.
Changes from previous:
0.9505 Fri Jul 1 13:27:10 EEST 2011
- bugfix in perl wrapper: fix in WrapAssociate.pm
thanks to Viktor Bukhtoyarov
0.9506 Tue Oct 4 22:55:35 EEST 2011
- file name in logs
Changes from previous:
0.05 Wed Jun 22 23:28:32 JST 2011
- No code changes
- Added Test::Requires to build_requires
- Fixed pod
0.04 Mon May 16 12:58:30 JST 2011
- Added content_type and vary_user_agent options (kazeburo)
- Added psgix.no-compress and psgix.compress-only-text/html enviroment
value like Apache mod_deflate (kazeburo)
Oct 9, 2011 (1.8.1)
-----------
- Fixed exact match censoring option (bug #0001392) [Tom]
- Fixed adding elements to empty Configuration arrays (bug #0001396) [Tom]
- Blank out OAuth consumer key and secret in rootdebug dumps [Dirk]
- Fixed deleting elements from Configuration arrays (bug #0001394, patch
provided by dengen)
- Avoid censoring in What's Related block (bug #0001393) [Tom, Dirk]
- Fixed error message display in admin's user editor when renaming the
userphoto failed [Dirk]
- Don't display details of a failed MS SQL query by default [Dirk]
- Updated Japanese language file, provided by the Geeklog.jp group
Changes from previous:
0.37 2011-07-17 09:20:00
- Allow setting of TT class rather than forcing 'Template'
0.36 2010-10-19 15:00:00
- Fixed subclassing when using expose_methods
Changes from previous:
0.025 23 Oct 2010
* change field.description.length to .defined to appease TT.
* add Create Related links. Patch from Adam Mackler.
* fix some XHTML compliance bugs (reported by Adam Mackler).
* change 'use Class::C3' to 'use MRO::Compat' in test libs.
* add m2m example to MyDBIC test app
There are VCL-incompatible changes between 2.x and 3.x.
Some release highlights (https://www.varnish-cache.org/):
Introduction of VMODs
Add streaming on pass and miss. This is controlled by the beresp.do_stream boolean. This includes support for compression/uncompression.
Add support for ESI and gzip.
Handle objects larger than 2G.
HTTP Range support is now enabled by default
The ban lurker is enabled by default
if there is a backend or director with the name default, use that as the default backend, otherwise use the first one listed.
Add many more stats counters. Amongst those, add per storage backend stats and per-backend statistics.
Syslog the platform we are running on
The -l (shared memory log file) argument has been changed, please see the varnishd manual for the new syntax.
The -S and -T arguments are now stored in the shmlog
Make it possible to name storage backends. The names have to be unique.
The max_esi_includes parameter has been renamed to max_esi_depth.
The err_ttl parameter has been removed and is replaced by a setting in default.vcl.
Add panic.show and panic.clear CLI commands.
VCL now has vcl_init and vcl_fini functions that are called when a given VCL has been loaded and unloaded.
Varnish is now stricter in enforcing no duplication of probes, backends and ACLs.
The ABI of vmods are now checked. This will require a rebuild of all vmods against the new version of Varnish.
XXX Set MAKE_JOBS_SAFE=no for now. Should investigate why it fails
without it as it prolongs build time significantly.
Upstream changes:
Add-ons installed by third party programs are now disabled by default
Added a one-time add-on selection dialog to manage previously installed add-ons
Added Twitter to the search bar for select locales. Additional locale support
will be added in the future
Added a preference to load tabs on demand, improving start-up time when
windows are restored
Improved performance and memory handling when using <audio> and <video>
elements
Added CORS support for cross-domain textures in WebGL
Added support for HTML5 context menus
Added support for insertAdjacentHTML
Improved CSS hyphen support for many languages
Improved WebSocket support
Fixed several stability issues
Fixed several security issues
Changes from previous:
0.14 Mon Oct 31 10:37:49 PDT 2011
- Fixed a bug where croak was not imported from Carp (ctfliblime)
0.13 Sun Sep 18 12:10:56 PDT 2011
- Set the status header to 302 if there's Location header but no Status in the resonse (ASP)
0.12 Thu Jun 9 23:58:10 PDT 2011
- Fixed the PSGI header generation to prevent invalid PSGI response headers
such as newlines in the value and "Status" key
0.11 Fri Feb 18 21:35:29 PST 2011
- Filter psgix.* environment too (mkanat)
Changes from previous:
0.56 Thu Oct 13 21:05 BRT 2011
- Add port to Host header
0.55 Tue Sep 27 19:20 BST 2011
- Set 'Host' header for remote requests too
0.54 Mon Aug 1 20:49 BST 2011
- change to make sure we support changes in Catalyst::Test introduced
in the Cataplack port.
0.53 Sun Dec 5 23:03 GMT 2010
- Fix tests to work with the upcoming psgi based Catalyst release
as $c->req->header('Host') now more accurately reflects what you
see in a real web server (i.e. the port will not be defined if it
is 80)
- Fix tests to work when the CATALYST_DEBUG environment variable is
set by explicitly setting it to 0 in tests which require it.
Changes from previous:
4.48 - July 11th, 2011
No code changes.
* INTERNAL: quit using "use diagnostics;" to avert some test failures
4.47 - July 8th, 2011
No code changes.
* DOCS: minor POD fixes (Rene Mayorga and Nicholas Bamber)
4.46 - July 8th, 2011
No code changes.
* INTERNAL: More packaging fixes.
4.45 - July 1st, 2011
No code changes.
* INTERNAL: Fix packaging problem with 4.44.
4.44 - June 6th, 2011
* FIX: Fix 5.14 compatibility issue (Walt Arstingstall)
* DOCS: Clarify docs for static ID generator (oalders)
4.43 - Saturday, December 11, 2010
* FIX: Avoid deleting unmatched sessions when calling find() when ip_match is enabled.
Closes RT#47795. Thanks to m-uchino, Ron Savage, and Mark Stosberg
* NEW: new public ip_match() method is available, primarily for use with find(). (Ron Savage, Mark Stosberg)
* DOCS: UTF8 related documentation was updated.
* INTERNAL: Don't add _SESSION_EXPIRE_LIST to internal hash unless we need to.
RT#51192, Thanks to Pavel V. Rochnyack, Ron Savage, Mark Stosberg
* INTERNAL: Avoid calling sprintf() in CGI::Session::ErrorHandler, fixing RT#48733
Solves taint error for Perl V 5.10.0. All well-written code will have
been using errstr() to retrieve errors anyway so this change will not
affect any code which obeys the API. (Peter Kaminsk, Ron Savage, Mark Stosberg)
* INTERNAL: The undocumented 4th parameter to load() has changed its meaning.
* INTERNAL: Test suite improvements. (Ron Savage, Mark Stosberg)
Changes from previous:
version 0.14
date: 2011-09-20
# bug fix
fix: comment() did not work, as the text was in {text} not {_text}
report and initial patch by perlover
version 0.13
date: 2011-06-19
# minor improvement
added: make the link _parent a weakref
sent by Graham Barr https://rt.cpan.org/Public/Bug/Display.html?id=68896
version 0.12
date: 2010-09-29
# minor bug fix
fix: added getLocalName on elements
see https://rt.cpan.org/Public/Bug/Display.html?id=61746
found and fixed by Tokuhiro Matsuno
added: a few tests
Changes from previous:
0.14 Tue Mar 29 13:48:42 PDT 2011
- Support get_dbh callback in Store::DBI (kazeburo)
0.13 Wed Dec 22 08:56:52 PST 2010
- Added WARNINGS to deprecate request parameter based session state from the default state
- Added 'change_id' option for paranoids against session fixation (s-aska, nihen)
Version 2.10.3 (2011-11-07)
---------------------------
- Fixed: the postLogin/Logout hooks broke the save() method of the model
(#3545)
- Fixed: the style sheet editor did not handle font-family/size:inherit
correctly (#3531)
- Fixed: MooTools changed the default wMode settings for Swiff (#3540)
- Fixed: the style sheet importer did not handle
border-color:transparent/inherit (#3480)
- Fixed: do not index empty news/event/FAQ/newsletter reader pages (#3511)
- Fixed: group labels were not always loaded correctly (#3591)
- Fixed: added a rename() workaround for Windows to the FileCache class (#3390)
- Fixed: the site structure was not ordered properly for non-admins (#3423)
- Fixed: custom layout sections were not displayed in "override all" mode
(#3460)
- Fixed a few minor issues
* searchquery.tmpl: Track escaping change in upstream template.
Thanks Olly Betts for review.
* svn: Support subversion 1.7, which does not have .svn in each
subdirectory.
* rst: import docutils lazily, to avoid errors during ikiwiki --setup.
Closes: #637604 (Thanks, smcv)
* Make the setup automator create YAML formatted files.
* Fix handling of discussion page creation links to make discussion pages
in the right place and with the right case. Broken by page case
preservation feature added in 3.20110707.
Changes from previous:
0.15 Tue May 17 13:58:50 PDT 2011
- Updated the list of overriding methods per CGI.pm update
- Added a note that you can't use CGI::Pretty (reported by Maestro)
0.14 Sat Dec 25 11:35:52 PST 2010
- Port fixes for header injection from CGI.pm (markstos)
0.13 Sat Oct 30 23:09:06 PDT 2010
- Specify Test::More dep
0.12 Mon Oct 25 11:06:59 PDT 2010
- Strip Status: header since to conform PSGI spec (clkao)
This is a collection of various contributions and add-ons for
NanoBlogger, which among other things, includes important translations
for languages other than English.
NanoBlogger is a small weblog engine written in Bash for the command
line. It uses common UNIX tools such as cat, grep, and sed to
create static HTML content. It's free to use and modify under the
GNU General Public License.
Significant changes from version 1.0 include:
* Pluggable, Python-based authorization subsystem
* Support for path-based authorization, including parsing and honoring
Subversion authz configuration files
* Support for per-virtual host and per-root configurations
* Template improvements
availability, load balancing, and proxying for TCP and HTTP-based
applications. It is particularly suited for web sites crawling under
very high loads while needing persistence or Layer7 processing.
Supporting tens of thousands of connections is clearly realistic with
todays hardware.
Changes from previous:
0.611 (11.16.2010) - John Siracusa <siracusa@gmail.com>
* Added default HTML serialization for compound fields.
* Removed documentation for nonexistent field_names() method.
0.610 (10.02.2010) - John Siracusa <siracusa@gmail.com>
* Fixed a bad probe in form-nested.t that was causing spurious test
failures.
* Attempted to fix mro-c3.t test failures that I've thus far been
unable to reproduce locally.
0.608 (10.01.2010) - John Siracusa <siracusa@gmail.com>
* Silenced a warning in t/form-field.t
* Clarified the precedence of object_from_form() initialization in cases
where a parent form and sub-form have fields with the same local_name()
(Reported by Christopher Masto)
Changes from previous:
0.13
- test compatibilty improvement: ignore proxy setting while running tests (datamuc)
0.12
- [bugfix] fix infinite loop when connection is closed while receiving
response content (thanks to Jiro Nishiguchi-san)
0.11
- suppress the warning "Use of "goto" to jump into a construct is deprecated"
- Improved Mojo::IOLoop::Stream to only emit close events once.
- Improved documentation.
2.10 2011-10-25 00:00:00
- Added EXPERIMENTAL send_frame method to
Mojo::Transaction::WebSocket.
- Added EXPERIMENTAL frame event to Mojo::Transaction::WebSocket.
- Changed syntax for binary messages in Mojo::Transaction::WebSocket.
[$bytes] becomes [binary => $bytes]
- Improved documentation.
- Improved tests.
2.09 2011-10-23 00:00:00
- Fixed small environment cleanup bug in Mojo::IOLoop::Server.
2.08 2011-10-23 00:00:00
- Fixed a few more small test bugs.
2.07 2011-10-23 00:00:00
- Improved documentation.
- Fixed a few small test bugs.
2.06 2011-10-23 00:00:00
- Improved documentation.
2.05 2011-10-22 00:00:00
- Added EXPERIMENTAL max_memory_size attribute to
Mojo::Asset::Memory.
- Added EXPERIMENTAL is_file method to Mojo::Asset and
Mojo::Asset::File.
- Improved start_tls method in Mojo::IOLoop by allowing it to accept
more options.
- Improved MOJO_MAX_MEMORY_SIZE handling by moving it from
Mojo::Content::Single to Mojo::Asset::Memory.
- Improved documentation.
- Fixed HTTPS proxy bug in Mojo::UserAgent.
2.04 2011-10-21 00:00:00
- Improved documentation.
- Fixed small HTTP response parser bug.
- Fixed Windows portability issue in "upload_lite_app.t".
2.03 2011-10-20 00:00:00
- Deprecated all is_done methods in favor of is_finished.
- Renamed done event in Mojo::IOLoop::Trigger to finish.
- Added EXPERIMENTAL support for new HTTP status codes from
draft-nottingham-http-new-status.
- Improved documentation.
- Fixed small bug in "upload_lite_app.t".
2.02 2011-10-20 00:00:00
- Merged request and upgrade events in Mojo::Transaction::HTTP.
- Improved Mojolicious::Controller attribute default values.
- Improved documentation.
2.01 2011-10-19 00:00:00
- Added EXPERIMENTAL upgrade event to Mojo::Content::Single.
- Added EXPERIMENTAL part event to Mojo::Content::MultiPart.
- Improved documentation.
- Fixed arguments of upgrade event in Mojo::Transaction::HTTP.
- Fixed small WebSocket upgrade bug in Mojo::Server::Daemon.
2.0 2011-10-17 00:00:00
- Code name "Leaf Fluttering In Wind", this is a major release.
- Increased Perl version requirement to 5.10.1.
- Renamed Mojo::IOLoop::EventEmitter to Mojo::EventEmitter.
- Replaced one_tick method in Mojo::IOWatcher with start and stop
methods.
- Added EXPERIMENTAL contains method to Mojo::Path.
- Added EXPERIMENTAL auto_upgrade attribute to Mojo::Content::Single.
- Added EXPERIMENTAL boundary method to Mojo::Content.
- Added EXPERIMENTAL slice method to Mojo::Collection.
- Added EXPERIMENTAL build and parse methods to
Mojo::IOLoop::Resolver.
- Updated WebSocket implementation to ietf-17.
- Improved many modules to use events instead of callbacks.
- Improved message parser performance slightly.
- Improved Mojo::IOLoop to die if started twice.
- Improved setuidgid in Mojo::Server::Daemon.
- Improved Mojo::IOWatcher backend detection.
- Improved Mojo::IOLoop::Stream to handle unexpected connection close
more gracefully.
- Improved documentation.
- Improved tests.
- Fixed many portability issues.
- Fixed on_finish callback to work consistently with all servers.
- Fixed on_finish callback to work consistently with the user agent.
- Fixed big memory and file descriptor leak in the TLS code of
Mojo::IOLoop::Server.
- Fixed small memory leak in Mojolicious.
- Fixed small memory leak in Mojo::DOM.
- Fixed small memory leak in Mojo::Message.
- Fixed small boundary bug in Mojo::Content::MultiPart.
- Fixed small formatting bug in Mojo::Headers.
- Fixed small proxy message generation bug.
- Fixed small detection bug in Mojolicious::Types.
Changes from previous:
4.50 Thu Jun 16, 2011
[FEATURES]
Better PSGI support in the core
- run_as_psgi() works like run, but directly returns the expected PSGI response structure
- psgi_app() wraps up all the PSGI bits to call and run the application and return a PSGI
code ref:
$psgi_coderef = WebApp->psgi_app({ ... args to new() ... });
[DOCUMENTATION]
- docs for header_props() were improved
[INTERNAL]
- source control management was moved from darcs to git. Those who prefer
darcs are are more familiar with it are advised to try the darcs-git.py
wrapper for git.
- The test file psgi_app.t is missing from this release and will be added later.
Changes from previous:
2.13 Wed Jul 27 17:53:58 CEST 2011
- garbled chunked responses caused AnyEvent::HTTP to malfunction
(patch by Dmitri Melikyan).
- fix GET => HEAD in one case in the documentation (James Bromberger).
2.12 Tue Jun 14 07:22:54 CEST 2011
- fix a possible 'Can't call method "destroyed"' error (which would
have been reported by Carl Chambers).
2.11 Tue May 10 14:33:28 CEST 2011
- the keepalive session cache wouldn't take port and scheme into account
when reusing connection - potentially causing information leaks
(reported by Nick Kostirya).
- bump AnyEvent dependency version (reported by Richard Harris).
2.1 Thu Feb 24 13:11:51 CET 2011
- the keepalive and persistent parameters were actually named
differently in the code - they now work as documented.
- fix a bug where callbacks would sometimes never be called when
the request timeout is near or below the persistent connection
timeout (testcase by Cindy Wang).
- destroying the guard would have no effect when a request was
recursing or being retired.
2.04 Sat Feb 19 07:45:24 CET 2011
- "proxy => undef" now overrides any global proxy when specified.
- require scheme in urls, also use a stricter match to match urls,
leading or trailing garbage is no longer tolerated.
- EXPERIMENTAL: allow '=' in cookie values.
2.03 Tue Jan 18 18:49:35 CET 2011
- dummy reupload, file gone from cpan somehow.
2.02 Wed Jan 12 04:29:37 CET 2011
- do not lowercase cookie names, only parameter names.
2.01 Tue Jan 11 07:38:15 CET 2011
- add missing dependency on common::sense.
- add a resume download example.
2.0 Tue Jan 4 09:16:56 CET 2011
- hopefully fully upgraded to HTTP/1.1.
- support HTTP/1.1 persistent and HTTP/1.0 keep-alive connections.
- drop https-proxy-connection support. seems unused and ill-specified.
- use more differentiated 59x status codes.
- properly use url (not proxy) hostname to verify server certificate.
- much improved cookie implementation:
- properly implement cookie expiry (for new cookies).
- new function to expire cookies and sessions: cookie_jar_expire.
- add special exception to parse broken expires= keys in
set-cookie headers.
- do not quote cookie values when not strictly necessary, to
improve compatibility with broken servers.
- accept and send lots of invalid cookie values exactly as
they were received - this should not impact valid values.
- lowercase cookie parameter names for improved compatibility.
- support the max-age cookie parameter, overrides expires.
- support cookie dates (and a few others) in parse_date.
- properly support value-less parameters (e.g. secure, httponly).
- do not send Host: header in a proxy CONNECT request.
- use common::sense.
- lowercase hostnames and schemes.
- ignore leading zeroes in http version.
- handle spaces in content-length headers more gracefully.
1.5 Fri Dec 31 04:47:08 CET 2010
- bugfix: after headers were received, if any error occured the wrong
(server-sent) Status and Reason fields would be passed to the callback.
- when an error occurs during transfer, preserve status/reason.
- add socks4a connect example.
- new "tcp_connect" parameter.
- new format_date and parse_date functions.
- diagnose unexpected eof as such when the length is known.
- add 205 to the responses without body.
1.46 Mon Sep 6 08:29:34 CEST 2010
- some (broken) servers differentiate between empty search parts
and nonexistant search parts, work around this (problem
analyzed by Sergey Zasenko).
- possibly increase robustness by always setting an on_error
callback on the AnyEvent::Handle object (especially in case
of user errors, such as nehative timeouts).
- we now always follow 301/302/303 redirects and mutate POST to GET.
- we now always follow 307 redirects, even for POST.
- header-less responses are not parsed correctly (at a negative
speed penatly :).
1.45 Wed Jun 16 21:15:26 CEST 2010
- fix a bug where the handle would go away directly after a successful
connect (analyzed and patch by Maxim Dounin).
- due to popular demand, introduce the Redirect pseudo response header.
- document URL pseudo-header better.
- explain how to implement DNS caching.
Functionality Enhancements
Add support for incoming requests to be content-encoded with gzip, deflate or compress.
Add page for listing external calendar binds.
Implement basic support for supported-calendar-component-set in MKCALENDAR/MKCOL.
Bug Fixes
Additional work on CalDAV scheduling extensions should now make this usable.
Further fixes to the handling of time-range queries in the calendar-query report.
Fixes to the timezone service introduced in 0.9.9.6
Fix multi-calendar import in tools.php
Fix casting to handle integers as usernames.
Fix default_permissions errors with LDAP updates.
Fix LOCK handling when no timeout is supplied.
Ensure default addressbook collections are, in fact, created as addressbook collections.
Fix handling of BYMONTHDAY=-N in RRULEs
Fix handling of RRULE with COUNT=X and FREQ=WEEKLY where X is not divisible by the number of values in a BYDAY part.
Other Changes
Minor changes to handle Kerberos authentication provided by the webserver.
Most use of the deprecated iCalendar class has been switched to use the new vCalendar class.
Make sync-token a URI to comply with most recent definition of webdav sync.
Depend on libawl-0.49.
Remove legacy pgsql dependencies, I think they're not needed since 0.9.9.4.
Upstream changes:
Highlights
MDL-28729 - Numerous multi-lang fixes and improvements
Functional changes
MDL-28410 - Allow a single option in a Choice activity
MDL-29394 - HTML editor format option selector hidden when there is only one option
MDL-23520 - Option added to allow deleting of a wiki page
Security issues:
MSA-11-0027 to MSA-11-0035, MSA-11-0039 to MSA-11-0041.
Fixes SA46427
See http://docs.moodle.org/dev/Moodle_2.1.2_release_notes for complete
release notes.
Change from previous;
0.1013 Thu Jul 7 11:49:18 PDT 2011
- Added $self->binary(1) in Handler classes to indicate binary responses (gbarr, mateu)
- Allow $self->json to be set to customize the way JSON is encoded (ask)
0.1012 Sun Feb 13 20:01:46 PST 2011
- No code changes. Updated terribly outdated Tatsumaki.pm POD
0.1011 Tue Dec 21 11:49:49 PST 2010
- Fixed to use $r->parameters to make it work with newer Plack::Request
- Fixed MessageQueue leak when long-poll client immediately reconnects after disconnection (mash)
Changes from previous:
0.93 Thu Aug 4 10:38:09 CEST 2011
- made it possible to remove default headers
completely, thanks go to Chris Kastorff for providing a patch.
- applied also a fix for case handling of the headers,
thanks go to the patch from Chris Kastorff.
- fixed some tests. I hate it when all bugs that
are found via CPAN Testers are bugs in the tests.
- fixed that the URL returned by Request::url method will
now also contain the query string (thanks to art sackett for
spotting this).
0.92 Tue Mar 1 11:46:14 CET 2011
- added simple SSL/TLS support.
- removed from tests from the distribution.
- replaced 01_basic_request.t with a non-wget variant for CPAN.
0.91 Wed Feb 2 15:21:02 CET 2011
- set the Date header correctly.
- append a newline to error messages.
- hopefully improved connection closing mechanism.
- don't send body when responding to a HEAD request.
0.90 Mon Jan 31 13:04:45 CET 2011
- fixed a small thing with response on dead connections.
- added small example of 'request' event usage.
- make Content-Length: not be empty.
- hand HEAD requests down to the event handlers.
- added allowed_methods support from nrh.
- don't force cache policy anymore.
Changes from previous:
1.17 01.05.2011
- skip tests on systems that do not have 'perlfunc.pod' or 'perlvar.pod'
1.16 28.04.2011
- Export 'server' and 'index' functions into main:: namespace if
called from command-line (suggested by DOLMEN -- Olivier Mengué)
- fix titles containing POD markup
- explicit error message if perlfunc or perlvar are not installed
1.15 20.11.2010
- H1 header can be either NAME or TITLE
- adapt to new structure of perlvar.pod in bleadperl
- CSS fix for diplaying AnnoCPAN notes
- dependency on Pod::POM 0.25
Changes are:
- 2 security fixes.
- Documentation improvements including tutorials.
- bugfixes
for complete list, look into CHANGES file contained in the distfile.
Changes from previous:
---
version: 0.261
date: Tuesday April 27 09:35:06 PDT 2010
changes:
- Fixed rt56956 with test case - DIV operator broken (Agent Zhang)
---
version: 0.260
date: Monday April 26 12:03:40 PDT 2010
---
version: 0.25_2
date: Saturday April 24 18:48:53 PDT 2010
changes:
- Implemented rt4308 - Capture implementation (Tom Molesworth)
- Added test for rt37570 - List method for lists (fixed in 5eaf340da...)
---
version: 0.25_1
date: Thursday April 22 17:58:53 PDT 2010
changes:
- Fixed rt53454 with test case - Support rudimentary array range operator
- Fixed rt53453 with test case - Make Jemplate slice like TT slice
- Fixed rt53967 with test case - Compiler double-dot path fail
- Added test case for rt37539 - Intermediate instantiation
- Added test case for rt37540 - Iterate over empty object
- Added test case for rt37895 - Inconsistent jemplate version
---
version: 0.25
date: Wednesday April 21 13:44:19 PDT 2010
changes:
- release
---
version: 0.24_4
date: Saturday January 09 17:06:40 PST 2010
changes:
- added .pairs (VMethod) functionality with tests
- fixed quoted.t failing test
---
version: 0.24_3
date: Mon Jun 8 2009
changes:
- fixed bug, related to empty template body (http://rt.cpan.org/Public/Bug/Display.html?id=37061)
- fixed bug in Parser.yp, which produced compilation error for macroses
- fixed "intermediate instantiation" issue (http://rt.cpan.org/Public/Bug/Display.html?id=37539)
- fixed "iteration over empty object" issue (http://rt.cpan.org/Public/Bug/Display.html?id=37540)
- added and tested MACRO directive
- added PRE_PROCESS and POST_PROCESS configuration options
- added and tested global scope access via GLOBAL modifier (GLOBAL.jQeuery etc)
- added dummy LOCAL modifier, for symmetry
- added "init" method for Jemplate singleton
- added experimental RAW directive (RAW jQuery, equivalent of jQuery = GLOBAL.jQuery)
VMethods:
- added "list" for lists (http://rt.cpan.org/Public/Bug/Display.html?id=37570)
- added "item" for hashes
- fixed "import" for hashes
Test suite:
- combined back to a single copy
Patches:
- Integrated patch from RT#37895
version: 0.24_2
date: Monday June 08 10:37:54 PDT 2009
changes:
- Fix to get tests working on MSWin32 (rt23883)
---
version: 0.24
date: Fri Sep 19 15:09:35 PDT 2008
changes:
- Convert tests to standard Test.Base setup!
---
version: 0.23_1
date: Monday August 18 15:22:03 PDT 2008
changes:
- Fixed issue with runtime_source_code that broke Catalyst::View::Jemplate
- Some beta MACRO functionality
- Ingy refactored tjs/ into tests/
Changes from previous:
0.9984 Mon Oct 3 09:55:05 PDT 2011
[BUG FIXES]
- WrapCGI: Close wrapped CGI's STDIN handle (rwstauner)
[IMPROVEMENTS]
- WrapCGI: improved docs (chromatic)
- Request: Do not destroy HTTP::Body upload headers (mst)
0.9983 Tue Sep 27 09:55:48 PDT 2011
[BUG FIXES]
- Fixed a typo in nginx FastCGI configuration
- Clone HTTP headers in Response->finalize #237 (chip)
- Fixed Directory app not displaying the right path in its title
- Changed IPv6 default listen address to wildcard (ollyg)
- Fixed the FastCGI handler with web-server mode on Win32
[NEW FEATURES]
- Added psgix.harakiri for Apache handlers
[IMPROVEMENTS]
- Prefer Corona when Coro is detected #236 (chip)
- Increased Pod::Usage dependency
- Improved Plack::Test documentation (chromatic)
- Lint now checks if SCRIPT_NAME eq '/' which is forbidden in the spec (chromatic)
From release announce:
Dead TYPO3 community,
the TYPO3 core team has just released TYPO3 version 4.5.7, which is now
ready for you to download. This is a maintenance release of the LTS
version of TYPO3v4 and contains bugfixes and a security fix which is
only exploitable by admins.
See this article about the new policy of security team for this situation:
http://buzz.typo3.org/teams/security/article/incident-handling-of-typo3-core-issues/
Changes from previous:
0.81 2011-04-27
- Slight improvements to Squatting::With::MockRequest were made
to facilitate doing static exports of Rhetoric sites.
0.80 2011-04-27
- [ MAJOR API CHANGE! ]
- You don't say: use base 'Squatting' anymore.
- When creating a Squatting app,
you just say: use Squatting;
- You don't say: use Squatting ':controllers' or
use Squatting ':views' anymore
- use Squatting takes care of what those statements used to do.
- Squatting::H->merge renamed to Squatting::H->extend to
be consistent w/ the way these words are used in contemporary
Javascript libraries.
- Added Squatting::With::PerHostConfig
- hacked bin/squatting so that the console experience is a bit nicer.
App->get and App->post will work a tiny bit more reliably.
Changes from previous:
---
version: 0.13
date: Sun May 15 17:08:56 EST 2011
changes:
- Use Stardoc
- use Package
---
version: 0.12
date: Sun May 15 12:46:44 EST 2011
changes:
- Forgot to 'use Encode'. doh!
---
version: 0.11
date: Sun May 15 12:11:50 EST 2011
changes:
- Finally works with utf8 templates and yaml. \o/
---
version: 0.10
date: Mon Nov 29 09:58:35 EST 2010
changes:
- Skip tests if YAML::XS not installed.
Changes from previous:
2011-08-15 Gisle Aas <gisle@ActiveState.com>
Release 1.59
Make sure accessor methods don't return utf8::upgraded() bytes
for URLs initialized from Unicode strings.
Version number increments.
Documentation tweaks.
While here, install document again.
== Changes
= Changes in 2.2.2 =
Oct 17, 2011 - version 2.2.2
* Bug fixes
* Do not sort query params on request: Wrongly sorted query params for
easier debugging but the order of request parameter should be
preserved. #65
* Changes
* Set responce String encoding if possible. Parse content-type response
header with some helps from OpenURI::Meta and set response String
encoding. #26
* Improve connection cache strategy. Reuse cached session in MRU order,
not in LRU. MRU is more server friendly than LRU because it reduces
number of cached sessions when a number of requests drops after an
usaage spike.
With reusing sessions in LRU order, all sessions are equally checked if
it's closed or not, as far as there's a request to the same site. With
reusing sessions in MRU order, old cold sessions are kept in cache long
time even if there's a request to the same site. To avoid this leakage,
this version adds keep_alive_timeout property and let SessionManager
scrub all sessions with checking the timeout for each session. When the
session expires against the last used time, it's closed and collected.
keep_alive_timeout is 15[sec] by default. The value is from the default
value for KeepAliveTimeout of Apache httpd 2. #68#69
Changes from previous:
0.09 2011.01.28
- Use $ua->env_proxy to load local proxy settings. (RT 53819)
- Skip tests if we don't have a network connection. (RT 28388, 59694)
- Removed sign() and auto_install() from Makefile.PL.
- Removed magic svn keywords.
- Added author tests (xt/) and modified SYNOPSIS for all modules to
make them pass the compilation test.
Changes from previous:
1.34 Tue Jul 5 16:23:24 CDT 2011
------------------------------------
[ENHANCEMENTS]
Added $mech->lacks_uncapped_inputs() to check for <input> tags that
don't have a maxlength attribute. We've been using this for years at
work, and I'm just now moving it into Test::WWW::Mechanize.
Added $mech->grep_inputs() and $mech->grep_submits() to easily pull
input fields from the page. I'd like to get this moved up to base
WWW::Mechanize, because it has use outside of the Test:: world.
$mech->followable_links() now finds file: URLs, too.
$mech->content_contains(), $mech->content_lacks(), $mech->text_contains(0
and $mech->text_lacks() all fail if a reference is passed instead of
a string.
[FIXES]
$mech->text_contains() was not calling $mech->text(), so was not taking
advantage of the caching of the parsed text.
[INTERNALS]
Most tests no longer use TestServer.pm class.
All tests now run under -T and have plan counts.
1.31_01 Wed May 4 16:07:31 CDT 2011
------------------------------------
[ENHANCEMENTS]
The methods that look at the text of the page, ->text_like() and
->text_unlike(), now use the WWW::Mechanize method ->text() which caches
the text. This will be a big speedup if you call these methods more
than once.
[FIXED]Normalized the use of single vs. double quotes in the default descriptions.
Fixed tests that fail under newer versions of LWP.
Fixed tests that fail if http_proxy or HTTP_PROXY are set.
Fixed tests that fail on Perl 5.14.
www/p5-Catalyst-Plugin-StatusMessage, because tutorial
recommends to use this module.
The purpose of this plugin is to pass "status message" between screens
through the following mechanisms:
- Stores messages in the "$c->session" so that the application is
free to redirect to the appropriate URL after an action is taken.
- Associates a random 8-digit "token" with each messages, so it's
completely unambiguous what message should be shown in each
window/tab.
- Only requires that the token (not the full message) be included in
the redirect URL.
- Automatically removes the message after the first time it is
displayed. That way, if users hit refresh in their browsers they
only see the messages the first time.
Changes from previous:
0.2014 Sun Sep 18 12:43:06 PDT 2011
- Fixed broken PSGI response headers after the output (cho45)
0.2013 Sat Jun 25 11:51:47 PDT 2011
- Relaxed the harakiri tests (audreyt)
0.2012 Wed Jun 22 13:51:59 PDT 2011
- Implemented psgix.harakiri mode (audreyt)
- Added --error-log option (Paulo E. Castro)
0.2011 Tue May 24 09:41:52 PDT 2011
- Fix chunked response with 0-length PSGI array elements (chmrr)
0.2010 Mon Mar 28 16:23:23 PDT 2011
- Fixed packaging. No changes.
0.2009 Fri Mar 25 19:15:23 PDT 2011
- Requires Plack 0.9971 to support localizing $0 to fix the FindBin issues #7, #15, #18, #19
- Calls srand() automatically in the child init hook to avoid a fixed random seed #20
- Implemented --keepalive-timeout which defaults to 1 (acme)
0.2008 Mon Feb 14 17:19:20 PST 2011
- Documented that -E is automatically set to 'deployment' RT:61517 (timbunce)
- Check the defined-ness of the input buffer to suppress warnings RT:60007
0.2007 Thu Sep 30 14:09:00 PDT 2010
- Fixed a bug where Date header can be duplicate if the app generates one (spleenjack)
